Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/3134372e3132352e3230332e302f32342d3234203d3e203339383535.roa
File: 3134372e3132352e3230332e302f32342d3234203d3e203339383535.roa (raw, json)
Hash identifier: F2XGHbkxDPB6q6s3jiEwskky91C21PL6g2711zTutcQ=
Subject key identifier: 3E:5E:EF:C9:FD:84:EC:C7:BA:DA:97:06:12:A3:A7:D3:67:32:70:8C
Certificate issuer: /CN=6ccdc82bae7800f7d507c737924869bdeb5a76ea
Certificate serial: 3CB4604E09132E5B743E2A58872AB7985D9CC348
Authority key identifier: 6C:CD:C8:2B:AE:78:00:F7:D5:07:C7:37:92:48:69:BD:EB:5A:76:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bM3IK654APfVB8c3kkhpvetaduo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/3134372e3132352e3230332e302f32342d3234203d3e203339383535.roa
Signing time: Tue 21 Apr 2026 09:09:13 +0000
ROA not before: Tue 21 Apr 2026 09:04:13 +0000
ROA not after: Tue 20 Apr 2027 09:09:13 +0000
asID: 39855
IP address blocks: 147.125.203.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/6CCDC82BAE7800F7D507C737924869BDEB5A76EA.crl
rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/6CCDC82BAE7800F7D507C737924869BDEB5A76EA.mft
rsync://rpki.ripe.net/repository/DEFAULT/bM3IK654APfVB8c3kkhpvetaduo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 22:31:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3c:b4:60:4e:09:13:2e:5b:74:3e:2a:58:87:2a:b7:98:5d:9c:c3:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ccdc82bae7800f7d507c737924869bdeb5a76ea
Validity
Not Before: Apr 21 09:04:13 2026 GMT
Not After : Apr 20 09:09:13 2027 GMT
Subject: CN=3E5EEFC9FD84ECC7BADA970612A3A7D36732708C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:98:69:e9:8c:51:38:eb:71:b2:84:c7:78:44:
e7:85:65:16:1c:3e:2c:ce:55:eb:9a:ab:2e:4d:7f:
3e:76:92:7f:02:56:9b:cd:8b:4b:e1:2d:e5:e7:91:
b9:6b:1e:0f:0b:1c:f6:2b:42:b6:76:c9:3e:ae:bb:
8d:b3:35:56:f8:7c:b2:da:37:30:5a:5e:d1:de:65:
79:a6:32:23:b5:66:10:e1:af:9f:de:71:4c:ff:73:
b9:d8:cb:bb:dd:82:eb:15:03:54:ed:07:93:29:84:
1b:c4:d6:62:cd:86:55:a7:ae:99:06:96:97:cb:d0:
ae:99:5d:71:10:fe:9d:bb:e4:84:9c:e5:72:50:dd:
fa:e9:32:21:dd:86:6e:8a:12:c2:55:2e:e1:2c:85:
4c:f9:cf:64:44:76:96:b6:93:ca:c8:49:dc:f1:da:
0f:2f:9d:b7:7c:8a:c6:1f:bb:56:c3:5e:fd:dd:d2:
b5:5e:c0:cc:db:7a:81:e7:1a:b3:6d:75:f7:30:f3:
a9:18:79:ff:35:38:f2:76:b5:30:b9:27:f2:06:2d:
7f:42:f8:71:b1:33:3f:58:99:77:6d:f3:95:64:f7:
94:2e:fa:b6:92:aa:04:ae:53:af:8d:a9:74:fd:cc:
b7:b0:72:f2:04:06:76:73:92:a9:ef:59:30:44:d2:
f0:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:5E:EF:C9:FD:84:EC:C7:BA:DA:97:06:12:A3:A7:D3:67:32:70:8C
X509v3 Authority Key Identifier:
keyid:6C:CD:C8:2B:AE:78:00:F7:D5:07:C7:37:92:48:69:BD:EB:5A:76:EA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/6CCDC82BAE7800F7D507C737924869BDEB5A76EA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bM3IK654APfVB8c3kkhpvetaduo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/3134372e3132352e3230332e302f32342d3234203d3e203339383535.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.125.203.0/24
