Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/3134372e3132352e3133322e302f32342d3234203d3e20333938373034.roa
File: 3134372e3132352e3133322e302f32342d3234203d3e20333938373034.roa (raw, json)
Hash identifier: cziSlUpTNVIwuEUkoq4232t7butpVgvObziiR7DDs2Y=
Subject key identifier: C9:A5:5D:E8:BB:35:B5:84:0B:46:4C:B0:AA:C4:A0:D1:89:98:EE:1A
Certificate issuer: /CN=6ccdc82bae7800f7d507c737924869bdeb5a76ea
Certificate serial: 64940DA9225742F4F6D5107739D01BF8434FAC95
Authority key identifier: 6C:CD:C8:2B:AE:78:00:F7:D5:07:C7:37:92:48:69:BD:EB:5A:76:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bM3IK654APfVB8c3kkhpvetaduo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/3134372e3132352e3133322e302f32342d3234203d3e20333938373034.roa
Signing time: Tue 21 Apr 2026 09:09:12 +0000
ROA not before: Tue 21 Apr 2026 09:04:12 +0000
ROA not after: Tue 20 Apr 2027 09:09:12 +0000
asID: 398704
IP address blocks: 147.125.132.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/6CCDC82BAE7800F7D507C737924869BDEB5A76EA.crl
rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/6CCDC82BAE7800F7D507C737924869BDEB5A76EA.mft
rsync://rpki.ripe.net/repository/DEFAULT/bM3IK654APfVB8c3kkhpvetaduo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 22:31:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
64:94:0d:a9:22:57:42:f4:f6:d5:10:77:39:d0:1b:f8:43:4f:ac:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ccdc82bae7800f7d507c737924869bdeb5a76ea
Validity
Not Before: Apr 21 09:04:12 2026 GMT
Not After : Apr 20 09:09:12 2027 GMT
Subject: CN=C9A55DE8BB35B5840B464CB0AAC4A0D18998EE1A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:15:09:56:95:9d:4f:62:ce:25:67:76:26:d3:
d3:d3:98:72:5e:04:c7:28:75:92:8f:f3:5d:33:6d:
ea:7b:7b:a4:bf:90:01:b4:54:1e:2d:c2:58:98:dd:
ec:06:75:38:ef:5c:26:86:6c:ca:07:f6:79:91:92:
39:5b:9f:45:48:cb:ae:3e:0f:e7:8d:ac:06:1d:6b:
75:63:04:27:03:de:4a:dd:55:52:3c:d4:6c:91:4a:
ca:76:80:31:41:f0:7f:ef:cc:a0:1a:16:1a:8b:e1:
af:d8:78:f8:c0:b8:6d:94:0b:1e:04:44:b3:1f:65:
3d:83:73:87:a3:25:cd:1f:1a:7d:ef:af:e8:e2:4c:
64:64:0b:4f:52:7b:9d:91:bd:ca:7a:93:53:6c:f4:
a2:f6:be:b3:62:90:7f:8e:c6:64:f9:b9:b7:54:f4:
fb:9d:e2:f5:c6:57:a4:17:aa:75:17:eb:a0:19:6a:
cb:9b:46:8a:2b:ec:78:a3:48:2e:61:0e:b9:54:57:
8a:c3:2e:88:ad:da:84:c4:11:33:53:32:46:0c:b3:
87:c0:a7:06:9e:58:72:84:2b:53:69:39:b9:c1:cf:
8c:d9:d7:bb:02:d2:db:7d:32:a7:8d:de:7b:4a:7c:
d0:cc:32:f2:a7:ab:07:ae:bc:b2:29:59:2e:71:92:
53:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:A5:5D:E8:BB:35:B5:84:0B:46:4C:B0:AA:C4:A0:D1:89:98:EE:1A
X509v3 Authority Key Identifier:
keyid:6C:CD:C8:2B:AE:78:00:F7:D5:07:C7:37:92:48:69:BD:EB:5A:76:EA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/6CCDC82BAE7800F7D507C737924869BDEB5A76EA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bM3IK654APfVB8c3kkhpvetaduo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/3134372e3132352e3133322e302f32342d3234203d3e20333938373034.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.125.132.0/24
