Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/3134372e3132352e3137352e302f32342d3234203d3e20323135313532.roa
File: 3134372e3132352e3137352e302f32342d3234203d3e20323135313532.roa (raw, json)
Hash identifier: pRr2ZpGlWHqFAy4lRGAa0TOL8Hb/My0lBwcRMhBDvtk=
Subject key identifier: A2:F0:D2:9E:D0:7A:81:FB:2B:E0:23:36:B0:9F:10:9C:C0:1C:34:4B
Certificate issuer: /CN=6ccdc82bae7800f7d507c737924869bdeb5a76ea
Certificate serial: 1C31287378004BE081F1FA397B7D3BBE0B5CC29E
Authority key identifier: 6C:CD:C8:2B:AE:78:00:F7:D5:07:C7:37:92:48:69:BD:EB:5A:76:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bM3IK654APfVB8c3kkhpvetaduo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/3134372e3132352e3137352e302f32342d3234203d3e20323135313532.roa
Signing time: Sat 20 Jun 2026 13:55:33 +0000
ROA not before: Sat 20 Jun 2026 13:50:33 +0000
ROA not after: Sat 19 Jun 2027 13:55:33 +0000
asID: 215152
IP address blocks: 147.125.175.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/6CCDC82BAE7800F7D507C737924869BDEB5A76EA.crl
rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/6CCDC82BAE7800F7D507C737924869BDEB5A76EA.mft
rsync://rpki.ripe.net/repository/DEFAULT/bM3IK654APfVB8c3kkhpvetaduo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 28 Jun 2026 11:39:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1c:31:28:73:78:00:4b:e0:81:f1:fa:39:7b:7d:3b:be:0b:5c:c2:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ccdc82bae7800f7d507c737924869bdeb5a76ea
Validity
Not Before: Jun 20 13:50:33 2026 GMT
Not After : Jun 19 13:55:33 2027 GMT
Subject: CN=A2F0D29ED07A81FB2BE02336B09F109CC01C344B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:c6:25:24:f4:90:22:57:b2:b0:87:ad:50:c1:
a9:ae:50:a0:6b:23:f5:b8:61:d9:76:d3:25:dc:27:
92:d9:ec:e3:f6:11:7e:ef:b3:2b:4f:25:b8:15:e3:
d9:50:8b:c7:6f:df:cc:74:e4:74:b1:1d:9f:f9:6e:
82:1c:d9:2c:22:8a:9e:e9:10:44:37:e8:89:36:b3:
8d:56:0d:da:cd:89:b7:29:c3:b1:5d:ff:e6:0b:63:
ad:50:14:7f:cb:05:bb:09:52:28:47:33:91:d6:42:
d8:5b:c0:20:a5:c9:0f:eb:1f:8f:05:8f:8d:8e:e6:
94:68:00:63:9a:92:1a:4e:78:e3:cf:c6:ac:3d:8b:
a5:47:f3:a5:0a:8e:9f:fe:0d:31:a5:7e:c2:87:06:
e5:51:d0:38:f9:2c:ed:4f:3f:80:f1:6a:d5:9c:6e:
58:87:10:97:86:30:c2:b6:a8:f4:ea:b4:fd:29:42:
03:50:92:0a:3f:66:5c:15:30:a0:7c:f2:2d:83:64:
3d:a6:66:f9:ff:33:8b:2d:d1:8b:3d:21:9d:35:07:
a9:95:82:23:a9:12:62:91:31:a2:97:d6:45:ab:16:
56:4e:72:45:39:30:75:23:06:77:7d:4b:38:b5:4e:
a4:98:64:0a:52:0e:a3:58:4c:06:3b:cd:73:1c:d2:
eb:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:F0:D2:9E:D0:7A:81:FB:2B:E0:23:36:B0:9F:10:9C:C0:1C:34:4B
X509v3 Authority Key Identifier:
keyid:6C:CD:C8:2B:AE:78:00:F7:D5:07:C7:37:92:48:69:BD:EB:5A:76:EA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/6CCDC82BAE7800F7D507C737924869BDEB5A76EA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bM3IK654APfVB8c3kkhpvetaduo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/3134372e3132352e3137352e302f32342d3234203d3e20323135313532.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.125.175.0/24
