Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/3134372e3132352e3139332e302f32342d3234203d3e20323033303534.roa
File: 3134372e3132352e3139332e302f32342d3234203d3e20323033303534.roa (raw, json)
Hash identifier: ultBEq58wJpdnvl1WZ/3CQzsHXupFLctT0wTX30YhB8=
Subject key identifier: 35:E3:B1:DF:FC:48:F9:31:9A:72:DB:82:71:E9:76:4E:11:77:28:F3
Certificate issuer: /CN=6ccdc82bae7800f7d507c737924869bdeb5a76ea
Certificate serial: 28B723AFD510243C656FFA63EC19A25BDAEC9BED
Authority key identifier: 6C:CD:C8:2B:AE:78:00:F7:D5:07:C7:37:92:48:69:BD:EB:5A:76:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bM3IK654APfVB8c3kkhpvetaduo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/3134372e3132352e3139332e302f32342d3234203d3e20323033303534.roa
Signing time: Mon 08 Jun 2026 03:56:20 +0000
ROA not before: Mon 08 Jun 2026 03:51:20 +0000
ROA not after: Mon 07 Jun 2027 03:56:20 +0000
asID: 203054
IP address blocks: 147.125.193.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/6CCDC82BAE7800F7D507C737924869BDEB5A76EA.crl
rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/6CCDC82BAE7800F7D507C737924869BDEB5A76EA.mft
rsync://rpki.ripe.net/repository/DEFAULT/bM3IK654APfVB8c3kkhpvetaduo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 04:38:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
28:b7:23:af:d5:10:24:3c:65:6f:fa:63:ec:19:a2:5b:da:ec:9b:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ccdc82bae7800f7d507c737924869bdeb5a76ea
Validity
Not Before: Jun 8 03:51:20 2026 GMT
Not After : Jun 7 03:56:20 2027 GMT
Subject: CN=35E3B1DFFC48F9319A72DB8271E9764E117728F3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:f9:c6:03:55:43:3d:17:32:d4:80:2d:f0:71:
b6:81:3b:a8:be:9a:3e:6f:45:34:bd:5f:50:3a:bd:
f8:d1:b2:cd:3e:49:52:f8:45:0f:e2:5c:ed:95:14:
95:d5:9e:f5:c8:11:01:d7:f1:da:a4:d5:66:62:9e:
b5:70:79:09:a1:ff:9b:f2:45:21:a4:32:66:b4:97:
d9:33:cd:e3:52:bc:e5:5c:8a:51:7b:35:49:70:3e:
7e:e6:90:5c:41:e2:c0:a6:75:46:40:99:9c:e7:4b:
cf:15:ce:a9:af:e1:a0:6f:53:2a:91:79:6e:21:21:
79:5d:a0:7b:9d:18:df:70:83:ec:90:d7:8b:f7:89:
3f:cc:9d:88:9e:29:59:1d:56:3a:b7:f9:1b:03:53:
b5:47:5a:be:de:0a:c8:ac:80:fc:7b:2b:2c:a6:45:
09:66:52:87:54:92:99:80:d0:f8:d1:db:85:d1:5d:
23:a3:06:9d:ea:50:61:9f:e3:04:17:89:e3:63:e3:
2a:98:37:45:20:d0:68:b8:a2:e9:90:cb:74:6d:9e:
a0:e8:3e:7a:b0:10:e4:99:b5:ae:65:19:80:df:af:
6d:e1:28:a1:0f:c0:13:6b:cb:ac:bf:91:d1:09:10:
1b:4c:30:69:bf:21:1c:79:88:4e:da:0d:e3:fc:e8:
f6:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:E3:B1:DF:FC:48:F9:31:9A:72:DB:82:71:E9:76:4E:11:77:28:F3
X509v3 Authority Key Identifier:
keyid:6C:CD:C8:2B:AE:78:00:F7:D5:07:C7:37:92:48:69:BD:EB:5A:76:EA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/6CCDC82BAE7800F7D507C737924869BDEB5A76EA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bM3IK654APfVB8c3kkhpvetaduo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/3134372e3132352e3139332e302f32342d3234203d3e20323033303534.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.125.193.0/24
