Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/3134372e3132352e3231312e302f32342d3234203d3e20323134343332.roa
File: 3134372e3132352e3231312e302f32342d3234203d3e20323134343332.roa (raw, json)
Hash identifier: kr6urCeZRw2Siju2nlE4PfgU+O6m1kMfKmHdcwWNC2k=
Subject key identifier: B6:30:7E:47:8E:7C:B0:CD:86:4B:8C:2F:23:19:41:4C:09:F7:86:F2
Certificate issuer: /CN=6ccdc82bae7800f7d507c737924869bdeb5a76ea
Certificate serial: 75C049900F20500423A128868C71CBB1CB35ACED
Authority key identifier: 6C:CD:C8:2B:AE:78:00:F7:D5:07:C7:37:92:48:69:BD:EB:5A:76:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bM3IK654APfVB8c3kkhpvetaduo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/3134372e3132352e3231312e302f32342d3234203d3e20323134343332.roa
Signing time: Sun 24 May 2026 16:23:40 +0000
ROA not before: Sun 24 May 2026 16:18:40 +0000
ROA not after: Sun 23 May 2027 16:23:40 +0000
asID: 214432
IP address blocks: 147.125.211.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/6CCDC82BAE7800F7D507C737924869BDEB5A76EA.crl
rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/6CCDC82BAE7800F7D507C737924869BDEB5A76EA.mft
rsync://rpki.ripe.net/repository/DEFAULT/bM3IK654APfVB8c3kkhpvetaduo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 12 Jun 2026 13:27:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
75:c0:49:90:0f:20:50:04:23:a1:28:86:8c:71:cb:b1:cb:35:ac:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ccdc82bae7800f7d507c737924869bdeb5a76ea
Validity
Not Before: May 24 16:18:40 2026 GMT
Not After : May 23 16:23:40 2027 GMT
Subject: CN=B6307E478E7CB0CD864B8C2F2319414C09F786F2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:40:fb:ee:16:9f:a3:5b:92:3a:e3:81:aa:e7:
8e:1e:23:d0:0b:8a:49:2d:4b:15:1d:a6:6f:68:9d:
fa:53:5a:83:60:12:09:3c:8d:6e:54:05:38:34:90:
45:88:e8:5d:a7:0d:e5:0e:a6:3d:c1:fd:7c:aa:0b:
9c:e9:87:72:5c:44:b5:ac:5d:37:bb:74:b5:be:78:
a2:93:d4:a1:f6:75:6d:a7:3d:fc:0a:c7:5e:15:06:
c8:11:5d:df:93:f5:a8:0f:fd:c9:f3:f9:32:8d:15:
2a:ad:17:e7:c5:b5:f6:9f:67:9d:7e:28:58:3c:56:
89:8a:88:4a:a0:48:32:be:7f:3b:2b:29:aa:6c:96:
d7:da:4e:00:15:78:d9:c7:c5:35:f2:b9:41:94:55:
74:55:88:a2:53:1e:df:a2:0e:ac:69:d8:dc:83:92:
28:7d:21:12:60:b9:bc:6a:cc:7a:06:1d:e8:f3:27:
87:e8:aa:7e:bc:4f:76:75:a6:7d:8a:81:38:1d:92:
03:52:a1:30:d7:8a:60:97:4b:eb:71:93:82:aa:e2:
dd:7f:74:75:9e:b3:b4:c5:b4:5b:fe:7b:f8:bc:09:
79:f6:08:cb:d6:07:bc:32:a7:ec:40:a5:9d:5f:47:
0a:f5:50:b3:71:f7:26:e7:93:2d:91:70:3c:39:9e:
2e:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:30:7E:47:8E:7C:B0:CD:86:4B:8C:2F:23:19:41:4C:09:F7:86:F2
X509v3 Authority Key Identifier:
keyid:6C:CD:C8:2B:AE:78:00:F7:D5:07:C7:37:92:48:69:BD:EB:5A:76:EA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/6CCDC82BAE7800F7D507C737924869BDEB5A76EA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bM3IK654APfVB8c3kkhpvetaduo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/3134372e3132352e3231312e302f32342d3234203d3e20323134343332.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.125.211.0/24
