Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/3134372e3132352e3235332e302f32342d3234203d3e20323131343135.roa
File: 3134372e3132352e3235332e302f32342d3234203d3e20323131343135.roa (raw, json)
Hash identifier: e833GcAqr1TK09Qq3YenLbx66/659UPz4NmSvO+ZDHk=
Subject key identifier: 9D:C9:64:B0:94:E3:D3:07:56:84:5A:13:E7:E9:23:89:90:BE:9B:1E
Certificate issuer: /CN=6ccdc82bae7800f7d507c737924869bdeb5a76ea
Certificate serial: 1BD9A30AF120D9D22C440A74B0A6DBEFA9216ED7
Authority key identifier: 6C:CD:C8:2B:AE:78:00:F7:D5:07:C7:37:92:48:69:BD:EB:5A:76:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bM3IK654APfVB8c3kkhpvetaduo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/3134372e3132352e3235332e302f32342d3234203d3e20323131343135.roa
Signing time: Tue 21 Apr 2026 09:09:12 +0000
ROA not before: Tue 21 Apr 2026 09:04:12 +0000
ROA not after: Tue 20 Apr 2027 09:09:12 +0000
asID: 211415
IP address blocks: 147.125.253.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/6CCDC82BAE7800F7D507C737924869BDEB5A76EA.crl
rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/6CCDC82BAE7800F7D507C737924869BDEB5A76EA.mft
rsync://rpki.ripe.net/repository/DEFAULT/bM3IK654APfVB8c3kkhpvetaduo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 22:31:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1b:d9:a3:0a:f1:20:d9:d2:2c:44:0a:74:b0:a6:db:ef:a9:21:6e:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ccdc82bae7800f7d507c737924869bdeb5a76ea
Validity
Not Before: Apr 21 09:04:12 2026 GMT
Not After : Apr 20 09:09:12 2027 GMT
Subject: CN=9DC964B094E3D30756845A13E7E9238990BE9B1E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:23:af:99:a3:dd:b7:ff:a7:44:47:c0:05:b0:
4d:ab:9c:64:f7:e6:71:59:7e:5b:ce:3e:1f:12:ad:
f9:64:ad:d5:e5:23:5f:93:d8:10:f1:f8:38:b9:a7:
3e:69:02:12:67:bb:2c:49:92:1a:c8:fb:91:33:b8:
2b:53:94:3e:3f:ea:9c:fa:d2:83:be:89:6c:ab:5b:
8e:8e:74:97:f6:97:73:42:0d:d9:49:64:eb:8a:a9:
a7:4b:56:66:18:e6:8e:90:83:75:d2:4f:ed:e0:5c:
96:f4:5e:3f:77:4f:63:45:e6:6e:3e:ea:b2:b6:df:
0d:75:de:75:70:36:8c:f9:0f:ae:ae:3d:88:b0:9f:
d2:43:7c:4d:0c:35:25:39:f5:95:70:f4:2a:14:70:
3c:f2:c9:7e:9f:d8:80:2b:75:6b:42:d4:69:e7:5a:
9c:f3:63:bc:71:0b:74:eb:ed:40:82:c5:00:81:ba:
8e:7f:20:0c:d0:37:fe:fd:23:17:c1:9b:3e:10:36:
7d:c7:23:48:2f:d5:5d:f5:f3:03:b8:03:3b:23:26:
e8:e8:6d:55:cd:7b:f6:43:a4:75:f1:f0:b0:ca:48:
40:b3:83:6c:25:6d:ce:dc:3d:77:ad:67:df:d5:a3:
76:c5:9e:3a:89:ff:31:79:fe:da:bc:62:ed:35:b4:
3a:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:C9:64:B0:94:E3:D3:07:56:84:5A:13:E7:E9:23:89:90:BE:9B:1E
X509v3 Authority Key Identifier:
keyid:6C:CD:C8:2B:AE:78:00:F7:D5:07:C7:37:92:48:69:BD:EB:5A:76:EA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/6CCDC82BAE7800F7D507C737924869BDEB5A76EA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bM3IK654APfVB8c3kkhpvetaduo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/3134372e3132352e3235332e302f32342d3234203d3e20323131343135.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.125.253.0/24
