Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/3134372e3132352e3133362e302f32332d3234203d3e20383334.roa
File: 3134372e3132352e3133362e302f32332d3234203d3e20383334.roa (raw, json)
Hash identifier: UW7FXtfCQj/HKazC3o4o8VO/lVQT9rXTpdniJCP5MeY=
Subject key identifier: 3E:AA:B1:4A:E0:D8:CE:FC:42:9D:8A:F2:27:F0:2C:0F:3A:EA:CC:5C
Certificate issuer: /CN=6ccdc82bae7800f7d507c737924869bdeb5a76ea
Certificate serial: 5686CD2911A9566AD3B9F0D9134173009442294C
Authority key identifier: 6C:CD:C8:2B:AE:78:00:F7:D5:07:C7:37:92:48:69:BD:EB:5A:76:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bM3IK654APfVB8c3kkhpvetaduo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/3134372e3132352e3133362e302f32332d3234203d3e20383334.roa
Signing time: Sun 10 May 2026 09:39:24 +0000
ROA not before: Sun 10 May 2026 09:34:24 +0000
ROA not after: Sun 09 May 2027 09:39:24 +0000
asID: 834
IP address blocks: 147.125.136.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/6CCDC82BAE7800F7D507C737924869BDEB5A76EA.crl
rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/6CCDC82BAE7800F7D507C737924869BDEB5A76EA.mft
rsync://rpki.ripe.net/repository/DEFAULT/bM3IK654APfVB8c3kkhpvetaduo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 22:31:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
56:86:cd:29:11:a9:56:6a:d3:b9:f0:d9:13:41:73:00:94:42:29:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ccdc82bae7800f7d507c737924869bdeb5a76ea
Validity
Not Before: May 10 09:34:24 2026 GMT
Not After : May 9 09:39:24 2027 GMT
Subject: CN=3EAAB14AE0D8CEFC429D8AF227F02C0F3AEACC5C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:ed:a2:70:82:0d:6a:81:a8:3e:71:22:50:be:
b8:a6:dd:be:e8:a5:f7:fa:ab:09:1a:fb:03:82:be:
47:5b:24:ed:7c:47:d7:3b:7c:e5:b5:43:d2:2e:67:
64:dc:ae:0e:4c:33:7d:2d:ae:65:43:82:bf:74:ae:
dc:78:fd:3a:16:2f:e4:80:64:b5:e2:c3:88:ad:4d:
55:22:90:57:e3:1c:3d:05:f5:f8:d4:be:78:98:8d:
b4:a5:20:75:7d:2c:5a:13:a2:c7:c6:dc:8e:ef:72:
44:5c:cb:d6:e2:d0:14:c8:f5:cd:9c:20:28:23:33:
41:9f:a9:6e:62:a0:92:d9:e9:d0:97:da:a3:76:2e:
57:83:ad:9d:62:f1:54:f6:60:b0:a6:ef:99:c2:4f:
64:cb:ad:e7:ac:68:aa:4e:86:c4:e6:90:f5:73:ab:
3d:26:7c:1b:bf:da:aa:ee:8e:bc:57:47:bd:75:42:
41:b4:4f:cd:8d:96:7d:1b:f8:0f:bf:fc:6a:e8:1a:
96:8d:17:27:e3:5e:b9:7b:ac:bc:2d:6b:db:f5:db:
12:39:b0:c7:fd:18:73:20:6e:30:03:0d:59:ae:69:
ce:89:ca:64:ee:04:e1:62:3b:4f:95:e9:7f:81:a1:
97:62:4e:54:a5:1c:f2:31:82:b7:be:8f:73:ed:7b:
07:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:AA:B1:4A:E0:D8:CE:FC:42:9D:8A:F2:27:F0:2C:0F:3A:EA:CC:5C
X509v3 Authority Key Identifier:
keyid:6C:CD:C8:2B:AE:78:00:F7:D5:07:C7:37:92:48:69:BD:EB:5A:76:EA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/6CCDC82BAE7800F7D507C737924869BDEB5A76EA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bM3IK654APfVB8c3kkhpvetaduo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/3134372e3132352e3133362e302f32332d3234203d3e20383334.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.125.136.0/23