Signature Algorithm: sha256WithRSAEncryption
85:47:9a:4d:7a:23:5a:bb:69:82:5e:87:e5:82:72:6f:1b:98:
bf:8c:90:64:29:1a:7a:8f:8c:09:ef:95:f0:b3:ab:66:68:e9:
5e:72:19:ba:34:d2:75:39:58:91:8f:e1:23:2a:9f:23:db:79:
f6:10:73:d2:bc:82:e5:b4:dd:42:3c:98:c9:21:1f:3e:34:58:
4a:fd:12:80:f0:ef:2c:58:cb:a9:90:47:1e:fe:ff:ec:7a:c3:
d0:3e:45:9d:0f:f3:52:66:5b:6e:08:29:81:b4:0b:2b:b6:93:
f3:8c:5a:b1:14:66:76:77:d9:c7:fd:d0:fb:bb:5a:9a:bd:07:
4a:90:f8:2b:9d:d4:ce:80:5a:44:15:f8:c2:60:77:82:71:8f:
ae:14:c2:83:3d:bd:35:98:e8:7e:e2:f6:ff:bf:4e:cd:23:24:
10:a7:04:75:fb:9c:63:2d:b3:13:ea:3e:ed:ee:20:19:e5:d8:
78:ac:7b:59:bc:ff:9c:1b:ed:af:33:ae:2c:f1:27:16:16:c0:
4b:bf:08:e1:69:f1:72:2a:15:6e:b6:e4:b4:c9:9e:f4:1d:b9:
aa:f3:de:df:d6:9b:a4:79:ce:4c:aa:ec:fd:25:42:c6:b6:16:
c1:1c:7f:40:5f:3a:01:f9:99:d5:12:d8:e6:ec:52:d2:6b:19:
2b:0e:af:09
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUHDEoc3gAS+CB8fo5e307vgtcwp4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNmNjZGM4MmJhZTc4MDBmN2Q1MDdjNzM3OTI0ODY5YmRl
YjVhNzZlYTAeFw0yNjA2MjAxMzUwMzNaFw0yNzA2MTkxMzU1MzNaMDMxMTAvBgNV
BAMTKEEyRjBEMjlFRDA3QTgxRkIyQkUwMjMzNkIwOUYxMDlDQzAxQzM0NEIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDMxiUk9JAiV7Kwh61QwamuUKBr
I/W4Ydl20yXcJ5LZ7OP2EX7vsytPJbgV49lQi8dv38x05HSxHZ/5boIc2Swiip7p
EEQ36Ik2s41WDdrNibcpw7Fd/+YLY61QFH/LBbsJUihHM5HWQthbwCClyQ/rH48F
j42O5pRoAGOakhpOeOPPxqw9i6VH86UKjp/+DTGlfsKHBuVR0Dj5LO1PP4DxatWc
bliHEJeGMMK2qPTqtP0pQgNQkgo/ZlwVMKB88i2DZD2mZvn/M4st0Ys9IZ01B6mV
giOpEmKRMaKX1kWrFlZOckU5MHUjBnd9Szi1TqSYZApSDqNYTAY7zXMc0uvBAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUovDSntB6gfsr4CM2sJ8QnMAcNEswHwYDVR0j
BBgwFoAUbM3IK654APfVB8c3kkhpvetaduowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvY2NkMzg4NGEtYzM4NS00YjY1LTk4NjYtNGY2MzgzMTcy
NjcyLzAvNkNDREM4MkJBRTc4MDBGN0Q1MDdDNzM3OTI0ODY5QkRFQjVBNzZFQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2JNM0lLNjU0QVBmVkI4YzNra2hwdmV0
YWR1by5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvY2NkMzg4NGEt
YzM4NS00YjY1LTk4NjYtNGY2MzgzMTcyNjcyLzAvMzEzNDM3MmUzMTMyMzUyZTMx
MzczNTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzEzNTMxMzUzMi5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAJN9rzANBgkqhkiG9w0BAQsFAAOCAQEAhUeaTXojWrtpgl6H5YJybxuYv4yQ
ZCkaeo+MCe+V8LOrZmjpXnIZujTSdTlYkY/hIyqfI9t59hBz0ryC5bTdQjyYySEf
PjRYSv0SgPDvLFjLqZBHHv7/7HrD0D5FnQ/zUmZbbggpgbQLK7aT84xasRRmdnfZ
x/3Q+7tamr0HSpD4K53UzoBaRBX4wmB3gnGPrhTCgz29NZjofuL2/79OzSMkEKcE
dfucYy2zE+o+7e4gGeXYeKx7Wbz/nBvtrzOuLPEnFhbAS78I4WnxcioVbrbktMme
9B25qvPe39abpHnOTKrs/SVCxrYWwRx/QF86AfmZ1RLY5uxS0msZKw6vCQ==
-----END CERTIFICATE-----
Generated at Sun Jun 28 00:44:43 2026 by rpki-client