Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/3134372e3132352e3133342e302f32342d3234203d3e20343032323938.roa
File: 3134372e3132352e3133342e302f32342d3234203d3e20343032323938.roa (raw, json)
Hash identifier: qkTS3ZaQ1EVd/AgPTDd24ikCuxLVUaLxx8uqOgv6HZ0=
Subject key identifier: 5C:8E:F9:52:59:57:DE:69:53:F5:4F:18:BC:38:C1:42:A3:45:E4:68
Certificate issuer: /CN=6ccdc82bae7800f7d507c737924869bdeb5a76ea
Certificate serial: 6F87160D3840748186A9246566E50825217A78D8
Authority key identifier: 6C:CD:C8:2B:AE:78:00:F7:D5:07:C7:37:92:48:69:BD:EB:5A:76:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bM3IK654APfVB8c3kkhpvetaduo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/3134372e3132352e3133342e302f32342d3234203d3e20343032323938.roa
Signing time: Wed 29 Apr 2026 17:10:26 +0000
ROA not before: Wed 29 Apr 2026 17:05:26 +0000
ROA not after: Wed 28 Apr 2027 17:10:26 +0000
asID: 402298
IP address blocks: 147.125.134.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/6CCDC82BAE7800F7D507C737924869BDEB5A76EA.crl
rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/6CCDC82BAE7800F7D507C737924869BDEB5A76EA.mft
rsync://rpki.ripe.net/repository/DEFAULT/bM3IK654APfVB8c3kkhpvetaduo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 01 May 2026 10:56:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6f:87:16:0d:38:40:74:81:86:a9:24:65:66:e5:08:25:21:7a:78:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ccdc82bae7800f7d507c737924869bdeb5a76ea
Validity
Not Before: Apr 29 17:05:26 2026 GMT
Not After : Apr 28 17:10:26 2027 GMT
Subject: CN=5C8EF9525957DE6953F54F18BC38C142A345E468
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:17:3a:00:7a:eb:9f:39:e6:37:9b:1b:95:97:
76:0a:0c:b2:91:06:63:cf:3c:52:19:d5:13:e7:ea:
12:e3:45:55:45:de:e0:b7:76:b8:98:35:a9:01:1e:
da:8f:58:2d:55:ef:c8:3c:df:7c:b1:54:61:cc:71:
b8:29:c1:c6:7f:9d:74:a5:3c:71:4c:c1:25:bd:3e:
a4:77:c4:4f:ba:74:a7:bf:57:c7:9a:e8:94:eb:ea:
58:45:bd:e2:25:70:1d:87:cc:49:99:46:f6:dd:5e:
a8:98:53:5e:09:33:54:8f:98:ed:7e:ce:cf:c3:fe:
89:0b:a8:8a:08:b0:95:cd:43:c5:8f:ac:ff:59:62:
6b:d1:12:d4:09:c0:4a:1f:b0:fc:e7:13:9e:dd:c5:
e4:cb:ac:08:68:22:97:ab:c5:a7:64:f1:e4:bb:57:
dc:4e:6a:4f:4e:c1:90:5d:8f:97:28:b1:8b:d7:7c:
37:27:19:51:e0:8d:83:6b:ca:69:03:72:b9:ac:9a:
99:22:ef:bc:d9:03:2f:f0:ee:0b:12:fa:17:da:ce:
c2:ef:48:b0:30:4f:87:2b:fe:b2:62:a1:f7:34:61:
52:bf:1b:da:b8:2d:bf:94:d7:a9:6b:65:76:d2:b0:
9d:7d:f6:40:a6:7d:1b:5f:a3:c9:dc:28:4e:f0:bc:
37:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:8E:F9:52:59:57:DE:69:53:F5:4F:18:BC:38:C1:42:A3:45:E4:68
X509v3 Authority Key Identifier:
keyid:6C:CD:C8:2B:AE:78:00:F7:D5:07:C7:37:92:48:69:BD:EB:5A:76:EA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/6CCDC82BAE7800F7D507C737924869BDEB5A76EA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bM3IK654APfVB8c3kkhpvetaduo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/3134372e3132352e3133342e302f32342d3234203d3e20343032323938.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.125.134.0/24
