Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/3134372e3132352e3235312e302f32342d3234203d3e20333938343635.roa
File: 3134372e3132352e3235312e302f32342d3234203d3e20333938343635.roa (raw, json)
Hash identifier: 18a/6YaUzwzRQ5kcwi6X7kBNFyZHiFjK9FuIjaI5xkI=
Subject key identifier: 7B:C7:91:D7:63:30:08:10:30:45:B8:20:3D:73:E3:6F:0A:91:D5:B8
Certificate issuer: /CN=6ccdc82bae7800f7d507c737924869bdeb5a76ea
Certificate serial: 19FD165E63522DB02A66DE85BF32DC6362BA64E0
Authority key identifier: 6C:CD:C8:2B:AE:78:00:F7:D5:07:C7:37:92:48:69:BD:EB:5A:76:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bM3IK654APfVB8c3kkhpvetaduo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/3134372e3132352e3235312e302f32342d3234203d3e20333938343635.roa
Signing time: Tue 21 Apr 2026 09:09:09 +0000
ROA not before: Tue 21 Apr 2026 09:04:09 +0000
ROA not after: Tue 20 Apr 2027 09:09:09 +0000
asID: 398465
IP address blocks: 147.125.251.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/6CCDC82BAE7800F7D507C737924869BDEB5A76EA.crl
rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/6CCDC82BAE7800F7D507C737924869BDEB5A76EA.mft
rsync://rpki.ripe.net/repository/DEFAULT/bM3IK654APfVB8c3kkhpvetaduo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 22:31:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
19:fd:16:5e:63:52:2d:b0:2a:66:de:85:bf:32:dc:63:62:ba:64:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ccdc82bae7800f7d507c737924869bdeb5a76ea
Validity
Not Before: Apr 21 09:04:09 2026 GMT
Not After : Apr 20 09:09:09 2027 GMT
Subject: CN=7BC791D7633008103045B8203D73E36F0A91D5B8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:7e:af:e6:1b:bb:dd:71:94:de:dc:26:6a:e3:
37:22:c4:0b:c5:37:85:5c:d7:84:d8:7c:ff:d6:aa:
b1:7a:22:4b:a3:a0:30:37:f8:5a:e3:06:06:88:24:
f8:3f:df:e4:63:9f:1a:20:f9:6f:59:06:81:22:52:
19:9f:5d:1c:ee:01:71:ef:ab:d2:37:16:0c:ea:37:
84:0c:43:71:be:3c:de:fb:01:a3:bc:90:e0:ed:19:
16:fe:23:13:96:36:32:e3:bd:1d:f4:01:5c:82:f3:
72:aa:af:bb:9a:da:80:7f:17:9d:01:ab:d9:ae:66:
6d:51:e9:08:db:2b:67:e1:7e:25:37:c0:d2:88:40:
f9:6d:24:14:96:89:8c:95:90:23:98:92:7c:20:50:
24:d9:72:a8:73:e1:9f:aa:e6:05:c4:4e:58:31:5a:
2f:2c:96:31:90:e2:38:5b:a6:b5:3e:5a:ae:96:72:
18:62:68:aa:a4:14:3d:03:44:3c:e3:b9:ba:ab:bb:
82:09:1e:cc:ac:6b:8e:30:3d:85:de:1b:bf:96:b9:
c1:e7:30:41:b9:5a:e6:57:03:c2:ba:35:08:86:90:
6d:79:d5:13:36:24:40:d1:34:c0:a4:dd:21:cd:71:
6a:ae:98:ab:d7:ad:cf:91:8c:15:28:7c:e6:30:cc:
16:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:C7:91:D7:63:30:08:10:30:45:B8:20:3D:73:E3:6F:0A:91:D5:B8
X509v3 Authority Key Identifier:
keyid:6C:CD:C8:2B:AE:78:00:F7:D5:07:C7:37:92:48:69:BD:EB:5A:76:EA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/6CCDC82BAE7800F7D507C737924869BDEB5A76EA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bM3IK654APfVB8c3kkhpvetaduo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/3134372e3132352e3235312e302f32342d3234203d3e20333938343635.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.125.251.0/24
