Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/3134372e3132352e3138372e302f32342d3234203d3e20323033303438.roa
File: 3134372e3132352e3138372e302f32342d3234203d3e20323033303438.roa (raw, json)
Hash identifier: 9CO6rnSal2tjA3DO4xpjl32IL8t3bcyQQAf0i6V+Ydw=
Subject key identifier: C5:5A:DD:A0:E5:6E:F5:BF:87:98:13:F0:D3:12:E4:B0:FE:40:7F:27
Certificate issuer: /CN=6ccdc82bae7800f7d507c737924869bdeb5a76ea
Certificate serial: 2787E98248D091992DA465009EEE5EFEDFB9E066
Authority key identifier: 6C:CD:C8:2B:AE:78:00:F7:D5:07:C7:37:92:48:69:BD:EB:5A:76:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bM3IK654APfVB8c3kkhpvetaduo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/3134372e3132352e3138372e302f32342d3234203d3e20323033303438.roa
Signing time: Fri 05 Jun 2026 16:12:04 +0000
ROA not before: Fri 05 Jun 2026 16:07:04 +0000
ROA not after: Fri 04 Jun 2027 16:12:04 +0000
asID: 203048
IP address blocks: 147.125.187.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/6CCDC82BAE7800F7D507C737924869BDEB5A76EA.crl
rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/6CCDC82BAE7800F7D507C737924869BDEB5A76EA.mft
rsync://rpki.ripe.net/repository/DEFAULT/bM3IK654APfVB8c3kkhpvetaduo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 04:38:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
27:87:e9:82:48:d0:91:99:2d:a4:65:00:9e:ee:5e:fe:df:b9:e0:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ccdc82bae7800f7d507c737924869bdeb5a76ea
Validity
Not Before: Jun 5 16:07:04 2026 GMT
Not After : Jun 4 16:12:04 2027 GMT
Subject: CN=C55ADDA0E56EF5BF879813F0D312E4B0FE407F27
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:69:d3:7d:e5:17:5f:49:cf:a8:fc:e0:1b:69:
48:5e:4e:c2:dd:2a:40:ac:8c:79:47:2c:c1:77:99:
83:67:d9:88:f5:c7:eb:f4:6e:9f:74:ec:8d:49:5a:
ec:6e:11:fe:bb:55:19:bd:95:84:a6:fd:f0:cd:55:
85:dd:e8:6a:ea:dd:5c:f6:66:ec:23:61:c7:47:b3:
ac:aa:ad:85:fa:1e:c1:e1:ef:df:8f:ec:c1:5a:cc:
c1:66:06:b7:91:37:ef:6c:19:38:95:40:da:76:7e:
b1:7c:ba:a7:9c:13:d7:19:35:c1:7d:ec:3c:c0:7c:
93:d8:8c:7d:b3:41:18:6a:90:15:c6:c0:d6:be:79:
92:0b:ba:3c:4c:51:b8:2f:26:28:f9:57:45:73:b4:
68:92:20:52:bd:30:7d:ed:dd:b9:ad:44:d0:11:7d:
f5:0a:82:b4:2b:89:13:95:d3:3c:f6:e7:e8:d6:ad:
df:98:29:63:b1:96:8e:aa:df:ea:3c:8c:02:8a:36:
63:40:dc:ee:82:91:44:ed:d4:b6:63:5b:86:02:d4:
d0:96:fd:1d:47:8b:f4:bc:6a:64:de:ca:c2:57:18:
82:24:bd:7c:c2:3e:15:92:9b:c0:c9:c8:0b:74:ee:
f5:76:06:a6:ca:2f:81:a3:da:06:6e:5b:9b:e0:65:
a8:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:5A:DD:A0:E5:6E:F5:BF:87:98:13:F0:D3:12:E4:B0:FE:40:7F:27
X509v3 Authority Key Identifier:
keyid:6C:CD:C8:2B:AE:78:00:F7:D5:07:C7:37:92:48:69:BD:EB:5A:76:EA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/6CCDC82BAE7800F7D507C737924869BDEB5A76EA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bM3IK654APfVB8c3kkhpvetaduo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/3134372e3132352e3138372e302f32342d3234203d3e20323033303438.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.125.187.0/24
