Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/3134372e3132352e3136352e302f32342d3234203d3e20343032333433.roa
File: 3134372e3132352e3136352e302f32342d3234203d3e20343032333433.roa (raw, json)
Hash identifier: Tsf0FLnKcfeRa8ABk2vIca0lTcdIK2+BpdlVCu5K7PM=
Subject key identifier: 82:FB:26:21:94:D8:30:76:74:C3:84:28:AC:16:22:29:B3:30:A4:66
Certificate issuer: /CN=6ccdc82bae7800f7d507c737924869bdeb5a76ea
Certificate serial: 5927BA782863BB7AF0446976E472051E80665822
Authority key identifier: 6C:CD:C8:2B:AE:78:00:F7:D5:07:C7:37:92:48:69:BD:EB:5A:76:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bM3IK654APfVB8c3kkhpvetaduo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/3134372e3132352e3136352e302f32342d3234203d3e20343032333433.roa
Signing time: Fri 19 Jun 2026 03:18:06 +0000
ROA not before: Fri 19 Jun 2026 03:13:06 +0000
ROA not after: Fri 18 Jun 2027 03:18:06 +0000
asID: 402343
IP address blocks: 147.125.165.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/6CCDC82BAE7800F7D507C737924869BDEB5A76EA.crl
rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/6CCDC82BAE7800F7D507C737924869BDEB5A76EA.mft
rsync://rpki.ripe.net/repository/DEFAULT/bM3IK654APfVB8c3kkhpvetaduo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 20 Jun 2026 19:57:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
59:27:ba:78:28:63:bb:7a:f0:44:69:76:e4:72:05:1e:80:66:58:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ccdc82bae7800f7d507c737924869bdeb5a76ea
Validity
Not Before: Jun 19 03:13:06 2026 GMT
Not After : Jun 18 03:18:06 2027 GMT
Subject: CN=82FB262194D8307674C38428AC162229B330A466
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:fe:05:02:0a:47:7d:6a:a5:27:61:5e:62:73:
cf:97:6e:e1:91:58:71:84:83:7e:ac:29:28:59:5c:
c1:94:4d:a7:42:d8:39:e9:84:74:d7:69:62:9e:e2:
73:fe:d7:65:d3:d3:f0:69:7e:af:d4:ac:79:0b:3d:
b9:e0:05:44:49:55:03:de:63:20:6a:66:7b:db:5d:
1e:ab:f9:03:09:e9:a3:5a:cb:47:b3:f4:5d:36:5b:
a7:ca:4a:d2:93:6c:c5:2a:8e:fa:aa:8b:27:cf:dc:
bb:05:cd:c0:9e:23:89:a5:08:b8:68:5a:43:4a:24:
fd:02:0f:9d:bf:04:7a:52:e8:f8:b1:41:5d:cd:13:
97:06:10:fe:8b:69:91:91:36:bb:b9:24:03:35:16:
2d:5e:f8:f1:f3:81:a6:96:4a:b4:0b:7a:cc:d7:8d:
4f:78:47:16:63:90:d1:4f:36:64:3c:3e:66:07:57:
9a:e3:07:dc:be:34:77:34:25:9f:d9:f6:5d:ef:d9:
7e:25:58:de:fa:3f:f4:21:61:d1:2c:c3:86:f2:bd:
8e:8f:de:b5:68:52:b2:ce:e7:41:dd:75:9b:3e:a5:
3f:59:d0:76:d7:68:48:27:ca:58:a2:46:22:02:9b:
ab:56:a6:bc:d1:cd:1b:0f:9d:a8:dc:36:74:90:6f:
36:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:FB:26:21:94:D8:30:76:74:C3:84:28:AC:16:22:29:B3:30:A4:66
X509v3 Authority Key Identifier:
keyid:6C:CD:C8:2B:AE:78:00:F7:D5:07:C7:37:92:48:69:BD:EB:5A:76:EA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/6CCDC82BAE7800F7D507C737924869BDEB5A76EA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bM3IK654APfVB8c3kkhpvetaduo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/3134372e3132352e3136352e302f32342d3234203d3e20343032333433.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.125.165.0/24