Signature Algorithm: sha256WithRSAEncryption
1b:78:cf:48:ee:19:de:8f:96:a6:b1:2d:cc:b5:e3:62:28:e6:
83:98:a8:70:d3:85:1b:47:0a:6a:1e:47:86:ee:f3:ed:79:c2:
1f:73:bc:f0:a3:3e:aa:23:b5:f0:1d:83:6e:64:d8:fb:29:8b:
c6:9b:e4:45:18:62:37:27:3f:0d:59:6e:ba:e3:aa:f3:d3:f8:
6b:0f:3e:b2:5c:e8:5b:0e:49:52:83:7d:24:a3:83:3d:11:2a:
ba:64:51:39:7a:c8:6e:98:da:c4:d5:65:77:19:47:f3:4c:1c:
e1:f8:29:f6:77:ef:7a:54:9a:1b:0f:7a:ee:7b:14:bb:34:2a:
79:b9:2d:b4:4a:6a:87:df:8b:f8:69:c3:e8:55:66:2a:b4:fa:
10:5c:76:89:c0:7f:75:d3:e8:68:a6:b6:b3:38:52:95:dd:70:
62:84:7e:ad:e7:02:f5:54:05:6b:f8:b5:df:e9:f3:b5:bf:38:
db:6f:19:50:78:6b:34:2e:49:9c:ec:6f:17:4b:b0:28:b9:c8:
09:97:2a:5d:5d:67:ed:de:15:95:b2:b9:93:dc:bc:c2:12:b2:
9b:41:e7:30:4c:51:ba:c2:48:e8:63:ca:c5:5e:ff:bf:ac:44:
8d:f2:5b:3f:e4:1f:23:67:a6:5b:01:3d:a2:63:98:fe:4b:ba:
ea:a1:91:8e
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUKLcjr9UQJDxlb/pj7BmiW9rsm+0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNmNjZGM4MmJhZTc4MDBmN2Q1MDdjNzM3OTI0ODY5YmRl
YjVhNzZlYTAeFw0yNjA2MDgwMzUxMjBaFw0yNzA2MDcwMzU2MjBaMDMxMTAvBgNV
BAMTKDM1RTNCMURGRkM0OEY5MzE5QTcyREI4MjcxRTk3NjRFMTE3NzI4RjMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0+cYDVUM9FzLUgC3wcbaBO6i+
mj5vRTS9X1A6vfjRss0+SVL4RQ/iXO2VFJXVnvXIEQHX8dqk1WZinrVweQmh/5vy
RSGkMma0l9kzzeNSvOVcilF7NUlwPn7mkFxB4sCmdUZAmZznS88Vzqmv4aBvUyqR
eW4hIXldoHudGN9wg+yQ14v3iT/MnYieKVkdVjq3+RsDU7VHWr7eCsisgPx7Kyym
RQlmUodUkpmA0PjR24XRXSOjBp3qUGGf4wQXieNj4yqYN0Ug0Gi4oumQy3RtnqDo
PnqwEOSZta5lGYDfr23hKKEPwBNry6y/kdEJEBtMMGm/IRx5iE7aDeP86PaJAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUNeOx3/xI+TGactuCcel2ThF3KPMwHwYDVR0j
BBgwFoAUbM3IK654APfVB8c3kkhpvetaduowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvY2NkMzg4NGEtYzM4NS00YjY1LTk4NjYtNGY2MzgzMTcy
NjcyLzAvNkNDREM4MkJBRTc4MDBGN0Q1MDdDNzM3OTI0ODY5QkRFQjVBNzZFQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2JNM0lLNjU0QVBmVkI4YzNra2hwdmV0
YWR1by5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvY2NkMzg4NGEt
YzM4NS00YjY1LTk4NjYtNGY2MzgzMTcyNjcyLzAvMzEzNDM3MmUzMTMyMzUyZTMx
MzkzMzJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzAzMzMwMzUzNC5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAJN9wTANBgkqhkiG9w0BAQsFAAOCAQEAG3jPSO4Z3o+WprEtzLXjYijmg5io
cNOFG0cKah5Hhu7z7XnCH3O88KM+qiO18B2DbmTY+ymLxpvkRRhiNyc/DVluuuOq
89P4aw8+slzoWw5JUoN9JKODPREqumRROXrIbpjaxNVldxlH80wc4fgp9nfvelSa
Gw967nsUuzQqebkttEpqh9+L+GnD6FVmKrT6EFx2icB/ddPoaKa2szhSld1wYoR+
recC9VQFa/i13+nztb84228ZUHhrNC5JnOxvF0uwKLnICZcqXV1n7d4VlbK5k9y8
whKym0HnMExRusJI6GPKxV7/v6xEjfJbP+QfI2emWwE9omOY/ku66qGRjg==
-----END CERTIFICATE-----
Generated at Sat Jun 13 21:42:06 2026 by rpki-client