Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/3134372e3132352e3134322e302f32342d3234203d3e2039333034.roa
File: 3134372e3132352e3134322e302f32342d3234203d3e2039333034.roa (raw, json)
Hash identifier: v8YkGN6hKZL4e+yO3ecOGc8KAt1XUN1ejewcyDC8zWs=
Subject key identifier: 48:12:A4:7B:D1:0E:DE:FF:B0:CF:B9:4F:80:C3:2B:51:44:BE:7A:03
Certificate issuer: /CN=6ccdc82bae7800f7d507c737924869bdeb5a76ea
Certificate serial: 4E2084605CA6563A829CCC5178AD27E6D9141F19
Authority key identifier: 6C:CD:C8:2B:AE:78:00:F7:D5:07:C7:37:92:48:69:BD:EB:5A:76:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bM3IK654APfVB8c3kkhpvetaduo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/3134372e3132352e3134322e302f32342d3234203d3e2039333034.roa
Signing time: Tue 21 Apr 2026 09:09:10 +0000
ROA not before: Tue 21 Apr 2026 09:04:10 +0000
ROA not after: Tue 20 Apr 2027 09:09:10 +0000
asID: 9304
IP address blocks: 147.125.142.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/6CCDC82BAE7800F7D507C737924869BDEB5A76EA.crl
rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/6CCDC82BAE7800F7D507C737924869BDEB5A76EA.mft
rsync://rpki.ripe.net/repository/DEFAULT/bM3IK654APfVB8c3kkhpvetaduo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 22:31:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4e:20:84:60:5c:a6:56:3a:82:9c:cc:51:78:ad:27:e6:d9:14:1f:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ccdc82bae7800f7d507c737924869bdeb5a76ea
Validity
Not Before: Apr 21 09:04:10 2026 GMT
Not After : Apr 20 09:09:10 2027 GMT
Subject: CN=4812A47BD10EDEFFB0CFB94F80C32B5144BE7A03
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:e2:8e:f3:a6:a1:3c:80:2d:61:e4:f8:a8:f3:
23:85:3d:ae:60:e1:e5:95:68:8d:39:55:a8:5d:2c:
95:0a:b6:c1:49:f6:b4:70:28:7a:5e:50:e1:6f:00:
de:2c:b0:e6:53:c5:ce:11:90:17:f7:25:45:74:29:
39:17:5e:f4:18:fc:f1:ab:6f:c6:1e:d0:83:df:cf:
21:2a:44:ad:0c:f6:89:93:6e:10:ac:30:c9:b6:bf:
25:0b:84:85:9a:15:ee:65:e9:56:fb:6a:ad:f1:3e:
b2:0a:4e:bc:b6:ee:f0:af:2e:62:4e:b6:b8:f4:60:
e2:4c:59:c4:34:87:bb:bb:20:6b:63:f3:0e:74:41:
d2:90:f0:61:38:88:43:3c:54:86:44:7c:2b:c2:19:
23:8c:43:c6:8d:dc:69:b4:73:ee:dc:14:bc:82:67:
ef:5f:f3:15:b2:59:c4:9d:0a:77:5b:a5:89:a8:6e:
dc:99:17:2c:0f:dc:ce:3e:b3:49:43:ad:a8:75:fe:
58:c2:aa:67:83:95:37:4b:5f:3b:77:59:c2:de:7c:
7b:ad:b3:1a:97:16:60:56:3d:a2:0a:0b:88:43:0e:
cf:12:d9:5a:a3:f4:51:63:02:ca:12:39:4e:ee:8b:
56:20:0e:44:97:81:4f:3c:b0:04:87:19:49:a3:e3:
83:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:12:A4:7B:D1:0E:DE:FF:B0:CF:B9:4F:80:C3:2B:51:44:BE:7A:03
X509v3 Authority Key Identifier:
keyid:6C:CD:C8:2B:AE:78:00:F7:D5:07:C7:37:92:48:69:BD:EB:5A:76:EA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/6CCDC82BAE7800F7D507C737924869BDEB5A76EA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bM3IK654APfVB8c3kkhpvetaduo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/3134372e3132352e3134322e302f32342d3234203d3e2039333034.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.125.142.0/24