Signature Algorithm: sha256WithRSAEncryption
2d:36:a7:bb:e6:ad:5b:1d:f3:b7:b2:7a:e3:16:11:ad:e9:29:
0a:98:bb:a1:f0:dd:d4:fa:4f:96:00:3d:b2:52:17:b5:c0:b8:
5f:42:e5:0b:d9:82:06:0e:b0:f7:90:d7:f3:18:e2:c3:68:b9:
77:0d:bb:c5:d2:fe:a3:05:0d:99:8d:1c:87:89:66:43:d2:8c:
5a:1c:7b:14:69:94:c3:4d:48:a7:ad:28:4e:1d:a0:a5:19:36:
1c:5d:1f:d0:39:d5:92:37:18:36:1a:83:d8:76:13:d7:26:00:
d6:3a:93:11:41:99:f1:62:f4:f6:e8:40:1d:3f:86:fd:42:27:
a6:01:f5:e3:c6:a5:91:d3:f5:31:6d:c7:df:a4:ea:aa:f4:4c:
31:fd:09:ee:1c:63:6f:d9:36:78:d7:66:62:c0:44:61:85:e5:
38:7c:87:d0:4c:21:07:fe:af:08:28:7d:43:5a:9e:cb:19:05:
b6:b0:ab:ce:e9:0f:c9:73:8e:92:d2:2a:1c:c7:a1:d6:59:a1:
b3:6a:c0:aa:69:1b:8a:8f:b4:ab:e6:6b:64:45:d6:a8:89:7d:
b6:05:10:6a:ff:90:e0:dd:b6:ea:39:0e:28:fb:b1:08:12:40:
9e:ea:c8:52:91:79:21:a5:f2:04:72:9f:57:29:c4:5b:6c:44:
70:5b:09:ef
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUGf0WXmNSLbAqZt6FvzLcY2K6ZOAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNmNjZGM4MmJhZTc4MDBmN2Q1MDdjNzM3OTI0ODY5YmRl
YjVhNzZlYTAeFw0yNjA0MjEwOTA0MDlaFw0yNzA0MjAwOTA5MDlaMDMxMTAvBgNV
BAMTKDdCQzc5MUQ3NjMzMDA4MTAzMDQ1QjgyMDNENzNFMzZGMEE5MUQ1QjgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCWfq/mG7vdcZTe3CZq4zcixAvF
N4Vc14TYfP/WqrF6IkujoDA3+FrjBgaIJPg/3+Rjnxog+W9ZBoEiUhmfXRzuAXHv
q9I3FgzqN4QMQ3G+PN77AaO8kODtGRb+IxOWNjLjvR30AVyC83Kqr7ua2oB/F50B
q9muZm1R6QjbK2fhfiU3wNKIQPltJBSWiYyVkCOYknwgUCTZcqhz4Z+q5gXETlgx
Wi8sljGQ4jhbprU+Wq6WchhiaKqkFD0DRDzjubqru4IJHsysa44wPYXeG7+WucHn
MEG5WuZXA8K6NQiGkG151RM2JEDRNMCk3SHNcWqumKvXrc+RjBUofOYwzBaXAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUe8eR12MwCBAwRbggPXPjbwqR1bgwHwYDVR0j
BBgwFoAUbM3IK654APfVB8c3kkhpvetaduowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvY2NkMzg4NGEtYzM4NS00YjY1LTk4NjYtNGY2MzgzMTcy
NjcyLzAvNkNDREM4MkJBRTc4MDBGN0Q1MDdDNzM3OTI0ODY5QkRFQjVBNzZFQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2JNM0lLNjU0QVBmVkI4YzNra2hwdmV0
YWR1by5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvY2NkMzg4NGEt
YzM4NS00YjY1LTk4NjYtNGY2MzgzMTcyNjcyLzAvMzEzNDM3MmUzMTMyMzUyZTMy
MzUzMTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMzMzkzODM0MzYzNS5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAJN9+zANBgkqhkiG9w0BAQsFAAOCAQEALTanu+atWx3zt7J64xYRrekpCpi7
ofDd1PpPlgA9slIXtcC4X0LlC9mCBg6w95DX8xjiw2i5dw27xdL+owUNmY0ch4lm
Q9KMWhx7FGmUw01Ip60oTh2gpRk2HF0f0DnVkjcYNhqD2HYT1yYA1jqTEUGZ8WL0
9uhAHT+G/UInpgH148alkdP1MW3H36TqqvRMMf0J7hxjb9k2eNdmYsBEYYXlOHyH
0EwhB/6vCCh9Q1qeyxkFtrCrzukPyXOOktIqHMeh1lmhs2rAqmkbio+0q+ZrZEXW
qIl9tgUQav+Q4N226jkOKPuxCBJAnurIUpF5IaXyBHKfVynEW2xEcFsJ7w==
-----END CERTIFICATE-----
Generated at Wed May 13 10:30:01 2026 by rpki-client