Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/3134372e3132352e3138322e302f32342d3234203d3e20323033303438.roa
File: 3134372e3132352e3138322e302f32342d3234203d3e20323033303438.roa (raw, json)
Hash identifier: ESLoN9hhVlxl0G5qdYSts66JMJL+Q0lGXwREafZkghg=
Subject key identifier: A4:BE:CF:C8:45:E8:FE:34:40:70:58:8B:D1:4D:4C:28:F7:42:7A:C5
Certificate issuer: /CN=6ccdc82bae7800f7d507c737924869bdeb5a76ea
Certificate serial: 37C2868C6EF8EB9F90AEB78CEF6137EA21A6980C
Authority key identifier: 6C:CD:C8:2B:AE:78:00:F7:D5:07:C7:37:92:48:69:BD:EB:5A:76:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bM3IK654APfVB8c3kkhpvetaduo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/3134372e3132352e3138322e302f32342d3234203d3e20323033303438.roa
Signing time: Sun 07 Jun 2026 09:13:57 +0000
ROA not before: Sun 07 Jun 2026 09:08:57 +0000
ROA not after: Sun 06 Jun 2027 09:13:57 +0000
asID: 203048
IP address blocks: 147.125.182.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/6CCDC82BAE7800F7D507C737924869BDEB5A76EA.crl
rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/6CCDC82BAE7800F7D507C737924869BDEB5A76EA.mft
rsync://rpki.ripe.net/repository/DEFAULT/bM3IK654APfVB8c3kkhpvetaduo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 04:38:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
37:c2:86:8c:6e:f8:eb:9f:90:ae:b7:8c:ef:61:37:ea:21:a6:98:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ccdc82bae7800f7d507c737924869bdeb5a76ea
Validity
Not Before: Jun 7 09:08:57 2026 GMT
Not After : Jun 6 09:13:57 2027 GMT
Subject: CN=A4BECFC845E8FE344070588BD14D4C28F7427AC5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:82:e3:80:25:c6:1f:ad:3c:da:30:d1:0e:35:
ed:db:fe:d1:1f:17:5d:dc:b5:30:c2:31:60:0b:c3:
8d:71:68:5a:20:a4:3a:6b:d0:9e:7e:58:50:38:25:
b4:18:6a:ae:97:c6:84:1c:24:79:5e:f0:d7:43:44:
01:f3:cc:ab:fc:1b:13:b0:d8:62:17:c1:1e:a1:32:
bf:91:62:4c:b7:87:26:9b:01:f0:59:51:3f:02:d9:
74:12:36:e3:05:44:af:87:25:45:47:72:7a:2a:11:
6a:54:dc:ad:a7:44:9d:fd:d6:28:34:d8:4b:9e:c3:
e0:81:99:f6:2d:19:33:96:6e:20:a4:63:e2:aa:f5:
8f:46:45:f2:be:67:e0:8f:04:e8:82:84:6b:63:31:
4c:9c:d7:11:dc:01:de:ec:7a:c0:4a:97:92:bf:3a:
68:d5:d5:49:94:fe:a7:9d:94:2c:87:c3:5c:bb:f6:
38:b7:47:4b:f4:1d:27:e8:07:07:64:34:ac:80:43:
8e:bf:83:a8:08:29:1d:3b:04:bd:43:a1:0f:e3:f7:
4e:eb:ba:2f:3f:54:d2:59:89:dd:4a:60:a4:d3:b8:
25:81:26:b6:ee:2b:bd:b4:aa:27:a5:64:58:65:a6:
b8:32:b7:86:c8:04:b9:3e:9b:fa:56:52:08:31:f8:
ef:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:BE:CF:C8:45:E8:FE:34:40:70:58:8B:D1:4D:4C:28:F7:42:7A:C5
X509v3 Authority Key Identifier:
keyid:6C:CD:C8:2B:AE:78:00:F7:D5:07:C7:37:92:48:69:BD:EB:5A:76:EA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/6CCDC82BAE7800F7D507C737924869BDEB5A76EA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bM3IK654APfVB8c3kkhpvetaduo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/3134372e3132352e3138322e302f32342d3234203d3e20323033303438.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.125.182.0/24
