Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/3134372e3132352e3134382e302f32342d3234203d3e20313939313836.roa
File: 3134372e3132352e3134382e302f32342d3234203d3e20313939313836.roa (raw, json)
Hash identifier: Z2hyB3tVQR/uEyVGCxUkBbMTYJzzZmf4y9jS3XgS12c=
Subject key identifier: 03:66:1B:BB:9E:1B:15:D4:5E:72:B6:E5:2A:87:87:40:D2:28:19:44
Certificate issuer: /CN=6ccdc82bae7800f7d507c737924869bdeb5a76ea
Certificate serial: 4E127B2779B97A32E9A5C75FE3BC941794002609
Authority key identifier: 6C:CD:C8:2B:AE:78:00:F7:D5:07:C7:37:92:48:69:BD:EB:5A:76:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bM3IK654APfVB8c3kkhpvetaduo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/3134372e3132352e3134382e302f32342d3234203d3e20313939313836.roa
Signing time: Tue 28 Apr 2026 07:17:41 +0000
ROA not before: Tue 28 Apr 2026 07:12:41 +0000
ROA not after: Tue 27 Apr 2027 07:17:41 +0000
asID: 199186
IP address blocks: 147.125.148.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/6CCDC82BAE7800F7D507C737924869BDEB5A76EA.crl
rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/6CCDC82BAE7800F7D507C737924869BDEB5A76EA.mft
rsync://rpki.ripe.net/repository/DEFAULT/bM3IK654APfVB8c3kkhpvetaduo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 02 May 2026 13:23:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4e:12:7b:27:79:b9:7a:32:e9:a5:c7:5f:e3:bc:94:17:94:00:26:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ccdc82bae7800f7d507c737924869bdeb5a76ea
Validity
Not Before: Apr 28 07:12:41 2026 GMT
Not After : Apr 27 07:17:41 2027 GMT
Subject: CN=03661BBB9E1B15D45E72B6E52A878740D2281944
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:44:cd:17:88:ef:55:fe:d9:04:20:d1:9d:48:
ef:dc:4d:a0:26:90:09:c0:7b:83:8d:e1:dd:0e:bc:
73:d2:4c:99:46:b7:f5:6c:f0:b4:7d:a3:33:d4:3b:
af:0e:17:d6:e2:e6:ef:f3:58:bc:30:8c:49:00:ee:
5a:c1:15:39:e9:b4:72:a9:b5:2b:3a:01:18:60:47:
35:a9:31:cc:20:2f:65:34:01:9f:e4:6c:67:89:e4:
4d:78:fd:a5:fe:08:5f:de:88:fb:1e:07:f6:7c:64:
91:a2:2b:d1:cf:35:ad:fb:79:07:b0:2a:07:d1:e2:
ff:2b:df:09:94:12:38:34:2d:fd:ef:c7:5f:18:2b:
6d:5a:7b:1f:56:7f:07:4a:22:9c:3e:0e:f4:6e:a7:
e1:97:b8:9e:1c:6c:0e:9b:43:e0:79:0e:3b:4a:ec:
24:11:a4:4c:19:bb:0b:be:c8:f0:db:3d:af:cf:12:
e4:66:e0:ab:ed:0d:1c:27:77:e0:08:8b:c6:22:b3:
c0:c6:d9:02:cd:df:4d:30:92:c5:bb:3c:d0:c3:46:
a3:99:f3:b5:bc:88:7a:91:f4:29:78:d5:88:5b:03:
c2:79:8b:6e:7f:ed:d4:c5:c7:5e:21:1b:53:1f:11:
4a:32:70:a2:9f:d5:ba:5f:3c:e5:5b:6d:7e:09:fe:
f8:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:66:1B:BB:9E:1B:15:D4:5E:72:B6:E5:2A:87:87:40:D2:28:19:44
X509v3 Authority Key Identifier:
keyid:6C:CD:C8:2B:AE:78:00:F7:D5:07:C7:37:92:48:69:BD:EB:5A:76:EA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/6CCDC82BAE7800F7D507C737924869BDEB5A76EA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bM3IK654APfVB8c3kkhpvetaduo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/3134372e3132352e3134382e302f32342d3234203d3e20313939313836.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.125.148.0/24