Signature Algorithm: sha256WithRSAEncryption
4c:bc:9a:c5:03:fc:7c:93:81:31:ce:19:da:1f:70:78:22:8b:
92:0e:ac:06:63:c0:02:20:37:a3:ba:3e:41:c8:40:71:26:2d:
69:6b:1e:5b:c7:90:da:3b:99:14:ef:18:12:26:7e:1c:a6:ba:
db:19:cc:3f:3b:37:55:b2:b4:17:63:59:e1:12:28:ce:83:fd:
e5:99:6a:44:4b:c5:20:56:ec:fc:73:42:c7:df:25:42:42:26:
0b:c0:01:6e:42:0a:52:3e:3a:f6:bd:38:4e:dc:d3:fa:35:b7:
f0:8c:07:70:98:e5:8c:e6:35:9e:ee:f4:3d:fb:30:84:95:6c:
47:28:d0:81:3f:b0:f9:d5:9d:4e:13:21:61:d8:5e:6b:c3:59:
2b:a7:6e:fd:06:e3:93:2e:53:dd:10:e5:be:5b:3b:35:fc:9a:
80:f2:25:15:de:ce:c0:ff:68:33:6a:49:92:fc:94:a3:68:bc:
64:09:ef:75:cd:98:83:ee:1c:a0:50:11:3d:82:cc:ad:97:06:
45:01:91:5a:cb:a1:5d:bd:1a:14:21:29:bf:dd:04:fe:f3:c5:
ba:0c:4c:8d:93:4a:88:8a:33:02:88:08:df:e9:23:7a:ee:04:
a7:b9:ef:50:7d:1b:00:78:0f:0e:2e:17:a4:bc:16:4b:6c:7f:
df:5e:3b:e1
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUb4cWDThAdIGGqSRlZuUIJSF6eNgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNmNjZGM4MmJhZTc4MDBmN2Q1MDdjNzM3OTI0ODY5YmRl
YjVhNzZlYTAeFw0yNjA0MjkxNzA1MjZaFw0yNzA0MjgxNzEwMjZaMDMxMTAvBgNV
BAMTKDVDOEVGOTUyNTk1N0RFNjk1M0Y1NEYxOEJDMzhDMTQyQTM0NUU0NjgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCoFzoAeuufOeY3mxuVl3YKDLKR
BmPPPFIZ1RPn6hLjRVVF3uC3driYNakBHtqPWC1V78g833yxVGHMcbgpwcZ/nXSl
PHFMwSW9PqR3xE+6dKe/V8ea6JTr6lhFveIlcB2HzEmZRvbdXqiYU14JM1SPmO1+
zs/D/okLqIoIsJXNQ8WPrP9ZYmvREtQJwEofsPznE57dxeTLrAhoIperxadk8eS7
V9xOak9OwZBdj5cosYvXfDcnGVHgjYNrymkDcrmsmpki77zZAy/w7gsS+hfazsLv
SLAwT4cr/rJiofc0YVK/G9q4Lb+U16lrZXbSsJ199kCmfRtfo8ncKE7wvDeJAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUXI75UllX3mlT9U8YvDjBQqNF5GgwHwYDVR0j
BBgwFoAUbM3IK654APfVB8c3kkhpvetaduowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvY2NkMzg4NGEtYzM4NS00YjY1LTk4NjYtNGY2MzgzMTcy
NjcyLzAvNkNDREM4MkJBRTc4MDBGN0Q1MDdDNzM3OTI0ODY5QkRFQjVBNzZFQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2JNM0lLNjU0QVBmVkI4YzNra2hwdmV0
YWR1by5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvY2NkMzg4NGEt
YzM4NS00YjY1LTk4NjYtNGY2MzgzMTcyNjcyLzAvMzEzNDM3MmUzMTMyMzUyZTMx
MzMzNDJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM0MzAzMjMyMzkzOC5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAJN9hjANBgkqhkiG9w0BAQsFAAOCAQEATLyaxQP8fJOBMc4Z2h9weCKLkg6s
BmPAAiA3o7o+QchAcSYtaWseW8eQ2juZFO8YEiZ+HKa62xnMPzs3VbK0F2NZ4RIo
zoP95ZlqREvFIFbs/HNCx98lQkImC8ABbkIKUj469r04TtzT+jW38IwHcJjljOY1
nu70PfswhJVsRyjQgT+w+dWdThMhYdhea8NZK6du/Qbjky5T3RDlvls7NfyagPIl
Fd7OwP9oM2pJkvyUo2i8ZAnvdc2Yg+4coFARPYLMrZcGRQGRWsuhXb0aFCEpv90E
/vPFugxMjZNKiIozAogI3+kjeu4Ep7nvUH0bAHgPDi4XpLwWS2x/31474Q==
-----END CERTIFICATE-----
Generated at Thu Apr 30 17:26:37 2026 by rpki-client