Signature Algorithm: sha256WithRSAEncryption
45:6d:04:db:4e:b7:51:58:01:1a:f2:0e:df:05:aa:8b:0c:b7:
b3:e9:a2:a0:55:2b:91:8d:d4:d6:18:37:31:02:0c:20:33:cb:
33:cc:d2:53:d2:05:6a:d9:ef:4d:e7:fe:3e:fb:74:30:cf:db:
95:fe:ec:24:b7:82:ac:dc:f0:ed:ff:ee:46:9a:38:26:c8:10:
1f:90:a7:5a:ad:e9:6b:1e:fe:af:c0:66:b8:a1:64:9e:f9:44:
b9:b3:57:96:4d:63:e1:56:7f:cf:03:88:fc:f0:99:00:4a:3c:
66:68:a0:e6:65:15:06:6b:df:a4:02:e8:56:9a:63:6b:85:b1:
42:45:df:f9:72:e5:dd:86:f1:f2:19:91:1d:a6:e4:a4:8c:ef:
e3:22:c2:0f:e5:69:89:07:84:3e:70:f4:97:2e:4b:64:c2:90:
a7:e0:33:96:a7:d1:b6:56:44:6a:d4:fa:e8:73:17:f2:7c:f9:
b2:1f:b1:00:22:55:c1:d5:dc:2f:03:ae:25:0e:ad:94:6c:1c:
de:e9:b9:0d:ef:47:2c:c5:4f:61:49:6f:a7:8d:ea:63:86:24:
cf:b7:39:4c:fa:d5:95:72:f2:2b:98:7b:91:5e:82:dc:f6:e0:
99:a2:8b:f5:7a:96:1c:18:8b:a6:77:fb:e6:7c:56:36:e7:28:
23:f6:c5:4d
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUdcBJkA8gUAQjoSiGjHHLscs1rO0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNmNjZGM4MmJhZTc4MDBmN2Q1MDdjNzM3OTI0ODY5YmRl
YjVhNzZlYTAeFw0yNjA1MjQxNjE4NDBaFw0yNzA1MjMxNjIzNDBaMDMxMTAvBgNV
BAMTKEI2MzA3RTQ3OEU3Q0IwQ0Q4NjRCOEMyRjIzMTk0MTRDMDlGNzg2RjIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC7QPvuFp+jW5I644Gq544eI9AL
ikktSxUdpm9onfpTWoNgEgk8jW5UBTg0kEWI6F2nDeUOpj3B/XyqC5zph3JcRLWs
XTe7dLW+eKKT1KH2dW2nPfwKx14VBsgRXd+T9agP/cnz+TKNFSqtF+fFtfafZ51+
KFg8VomKiEqgSDK+fzsrKapsltfaTgAVeNnHxTXyuUGUVXRViKJTHt+iDqxp2NyD
kih9IRJgubxqzHoGHejzJ4foqn68T3Z1pn2KgTgdkgNSoTDXimCXS+txk4Kq4t1/
dHWes7TFtFv+e/i8CXn2CMvWB7wyp+xApZ1fRwr1ULNx9ybnky2RcDw5ni6rAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUtjB+R458sM2GS4wvIxlBTAn3hvIwHwYDVR0j
BBgwFoAUbM3IK654APfVB8c3kkhpvetaduowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvY2NkMzg4NGEtYzM4NS00YjY1LTk4NjYtNGY2MzgzMTcy
NjcyLzAvNkNDREM4MkJBRTc4MDBGN0Q1MDdDNzM3OTI0ODY5QkRFQjVBNzZFQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2JNM0lLNjU0QVBmVkI4YzNra2hwdmV0
YWR1by5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvY2NkMzg4NGEt
YzM4NS00YjY1LTk4NjYtNGY2MzgzMTcyNjcyLzAvMzEzNDM3MmUzMTMyMzUyZTMy
MzEzMTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzEzNDM0MzMzMi5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAJN90zANBgkqhkiG9w0BAQsFAAOCAQEARW0E2063UVgBGvIO3wWqiwy3s+mi
oFUrkY3U1hg3MQIMIDPLM8zSU9IFatnvTef+Pvt0MM/blf7sJLeCrNzw7f/uRpo4
JsgQH5CnWq3pax7+r8BmuKFknvlEubNXlk1j4VZ/zwOI/PCZAEo8Zmig5mUVBmvf
pALoVppja4WxQkXf+XLl3Ybx8hmRHabkpIzv4yLCD+VpiQeEPnD0ly5LZMKQp+Az
lqfRtlZEatT66HMX8nz5sh+xACJVwdXcLwOuJQ6tlGwc3um5De9HLMVPYUlvp43q
Y4Ykz7c5TPrVlXLyK5h7kV6C3PbgmaKL9XqWHBiLpnf75nxWNucoI/bFTQ==
-----END CERTIFICATE-----
Generated at Thu Jun 11 16:27:19 2026 by rpki-client