Signature Algorithm: sha256WithRSAEncryption
00:a2:80:c9:01:90:71:bb:35:fb:7f:d6:23:6b:cd:3b:a8:7c:
21:97:dc:b5:e0:3a:e9:d3:4c:49:07:f9:29:36:b5:4b:0a:c0:
04:40:7e:f6:37:61:8e:0d:ff:65:ff:82:0f:52:da:ff:f3:3b:
64:a1:b4:18:98:d6:e6:94:4f:19:df:95:48:71:3f:10:df:25:
a7:8b:6a:a9:61:50:ff:1c:8a:43:97:ca:b6:3d:2a:9f:0b:3c:
d2:6a:b4:64:f6:55:a3:88:dc:3b:47:fb:73:8b:dd:66:fe:b6:
19:d5:26:37:4d:e6:ea:59:ea:35:90:73:79:0e:7d:26:a7:21:
4e:ba:67:7a:9d:68:2d:6b:f5:85:a4:aa:a6:73:e6:78:6e:f4:
a6:35:cd:82:ae:2b:0d:a6:3d:31:1b:34:f3:ab:8b:cf:af:d8:
0a:29:69:bd:87:cd:fe:38:63:fb:b9:fb:a6:86:7a:be:85:82:
f2:fb:75:01:d1:6e:07:fe:e3:56:71:f5:ab:07:01:0a:bf:20:
c8:b8:54:a7:6d:13:af:43:10:8a:34:a4:ec:ef:85:0f:51:0e:
6d:f0:57:96:eb:6b:c0:7f:6a:f9:1e:de:26:59:d4:85:50:62:
6f:08:13:2d:1a:cd:ad:d4:df:be:51:e8:27:94:7d:a6:15:81:
64:67:08:56
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUJ4fpgkjQkZktpGUAnu5e/t+54GYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNmNjZGM4MmJhZTc4MDBmN2Q1MDdjNzM3OTI0ODY5YmRl
YjVhNzZlYTAeFw0yNjA2MDUxNjA3MDRaFw0yNzA2MDQxNjEyMDRaMDMxMTAvBgNV
BAMTKEM1NUFEREEwRTU2RUY1QkY4Nzk4MTNGMEQzMTJFNEIwRkU0MDdGMjcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCiadN95RdfSc+o/OAbaUheTsLd
KkCsjHlHLMF3mYNn2Yj1x+v0bp907I1JWuxuEf67VRm9lYSm/fDNVYXd6Grq3Vz2
ZuwjYcdHs6yqrYX6HsHh79+P7MFazMFmBreRN+9sGTiVQNp2frF8uqecE9cZNcF9
7DzAfJPYjH2zQRhqkBXGwNa+eZILujxMUbgvJij5V0VztGiSIFK9MH3t3bmtRNAR
ffUKgrQriROV0zz25+jWrd+YKWOxlo6q3+o8jAKKNmNA3O6CkUTt1LZjW4YC1NCW
/R1Hi/S8amTeysJXGIIkvXzCPhWSm8DJyAt07vV2BqbKL4Gj2gZuW5vgZagbAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUxVrdoOVu9b+HmBPw0xLksP5AfycwHwYDVR0j
BBgwFoAUbM3IK654APfVB8c3kkhpvetaduowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvY2NkMzg4NGEtYzM4NS00YjY1LTk4NjYtNGY2MzgzMTcy
NjcyLzAvNkNDREM4MkJBRTc4MDBGN0Q1MDdDNzM3OTI0ODY5QkRFQjVBNzZFQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2JNM0lLNjU0QVBmVkI4YzNra2hwdmV0
YWR1by5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvY2NkMzg4NGEt
YzM4NS00YjY1LTk4NjYtNGY2MzgzMTcyNjcyLzAvMzEzNDM3MmUzMTMyMzUyZTMx
MzgzNzJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzAzMzMwMzQzOC5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAJN9uzANBgkqhkiG9w0BAQsFAAOCAQEAAKKAyQGQcbs1+3/WI2vNO6h8IZfc
teA66dNMSQf5KTa1SwrABEB+9jdhjg3/Zf+CD1La//M7ZKG0GJjW5pRPGd+VSHE/
EN8lp4tqqWFQ/xyKQ5fKtj0qnws80mq0ZPZVo4jcO0f7c4vdZv62GdUmN03m6lnq
NZBzeQ59JqchTrpnep1oLWv1haSqpnPmeG70pjXNgq4rDaY9MRs086uLz6/YCilp
vYfN/jhj+7n7poZ6voWC8vt1AdFuB/7jVnH1qwcBCr8gyLhUp20Tr0MQijSk7O+F
D1EObfBXlutrwH9q+R7eJlnUhVBibwgTLRrNrdTfvlHoJ5R9phWBZGcIVg==
-----END CERTIFICATE-----
Generated at Sat Jun 13 21:21:34 2026 by rpki-client