Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/3134372e3132352e3135312e302f32342d3234203d3e203437333737.roa
File: 3134372e3132352e3135312e302f32342d3234203d3e203437333737.roa (raw, json)
Hash identifier: 7EUAitOc4snRAz28LHqt3tpwNyaNU8kns88bI0yCIYE=
Subject key identifier: 17:FB:D5:42:ED:C1:A4:34:93:11:70:E7:AC:47:79:0F:C2:63:E2:79
Certificate issuer: /CN=6ccdc82bae7800f7d507c737924869bdeb5a76ea
Certificate serial: 49EFE647976922A725474ADF70BCE70D94641F4B
Authority key identifier: 6C:CD:C8:2B:AE:78:00:F7:D5:07:C7:37:92:48:69:BD:EB:5A:76:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bM3IK654APfVB8c3kkhpvetaduo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/3134372e3132352e3135312e302f32342d3234203d3e203437333737.roa
Signing time: Tue 21 Apr 2026 09:09:10 +0000
ROA not before: Tue 21 Apr 2026 09:04:10 +0000
ROA not after: Tue 20 Apr 2027 09:09:10 +0000
asID: 47377
IP address blocks: 147.125.151.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/6CCDC82BAE7800F7D507C737924869BDEB5A76EA.crl
rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/6CCDC82BAE7800F7D507C737924869BDEB5A76EA.mft
rsync://rpki.ripe.net/repository/DEFAULT/bM3IK654APfVB8c3kkhpvetaduo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 27 Apr 2026 15:07:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
49:ef:e6:47:97:69:22:a7:25:47:4a:df:70:bc:e7:0d:94:64:1f:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ccdc82bae7800f7d507c737924869bdeb5a76ea
Validity
Not Before: Apr 21 09:04:10 2026 GMT
Not After : Apr 20 09:09:10 2027 GMT
Subject: CN=17FBD542EDC1A434931170E7AC47790FC263E279
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:92:fb:fb:aa:b1:60:35:a9:ff:3e:32:e1:52:
5e:cb:7f:62:1d:0e:da:38:7a:0b:6a:d4:da:d2:ae:
8e:f6:20:d4:a1:68:48:ab:b5:ed:cd:67:18:7a:c8:
de:46:54:f8:3f:b6:bc:bd:3c:c9:b1:55:5a:f9:fb:
2a:8e:bc:7d:c9:65:29:7a:f6:7f:fd:07:6a:3f:17:
55:ec:35:ca:93:9c:b3:e5:9a:9f:0b:2c:c1:79:03:
39:f4:57:6b:f0:79:bb:1b:49:76:1f:be:c1:72:e1:
9a:a3:ea:58:20:27:f7:53:d2:55:84:b0:8c:ed:f5:
b3:fd:57:76:9a:9d:62:07:0c:e8:04:5c:28:81:c3:
28:dc:f4:79:dc:70:58:ae:83:83:f0:fe:9c:6e:4d:
c6:17:04:34:ef:a6:5f:01:99:ba:be:51:4a:5e:1d:
af:88:fe:48:18:74:8b:c9:9c:98:0d:a9:de:6b:b6:
c5:e9:74:7d:09:31:74:70:a7:9e:65:c2:03:f4:1a:
a9:10:35:5f:36:b4:54:52:56:bc:dc:38:b1:52:ad:
7d:5d:44:49:d0:6e:e3:27:5f:16:86:d9:68:f7:fd:
e3:fd:13:5e:57:cc:d3:59:8f:eb:93:c3:33:0f:5a:
3a:21:eb:6f:99:9f:24:82:85:bd:2f:5c:a5:54:bc:
94:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:FB:D5:42:ED:C1:A4:34:93:11:70:E7:AC:47:79:0F:C2:63:E2:79
X509v3 Authority Key Identifier:
keyid:6C:CD:C8:2B:AE:78:00:F7:D5:07:C7:37:92:48:69:BD:EB:5A:76:EA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/6CCDC82BAE7800F7D507C737924869BDEB5A76EA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bM3IK654APfVB8c3kkhpvetaduo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/3134372e3132352e3135312e302f32342d3234203d3e203437333737.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.125.151.0/24
