Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/3134372e3132352e3134322e302f32342d3234203d3e20323134343332.roa
File: 3134372e3132352e3134322e302f32342d3234203d3e20323134343332.roa (raw, json)
Hash identifier: 5WUnzYB//I1xK4h85XpoVbwb5XnkD538+hGQywYfA8w=
Subject key identifier: BB:AF:4D:8B:8A:FC:D9:87:AE:5E:38:55:B3:31:16:3C:53:DE:1E:1B
Certificate issuer: /CN=6ccdc82bae7800f7d507c737924869bdeb5a76ea
Certificate serial: 103A87CBBF67B32D5EE531EFF1C1F82D594EFA83
Authority key identifier: 6C:CD:C8:2B:AE:78:00:F7:D5:07:C7:37:92:48:69:BD:EB:5A:76:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bM3IK654APfVB8c3kkhpvetaduo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/3134372e3132352e3134322e302f32342d3234203d3e20323134343332.roa
Signing time: Tue 21 Apr 2026 09:09:09 +0000
ROA not before: Tue 21 Apr 2026 09:04:09 +0000
ROA not after: Tue 20 Apr 2027 09:09:09 +0000
asID: 214432
IP address blocks: 147.125.142.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/6CCDC82BAE7800F7D507C737924869BDEB5A76EA.crl
rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/6CCDC82BAE7800F7D507C737924869BDEB5A76EA.mft
rsync://rpki.ripe.net/repository/DEFAULT/bM3IK654APfVB8c3kkhpvetaduo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 27 Apr 2026 15:07:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
10:3a:87:cb:bf:67:b3:2d:5e:e5:31:ef:f1:c1:f8:2d:59:4e:fa:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ccdc82bae7800f7d507c737924869bdeb5a76ea
Validity
Not Before: Apr 21 09:04:09 2026 GMT
Not After : Apr 20 09:09:09 2027 GMT
Subject: CN=BBAF4D8B8AFCD987AE5E3855B331163C53DE1E1B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:2d:f8:d8:4c:49:8e:f7:e1:09:3c:5f:1e:95:
3d:ef:c6:71:8d:33:a8:79:3a:11:91:16:6d:6c:de:
fa:f5:4b:43:07:56:41:0a:9b:5f:56:58:21:79:f5:
e7:52:cb:9d:83:b1:60:2e:1c:67:0a:a0:13:83:af:
99:d2:32:a5:19:65:21:32:2f:4d:71:45:fc:8d:56:
c9:63:3f:b3:8f:b4:12:ae:75:b8:96:f3:59:71:7b:
6e:4a:96:3c:7a:c2:77:a6:4a:29:54:4e:b5:31:5c:
38:72:77:b0:d6:2d:5e:62:3d:f6:bb:b4:fd:bd:d0:
fe:5a:f3:1e:43:41:91:b6:e7:5d:46:40:30:47:4a:
3d:84:36:cb:0e:01:f7:ef:2a:df:b3:f1:fd:c1:c7:
26:b0:0a:07:62:28:36:34:c1:8d:64:ff:66:5f:87:
10:1b:77:e3:24:ee:9b:05:56:a9:8e:b5:0d:a6:93:
95:6b:59:2b:53:ec:fa:e1:fa:da:4b:c9:5a:c0:99:
f4:aa:f9:ee:31:5c:9e:91:64:1b:d1:38:d1:54:8e:
c7:4a:aa:ed:a4:d1:72:dc:3b:09:e7:09:c5:ba:7b:
19:99:f6:ce:90:a4:9d:79:b6:ad:bc:05:7b:a6:23:
6d:8d:f3:9d:41:6a:3f:5b:a7:b5:cb:42:aa:5a:79:
60:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:AF:4D:8B:8A:FC:D9:87:AE:5E:38:55:B3:31:16:3C:53:DE:1E:1B
X509v3 Authority Key Identifier:
keyid:6C:CD:C8:2B:AE:78:00:F7:D5:07:C7:37:92:48:69:BD:EB:5A:76:EA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/6CCDC82BAE7800F7D507C737924869BDEB5A76EA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bM3IK654APfVB8c3kkhpvetaduo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/3134372e3132352e3134322e302f32342d3234203d3e20323134343332.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.125.142.0/24
