
Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/3134372e3132352e3230382e302f32312d3234203d3e20383334.roa
File: 3134372e3132352e3230382e302f32312d3234203d3e20383334.roa (raw, json)
Hash identifier: i1MlYDyZthDox3t9GTaYfp478joSZhMXf8NBAusdJGg=
Subject key identifier: B9:62:14:4E:DB:70:8B:B7:C0:A5:9F:1B:92:DC:BD:FF:EC:D3:98:3F
Certificate issuer: /CN=6ccdc82bae7800f7d507c737924869bdeb5a76ea
Certificate serial: 3896CD2AEC62476BF0299987BF05B2294B9E41DD
Authority key identifier: 6C:CD:C8:2B:AE:78:00:F7:D5:07:C7:37:92:48:69:BD:EB:5A:76:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bM3IK654APfVB8c3kkhpvetaduo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/3134372e3132352e3230382e302f32312d3234203d3e20383334.roa
Signing time: Fri 10 Oct 2025 11:54:44 +0000
ROA not before: Fri 10 Oct 2025 11:49:44 +0000
ROA not after: Fri 09 Oct 2026 11:54:44 +0000
asID: 834
IP address blocks: 147.125.208.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/6CCDC82BAE7800F7D507C737924869BDEB5A76EA.crl
rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/6CCDC82BAE7800F7D507C737924869BDEB5A76EA.mft
rsync://rpki.ripe.net/repository/DEFAULT/bM3IK654APfVB8c3kkhpvetaduo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 19 Oct 2025 22:29:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
38:96:cd:2a:ec:62:47:6b:f0:29:99:87:bf:05:b2:29:4b:9e:41:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ccdc82bae7800f7d507c737924869bdeb5a76ea
Validity
Not Before: Oct 10 11:49:44 2025 GMT
Not After : Oct 9 11:54:44 2026 GMT
Subject: CN=B962144EDB708BB7C0A59F1B92DCBDFFECD3983F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:01:5a:4b:a4:22:35:06:27:ba:10:04:44:81:
4c:19:58:65:6c:d9:be:2e:11:ef:1c:7a:64:f1:68:
b8:32:04:0a:f6:02:4f:8f:f4:f4:dd:fb:f6:19:3a:
77:0e:d3:c3:36:ac:a0:49:30:da:c0:05:47:ad:34:
e5:e7:07:21:4f:01:38:54:39:d0:68:9c:85:a3:90:
7f:24:19:f1:a9:85:46:43:2f:83:a8:6e:74:e2:0c:
13:1b:db:a4:b4:11:54:2d:d2:32:30:0f:0c:31:23:
5f:78:03:e9:3d:e2:5a:5d:6e:6b:fc:12:ef:b0:90:
c8:7b:2b:b4:6f:e7:45:a9:14:6b:73:72:91:f2:85:
44:22:6e:9f:55:40:88:db:78:24:4d:e3:b7:af:91:
b4:5c:d6:8f:89:f2:e1:58:23:74:b1:11:cd:1a:93:
20:c1:64:b3:68:83:af:16:e1:b9:39:8d:16:bd:1d:
e4:24:b5:fd:bb:51:f2:81:45:9a:3c:8a:1e:60:69:
a4:21:da:70:2d:ae:e8:b4:7b:0e:d1:21:69:90:f1:
47:f9:fa:cf:2d:be:a4:1b:dc:70:54:93:38:7c:ca:
41:3b:5a:ff:16:54:5a:0c:bd:ec:36:77:c2:70:5b:
6c:af:73:74:f8:c6:a2:af:d3:dc:cd:0b:c7:93:23:
f2:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:62:14:4E:DB:70:8B:B7:C0:A5:9F:1B:92:DC:BD:FF:EC:D3:98:3F
X509v3 Authority Key Identifier:
keyid:6C:CD:C8:2B:AE:78:00:F7:D5:07:C7:37:92:48:69:BD:EB:5A:76:EA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/6CCDC82BAE7800F7D507C737924869BDEB5A76EA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bM3IK654APfVB8c3kkhpvetaduo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/3134372e3132352e3230382e302f32312d3234203d3e20383334.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.125.208.0/21