Signature Algorithm: sha256WithRSAEncryption
7d:d0:87:e6:22:4d:cb:61:a9:b8:6b:6f:2a:5a:65:e7:1f:96:
75:aa:7f:2f:0b:92:d8:a8:3d:9e:34:ee:0c:e1:aa:83:0d:bf:
db:dc:36:1d:2d:cb:15:43:83:4d:4f:f7:32:68:a6:5f:b6:cb:
e5:4f:15:8e:38:8e:21:14:50:a2:92:18:60:89:89:fc:d7:f7:
11:2e:32:b5:04:2f:ce:d4:29:b7:98:bb:f9:0e:39:29:ce:68:
a6:03:b9:7f:f2:0b:1a:d5:08:fd:b7:b6:c3:b4:c4:f4:d3:3a:
7f:ed:97:5f:87:89:cc:2f:fe:bb:0f:18:4b:ef:77:99:1b:9b:
8c:9e:44:9b:68:5a:cd:a7:ef:95:2a:b3:3d:55:eb:07:bb:be:
95:ed:7e:b3:0f:62:c0:f3:fb:2f:d5:a7:02:d9:1f:07:78:fa:
7e:60:eb:21:64:34:10:e3:94:6f:7f:10:b7:32:9e:2c:5a:25:
71:66:80:18:77:ab:57:f5:8f:c0:83:6f:db:0d:b3:fb:84:8a:
53:ff:33:cf:73:df:2e:2d:d0:8e:0e:0c:1b:eb:3f:cc:68:73:
c3:6b:54:35:2c:b6:6d:b1:11:29:38:dd:3b:61:07:09:f7:59:
bf:3f:3e:e3:9f:2c:15:96:00:70:e8:a5:69:89:3f:a3:e4:73:
65:cc:0f:41
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUSe/mR5dpIqclR0rfcLznDZRkH0swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNmNjZGM4MmJhZTc4MDBmN2Q1MDdjNzM3OTI0ODY5YmRl
YjVhNzZlYTAeFw0yNjA0MjEwOTA0MTBaFw0yNzA0MjAwOTA5MTBaMDMxMTAvBgNV
BAMTKDE3RkJENTQyRURDMUE0MzQ5MzExNzBFN0FDNDc3OTBGQzI2M0UyNzkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDckvv7qrFgNan/PjLhUl7Lf2Id
Dto4egtq1NrSro72INShaEirte3NZxh6yN5GVPg/try9PMmxVVr5+yqOvH3JZSl6
9n/9B2o/F1XsNcqTnLPlmp8LLMF5Azn0V2vwebsbSXYfvsFy4Zqj6lggJ/dT0lWE
sIzt9bP9V3aanWIHDOgEXCiBwyjc9HnccFiug4Pw/pxuTcYXBDTvpl8Bmbq+UUpe
Ha+I/kgYdIvJnJgNqd5rtsXpdH0JMXRwp55lwgP0GqkQNV82tFRSVrzcOLFSrX1d
REnQbuMnXxaG2Wj3/eP9E15XzNNZj+uTwzMPWjoh62+ZnySChb0vXKVUvJQVAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUF/vVQu3BpDSTEXDnrEd5D8Jj4nkwHwYDVR0j
BBgwFoAUbM3IK654APfVB8c3kkhpvetaduowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvY2NkMzg4NGEtYzM4NS00YjY1LTk4NjYtNGY2MzgzMTcy
NjcyLzAvNkNDREM4MkJBRTc4MDBGN0Q1MDdDNzM3OTI0ODY5QkRFQjVBNzZFQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2JNM0lLNjU0QVBmVkI4YzNra2hwdmV0
YWR1by5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvY2NkMzg4NGEt
YzM4NS00YjY1LTk4NjYtNGY2MzgzMTcyNjcyLzAvMzEzNDM3MmUzMTMyMzUyZTMx
MzUzMTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM0MzczMzM3Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BACTfZcwDQYJKoZIhvcNAQELBQADggEBAH3Qh+YiTcthqbhrbypaZecflnWqfy8L
ktioPZ407gzhqoMNv9vcNh0tyxVDg01P9zJopl+2y+VPFY44jiEUUKKSGGCJifzX
9xEuMrUEL87UKbeYu/kOOSnOaKYDuX/yCxrVCP23tsO0xPTTOn/tl1+Hicwv/rsP
GEvvd5kbm4yeRJtoWs2n75Uqsz1V6we7vpXtfrMPYsDz+y/VpwLZHwd4+n5g6yFk
NBDjlG9/ELcynixaJXFmgBh3q1f1j8CDb9sNs/uEilP/M89z3y4t0I4ODBvrP8xo
c8NrVDUstm2xESk43TthBwn3Wb8/PuOfLBWWAHDopWmJP6Pkc2XMD0E=
-----END CERTIFICATE-----
Generated at Mon Apr 27 07:57:59 2026 by rpki-client