Signature Algorithm: sha256WithRSAEncryption
7b:8a:74:92:91:d5:ed:e8:5c:af:c7:76:d6:13:12:68:8c:30:
bf:02:21:50:df:d6:8e:2a:64:1b:e9:84:02:18:c2:99:08:d3:
cd:e0:97:00:ca:8b:0b:d9:8d:62:4c:1c:56:85:3a:62:25:ee:
ff:72:1b:51:05:56:bd:71:e2:1e:b2:52:1e:7e:a9:ea:de:90:
5e:06:2d:8e:79:dc:d5:51:2f:7d:1c:dc:3f:0f:75:be:c0:c7:
53:d5:82:10:1a:a1:1c:14:a6:e2:dc:96:be:e8:fc:39:65:a7:
ee:b4:26:7e:71:20:a3:97:bb:a4:31:96:4b:70:8c:a3:9f:8b:
4c:49:6e:c3:97:e1:4d:b8:43:eb:d5:28:49:5d:95:54:69:6b:
4e:10:5d:4d:0b:e8:28:98:50:14:6f:76:ef:c0:d6:5c:fd:23:
44:91:c8:d4:cc:7d:3c:89:10:73:7d:28:6a:8a:8b:09:d3:1c:
09:a4:e7:93:1c:26:cf:b2:af:22:27:91:88:34:7f:ab:af:bb:
b6:9c:34:1f:90:86:9a:e0:d5:8c:45:02:d9:18:6a:92:15:ab:
b2:ae:9a:87:e3:77:85:16:9a:41:d6:b6:93:12:58:b7:3e:8c:
30:61:d1:d6:fa:e8:80:11:6c:a1:c2:3c:c2:63:14:ac:c5:58:
bd:9d:25:00
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUTiCEYFymVjqCnMxReK0n5tkUHxkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNmNjZGM4MmJhZTc4MDBmN2Q1MDdjNzM3OTI0ODY5YmRl
YjVhNzZlYTAeFw0yNjA0MjEwOTA0MTBaFw0yNzA0MjAwOTA5MTBaMDMxMTAvBgNV
BAMTKDQ4MTJBNDdCRDEwRURFRkZCMENGQjk0RjgwQzMyQjUxNDRCRTdBMDMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCH4o7zpqE8gC1h5Pio8yOFPa5g
4eWVaI05VahdLJUKtsFJ9rRwKHpeUOFvAN4ssOZTxc4RkBf3JUV0KTkXXvQY/PGr
b8Ye0IPfzyEqRK0M9omTbhCsMMm2vyULhIWaFe5l6Vb7aq3xPrIKTry27vCvLmJO
trj0YOJMWcQ0h7u7IGtj8w50QdKQ8GE4iEM8VIZEfCvCGSOMQ8aN3Gm0c+7cFLyC
Z+9f8xWyWcSdCndbpYmobtyZFywP3M4+s0lDrah1/ljCqmeDlTdLXzt3WcLefHut
sxqXFmBWPaIKC4hDDs8S2Vqj9FFjAsoSOU7ui1YgDkSXgU88sASHGUmj44MnAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUSBKke9EO3v+wz7lPgMMrUUS+egMwHwYDVR0j
BBgwFoAUbM3IK654APfVB8c3kkhpvetaduowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvY2NkMzg4NGEtYzM4NS00YjY1LTk4NjYtNGY2MzgzMTcy
NjcyLzAvNkNDREM4MkJBRTc4MDBGN0Q1MDdDNzM3OTI0ODY5QkRFQjVBNzZFQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2JNM0lLNjU0QVBmVkI4YzNra2hwdmV0
YWR1by5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvY2NkMzg4NGEt
YzM4NS00YjY1LTk4NjYtNGY2MzgzMTcyNjcyLzAvMzEzNDM3MmUzMTMyMzUyZTMx
MzQzMjJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM5MzMzMDM0LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
k32OMA0GCSqGSIb3DQEBCwUAA4IBAQB7inSSkdXt6Fyvx3bWExJojDC/AiFQ39aO
KmQb6YQCGMKZCNPN4JcAyosL2Y1iTBxWhTpiJe7/chtRBVa9ceIeslIefqnq3pBe
Bi2OedzVUS99HNw/D3W+wMdT1YIQGqEcFKbi3Ja+6Pw5ZafutCZ+cSCjl7ukMZZL
cIyjn4tMSW7Dl+FNuEPr1ShJXZVUaWtOEF1NC+gomFAUb3bvwNZc/SNEkcjUzH08
iRBzfShqiosJ0xwJpOeTHCbPsq8iJ5GINH+rr7u2nDQfkIaa4NWMRQLZGGqSFauy
rpqH43eFFppB1raTEli3PowwYdHW+uiAEWyhwjzCYxSsxVi9nSUA
-----END CERTIFICATE-----
Generated at Wed May 13 09:41:07 2026 by rpki-client