Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/3134372e3132352e3139372e302f32342d3234203d3e203437333737.roa
File: 3134372e3132352e3139372e302f32342d3234203d3e203437333737.roa (raw, json)
Hash identifier: XYjIA/aMj7k1ZlNtY74fnDccoJBnUfWfOFI1t19DCyk=
Subject key identifier: 41:A7:E0:E2:8E:A6:82:11:14:6C:F6:01:28:27:EB:3A:CB:76:79:03
Certificate issuer: /CN=6ccdc82bae7800f7d507c737924869bdeb5a76ea
Certificate serial: 0A1AF084C06F799C99361CABB695E9133C314B42
Authority key identifier: 6C:CD:C8:2B:AE:78:00:F7:D5:07:C7:37:92:48:69:BD:EB:5A:76:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bM3IK654APfVB8c3kkhpvetaduo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/3134372e3132352e3139372e302f32342d3234203d3e203437333737.roa
Signing time: Tue 21 Apr 2026 09:09:12 +0000
ROA not before: Tue 21 Apr 2026 09:04:12 +0000
ROA not after: Tue 20 Apr 2027 09:09:12 +0000
asID: 47377
IP address blocks: 147.125.197.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/6CCDC82BAE7800F7D507C737924869BDEB5A76EA.crl
rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/6CCDC82BAE7800F7D507C737924869BDEB5A76EA.mft
rsync://rpki.ripe.net/repository/DEFAULT/bM3IK654APfVB8c3kkhpvetaduo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 27 Apr 2026 15:07:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0a:1a:f0:84:c0:6f:79:9c:99:36:1c:ab:b6:95:e9:13:3c:31:4b:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ccdc82bae7800f7d507c737924869bdeb5a76ea
Validity
Not Before: Apr 21 09:04:12 2026 GMT
Not After : Apr 20 09:09:12 2027 GMT
Subject: CN=41A7E0E28EA68211146CF6012827EB3ACB767903
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:dc:03:a3:48:51:7e:39:92:62:7d:41:ab:73:
31:32:b4:ae:76:1e:91:34:93:17:b4:6a:14:76:18:
5f:3c:38:c1:57:36:cc:00:17:fd:06:13:17:77:8e:
82:40:d3:38:41:5c:19:f8:15:b2:ab:04:71:a3:89:
ec:8b:46:7e:d8:60:1e:78:8e:76:d6:ef:a5:7d:7a:
df:14:d0:7c:1c:13:b2:37:d5:92:f3:33:57:d2:4d:
76:a8:12:b1:b3:f5:cf:01:20:57:75:52:07:9e:72:
ed:b8:88:36:01:b4:5a:b5:b3:48:a0:58:b4:bc:13:
7c:79:e2:c5:89:27:fb:51:ea:8a:1d:5a:f6:94:46:
50:1e:86:11:9c:fa:e4:33:99:87:c6:78:a5:a6:a1:
7d:58:8f:7e:7c:80:eb:7e:aa:33:06:10:66:76:6a:
47:96:a6:9e:3a:e1:7a:52:e8:7e:c8:59:22:43:3b:
e3:4c:a7:b9:51:ba:2e:42:57:87:fa:a4:e5:d8:9b:
3b:55:2a:86:af:e5:19:44:af:88:98:58:14:c6:ee:
3f:6e:96:d0:08:b5:e5:a6:86:45:36:33:b7:94:c5:
09:97:8c:a8:89:55:d8:8c:c7:d5:63:ba:43:1c:ac:
a9:e5:43:1e:22:e9:61:a4:fd:dc:46:58:e0:29:77:
99:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:A7:E0:E2:8E:A6:82:11:14:6C:F6:01:28:27:EB:3A:CB:76:79:03
X509v3 Authority Key Identifier:
keyid:6C:CD:C8:2B:AE:78:00:F7:D5:07:C7:37:92:48:69:BD:EB:5A:76:EA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/6CCDC82BAE7800F7D507C737924869BDEB5A76EA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bM3IK654APfVB8c3kkhpvetaduo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/3134372e3132352e3139372e302f32342d3234203d3e203437333737.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.125.197.0/24
