Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/3134372e3132352e3133342e302f32342d3234203d3e20343032323938.roa
File: 3134372e3132352e3133342e302f32342d3234203d3e20343032323938.roa (raw, json)
Hash identifier: m1ZwOtpJNRWjq2qoHA6BRCkz/yxx8JeE/4aZdHsPIEU=
Subject key identifier: 0C:B4:66:C7:D4:C7:18:D0:9B:C1:D6:93:32:E9:1D:42:11:13:E2:E7
Certificate issuer: /CN=6ccdc82bae7800f7d507c737924869bdeb5a76ea
Certificate serial: 6706E69E7EB195C81F022CE5A00DFA99330B27B3
Authority key identifier: 6C:CD:C8:2B:AE:78:00:F7:D5:07:C7:37:92:48:69:BD:EB:5A:76:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bM3IK654APfVB8c3kkhpvetaduo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/3134372e3132352e3133342e302f32342d3234203d3e20343032323938.roa
Signing time: Tue 05 May 2026 15:56:11 +0000
ROA not before: Tue 05 May 2026 15:51:11 +0000
ROA not after: Tue 04 May 2027 15:56:11 +0000
asID: 402298
IP address blocks: 147.125.134.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/6CCDC82BAE7800F7D507C737924869BDEB5A76EA.crl
rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/6CCDC82BAE7800F7D507C737924869BDEB5A76EA.mft
rsync://rpki.ripe.net/repository/DEFAULT/bM3IK654APfVB8c3kkhpvetaduo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 22:31:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
67:06:e6:9e:7e:b1:95:c8:1f:02:2c:e5:a0:0d:fa:99:33:0b:27:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ccdc82bae7800f7d507c737924869bdeb5a76ea
Validity
Not Before: May 5 15:51:11 2026 GMT
Not After : May 4 15:56:11 2027 GMT
Subject: CN=0CB466C7D4C718D09BC1D69332E91D421113E2E7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:da:08:0d:52:7e:52:b8:ad:e6:b2:9e:34:ff:
64:a0:a5:4e:c8:b2:62:d3:c6:4a:8d:62:58:f8:2b:
e6:42:c7:54:99:7a:f9:3b:de:7a:86:bb:66:ba:f5:
c7:9a:b8:c2:59:60:20:27:01:2f:9d:72:71:3f:69:
a9:9e:59:a3:bc:24:de:7e:f3:f1:a4:0f:58:6e:c0:
57:33:7d:da:27:b8:ed:a2:2c:7c:cf:c4:4c:9d:c0:
5a:18:e1:a9:b7:6b:77:c2:23:f5:4e:65:69:4e:99:
6d:5a:33:9b:01:43:e6:af:2c:ca:12:8b:de:29:f0:
19:60:93:04:db:4f:e7:bd:75:ca:ec:22:a4:1c:8b:
2d:b2:fb:ab:da:9c:8b:13:c0:f4:00:60:ea:88:ee:
a7:42:61:8b:4e:43:3a:c1:3a:c3:b3:03:83:d1:0a:
d8:d6:f8:8b:75:ff:e7:61:a7:aa:53:42:6a:b2:37:
70:4b:28:ed:42:bf:fe:11:fb:ca:74:8b:96:50:38:
8f:21:0e:21:aa:4e:72:3e:91:bc:2c:bf:67:36:d0:
8c:a9:e4:f3:c0:fd:2e:73:10:c2:a4:e0:0e:7c:2c:
89:47:16:df:70:8f:a7:3e:f0:9a:d4:3a:d9:6e:3f:
c0:89:4d:4f:ff:d6:1a:ce:42:61:4e:d2:4e:b2:a8:
2a:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:B4:66:C7:D4:C7:18:D0:9B:C1:D6:93:32:E9:1D:42:11:13:E2:E7
X509v3 Authority Key Identifier:
keyid:6C:CD:C8:2B:AE:78:00:F7:D5:07:C7:37:92:48:69:BD:EB:5A:76:EA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/6CCDC82BAE7800F7D507C737924869BDEB5A76EA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bM3IK654APfVB8c3kkhpvetaduo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/3134372e3132352e3133342e302f32342d3234203d3e20343032323938.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.125.134.0/24