Signature Algorithm: sha256WithRSAEncryption
4d:2f:c5:ab:9b:72:61:27:e8:c5:85:42:9d:10:0b:ef:7a:31:
33:49:c6:f1:8a:34:12:7e:34:52:46:8d:8f:a4:9b:99:59:47:
2c:08:96:0b:e0:8b:89:aa:04:5e:81:b2:cc:c7:bd:f9:0c:c8:
de:55:82:f1:3c:77:b3:fb:5c:0a:7f:90:c3:3c:a0:97:c8:c0:
72:20:7b:3f:2c:a0:bc:99:0d:8c:46:ca:17:63:9d:fa:0a:a6:
d2:9c:1e:be:21:18:06:88:37:f6:bb:c7:47:c5:e2:82:34:b0:
10:72:e7:8c:6d:2c:82:a7:28:62:e4:d6:60:86:e2:a3:28:2a:
d5:8a:ab:a3:56:03:4e:6b:0b:c4:54:cf:ee:e4:c8:ab:f4:4f:
63:c7:b4:98:02:15:75:26:b5:aa:d0:09:af:41:ac:aa:49:00:
05:2e:fe:e0:8a:b5:19:88:7e:7c:8f:79:6a:42:a2:d3:4f:12:
ef:0e:b7:75:b7:8e:74:93:b8:6d:28:ee:70:c5:4e:e1:c2:d9:
da:02:63:b5:c0:c4:c3:ca:6a:06:2a:dd:9f:4f:b6:14:3a:36:
6c:00:21:03:a5:cc:40:8f:cc:b9:a4:06:7b:e7:4e:da:b1:d3:
b8:17:0b:66:c1:53:38:9c:0b:5d:38:19:68:dd:c8:2e:11:8e:
26:f1:1b:28
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUZJQNqSJXQvT21RB3OdAb+ENPrJUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNmNjZGM4MmJhZTc4MDBmN2Q1MDdjNzM3OTI0ODY5YmRl
YjVhNzZlYTAeFw0yNjA0MjEwOTA0MTJaFw0yNzA0MjAwOTA5MTJaMDMxMTAvBgNV
BAMTKEM5QTU1REU4QkIzNUI1ODQwQjQ2NENCMEFBQzRBMEQxODk5OEVFMUEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvFQlWlZ1PYs4lZ3Ym09PTmHJe
BMcodZKP810zbep7e6S/kAG0VB4twliY3ewGdTjvXCaGbMoH9nmRkjlbn0VIy64+
D+eNrAYda3VjBCcD3krdVVI81GyRSsp2gDFB8H/vzKAaFhqL4a/YePjAuG2UCx4E
RLMfZT2Dc4ejJc0fGn3vr+jiTGRkC09Se52Rvcp6k1Ns9KL2vrNikH+OxmT5ubdU
9Pud4vXGV6QXqnUX66AZasubRoor7HijSC5hDrlUV4rDLoit2oTEETNTMkYMs4fA
pwaeWHKEK1NpObnBz4zZ17sC0tt9MqeN3ntKfNDMMvKnqweuvLIpWS5xklP5AgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUyaVd6Ls1tYQLRkywqsSg0YmY7howHwYDVR0j
BBgwFoAUbM3IK654APfVB8c3kkhpvetaduowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvY2NkMzg4NGEtYzM4NS00YjY1LTk4NjYtNGY2MzgzMTcy
NjcyLzAvNkNDREM4MkJBRTc4MDBGN0Q1MDdDNzM3OTI0ODY5QkRFQjVBNzZFQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2JNM0lLNjU0QVBmVkI4YzNra2hwdmV0
YWR1by5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvY2NkMzg4NGEt
YzM4NS00YjY1LTk4NjYtNGY2MzgzMTcyNjcyLzAvMzEzNDM3MmUzMTMyMzUyZTMx
MzMzMjJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMzMzkzODM3MzAzNC5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAJN9hDANBgkqhkiG9w0BAQsFAAOCAQEATS/Fq5tyYSfoxYVCnRAL73oxM0nG
8Yo0En40UkaNj6SbmVlHLAiWC+CLiaoEXoGyzMe9+QzI3lWC8Tx3s/tcCn+Qwzyg
l8jAciB7PyygvJkNjEbKF2Od+gqm0pweviEYBog39rvHR8XigjSwEHLnjG0sgqco
YuTWYIbioygq1Yqro1YDTmsLxFTP7uTIq/RPY8e0mAIVdSa1qtAJr0GsqkkABS7+
4Iq1GYh+fI95akKi008S7w63dbeOdJO4bSjucMVO4cLZ2gJjtcDEw8pqBirdn0+2
FDo2bAAhA6XMQI/MuaQGe+dO2rHTuBcLZsFTOJwLXTgZaN3ILhGOJvEbKA==
-----END CERTIFICATE-----
Generated at Wed May 13 09:40:37 2026 by rpki-client