Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/3134372e3132352e3234302e302f32342d3234203d3e2039333138.roa
File: 3134372e3132352e3234302e302f32342d3234203d3e2039333138.roa (raw, json)
Hash identifier: v/Kn0B7Oh/Q5oI1VtHfYyG4dvY7WY0h9CWSKGOK1/6g=
Subject key identifier: 1C:2E:1E:E8:F5:2E:DE:66:92:55:E2:0C:E7:F5:CF:2A:34:9A:A4:E6
Certificate issuer: /CN=6ccdc82bae7800f7d507c737924869bdeb5a76ea
Certificate serial: 4A641E91D46EBB2F08230AF6B85BB1DF24EC2E
Authority key identifier: 6C:CD:C8:2B:AE:78:00:F7:D5:07:C7:37:92:48:69:BD:EB:5A:76:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bM3IK654APfVB8c3kkhpvetaduo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/3134372e3132352e3234302e302f32342d3234203d3e2039333138.roa
Signing time: Tue 04 Nov 2025 15:27:04 +0000
ROA not before: Tue 04 Nov 2025 15:22:04 +0000
ROA not after: Tue 03 Nov 2026 15:27:04 +0000
asID: 9318
IP address blocks: 147.125.240.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/6CCDC82BAE7800F7D507C737924869BDEB5A76EA.crl
rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/6CCDC82BAE7800F7D507C737924869BDEB5A76EA.mft
rsync://rpki.ripe.net/repository/DEFAULT/bM3IK654APfVB8c3kkhpvetaduo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 16:08:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4a:64:1e:91:d4:6e:bb:2f:08:23:0a:f6:b8:5b:b1:df:24:ec:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ccdc82bae7800f7d507c737924869bdeb5a76ea
Validity
Not Before: Nov 4 15:22:04 2025 GMT
Not After : Nov 3 15:27:04 2026 GMT
Subject: CN=1C2E1EE8F52EDE669255E20CE7F5CF2A349AA4E6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:01:90:aa:c2:c3:2c:50:0a:a2:8f:15:fa:e4:
4e:2c:1d:3a:17:58:64:4f:a3:89:11:db:ab:7e:2c:
0a:a3:29:f1:2c:96:6c:d0:4b:ca:d0:70:cc:c7:d9:
4e:c0:82:04:98:6c:e7:5d:94:5a:b9:dc:a8:72:0f:
28:2f:80:fb:db:5b:d7:6e:ed:00:66:ae:9b:e3:a7:
c6:2e:c2:13:15:da:b4:66:19:d3:62:93:df:6e:0f:
6d:a2:50:33:b1:8b:6b:8f:37:53:a8:b4:df:fa:68:
96:cd:3e:2e:09:96:9a:ae:af:8b:0e:34:0f:77:30:
89:d9:4a:8e:e0:7a:7a:c2:8d:ff:cc:d6:80:e3:8d:
b1:18:99:57:57:a6:7d:79:60:66:4b:4f:9f:ec:0b:
ee:f6:60:ba:ce:f4:a0:55:4b:0a:0e:1e:0c:e1:54:
23:15:0b:09:de:08:b6:3a:f3:23:a2:23:11:66:29:
cd:d4:6f:ef:07:c0:c7:a2:44:49:a8:65:9e:c7:35:
40:70:96:1a:53:b4:20:02:63:fe:5a:a1:18:93:51:
e8:a9:04:df:36:2a:6d:fd:e9:96:11:77:99:83:c6:
d7:51:e4:4a:f9:1b:64:1a:58:23:40:0f:4b:8b:5f:
6d:92:40:4e:48:b8:78:23:c5:9e:71:c8:f2:d6:4d:
d5:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:2E:1E:E8:F5:2E:DE:66:92:55:E2:0C:E7:F5:CF:2A:34:9A:A4:E6
X509v3 Authority Key Identifier:
keyid:6C:CD:C8:2B:AE:78:00:F7:D5:07:C7:37:92:48:69:BD:EB:5A:76:EA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/6CCDC82BAE7800F7D507C737924869BDEB5A76EA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bM3IK654APfVB8c3kkhpvetaduo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/3134372e3132352e3234302e302f32342d3234203d3e2039333138.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.125.240.0/24