Signature Algorithm: sha256WithRSAEncryption
9a:de:39:49:62:7a:31:2b:84:e6:9a:4c:da:1a:97:0d:01:9a:
b4:10:b9:89:f1:24:8a:6d:0c:98:40:f1:33:2f:aa:b2:49:99:
99:6e:0c:0a:7c:3b:ba:ce:50:11:eb:a8:9c:9f:c7:9b:29:70:
10:00:b2:87:b5:ed:ed:fa:76:f1:c2:2c:df:68:3d:86:3a:52:
26:e8:65:93:4d:e6:2d:c4:08:89:8b:53:ef:db:f7:c9:57:5d:
17:d6:07:b0:4d:97:94:1f:c9:c7:df:e5:14:06:73:5e:6d:78:
03:f1:96:80:f8:a1:a4:77:9f:d8:9d:c4:b2:16:c0:cf:70:fd:
30:91:25:97:9a:4d:f5:cf:bc:f2:0f:54:15:eb:ba:3b:f0:e6:
b6:4b:e6:d1:1d:cd:54:1e:9a:3e:32:82:3b:79:63:be:50:ee:
7a:85:10:dd:fe:32:5c:99:ba:6c:83:3d:0f:85:48:d0:1b:93:
c2:e9:54:96:36:ae:3b:58:8b:7b:55:df:b1:cd:12:e9:f2:21:
a5:22:ef:53:51:fd:5c:af:57:f0:4a:09:99:49:3a:d3:dd:6a:
92:ef:b9:ed:ea:4b:18:fd:1f:1a:e2:d5:2c:20:79:ed:9a:4a:
3a:9c:78:68:d3:84:68:10:a0:55:6d:9f:6a:31:24:22:a4:f5:
3b:eb:f1:c0
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUEDqHy79nsy1e5THv8cH4LVlO+oMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNmNjZGM4MmJhZTc4MDBmN2Q1MDdjNzM3OTI0ODY5YmRl
YjVhNzZlYTAeFw0yNjA0MjEwOTA0MDlaFw0yNzA0MjAwOTA5MDlaMDMxMTAvBgNV
BAMTKEJCQUY0RDhCOEFGQ0Q5ODdBRTVFMzg1NUIzMzExNjNDNTNERTFFMUIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDrLfjYTEmO9+EJPF8elT3vxnGN
M6h5OhGRFm1s3vr1S0MHVkEKm19WWCF59edSy52DsWAuHGcKoBODr5nSMqUZZSEy
L01xRfyNVsljP7OPtBKudbiW81lxe25Kljx6wnemSilUTrUxXDhyd7DWLV5iPfa7
tP290P5a8x5DQZG2511GQDBHSj2ENssOAffvKt+z8f3BxyawCgdiKDY0wY1k/2Zf
hxAbd+Mk7psFVqmOtQ2mk5VrWStT7Prh+tpLyVrAmfSq+e4xXJ6RZBvRONFUjsdK
qu2k0XLcOwnnCcW6exmZ9s6QpJ15tq28BXumI22N851Baj9bp7XLQqpaeWA3AgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUu69Ni4r82YeuXjhVszEWPFPeHhswHwYDVR0j
BBgwFoAUbM3IK654APfVB8c3kkhpvetaduowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvY2NkMzg4NGEtYzM4NS00YjY1LTk4NjYtNGY2MzgzMTcy
NjcyLzAvNkNDREM4MkJBRTc4MDBGN0Q1MDdDNzM3OTI0ODY5QkRFQjVBNzZFQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2JNM0lLNjU0QVBmVkI4YzNra2hwdmV0
YWR1by5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvY2NkMzg4NGEt
YzM4NS00YjY1LTk4NjYtNGY2MzgzMTcyNjcyLzAvMzEzNDM3MmUzMTMyMzUyZTMx
MzQzMjJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzEzNDM0MzMzMi5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAJN9jjANBgkqhkiG9w0BAQsFAAOCAQEAmt45SWJ6MSuE5ppM2hqXDQGatBC5
ifEkim0MmEDxMy+qskmZmW4MCnw7us5QEeuonJ/HmylwEACyh7Xt7fp28cIs32g9
hjpSJuhlk03mLcQIiYtT79v3yVddF9YHsE2XlB/Jx9/lFAZzXm14A/GWgPihpHef
2J3EshbAz3D9MJEll5pN9c+88g9UFeu6O/Dmtkvm0R3NVB6aPjKCO3ljvlDueoUQ
3f4yXJm6bIM9D4VI0BuTwulUljauO1iLe1Xfsc0S6fIhpSLvU1H9XK9X8EoJmUk6
091qku+57epLGP0fGuLVLCB57ZpKOpx4aNOEaBCgVW2fajEkIqT1O+vxwA==
-----END CERTIFICATE-----
Generated at Mon Apr 27 07:55:05 2026 by rpki-client