Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/3134372e3132352e3137372e302f32342d3234203d3e20323033303534.roa
File: 3134372e3132352e3137372e302f32342d3234203d3e20323033303534.roa (raw, json)
Hash identifier: zKR8/ZrB30Cv/+hcGm/tumQeRbnITUU22dPo/8kATQk=
Subject key identifier: 70:41:3C:E7:AA:13:F3:4B:1F:48:13:1B:D2:51:EA:A7:18:FC:DE:54
Certificate issuer: /CN=6ccdc82bae7800f7d507c737924869bdeb5a76ea
Certificate serial: 0D2E02F47F29E0EC7FBFE4147586983F9D0406E8
Authority key identifier: 6C:CD:C8:2B:AE:78:00:F7:D5:07:C7:37:92:48:69:BD:EB:5A:76:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bM3IK654APfVB8c3kkhpvetaduo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/3134372e3132352e3137372e302f32342d3234203d3e20323033303534.roa
Signing time: Thu 28 May 2026 06:03:32 +0000
ROA not before: Thu 28 May 2026 05:58:32 +0000
ROA not after: Thu 27 May 2027 06:03:32 +0000
asID: 203054
IP address blocks: 147.125.177.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/6CCDC82BAE7800F7D507C737924869BDEB5A76EA.crl
rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/6CCDC82BAE7800F7D507C737924869BDEB5A76EA.mft
rsync://rpki.ripe.net/repository/DEFAULT/bM3IK654APfVB8c3kkhpvetaduo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 05 Jun 2026 07:00:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0d:2e:02:f4:7f:29:e0:ec:7f:bf:e4:14:75:86:98:3f:9d:04:06:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ccdc82bae7800f7d507c737924869bdeb5a76ea
Validity
Not Before: May 28 05:58:32 2026 GMT
Not After : May 27 06:03:32 2027 GMT
Subject: CN=70413CE7AA13F34B1F48131BD251EAA718FCDE54
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:7a:8e:7b:84:32:5e:2b:ff:03:93:4e:2b:54:
0c:98:dc:19:7e:2f:f6:68:e5:3b:c8:5e:05:e6:1f:
6e:49:64:4a:86:1a:ea:92:fa:66:e4:51:79:10:db:
b9:5a:26:ec:1f:8b:cf:1e:d2:35:2e:67:89:16:f8:
52:d6:38:e6:24:43:a1:52:9f:e3:5c:92:07:a1:0c:
11:25:33:ac:26:27:76:86:a1:71:9a:df:4c:15:bd:
61:9e:29:cc:83:f7:06:68:2e:a2:9f:6a:7e:d2:dd:
b6:b4:ee:3b:82:8c:18:a7:60:bc:d9:2f:32:cc:76:
cd:65:4b:fa:8d:18:e9:05:bf:e8:b4:63:31:46:8a:
74:e8:4a:67:9b:80:23:e4:7e:7b:9b:3f:e6:c9:5f:
f5:5c:b1:5e:99:fa:b3:10:e3:73:0e:0e:b5:cb:3d:
15:29:47:fc:29:7d:95:35:80:8a:84:11:b7:fc:36:
c7:05:c5:4f:db:29:6c:66:1c:5b:70:eb:63:3d:ad:
1d:89:fb:fa:87:02:b6:7b:ce:39:a4:d8:9f:a4:f9:
a5:14:f5:ea:07:29:c7:77:85:fe:6f:83:8e:f6:ae:
e6:ef:6e:b2:bb:62:ca:ad:bd:01:3c:46:86:d0:30:
32:a1:fb:2a:4e:a4:86:4e:aa:e9:3d:2a:d1:c4:01:
fc:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:41:3C:E7:AA:13:F3:4B:1F:48:13:1B:D2:51:EA:A7:18:FC:DE:54
X509v3 Authority Key Identifier:
keyid:6C:CD:C8:2B:AE:78:00:F7:D5:07:C7:37:92:48:69:BD:EB:5A:76:EA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/6CCDC82BAE7800F7D507C737924869BDEB5A76EA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bM3IK654APfVB8c3kkhpvetaduo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/3134372e3132352e3137372e302f32342d3234203d3e20323033303534.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.125.177.0/24