Signature Algorithm: sha256WithRSAEncryption
65:05:8c:18:43:c2:51:1f:b1:df:32:cd:d2:d6:23:d1:44:eb:
38:28:df:30:fe:df:35:3b:30:d5:78:18:28:60:25:9b:b8:b0:
34:5f:a8:73:6d:10:54:df:d7:04:35:22:d5:37:57:a7:3c:a2:
6d:bb:f8:2f:21:31:87:cd:18:df:e7:52:6f:4d:3d:4d:64:0d:
2a:85:2c:58:0d:78:4b:12:ce:77:e4:1c:ff:b2:b6:83:63:3c:
6f:4a:fd:03:07:db:2d:c7:47:99:74:63:97:6e:a0:50:70:75:
b7:64:ff:de:f5:af:04:6e:8c:97:68:ff:07:e8:c8:ff:c3:be:
ff:55:46:ad:0b:82:ea:9e:1d:9e:4b:be:f6:3c:d4:01:ad:f2:
01:67:87:7c:57:b1:59:cf:b8:94:38:c4:53:c9:d6:ea:f9:e9:
9d:71:4f:55:f3:b9:fb:96:72:9d:3e:54:40:f0:a1:d4:bd:de:
d4:0c:55:2e:c1:f7:13:1e:e9:9b:76:af:ab:24:71:a6:b2:5f:
ff:e3:b2:b8:ac:a9:ca:f5:c2:48:b6:34:33:af:bb:d8:6e:7c:
3a:a5:0c:ad:6f:e6:36:3c:e9:0e:d6:02:84:ed:2b:90:2e:2b:
35:c9:2f:0a:10:65:7d:3f:7e:ae:f7:4a:12:8c:56:83:0b:8e:
35:21:6b:6f
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUChrwhMBveZyZNhyrtpXpEzwxS0IwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNmNjZGM4MmJhZTc4MDBmN2Q1MDdjNzM3OTI0ODY5YmRl
YjVhNzZlYTAeFw0yNjA0MjEwOTA0MTJaFw0yNzA0MjAwOTA5MTJaMDMxMTAvBgNV
BAMTKDQxQTdFMEUyOEVBNjgyMTExNDZDRjYwMTI4MjdFQjNBQ0I3Njc5MDMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCb3AOjSFF+OZJifUGrczEytK52
HpE0kxe0ahR2GF88OMFXNswAF/0GExd3joJA0zhBXBn4FbKrBHGjieyLRn7YYB54
jnbW76V9et8U0HwcE7I31ZLzM1fSTXaoErGz9c8BIFd1Ugeecu24iDYBtFq1s0ig
WLS8E3x54sWJJ/tR6oodWvaURlAehhGc+uQzmYfGeKWmoX1Yj358gOt+qjMGEGZ2
akeWpp464XpS6H7IWSJDO+NMp7lRui5CV4f6pOXYmztVKoav5RlEr4iYWBTG7j9u
ltAIteWmhkU2M7eUxQmXjKiJVdiMx9VjukMcrKnlQx4i6WGk/dxGWOApd5mrAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUQafg4o6mghEUbPYBKCfrOst2eQMwHwYDVR0j
BBgwFoAUbM3IK654APfVB8c3kkhpvetaduowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvY2NkMzg4NGEtYzM4NS00YjY1LTk4NjYtNGY2MzgzMTcy
NjcyLzAvNkNDREM4MkJBRTc4MDBGN0Q1MDdDNzM3OTI0ODY5QkRFQjVBNzZFQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2JNM0lLNjU0QVBmVkI4YzNra2hwdmV0
YWR1by5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvY2NkMzg4NGEt
YzM4NS00YjY1LTk4NjYtNGY2MzgzMTcyNjcyLzAvMzEzNDM3MmUzMTMyMzUyZTMx
MzkzNzJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM0MzczMzM3Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BACTfcUwDQYJKoZIhvcNAQELBQADggEBAGUFjBhDwlEfsd8yzdLWI9FE6zgo3zD+
3zU7MNV4GChgJZu4sDRfqHNtEFTf1wQ1ItU3V6c8om27+C8hMYfNGN/nUm9NPU1k
DSqFLFgNeEsSznfkHP+ytoNjPG9K/QMH2y3HR5l0Y5duoFBwdbdk/971rwRujJdo
/wfoyP/Dvv9VRq0LguqeHZ5LvvY81AGt8gFnh3xXsVnPuJQ4xFPJ1ur56Z1xT1Xz
ufuWcp0+VEDwodS93tQMVS7B9xMe6Zt2r6skcaayX//jsrisqcr1wki2NDOvu9hu
fDqlDK1v5jY86Q7WAoTtK5AuKzXJLwoQZX0/fq73ShKMVoMLjjUha28=
-----END CERTIFICATE-----
Generated at Mon Apr 27 07:58:16 2026 by rpki-client