Signature Algorithm: sha256WithRSAEncryption
02:b8:61:9e:d3:69:50:2e:5f:88:4c:e7:fc:17:55:f8:33:c9:
cf:12:77:f6:b1:59:a8:3c:d9:1e:4c:89:f3:72:a1:7c:0b:94:
56:5a:cf:fd:ff:a5:46:09:26:57:f7:b0:e9:e2:1c:e0:48:7f:
7c:77:85:36:5a:8a:3f:26:59:1a:cd:0b:a8:2b:1c:23:a4:f1:
cc:fd:c1:40:45:e5:14:3f:d8:df:70:19:b6:af:38:f8:c4:65:
53:98:ec:5c:bf:26:15:00:a5:79:bb:c3:af:65:96:77:48:b3:
13:80:2a:0a:bf:96:30:40:35:6c:bb:6f:8b:ad:0c:13:3a:78:
72:f2:da:2f:8b:b5:1e:af:0c:cb:8f:2e:b5:34:74:7f:17:28:
b9:c8:e0:bd:0b:1a:d2:ac:8d:1b:df:38:d5:fa:68:9a:40:46:
1e:2b:65:3c:f8:0c:fe:37:25:60:c2:c2:de:bf:e4:43:d7:4c:
c9:ee:f8:6c:32:69:a5:c6:ff:7a:fb:55:25:28:3b:21:3e:e2:
e7:e7:18:0f:b8:bf:98:2f:90:37:89:0f:72:fe:ac:51:cf:17:
6b:64:b3:5b:33:90:0e:6e:5b:0e:58:34:4f:fb:9c:5c:c7:87:
8b:26:a8:07:38:85:a4:0e:8c:30:25:d8:79:d8:62:a5:0e:86:
75:33:f4:5e
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgITSmQekdRuuy8IIwr2uFux3yTsLjANBgkqhkiG9w0BAQsF
ADAzMTEwLwYDVQQDEyg2Y2NkYzgyYmFlNzgwMGY3ZDUwN2M3Mzc5MjQ4NjliZGVi
NWE3NmVhMB4XDTI1MTEwNDE1MjIwNFoXDTI2MTEwMzE1MjcwNFowMzExMC8GA1UE
AxMoMUMyRTFFRThGNTJFREU2NjkyNTVFMjBDRTdGNUNGMkEzNDlBQTRFNjCCASIw
DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJ4BkKrCwyxQCqKPFfrkTiwdOhdY
ZE+jiRHbq34sCqMp8SyWbNBLytBwzMfZTsCCBJhs512UWrncqHIPKC+A+9tb127t
AGaum+Onxi7CExXatGYZ02KT324PbaJQM7GLa483U6i03/pols0+LgmWmq6viw40
D3cwidlKjuB6esKN/8zWgOONsRiZV1emfXlgZktPn+wL7vZgus70oFVLCg4eDOFU
IxULCd4ItjrzI6IjEWYpzdRv7wfAx6JESahlnsc1QHCWGlO0IAJj/lqhGJNR6KkE
3zYqbf3plhF3mYPG11HkSvkbZBpYI0APS4tfbZJATki4eCPFnnHI8tZN1W0CAwEA
AaOCAj0wggI5MB0GA1UdDgQWBBQcLh7o9S7eZpJV4gzn9c8qNJqk5jAfBgNVHSME
GDAWgBRszcgrrngA99UHxzeSSGm961p26jAOBgNVHQ8BAf8EBAMCB4AwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5u
ZXQvcmVwb3NpdG9yeS9jY2QzODg0YS1jMzg1LTRiNjUtOTg2Ni00ZjYzODMxNzI2
NzIvMC82Q0NEQzgyQkFFNzgwMEY3RDUwN0M3Mzc5MjQ4NjlCREVCNUE3NkVBLmNy
bDBkBggrBgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYk0zSUs2NTRBUGZWQjhjM2traHB2ZXRh
ZHVvLmNlcjCBrQYIKwYBBQUHAQsEgaAwgZ0wgZoGCCsGAQUFBzALhoGNcnN5bmM6
Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9jY2QzODg0YS1j
Mzg1LTRiNjUtOTg2Ni00ZjYzODMxNzI2NzIvMC8zMTM0MzcyZTMxMzIzNTJlMzIz
NDMwMmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzkzMzMxMzgucm9hMBgGA1UdIAEB
/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACT
ffAwDQYJKoZIhvcNAQELBQADggEBAAK4YZ7TaVAuX4hM5/wXVfgzyc8Sd/axWag8
2R5MifNyoXwLlFZaz/3/pUYJJlf3sOniHOBIf3x3hTZaij8mWRrNC6grHCOk8cz9
wUBF5RQ/2N9wGbavOPjEZVOY7Fy/JhUApXm7w69llndIsxOAKgq/ljBANWy7b4ut
DBM6eHLy2i+LtR6vDMuPLrU0dH8XKLnI4L0LGtKsjRvfONX6aJpARh4rZTz4DP43
JWDCwt6/5EPXTMnu+GwyaaXG/3r7VSUoOyE+4ufnGA+4v5gvkDeJD3L+rFHPF2tk
s1szkA5uWw5YNE/7nFzHh4smqAc4haQOjDAl2HnYYqUOhnUz9F4=
-----END CERTIFICATE-----
Generated at Tue Nov 4 23:34:54 2025 by rpki-client