Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/3134372e3132352e3231342e302f32342d3234203d3e20323131343135.roa
File: 3134372e3132352e3231342e302f32342d3234203d3e20323131343135.roa (raw, json)
Hash identifier: 6Qb0h1a0B2sfWyMq1nKocbqFihTw20bGSsd7CsZ9Wu8=
Subject key identifier: 1A:18:F2:2E:81:66:85:90:77:91:26:22:F7:DB:FF:56:27:E8:2D:67
Certificate issuer: /CN=6ccdc82bae7800f7d507c737924869bdeb5a76ea
Certificate serial: 6A4E914DB668DC466570AE31B7C0CCB73B556332
Authority key identifier: 6C:CD:C8:2B:AE:78:00:F7:D5:07:C7:37:92:48:69:BD:EB:5A:76:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bM3IK654APfVB8c3kkhpvetaduo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/3134372e3132352e3231342e302f32342d3234203d3e20323131343135.roa
Signing time: Tue 21 Apr 2026 09:09:09 +0000
ROA not before: Tue 21 Apr 2026 09:04:09 +0000
ROA not after: Tue 20 Apr 2027 09:09:09 +0000
asID: 211415
IP address blocks: 147.125.214.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/6CCDC82BAE7800F7D507C737924869BDEB5A76EA.crl
rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/6CCDC82BAE7800F7D507C737924869BDEB5A76EA.mft
rsync://rpki.ripe.net/repository/DEFAULT/bM3IK654APfVB8c3kkhpvetaduo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 22:31:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6a:4e:91:4d:b6:68:dc:46:65:70:ae:31:b7:c0:cc:b7:3b:55:63:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ccdc82bae7800f7d507c737924869bdeb5a76ea
Validity
Not Before: Apr 21 09:04:09 2026 GMT
Not After : Apr 20 09:09:09 2027 GMT
Subject: CN=1A18F22E8166859077912622F7DBFF5627E82D67
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:2a:69:9c:95:2f:0f:8f:08:6d:03:00:20:be:
b3:a8:cd:6c:12:1c:23:72:9e:62:45:42:24:d1:6c:
36:ec:c8:48:7e:6d:02:e6:fb:b0:e8:5b:e5:62:5c:
44:40:1d:d3:33:17:7e:c4:54:a9:e5:79:f1:e4:4a:
4e:ff:3b:ed:42:30:d3:48:66:de:3b:c8:56:84:0e:
56:3e:cb:a6:2c:3e:27:6a:52:f5:de:4f:ee:1f:48:
10:fa:f3:ca:d9:7d:9d:54:66:cd:3b:3b:36:2a:eb:
67:70:ae:56:19:e4:5e:36:1e:f8:c4:d0:43:d6:8f:
0b:83:52:b8:d3:26:66:e1:5d:09:ef:12:f3:ad:df:
30:60:c7:b0:df:27:39:29:68:74:b8:91:61:3f:97:
1c:55:b3:f2:b6:37:b8:89:5a:17:7d:5a:8b:06:95:
45:f0:33:08:2e:79:43:86:6b:2b:41:9f:3f:4f:94:
28:c7:5f:24:24:da:7e:2d:e5:45:35:60:86:be:73:
bf:72:a3:ae:7f:77:f7:00:3a:b0:b0:c7:da:df:45:
16:19:15:10:80:74:a0:9e:45:f9:58:f2:49:d5:e9:
b7:50:c2:f3:0f:03:f8:36:e6:8b:12:bb:63:78:8f:
b5:a1:86:e1:b4:6f:8e:54:c1:5f:72:9f:6c:22:f4:
93:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:18:F2:2E:81:66:85:90:77:91:26:22:F7:DB:FF:56:27:E8:2D:67
X509v3 Authority Key Identifier:
keyid:6C:CD:C8:2B:AE:78:00:F7:D5:07:C7:37:92:48:69:BD:EB:5A:76:EA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/6CCDC82BAE7800F7D507C737924869BDEB5A76EA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bM3IK654APfVB8c3kkhpvetaduo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/3134372e3132352e3231342e302f32342d3234203d3e20323131343135.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.125.214.0/24