Signature Algorithm: sha256WithRSAEncryption
70:35:ca:78:51:e0:d5:80:22:a2:bc:d6:4b:f0:18:d8:b9:4c:
78:98:b7:21:98:a2:0b:a3:e6:0b:ca:b7:ae:cd:d5:02:61:d2:
3b:a1:7d:03:af:f4:6d:98:4f:e9:4e:71:5d:5d:63:fb:48:e7:
2f:20:c5:2f:b4:f8:f4:3e:ea:93:60:f6:54:97:0d:a7:5a:01:
56:bf:07:e5:b1:e5:f9:ae:dd:69:72:74:f2:ff:57:45:84:49:
ff:db:1f:b9:e8:b4:6c:a4:18:03:08:72:62:ce:23:e4:3e:d4:
61:a9:10:c8:40:fe:11:9b:12:6b:29:cd:02:57:f0:e0:e1:6b:
2d:44:dd:79:3d:ec:2e:56:15:ef:73:9e:ec:f4:d5:4d:9f:1f:
63:a7:6f:b8:05:89:fb:e7:40:e9:95:7e:55:fa:e2:2c:39:f3:
e8:52:44:72:88:81:53:b8:4c:41:c7:d8:8d:16:1a:7d:8d:da:
c7:6b:e7:56:7c:01:f2:e0:19:69:d8:bd:79:f5:99:f7:83:c1:
72:ba:64:9f:15:de:92:ee:e5:73:e3:26:66:43:25:d3:88:ed:
3e:0c:8f:09:3f:42:19:46:11:24:74:52:f5:d9:09:fb:6e:98:
8f:1b:ca:a3:cc:68:15:5f:78:09:02:01:7f:a3:f0:73:21:4a:
c2:8c:04:e5
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUZwbmnn6xlcgfAizloA36mTMLJ7MwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNmNjZGM4MmJhZTc4MDBmN2Q1MDdjNzM3OTI0ODY5YmRl
YjVhNzZlYTAeFw0yNjA1MDUxNTUxMTFaFw0yNzA1MDQxNTU2MTFaMDMxMTAvBgNV
BAMTKDBDQjQ2NkM3RDRDNzE4RDA5QkMxRDY5MzMyRTkxRDQyMTExM0UyRTcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCK2ggNUn5SuK3msp40/2SgpU7I
smLTxkqNYlj4K+ZCx1SZevk73nqGu2a69ceauMJZYCAnAS+dcnE/aameWaO8JN5+
8/GkD1huwFczfdonuO2iLHzPxEydwFoY4am3a3fCI/VOZWlOmW1aM5sBQ+avLMoS
i94p8BlgkwTbT+e9dcrsIqQciy2y+6vanIsTwPQAYOqI7qdCYYtOQzrBOsOzA4PR
CtjW+It1/+dhp6pTQmqyN3BLKO1Cv/4R+8p0i5ZQOI8hDiGqTnI+kbwsv2c20Iyp
5PPA/S5zEMKk4A58LIlHFt9wj6c+8JrUOtluP8CJTU//1hrOQmFO0k6yqCodAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUDLRmx9THGNCbwdaTMukdQhET4ucwHwYDVR0j
BBgwFoAUbM3IK654APfVB8c3kkhpvetaduowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvY2NkMzg4NGEtYzM4NS00YjY1LTk4NjYtNGY2MzgzMTcy
NjcyLzAvNkNDREM4MkJBRTc4MDBGN0Q1MDdDNzM3OTI0ODY5QkRFQjVBNzZFQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2JNM0lLNjU0QVBmVkI4YzNra2hwdmV0
YWR1by5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvY2NkMzg4NGEt
YzM4NS00YjY1LTk4NjYtNGY2MzgzMTcyNjcyLzAvMzEzNDM3MmUzMTMyMzUyZTMx
MzMzNDJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM0MzAzMjMyMzkzOC5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAJN9hjANBgkqhkiG9w0BAQsFAAOCAQEAcDXKeFHg1YAiorzWS/AY2LlMeJi3
IZiiC6PmC8q3rs3VAmHSO6F9A6/0bZhP6U5xXV1j+0jnLyDFL7T49D7qk2D2VJcN
p1oBVr8H5bHl+a7daXJ08v9XRYRJ/9sfuei0bKQYAwhyYs4j5D7UYakQyED+EZsS
aynNAlfw4OFrLUTdeT3sLlYV73Oe7PTVTZ8fY6dvuAWJ++dA6ZV+VfriLDnz6FJE
coiBU7hMQcfYjRYafY3ax2vnVnwB8uAZadi9efWZ94PBcrpknxXeku7lc+MmZkMl
04jtPgyPCT9CGUYRJHRS9dkJ+26YjxvKo8xoFV94CQIBf6PwcyFKwowE5Q==
-----END CERTIFICATE-----
Generated at Wed May 13 07:39:13 2026 by rpki-client