Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/3134372e3132352e3133332e302f32342d3234203d3e203332343138.roa
File: 3134372e3132352e3133332e302f32342d3234203d3e203332343138.roa (raw, json)
Hash identifier: 2BklU0izc0nEn7f4gqu1UV/4OvQIeG2833VWBGhQbfI=
Subject key identifier: CD:F4:8F:C1:00:81:40:63:3A:05:D4:77:BE:09:F9:FD:D6:75:ED:26
Certificate issuer: /CN=6ccdc82bae7800f7d507c737924869bdeb5a76ea
Certificate serial: 01287EFC5FF86B3B13D10E119B1F1475419BA5FA
Authority key identifier: 6C:CD:C8:2B:AE:78:00:F7:D5:07:C7:37:92:48:69:BD:EB:5A:76:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bM3IK654APfVB8c3kkhpvetaduo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/3134372e3132352e3133332e302f32342d3234203d3e203332343138.roa
Signing time: Wed 29 Apr 2026 03:19:17 +0000
ROA not before: Wed 29 Apr 2026 03:14:17 +0000
ROA not after: Wed 28 Apr 2027 03:19:17 +0000
asID: 32418
IP address blocks: 147.125.133.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/6CCDC82BAE7800F7D507C737924869BDEB5A76EA.crl
rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/6CCDC82BAE7800F7D507C737924869BDEB5A76EA.mft
rsync://rpki.ripe.net/repository/DEFAULT/bM3IK654APfVB8c3kkhpvetaduo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 01 May 2026 10:56:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:28:7e:fc:5f:f8:6b:3b:13:d1:0e:11:9b:1f:14:75:41:9b:a5:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ccdc82bae7800f7d507c737924869bdeb5a76ea
Validity
Not Before: Apr 29 03:14:17 2026 GMT
Not After : Apr 28 03:19:17 2027 GMT
Subject: CN=CDF48FC1008140633A05D477BE09F9FDD675ED26
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:a0:4b:3a:dd:19:b2:22:ec:32:4d:23:50:51:
a1:3b:1c:2c:ef:2a:71:bb:99:39:8d:4b:d7:e3:61:
5a:57:bf:98:15:a3:8e:da:90:6c:a9:a4:4a:88:f8:
eb:75:49:72:db:ae:dd:d1:32:91:d8:61:fa:a9:fc:
a2:56:1d:a7:29:80:56:f8:3e:0b:f4:d7:bb:93:bb:
7a:d0:9f:df:86:b3:ec:f7:1a:b7:e8:17:01:17:ee:
8a:42:57:e5:4d:b0:2c:a9:78:ea:0f:04:c9:32:50:
e2:59:57:4a:5b:56:05:71:43:d7:cf:f1:c9:9c:72:
ee:47:56:e3:57:c7:51:59:ee:cc:9d:cd:63:de:f4:
71:58:db:d4:59:da:91:ed:2c:ae:79:6f:2f:bf:86:
d8:1c:e3:39:a1:e0:0b:39:89:4f:9c:5d:ba:c8:e1:
fb:47:a6:9f:eb:a2:02:40:2d:5a:81:1a:69:04:3e:
b9:21:99:ac:69:f8:26:4c:b8:43:08:6c:3f:ac:dd:
2f:a8:e1:d5:62:cf:7f:b3:7e:4e:0c:d1:f9:af:39:
87:53:a7:46:79:5a:0c:44:59:0a:04:f0:54:ca:62:
c5:8f:d3:29:3f:2a:16:4d:5f:78:80:1f:39:07:bb:
60:8d:3b:ac:cf:12:9e:85:9e:8e:d2:d1:b2:fa:35:
66:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:F4:8F:C1:00:81:40:63:3A:05:D4:77:BE:09:F9:FD:D6:75:ED:26
X509v3 Authority Key Identifier:
keyid:6C:CD:C8:2B:AE:78:00:F7:D5:07:C7:37:92:48:69:BD:EB:5A:76:EA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/6CCDC82BAE7800F7D507C737924869BDEB5A76EA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bM3IK654APfVB8c3kkhpvetaduo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/3134372e3132352e3133332e302f32342d3234203d3e203332343138.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.125.133.0/24