Signature Algorithm: sha256WithRSAEncryption
4f:16:46:a6:4e:b4:e4:c5:7a:46:cc:f0:e2:b8:2a:41:38:73:
ca:8f:a5:c7:a5:3b:33:8d:ce:17:f0:05:c6:aa:e9:7d:27:f1:
1d:f1:d3:d2:7d:7a:7c:ce:65:5c:aa:cf:ba:c8:3b:8c:5f:e7:
36:bd:cd:6b:da:07:61:01:f1:87:8d:0c:f7:71:6a:1f:4f:84:
35:a2:ec:44:d7:e0:8c:46:fa:47:a1:51:b6:de:fb:30:0e:25:
da:bf:91:e1:a9:81:74:1c:1d:fc:22:e5:fe:c6:05:db:c7:50:
1d:42:31:6d:19:84:46:fa:c7:3a:43:8f:9f:06:79:da:10:99:
3b:33:8c:2e:46:cd:93:6a:46:b9:05:96:84:66:8c:70:2e:3b:
63:ed:29:6c:6f:5a:29:8a:95:61:ce:f7:d6:fa:79:12:99:b3:
4a:5f:24:30:97:30:1c:3f:d1:12:17:41:a1:48:db:7c:04:dc:
2e:af:e7:02:d8:ef:a4:54:8c:8c:9b:23:69:18:f6:0f:89:f4:
2c:28:13:20:b5:96:88:11:eb:10:6d:31:f8:99:4d:3e:6a:f5:
b1:a5:b8:e2:fa:3e:00:ec:43:d2:55:0b:81:73:84:08:c2:e0:
9e:04:80:35:97:34:3a:35:66:40:cf:b7:03:1f:72:67:f6:97:
e1:f3:b6:34
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUDS4C9H8p4Ox/v+QUdYaYP50EBugwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNmNjZGM4MmJhZTc4MDBmN2Q1MDdjNzM3OTI0ODY5YmRl
YjVhNzZlYTAeFw0yNjA1MjgwNTU4MzJaFw0yNzA1MjcwNjAzMzJaMDMxMTAvBgNV
BAMTKDcwNDEzQ0U3QUExM0YzNEIxRjQ4MTMxQkQyNTFFQUE3MThGQ0RFNTQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDQeo57hDJeK/8Dk04rVAyY3Bl+
L/Zo5TvIXgXmH25JZEqGGuqS+mbkUXkQ27laJuwfi88e0jUuZ4kW+FLWOOYkQ6FS
n+NckgehDBElM6wmJ3aGoXGa30wVvWGeKcyD9wZoLqKfan7S3ba07juCjBinYLzZ
LzLMds1lS/qNGOkFv+i0YzFGinToSmebgCPkfnubP+bJX/VcsV6Z+rMQ43MODrXL
PRUpR/wpfZU1gIqEEbf8NscFxU/bKWxmHFtw62M9rR2J+/qHArZ7zjmk2J+k+aUU
9eoHKcd3hf5vg472rubvbrK7YsqtvQE8RobQMDKh+ypOpIZOquk9KtHEAfwFAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUcEE856oT80sfSBMb0lHqpxj83lQwHwYDVR0j
BBgwFoAUbM3IK654APfVB8c3kkhpvetaduowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvY2NkMzg4NGEtYzM4NS00YjY1LTk4NjYtNGY2MzgzMTcy
NjcyLzAvNkNDREM4MkJBRTc4MDBGN0Q1MDdDNzM3OTI0ODY5QkRFQjVBNzZFQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2JNM0lLNjU0QVBmVkI4YzNra2hwdmV0
YWR1by5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvY2NkMzg4NGEt
YzM4NS00YjY1LTk4NjYtNGY2MzgzMTcyNjcyLzAvMzEzNDM3MmUzMTMyMzUyZTMx
MzczNzJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzAzMzMwMzUzNC5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAJN9sTANBgkqhkiG9w0BAQsFAAOCAQEATxZGpk605MV6Rszw4rgqQThzyo+l
x6U7M43OF/AFxqrpfSfxHfHT0n16fM5lXKrPusg7jF/nNr3Na9oHYQHxh40M93Fq
H0+ENaLsRNfgjEb6R6FRtt77MA4l2r+R4amBdBwd/CLl/sYF28dQHUIxbRmERvrH
OkOPnwZ52hCZOzOMLkbNk2pGuQWWhGaMcC47Y+0pbG9aKYqVYc731vp5EpmzSl8k
MJcwHD/REhdBoUjbfATcLq/nAtjvpFSMjJsjaRj2D4n0LCgTILWWiBHrEG0x+JlN
Pmr1saW44vo+AOxD0lULgXOECMLgngSANZc0OjVmQM+3Ax9yZ/aX4fO2NA==
-----END CERTIFICATE-----
Generated at Thu Jun 4 11:12:41 2026 by rpki-client