Signature Algorithm: sha256WithRSAEncryption
2c:d4:a4:2d:fb:73:cd:6b:e9:c2:4c:2d:db:7c:e1:fa:11:cb:
7f:c9:64:8b:23:58:ba:61:f5:8b:fa:48:34:d5:d3:ca:52:d6:
9f:e2:54:4b:51:77:c1:b2:07:f8:ef:8a:00:0d:03:71:58:89:
39:2e:06:de:3a:75:74:c2:4b:71:46:fd:7b:86:17:5e:a9:c4:
5f:1f:c2:11:02:bb:64:54:29:d6:c0:5f:52:37:e2:d7:85:85:
a5:a1:8b:6b:c2:88:90:19:1a:4d:53:7c:1e:8d:96:8e:a2:81:
98:9c:12:33:9a:41:9d:e3:b9:e4:52:96:d5:8b:94:8a:de:e3:
b3:43:b4:d4:37:ed:16:d4:fe:f3:12:bb:fd:a5:a9:23:77:8a:
e4:ec:b0:15:e0:63:29:c1:1e:da:90:ef:1b:a8:b8:67:60:ee:
3f:9c:c5:6c:96:70:c0:a4:7f:7b:ec:31:c8:c4:70:ca:ef:55:
3d:b8:10:b6:5f:55:58:41:66:b8:68:26:4e:77:02:00:de:4a:
fe:d8:14:a0:b3:66:a0:f0:5e:6f:ad:fd:98:b7:71:07:f6:7a:
6c:f7:1c:dd:5f:20:27:99:c9:80:c1:b2:57:b6:a2:87:dd:20:
6e:05:31:ad:eb:64:d6:d4:75:9d:0a:2a:20:4a:79:46:bb:4f:
af:69:7b:92
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUPLRgTgkTLlt0PipYhyq3mF2cw0gwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNmNjZGM4MmJhZTc4MDBmN2Q1MDdjNzM3OTI0ODY5YmRl
YjVhNzZlYTAeFw0yNjA0MjEwOTA0MTNaFw0yNzA0MjAwOTA5MTNaMDMxMTAvBgNV
BAMTKDNFNUVFRkM5RkQ4NEVDQzdCQURBOTcwNjEyQTNBN0QzNjczMjcwOEMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCemGnpjFE463GyhMd4ROeFZRYc
PizOVeuaqy5Nfz52kn8CVpvNi0vhLeXnkblrHg8LHPYrQrZ2yT6uu42zNVb4fLLa
NzBaXtHeZXmmMiO1ZhDhr5/ecUz/c7nYy7vdgusVA1TtB5MphBvE1mLNhlWnrpkG
lpfL0K6ZXXEQ/p275ISc5XJQ3frpMiHdhm6KEsJVLuEshUz5z2REdpa2k8rISdzx
2g8vnbd8isYfu1bDXv3d0rVewMzbeoHnGrNtdfcw86kYef81OPJ2tTC5J/IGLX9C
+HGxMz9YmXdt85Vk95Qu+raSqgSuU6+NqXT9zLewcvIEBnZzkqnvWTBE0vALAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUPl7vyf2E7Me62pcGEqOn02cycIwwHwYDVR0j
BBgwFoAUbM3IK654APfVB8c3kkhpvetaduowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvY2NkMzg4NGEtYzM4NS00YjY1LTk4NjYtNGY2MzgzMTcy
NjcyLzAvNkNDREM4MkJBRTc4MDBGN0Q1MDdDNzM3OTI0ODY5QkRFQjVBNzZFQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2JNM0lLNjU0QVBmVkI4YzNra2hwdmV0
YWR1by5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvY2NkMzg4NGEt
YzM4NS00YjY1LTk4NjYtNGY2MzgzMTcyNjcyLzAvMzEzNDM3MmUzMTMyMzUyZTMy
MzAzMzJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMzMzkzODM1MzUucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BACTfcswDQYJKoZIhvcNAQELBQADggEBACzUpC37c81r6cJMLdt84foRy3/JZIsj
WLph9Yv6SDTV08pS1p/iVEtRd8GyB/jvigANA3FYiTkuBt46dXTCS3FG/XuGF16p
xF8fwhECu2RUKdbAX1I34teFhaWhi2vCiJAZGk1TfB6Nlo6igZicEjOaQZ3jueRS
ltWLlIre47NDtNQ37RbU/vMSu/2lqSN3iuTssBXgYynBHtqQ7xuouGdg7j+cxWyW
cMCkf3vsMcjEcMrvVT24ELZfVVhBZrhoJk53AgDeSv7YFKCzZqDwXm+t/Zi3cQf2
emz3HN1fICeZyYDBsle2oofdIG4FMa3rZNbUdZ0KKiBKeUa7T69pe5I=
-----END CERTIFICATE-----
Generated at Wed May 13 09:41:07 2026 by rpki-client