Signature Algorithm: sha256WithRSAEncryption
2e:b3:69:82:3c:e4:7c:2a:6c:ef:6b:70:95:4a:5f:88:37:b2:
35:04:dd:53:84:d2:81:7d:89:74:40:73:9d:c6:d9:77:ff:6a:
1a:3a:f3:d3:52:5b:e4:a6:04:1a:18:3f:d4:f5:ac:7a:d5:e3:
2e:8e:b8:27:67:dd:c9:f1:8b:d0:1d:2b:9f:cd:0c:89:01:b6:
cc:f8:2d:34:bc:91:31:71:5a:b1:97:01:35:a8:da:be:d4:d6:
79:0a:22:bf:47:fa:16:04:fc:7d:94:8c:b5:28:ab:87:ea:28:
51:17:50:a7:93:7f:7e:00:9c:e0:8e:24:db:79:d6:67:e8:0a:
c1:c7:7e:23:72:44:bb:bc:23:f8:b4:f7:60:9c:44:b5:b1:ce:
fc:d7:22:64:34:2e:c2:29:db:ca:1b:88:e1:59:f5:ae:19:80:
84:3b:e7:8a:8c:34:98:30:16:37:ee:2f:77:4c:b6:a4:fd:f5:
fa:c3:8f:af:e5:d1:eb:8d:de:92:e6:7a:80:76:2b:ee:10:7c:
a7:5c:b4:d1:ab:7a:ac:0f:05:09:ee:93:71:4d:5b:54:61:fd:
47:f9:7e:65:13:82:3c:79:bb:35:16:49:9d:1f:9e:5f:2f:0a:
cb:0e:5b:38:58:c6:69:19:19:c1:8e:a0:26:eb:a2:ca:03:fd:
c3:d1:65:a0
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUASh+/F/4azsT0Q4Rmx8UdUGbpfowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNmNjZGM4MmJhZTc4MDBmN2Q1MDdjNzM3OTI0ODY5YmRl
YjVhNzZlYTAeFw0yNjA0MjkwMzE0MTdaFw0yNzA0MjgwMzE5MTdaMDMxMTAvBgNV
BAMTKENERjQ4RkMxMDA4MTQwNjMzQTA1RDQ3N0JFMDlGOUZERDY3NUVEMjYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDToEs63RmyIuwyTSNQUaE7HCzv
KnG7mTmNS9fjYVpXv5gVo47akGyppEqI+Ot1SXLbrt3RMpHYYfqp/KJWHacpgFb4
Pgv017uTu3rQn9+Gs+z3GrfoFwEX7opCV+VNsCypeOoPBMkyUOJZV0pbVgVxQ9fP
8cmccu5HVuNXx1FZ7sydzWPe9HFY29RZ2pHtLK55by+/htgc4zmh4As5iU+cXbrI
4ftHpp/rogJALVqBGmkEPrkhmaxp+CZMuEMIbD+s3S+o4dViz3+zfk4M0fmvOYdT
p0Z5WgxEWQoE8FTKYsWP0yk/KhZNX3iAHzkHu2CNO6zPEp6Fno7S0bL6NWZpAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUzfSPwQCBQGM6BdR3vgn5/dZ17SYwHwYDVR0j
BBgwFoAUbM3IK654APfVB8c3kkhpvetaduowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvY2NkMzg4NGEtYzM4NS00YjY1LTk4NjYtNGY2MzgzMTcy
NjcyLzAvNkNDREM4MkJBRTc4MDBGN0Q1MDdDNzM3OTI0ODY5QkRFQjVBNzZFQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2JNM0lLNjU0QVBmVkI4YzNra2hwdmV0
YWR1by5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvY2NkMzg4NGEt
YzM4NS00YjY1LTk4NjYtNGY2MzgzMTcyNjcyLzAvMzEzNDM3MmUzMTMyMzUyZTMx
MzMzMzJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMzMzIzNDMxMzgucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BACTfYUwDQYJKoZIhvcNAQELBQADggEBAC6zaYI85HwqbO9rcJVKX4g3sjUE3VOE
0oF9iXRAc53G2Xf/aho689NSW+SmBBoYP9T1rHrV4y6OuCdn3cnxi9AdK5/NDIkB
tsz4LTS8kTFxWrGXATWo2r7U1nkKIr9H+hYE/H2UjLUoq4fqKFEXUKeTf34AnOCO
JNt51mfoCsHHfiNyRLu8I/i092CcRLWxzvzXImQ0LsIp28obiOFZ9a4ZgIQ754qM
NJgwFjfuL3dMtqT99frDj6/l0euN3pLmeoB2K+4QfKdctNGreqwPBQnuk3FNW1Rh
/Uf5fmUTgjx5uzUWSZ0fnl8vCssOWzhYxmkZGcGOoCbrosoD/cPRZaA=
-----END CERTIFICATE-----
Generated at Thu Apr 30 17:32:40 2026 by rpki-client