Signature Algorithm: sha256WithRSAEncryption
36:e3:bc:8f:5a:53:97:22:50:48:39:bb:a9:57:6d:cb:f0:54:
f8:6f:fc:f8:9a:b5:58:a5:c6:11:7a:85:1a:92:4e:f7:f6:d7:
1b:bf:dd:8a:b0:9b:2b:69:24:3d:ec:4d:63:b0:2a:d2:ff:b8:
54:55:ce:c1:c2:b0:59:e6:27:2f:77:df:d0:b1:23:61:4b:05:
2b:a9:0a:6d:ca:e0:ad:9b:a6:c7:0d:54:d8:0b:2b:e1:c7:a0:
51:17:19:fc:24:8b:c7:f5:28:f1:f0:fe:11:48:ab:30:fa:77:
36:d3:37:4a:b4:3f:d6:b6:5c:b0:0f:43:d5:04:42:02:72:d4:
f7:be:8b:01:f9:54:17:65:7a:21:10:42:3b:ca:9d:6a:40:a7:
7e:f7:41:08:ca:d7:e3:7e:77:a4:4a:f4:4e:24:e9:dd:23:59:
0a:5c:e2:09:3d:1b:29:53:da:b5:83:96:1a:ee:11:ab:9d:8c:
6e:1f:80:bf:d1:c5:48:5e:c6:4b:17:28:4c:70:40:5b:47:c7:
4e:b4:b0:be:6b:ee:64:f8:42:1d:61:1e:08:48:fd:b9:c8:dd:
f7:f1:9b:ab:ae:3a:2a:0b:17:32:80:c8:33:44:97:ae:03:18:
d7:24:72:e9:e6:1d:dd:95:81:b2:f3:d6:71:9d:8b:8a:e1:1e:
8e:e8:24:ae
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUOJbNKuxiR2vwKZmHvwWyKUueQd0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNmNjZGM4MmJhZTc4MDBmN2Q1MDdjNzM3OTI0ODY5YmRl
YjVhNzZlYTAeFw0yNTEwMTAxMTQ5NDRaFw0yNjEwMDkxMTU0NDRaMDMxMTAvBgNV
BAMTKEI5NjIxNDRFREI3MDhCQjdDMEE1OUYxQjkyRENCREZGRUNEMzk4M0YwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCyAVpLpCI1Bie6EAREgUwZWGVs
2b4uEe8cemTxaLgyBAr2Ak+P9PTd+/YZOncO08M2rKBJMNrABUetNOXnByFPAThU
OdBonIWjkH8kGfGphUZDL4OobnTiDBMb26S0EVQt0jIwDwwxI194A+k94lpdbmv8
Eu+wkMh7K7Rv50WpFGtzcpHyhUQibp9VQIjbeCRN47evkbRc1o+J8uFYI3SxEc0a
kyDBZLNog68W4bk5jRa9HeQktf27UfKBRZo8ih5gaaQh2nAtrui0ew7RIWmQ8Uf5
+s8tvqQb3HBUkzh8ykE7Wv8WVFoMvew2d8JwW2yvc3T4xqKv09zNC8eTI/LDAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUuWIUTttwi7fApZ8bkty9/+zTmD8wHwYDVR0j
BBgwFoAUbM3IK654APfVB8c3kkhpvetaduowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvY2NkMzg4NGEtYzM4NS00YjY1LTk4NjYtNGY2MzgzMTcy
NjcyLzAvNkNDREM4MkJBRTc4MDBGN0Q1MDdDNzM3OTI0ODY5QkRFQjVBNzZFQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2JNM0lLNjU0QVBmVkI4YzNra2hwdmV0
YWR1by5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvY2NkMzg4NGEt
YzM4NS00YjY1LTk4NjYtNGY2MzgzMTcyNjcyLzAvMzEzNDM3MmUzMTMyMzUyZTMy
MzAzODJlMzAyZjMyMzEyZDMyMzQyMDNkM2UyMDM4MzMzNC5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA5N9
0DANBgkqhkiG9w0BAQsFAAOCAQEANuO8j1pTlyJQSDm7qVdty/BU+G/8+Jq1WKXG
EXqFGpJO9/bXG7/dirCbK2kkPexNY7Aq0v+4VFXOwcKwWeYnL3ff0LEjYUsFK6kK
bcrgrZumxw1U2Asr4cegURcZ/CSLx/Uo8fD+EUirMPp3NtM3SrQ/1rZcsA9D1QRC
AnLU976LAflUF2V6IRBCO8qdakCnfvdBCMrX4353pEr0TiTp3SNZClziCT0bKVPa
tYOWGu4Rq52Mbh+Av9HFSF7GSxcoTHBAW0fHTrSwvmvuZPhCHWEeCEj9ucjd9/Gb
q646KgsXMoDIM0SXrgMY1yRy6eYd3ZWBsvPWcZ2LiuEejugkrg==
-----END CERTIFICATE-----
Generated at Sun Oct 19 14:41:44 2025 by rpki-client