Signature Algorithm: sha256WithRSAEncryption
39:2d:92:8b:04:2d:85:60:02:08:39:27:0d:94:d2:71:5f:6e:
fd:be:dd:7e:0d:a1:71:d8:73:a6:b6:58:c6:b0:88:7d:f8:56:
2a:3a:41:fe:c6:41:7f:85:e2:46:14:e0:6c:08:e7:fb:2a:50:
98:1d:0c:0d:cf:1d:a4:de:43:a2:25:89:4b:86:2c:dc:1e:bb:
dc:cc:1e:17:29:3c:bd:40:2b:41:a7:90:b8:ad:04:0b:10:a1:
75:51:38:47:d0:30:a3:f5:ce:4b:1d:18:93:12:88:ea:91:96:
34:2b:82:8b:a2:27:4e:9d:10:ff:f5:a8:15:35:1f:f4:b9:ba:
83:49:4f:30:d7:76:bb:4b:ff:46:bb:df:0c:47:da:a7:f5:f0:
4f:6e:ac:5c:b8:7d:c9:f0:13:2d:96:55:81:2a:97:fc:59:95:
a6:4e:0f:b7:7f:07:e1:2f:d5:98:73:7c:de:28:3c:16:9b:66:
41:65:6c:b4:5d:aa:fd:01:f9:b4:ca:42:a9:f8:2e:24:92:6a:
41:7d:46:9f:c4:af:4d:92:b1:ea:b2:87:4c:49:33:44:1a:6e:
b9:91:4c:61:f9:11:dd:71:0b:38:55:0d:0b:b5:38:7f:8c:af:
1e:44:ce:e5:fa:36:35:86:25:25:22:62:f0:6a:ca:44:ee:f1:
a8:8f:24:7b
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUN8KGjG7465+QrreM72E36iGmmAwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNmNjZGM4MmJhZTc4MDBmN2Q1MDdjNzM3OTI0ODY5YmRl
YjVhNzZlYTAeFw0yNjA2MDcwOTA4NTdaFw0yNzA2MDYwOTEzNTdaMDMxMTAvBgNV
BAMTKEE0QkVDRkM4NDVFOEZFMzQ0MDcwNTg4QkQxNEQ0QzI4Rjc0MjdBQzUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDCguOAJcYfrTzaMNEONe3b/tEf
F13ctTDCMWALw41xaFogpDpr0J5+WFA4JbQYaq6XxoQcJHle8NdDRAHzzKv8GxOw
2GIXwR6hMr+RYky3hyabAfBZUT8C2XQSNuMFRK+HJUVHcnoqEWpU3K2nRJ391ig0
2Euew+CBmfYtGTOWbiCkY+Kq9Y9GRfK+Z+CPBOiChGtjMUyc1xHcAd7sesBKl5K/
OmjV1UmU/qedlCyHw1y79ji3R0v0HSfoBwdkNKyAQ46/g6gIKR07BL1DoQ/j907r
ui8/VNJZid1KYKTTuCWBJrbuK720qielZFhlprgyt4bIBLk+m/pWUggx+O/5AgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUpL7PyEXo/jRAcFiL0U1MKPdCesUwHwYDVR0j
BBgwFoAUbM3IK654APfVB8c3kkhpvetaduowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvY2NkMzg4NGEtYzM4NS00YjY1LTk4NjYtNGY2MzgzMTcy
NjcyLzAvNkNDREM4MkJBRTc4MDBGN0Q1MDdDNzM3OTI0ODY5QkRFQjVBNzZFQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2JNM0lLNjU0QVBmVkI4YzNra2hwdmV0
YWR1by5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvY2NkMzg4NGEt
YzM4NS00YjY1LTk4NjYtNGY2MzgzMTcyNjcyLzAvMzEzNDM3MmUzMTMyMzUyZTMx
MzgzMjJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzAzMzMwMzQzOC5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAJN9tjANBgkqhkiG9w0BAQsFAAOCAQEAOS2SiwQthWACCDknDZTScV9u/b7d
fg2hcdhzprZYxrCIffhWKjpB/sZBf4XiRhTgbAjn+ypQmB0MDc8dpN5DoiWJS4Ys
3B673MweFyk8vUArQaeQuK0ECxChdVE4R9Awo/XOSx0YkxKI6pGWNCuCi6InTp0Q
//WoFTUf9Lm6g0lPMNd2u0v/RrvfDEfap/XwT26sXLh9yfATLZZVgSqX/FmVpk4P
t38H4S/VmHN83ig8FptmQWVstF2q/QH5tMpCqfguJJJqQX1Gn8SvTZKx6rKHTEkz
RBpuuZFMYfkR3XELOFUNC7U4f4yvHkTO5fo2NYYlJSJi8GrKRO7xqI8kew==
-----END CERTIFICATE-----
Generated at Sat Jun 13 22:06:29 2026 by rpki-client