Signature Algorithm: sha256WithRSAEncryption
8f:15:cf:59:2f:0d:df:43:de:b9:d8:89:24:0a:cc:fb:52:ba:
3e:29:14:db:dc:c1:8a:05:a5:5e:1d:69:86:a9:08:dc:e4:01:
d7:5a:8d:87:cf:55:a5:86:09:df:a0:12:8f:eb:85:2d:d1:a9:
cc:c9:6e:96:32:a9:db:c0:34:84:f8:58:6e:f3:9e:e4:0a:d7:
2f:45:7f:13:30:65:b2:36:29:f3:0d:8b:02:7a:3f:56:9f:79:
62:01:4f:d1:c1:b7:92:22:51:a9:03:10:cc:d2:b0:92:4d:a5:
9a:39:3d:87:c3:15:b4:d9:41:65:68:1d:87:2c:20:82:46:e3:
99:70:46:f6:9d:2c:38:ef:58:94:48:18:4a:fd:ce:d1:84:f7:
79:96:5d:72:00:d0:60:b1:69:0e:43:1e:82:d0:7a:65:b1:45:
ce:4e:cc:56:10:28:da:18:43:d7:54:93:a8:21:9c:80:7d:7a:
8d:85:11:e6:29:2b:9c:d1:ba:2d:80:dc:3e:df:b2:5c:e5:c6:
3b:cf:65:99:da:f2:e1:53:97:3f:55:e4:03:5f:ec:8c:72:d5:
e4:09:e8:66:24:a5:65:1c:51:fc:92:d4:3a:b7:ce:9b:5a:04:
64:1b:9d:35:f9:e4:ca:25:fa:2d:fd:c2:7b:05:15:6a:c7:aa:
8e:10:46:dd
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUVobNKRGpVmrTufDZE0FzAJRCKUwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNmNjZGM4MmJhZTc4MDBmN2Q1MDdjNzM3OTI0ODY5YmRl
YjVhNzZlYTAeFw0yNjA1MTAwOTM0MjRaFw0yNzA1MDkwOTM5MjRaMDMxMTAvBgNV
BAMTKDNFQUFCMTRBRTBEOENFRkM0MjlEOEFGMjI3RjAyQzBGM0FFQUNDNUMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC/7aJwgg1qgag+cSJQvrim3b7o
pff6qwka+wOCvkdbJO18R9c7fOW1Q9IuZ2Tcrg5MM30trmVDgr90rtx4/ToWL+SA
ZLXiw4itTVUikFfjHD0F9fjUvniYjbSlIHV9LFoTosfG3I7vckRcy9bi0BTI9c2c
ICgjM0GfqW5ioJLZ6dCX2qN2LleDrZ1i8VT2YLCm75nCT2TLreesaKpOhsTmkPVz
qz0mfBu/2qrujrxXR711QkG0T82Nln0b+A+//GroGpaNFyfjXrl7rLwta9v12xI5
sMf9GHMgbjADDVmuac6JymTuBOFiO0+V6X+BoZdiTlSlHPIxgre+j3PtewczAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUPqqxSuDYzvxCnYryJ/AsDzrqzFwwHwYDVR0j
BBgwFoAUbM3IK654APfVB8c3kkhpvetaduowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvY2NkMzg4NGEtYzM4NS00YjY1LTk4NjYtNGY2MzgzMTcy
NjcyLzAvNkNDREM4MkJBRTc4MDBGN0Q1MDdDNzM3OTI0ODY5QkRFQjVBNzZFQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2JNM0lLNjU0QVBmVkI4YzNra2hwdmV0
YWR1by5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvY2NkMzg4NGEt
YzM4NS00YjY1LTk4NjYtNGY2MzgzMTcyNjcyLzAvMzEzNDM3MmUzMTMyMzUyZTMx
MzMzNjJlMzAyZjMyMzMyZDMyMzQyMDNkM2UyMDM4MzMzNC5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAZN9
iDANBgkqhkiG9w0BAQsFAAOCAQEAjxXPWS8N30PeudiJJArM+1K6PikU29zBigWl
Xh1phqkI3OQB11qNh89VpYYJ36ASj+uFLdGpzMluljKp28A0hPhYbvOe5ArXL0V/
EzBlsjYp8w2LAno/Vp95YgFP0cG3kiJRqQMQzNKwkk2lmjk9h8MVtNlBZWgdhywg
gkbjmXBG9p0sOO9YlEgYSv3O0YT3eZZdcgDQYLFpDkMegtB6ZbFFzk7MVhAo2hhD
11STqCGcgH16jYUR5ikrnNG6LYDcPt+yXOXGO89lmdry4VOXP1XkA1/sjHLV5Ano
ZiSlZRxR/JLUOrfOm1oEZBudNfnkyiX6Lf3CewUVaseqjhBG3Q==
-----END CERTIFICATE-----
Generated at Wed May 13 06:19:32 2026 by rpki-client