Signature Algorithm: sha256WithRSAEncryption
1d:ab:ec:5d:92:60:fe:ba:ce:14:0e:18:6b:92:d4:9f:f0:ca:
cf:1d:c7:a3:92:34:87:30:a2:7d:07:27:cb:40:fb:ea:20:e9:
40:4c:f2:4a:47:ed:c6:ab:c7:d0:19:cd:31:31:05:e2:a5:fd:
ae:33:ce:bc:33:6d:c8:c1:b9:67:7d:8e:e7:df:36:c7:27:c4:
fc:71:00:6d:c5:c7:58:17:18:36:96:34:c0:58:cd:fd:01:3d:
6b:f4:22:28:94:fa:00:74:87:90:5a:6d:7b:dd:0c:11:f1:a8:
14:da:9a:a9:b3:d7:78:ca:1f:44:1c:17:77:49:9f:ca:1c:37:
5e:2c:68:92:0f:da:75:b7:47:ef:9a:67:6c:99:18:01:ab:07:
fa:b4:20:47:10:a2:5f:ff:24:7e:b3:ed:bc:f6:75:33:12:55:
8c:02:ec:40:63:73:9d:b5:8f:07:c9:2c:f3:be:1d:16:3f:ca:
9e:f3:a0:e6:34:3c:7f:c6:c5:b2:e7:4e:18:7b:d6:8b:61:d7:
d2:8a:34:b1:59:bc:f0:7e:2d:d1:5d:29:81:06:dd:ad:5f:9e:
9d:c6:30:f2:02:87:79:30:88:42:c4:0e:c6:a2:42:a4:76:c6:
05:13:a8:99:ab:02:3b:5c:72:c1:aa:12:2a:84:a2:a5:b4:68:
24:dd:2c:00
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUThJ7J3m5ejLppcdf47yUF5QAJgkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNmNjZGM4MmJhZTc4MDBmN2Q1MDdjNzM3OTI0ODY5YmRl
YjVhNzZlYTAeFw0yNjA0MjgwNzEyNDFaFw0yNzA0MjcwNzE3NDFaMDMxMTAvBgNV
BAMTKDAzNjYxQkJCOUUxQjE1RDQ1RTcyQjZFNTJBODc4NzQwRDIyODE5NDQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCzRM0XiO9V/tkEINGdSO/cTaAm
kAnAe4ON4d0OvHPSTJlGt/Vs8LR9ozPUO68OF9bi5u/zWLwwjEkA7lrBFTnptHKp
tSs6ARhgRzWpMcwgL2U0AZ/kbGeJ5E14/aX+CF/eiPseB/Z8ZJGiK9HPNa37eQew
KgfR4v8r3wmUEjg0Lf3vx18YK21aex9WfwdKIpw+DvRup+GXuJ4cbA6bQ+B5DjtK
7CQRpEwZuwu+yPDbPa/PEuRm4KvtDRwnd+AIi8Yis8DG2QLN300wksW7PNDDRqOZ
87W8iHqR9Cl41YhbA8J5i25/7dTFx14hG1MfEUoycKKf1bpfPOVbbX4J/vi5AgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUA2Ybu54bFdRecrblKoeHQNIoGUQwHwYDVR0j
BBgwFoAUbM3IK654APfVB8c3kkhpvetaduowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvY2NkMzg4NGEtYzM4NS00YjY1LTk4NjYtNGY2MzgzMTcy
NjcyLzAvNkNDREM4MkJBRTc4MDBGN0Q1MDdDNzM3OTI0ODY5QkRFQjVBNzZFQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2JNM0lLNjU0QVBmVkI4YzNra2hwdmV0
YWR1by5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvY2NkMzg4NGEt
YzM4NS00YjY1LTk4NjYtNGY2MzgzMTcyNjcyLzAvMzEzNDM3MmUzMTMyMzUyZTMx
MzQzODJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzkzOTMxMzgzNi5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAJN9lDANBgkqhkiG9w0BAQsFAAOCAQEAHavsXZJg/rrOFA4Ya5LUn/DKzx3H
o5I0hzCifQcny0D76iDpQEzySkftxqvH0BnNMTEF4qX9rjPOvDNtyMG5Z32O5982
xyfE/HEAbcXHWBcYNpY0wFjN/QE9a/QiKJT6AHSHkFpte90MEfGoFNqaqbPXeMof
RBwXd0mfyhw3Xixokg/adbdH75pnbJkYAasH+rQgRxCiX/8kfrPtvPZ1MxJVjALs
QGNznbWPB8ks874dFj/KnvOg5jQ8f8bFsudOGHvWi2HX0oo0sVm88H4t0V0pgQbd
rV+encYw8gKHeTCIQsQOxqJCpHbGBROomasCO1xywaoSKoSipbRoJN0sAA==
-----END CERTIFICATE-----
Generated at Fri May 1 19:15:36 2026 by rpki-client