Signature Algorithm: sha256WithRSAEncryption
4b:b2:fc:1a:19:6b:45:73:e3:ef:36:96:37:0a:85:f7:c7:54:
e8:74:59:15:44:c4:d8:2c:d9:9a:33:df:09:46:82:c3:be:c1:
63:42:d5:48:a1:d5:f1:9f:13:e1:a8:44:82:ba:ca:c8:8f:87:
00:c8:08:10:5e:9d:7b:08:d2:73:83:72:51:c4:70:cb:e7:92:
4d:ca:e2:7d:10:5e:92:b9:83:cc:35:df:ec:af:d0:d7:e7:14:
6d:6a:e8:8c:a5:ce:55:f1:a2:4c:ea:d3:1b:c2:8e:cd:bc:f7:
72:f8:99:1e:69:5f:2c:b5:44:de:84:25:97:4d:e9:13:21:13:
a6:52:be:f0:dd:69:62:08:2f:f4:57:b7:02:a3:ec:d0:10:45:
9c:dd:4c:1b:05:3a:23:cb:90:ec:95:0f:38:bd:fd:16:8b:b5:
0c:ac:b0:7a:37:50:cb:12:6f:a3:16:40:29:02:59:5e:88:62:
2f:15:f1:a2:7e:47:c9:1e:5f:6d:62:5c:14:75:51:16:87:dd:
28:08:c0:4f:0c:c7:d6:fa:ee:c5:cf:62:8c:42:56:25:7a:01:
86:57:92:ac:53:c7:04:ec:76:58:9d:56:af:56:43:3d:3f:16:
c3:b4:4f:82:4d:78:fb:cc:b3:a3:18:79:58:12:89:65:96:47:
6f:e1:58:5a
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUG9mjCvEg2dIsRAp0sKbb76khbtcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNmNjZGM4MmJhZTc4MDBmN2Q1MDdjNzM3OTI0ODY5YmRl
YjVhNzZlYTAeFw0yNjA0MjEwOTA0MTJaFw0yNzA0MjAwOTA5MTJaMDMxMTAvBgNV
BAMTKDlEQzk2NEIwOTRFM0QzMDc1Njg0NUExM0U3RTkyMzg5OTBCRTlCMUUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQClI6+Zo923/6dER8AFsE2rnGT3
5nFZflvOPh8SrflkrdXlI1+T2BDx+Di5pz5pAhJnuyxJkhrI+5EzuCtTlD4/6pz6
0oO+iWyrW46OdJf2l3NCDdlJZOuKqadLVmYY5o6Qg3XST+3gXJb0Xj93T2NF5m4+
6rK23w113nVwNoz5D66uPYiwn9JDfE0MNSU59ZVw9CoUcDzyyX6f2IArdWtC1Gnn
WpzzY7xxC3Tr7UCCxQCBuo5/IAzQN/79IxfBmz4QNn3HI0gv1V318wO4AzsjJujo
bVXNe/ZDpHXx8LDKSECzg2wlbc7cPXetZ9/Vo3bFnjqJ/zF5/tq8Yu01tDoNAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUnclksJTj0wdWhFoT5+kjiZC+mx4wHwYDVR0j
BBgwFoAUbM3IK654APfVB8c3kkhpvetaduowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvY2NkMzg4NGEtYzM4NS00YjY1LTk4NjYtNGY2MzgzMTcy
NjcyLzAvNkNDREM4MkJBRTc4MDBGN0Q1MDdDNzM3OTI0ODY5QkRFQjVBNzZFQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2JNM0lLNjU0QVBmVkI4YzNra2hwdmV0
YWR1by5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvY2NkMzg4NGEt
YzM4NS00YjY1LTk4NjYtNGY2MzgzMTcyNjcyLzAvMzEzNDM3MmUzMTMyMzUyZTMy
MzUzMzJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzEzMTM0MzEzNS5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAJN9/TANBgkqhkiG9w0BAQsFAAOCAQEAS7L8GhlrRXPj7zaWNwqF98dU6HRZ
FUTE2CzZmjPfCUaCw77BY0LVSKHV8Z8T4ahEgrrKyI+HAMgIEF6dewjSc4NyUcRw
y+eSTcrifRBekrmDzDXf7K/Q1+cUbWrojKXOVfGiTOrTG8KOzbz3cviZHmlfLLVE
3oQll03pEyETplK+8N1pYggv9Fe3AqPs0BBFnN1MGwU6I8uQ7JUPOL39Fou1DKyw
ejdQyxJvoxZAKQJZXohiLxXxon5HyR5fbWJcFHVRFofdKAjATwzH1vruxc9ijEJW
JXoBhleSrFPHBOx2WJ1Wr1ZDPT8Ww7RPgk14+8yzoxh5WBKJZZZHb+FYWg==
-----END CERTIFICATE-----
Generated at Wed May 13 11:07:17 2026 by rpki-client