Signature Algorithm: sha256WithRSAEncryption
77:7f:94:f7:20:f4:a2:e0:65:4e:dd:a9:3d:ee:99:83:f0:32:
f1:1f:31:99:49:ec:e7:8a:23:bf:cd:ff:7f:3d:03:37:b3:64:
03:bf:ba:f8:14:d6:28:60:88:89:d7:19:b1:a2:59:db:f8:6f:
57:ad:d8:f7:91:e7:4d:5e:71:e0:75:c4:28:30:07:6a:40:9c:
d1:74:0d:07:84:3f:db:7f:ca:31:f8:70:ca:52:2a:5f:db:f6:
9e:62:24:c2:21:b6:7d:c0:eb:4c:da:5f:3f:ea:b9:7d:82:25:
b3:33:cf:46:fa:71:9b:08:fd:a5:b1:ba:67:49:5f:7b:0b:d5:
fc:f5:c3:60:bc:70:c3:1c:ae:22:d6:a6:d1:6b:93:7d:24:06:
52:e8:4c:c8:fe:8c:e4:cc:2c:e4:3e:fe:b2:1d:36:c2:54:ed:
fc:cd:ab:9c:58:06:5f:63:8a:dd:d6:b9:44:41:cc:03:ed:9c:
0d:76:c6:48:2d:73:94:31:09:88:97:23:b4:1d:07:09:48:d8:
10:eb:0c:07:c8:2a:34:7e:7e:3f:c9:9f:4d:2c:87:8a:96:de:
50:be:15:c1:b8:37:ec:27:88:2e:79:55:04:3b:2d:08:43:ae:
90:be:d5:98:fc:b6:ba:28:f2:2a:2b:be:9b:39:6a:86:4a:a0:
8d:c9:43:71
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUak6RTbZo3EZlcK4xt8DMtztVYzIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNmNjZGM4MmJhZTc4MDBmN2Q1MDdjNzM3OTI0ODY5YmRl
YjVhNzZlYTAeFw0yNjA0MjEwOTA0MDlaFw0yNzA0MjAwOTA5MDlaMDMxMTAvBgNV
BAMTKDFBMThGMjJFODE2Njg1OTA3NzkxMjYyMkY3REJGRjU2MjdFODJENjcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDjKmmclS8PjwhtAwAgvrOozWwS
HCNynmJFQiTRbDbsyEh+bQLm+7DoW+ViXERAHdMzF37EVKnlefHkSk7/O+1CMNNI
Zt47yFaEDlY+y6YsPidqUvXeT+4fSBD688rZfZ1UZs07OzYq62dwrlYZ5F42HvjE
0EPWjwuDUrjTJmbhXQnvEvOt3zBgx7DfJzkpaHS4kWE/lxxVs/K2N7iJWhd9WosG
lUXwMwgueUOGaytBnz9PlCjHXyQk2n4t5UU1YIa+c79yo65/d/cAOrCwx9rfRRYZ
FRCAdKCeRflY8knV6bdQwvMPA/g25osSu2N4j7WhhuG0b45UwV9yn2wi9JPxAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUGhjyLoFmhZB3kSYi99v/VifoLWcwHwYDVR0j
BBgwFoAUbM3IK654APfVB8c3kkhpvetaduowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvY2NkMzg4NGEtYzM4NS00YjY1LTk4NjYtNGY2MzgzMTcy
NjcyLzAvNkNDREM4MkJBRTc4MDBGN0Q1MDdDNzM3OTI0ODY5QkRFQjVBNzZFQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2JNM0lLNjU0QVBmVkI4YzNra2hwdmV0
YWR1by5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvY2NkMzg4NGEt
YzM4NS00YjY1LTk4NjYtNGY2MzgzMTcyNjcyLzAvMzEzNDM3MmUzMTMyMzUyZTMy
MzEzNDJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzEzMTM0MzEzNS5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAJN91jANBgkqhkiG9w0BAQsFAAOCAQEAd3+U9yD0ouBlTt2pPe6Zg/Ay8R8x
mUns54ojv83/fz0DN7NkA7+6+BTWKGCIidcZsaJZ2/hvV63Y95HnTV5x4HXEKDAH
akCc0XQNB4Q/23/KMfhwylIqX9v2nmIkwiG2fcDrTNpfP+q5fYIlszPPRvpxmwj9
pbG6Z0lfewvV/PXDYLxwwxyuItam0WuTfSQGUuhMyP6M5Mws5D7+sh02wlTt/M2r
nFgGX2OK3da5REHMA+2cDXbGSC1zlDEJiJcjtB0HCUjYEOsMB8gqNH5+P8mfTSyH
ipbeUL4Vwbg37CeILnlVBDstCEOukL7VmPy2uijyKiu+mzlqhkqgjclDcQ==
-----END CERTIFICATE-----
Generated at Wed May 13 09:34:31 2026 by rpki-client