Signature Algorithm: sha256WithRSAEncryption
1f:3d:d4:9e:c1:d1:f2:e4:80:47:fa:a3:79:a8:63:40:a3:86:
9f:e2:b1:75:09:b4:41:99:1c:ac:e9:d7:c0:bc:91:d5:96:37:
92:6e:99:b4:de:a5:06:5a:0f:19:50:bf:2a:d1:d3:b3:a2:bc:
3e:bc:f0:14:72:19:fd:7e:3f:67:8a:8b:06:0a:a5:71:b5:e6:
d4:d9:f0:c3:44:a1:3f:09:e1:61:3d:73:b4:81:9a:3a:32:93:
02:71:13:82:e0:07:e5:a1:f6:70:1e:1e:16:95:46:2e:18:4f:
3a:be:16:da:de:dc:4b:90:b1:54:3c:dc:7b:72:0f:ee:8c:4c:
6f:92:9f:fa:37:4e:13:0c:df:28:fc:3a:d7:b3:45:3f:97:2d:
83:5f:9a:6c:0a:39:9f:26:1b:47:89:68:49:93:b2:b2:79:1a:
02:99:ee:e8:e4:f6:30:77:a0:1d:4f:f1:7f:e1:34:19:31:9f:
06:e6:4d:e0:2f:c9:93:a5:11:95:bf:2d:ef:49:2b:c0:5e:f5:
45:8c:3d:69:bb:9d:31:69:18:72:43:58:c0:bf:66:46:f1:c2:
ce:74:e6:0d:f8:d0:11:2d:24:cf:ba:c6:7e:43:f1:f9:a3:12:
da:59:9a:68:ce:c0:30:b1:e7:cf:52:ee:08:2a:83:76:03:a9:
6e:38:07:a3
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUWSe6eChju3rwRGl25HIFHoBmWCIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNmNjZGM4MmJhZTc4MDBmN2Q1MDdjNzM3OTI0ODY5YmRl
YjVhNzZlYTAeFw0yNjA2MTkwMzEzMDZaFw0yNzA2MTgwMzE4MDZaMDMxMTAvBgNV
BAMTKDgyRkIyNjIxOTREODMwNzY3NEMzODQyOEFDMTYyMjI5QjMzMEE0NjYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDU/gUCCkd9aqUnYV5ic8+XbuGR
WHGEg36sKShZXMGUTadC2DnphHTXaWKe4nP+12XT0/Bpfq/UrHkLPbngBURJVQPe
YyBqZnvbXR6r+QMJ6aNay0ez9F02W6fKStKTbMUqjvqqiyfP3LsFzcCeI4mlCLho
WkNKJP0CD52/BHpS6PixQV3NE5cGEP6LaZGRNru5JAM1Fi1e+PHzgaaWSrQLeszX
jU94RxZjkNFPNmQ8PmYHV5rjB9y+NHc0JZ/Z9l3v2X4lWN76P/QhYdEsw4byvY6P
3rVoUrLO50HddZs+pT9Z0HbXaEgnyliiRiICm6tWprzRzRsPnajcNnSQbzYPAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUgvsmIZTYMHZ0w4QorBYiKbMwpGYwHwYDVR0j
BBgwFoAUbM3IK654APfVB8c3kkhpvetaduowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvY2NkMzg4NGEtYzM4NS00YjY1LTk4NjYtNGY2MzgzMTcy
NjcyLzAvNkNDREM4MkJBRTc4MDBGN0Q1MDdDNzM3OTI0ODY5QkRFQjVBNzZFQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2JNM0lLNjU0QVBmVkI4YzNra2hwdmV0
YWR1by5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvY2NkMzg4NGEt
YzM4NS00YjY1LTk4NjYtNGY2MzgzMTcyNjcyLzAvMzEzNDM3MmUzMTMyMzUyZTMx
MzYzNTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM0MzAzMjMzMzQzMy5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAJN9pTANBgkqhkiG9w0BAQsFAAOCAQEAHz3UnsHR8uSAR/qjeahjQKOGn+Kx
dQm0QZkcrOnXwLyR1ZY3km6ZtN6lBloPGVC/KtHTs6K8PrzwFHIZ/X4/Z4qLBgql
cbXm1Nnww0ShPwnhYT1ztIGaOjKTAnETguAH5aH2cB4eFpVGLhhPOr4W2t7cS5Cx
VDzce3IP7oxMb5Kf+jdOEwzfKPw617NFP5ctg1+abAo5nyYbR4loSZOysnkaApnu
6OT2MHegHU/xf+E0GTGfBuZN4C/Jk6URlb8t70krwF71RYw9abudMWkYckNYwL9m
RvHCznTmDfjQES0kz7rGfkPx+aMS2lmaaM7AMLHnz1LuCCqDdgOpbjgHow==
-----END CERTIFICATE-----
Generated at Sat Jun 20 03:09:02 2026 by rpki-client