Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/3134372e3132352e3230362e302f32342d3234203d3e203436343735.roa
File: 3134372e3132352e3230362e302f32342d3234203d3e203436343735.roa (raw, json)
Hash identifier: jYF3piHjXAGyvNJHk019jiuJmMqTx3aaR/jCVNhk8eo=
Subject key identifier: 9F:14:4D:1C:50:C0:39:9F:9A:EC:42:47:42:9F:B7:D9:2D:B5:68:7A
Certificate issuer: /CN=6ccdc82bae7800f7d507c737924869bdeb5a76ea
Certificate serial: 72691CC526393BE4A19138414ED03C88FA13561A
Authority key identifier: 6C:CD:C8:2B:AE:78:00:F7:D5:07:C7:37:92:48:69:BD:EB:5A:76:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bM3IK654APfVB8c3kkhpvetaduo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/3134372e3132352e3230362e302f32342d3234203d3e203436343735.roa
Signing time: Tue 21 Apr 2026 09:09:13 +0000
ROA not before: Tue 21 Apr 2026 09:04:13 +0000
ROA not after: Tue 20 Apr 2027 09:09:13 +0000
asID: 46475
IP address blocks: 147.125.206.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/6CCDC82BAE7800F7D507C737924869BDEB5A76EA.crl
rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/6CCDC82BAE7800F7D507C737924869BDEB5A76EA.mft
rsync://rpki.ripe.net/repository/DEFAULT/bM3IK654APfVB8c3kkhpvetaduo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 22 Apr 2026 13:57:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
72:69:1c:c5:26:39:3b:e4:a1:91:38:41:4e:d0:3c:88:fa:13:56:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ccdc82bae7800f7d507c737924869bdeb5a76ea
Validity
Not Before: Apr 21 09:04:13 2026 GMT
Not After : Apr 20 09:09:13 2027 GMT
Subject: CN=9F144D1C50C0399F9AEC4247429FB7D92DB5687A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:6b:0f:61:65:db:29:dc:a9:e7:c7:84:2f:c0:
a4:21:ea:d4:53:50:65:6a:69:ab:08:9d:0e:90:82:
a7:8e:42:35:b3:99:fb:a9:55:d2:9e:40:32:97:12:
c1:a4:89:e0:1f:c2:2a:05:6d:d7:c4:d2:42:ba:c4:
e0:50:2b:04:b7:df:4d:40:c3:f2:7b:d2:21:9d:83:
bb:58:f7:49:34:c8:19:b4:0e:34:f7:dd:11:cd:5b:
da:26:58:ef:9e:e6:d7:69:b6:08:0b:8b:62:f1:63:
0b:27:5b:a6:61:24:c2:57:5b:fa:4b:40:4f:1a:06:
24:89:1b:3c:10:2a:eb:6d:96:74:73:49:9b:5d:74:
6f:02:ba:14:4d:d3:7d:90:09:92:ff:0e:07:09:ae:
90:a2:33:11:c8:01:ad:65:59:e0:6a:d6:38:79:36:
b2:63:fd:54:c5:67:23:a7:3a:2c:3d:d7:5c:8a:99:
f4:ec:ad:25:28:33:d2:99:bd:4c:31:3b:d1:c8:f4:
ed:38:83:ae:28:ae:ed:8d:09:2b:8f:09:f5:17:45:
a9:38:c4:f5:7a:da:e0:27:02:12:4d:75:7a:94:94:
66:40:ab:55:1b:1a:d9:89:93:d6:3a:a3:9b:2f:30:
75:f9:19:69:cd:92:3a:70:7d:d8:e1:09:51:7e:5e:
3e:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:14:4D:1C:50:C0:39:9F:9A:EC:42:47:42:9F:B7:D9:2D:B5:68:7A
X509v3 Authority Key Identifier:
keyid:6C:CD:C8:2B:AE:78:00:F7:D5:07:C7:37:92:48:69:BD:EB:5A:76:EA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/6CCDC82BAE7800F7D507C737924869BDEB5A76EA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bM3IK654APfVB8c3kkhpvetaduo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/3134372e3132352e3230362e302f32342d3234203d3e203436343735.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.125.206.0/24
Signature Algorithm: sha256WithRSAEncryption
9f:97:ef:eb:0b:7b:f7:ef:6d:38:90:15:17:50:f9:77:46:5a:
4e:14:b0:34:71:02:97:52:4c:2d:7d:c7:6e:df:81:6d:c2:31:
50:62:6f:b3:07:77:c3:c9:8d:a1:23:16:2c:c8:73:d0:1f:4f:
f2:79:9b:3d:4b:b7:dd:60:38:86:f7:ae:a6:4d:a3:5c:4c:90:
4a:86:62:84:a3:85:d3:4f:2f:a4:44:4b:50:b8:a8:c2:60:83:
04:dd:ac:d5:4e:c9:7e:1a:d9:3e:25:08:f4:85:1d:eb:d3:94:
56:1c:9c:f0:b4:71:3f:88:83:9a:1b:56:12:1c:82:95:16:f2:
b0:64:b7:b1:8e:81:31:54:37:37:f3:9e:8e:7e:15:4a:9c:1c:
eb:f2:ff:ef:51:38:57:02:b5:8b:66:22:94:dc:89:2a:ae:62:
c2:bd:ed:f1:64:14:66:a7:43:e4:0c:75:52:e5:70:3d:70:ee:
f6:3a:11:03:2d:6a:c5:7f:cd:7e:a9:36:39:20:3b:fc:eb:53:
73:2a:af:9b:77:26:f4:66:57:a5:48:32:ad:1b:a5:cf:04:d1:
70:74:fe:54:b9:39:92:d7:56:8f:4f:7c:4a:ab:6b:ec:13:f5:
69:84:15:07:19:12:0c:eb:76:88:6d:bf:89:84:d8:57:6f:42:
c9:fb:7e:08
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUcmkcxSY5O+ShkThBTtA8iPoTVhowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNmNjZGM4MmJhZTc4MDBmN2Q1MDdjNzM3OTI0ODY5YmRl
YjVhNzZlYTAeFw0yNjA0MjEwOTA0MTNaFw0yNzA0MjAwOTA5MTNaMDMxMTAvBgNV
BAMTKDlGMTQ0RDFDNTBDMDM5OUY5QUVDNDI0NzQyOUZCN0Q5MkRCNTY4N0EwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCJaw9hZdsp3Knnx4QvwKQh6tRT
UGVqaasInQ6QgqeOQjWzmfupVdKeQDKXEsGkieAfwioFbdfE0kK6xOBQKwS3301A
w/J70iGdg7tY90k0yBm0DjT33RHNW9omWO+e5tdptggLi2LxYwsnW6ZhJMJXW/pL
QE8aBiSJGzwQKuttlnRzSZtddG8CuhRN032QCZL/DgcJrpCiMxHIAa1lWeBq1jh5
NrJj/VTFZyOnOiw911yKmfTsrSUoM9KZvUwxO9HI9O04g64oru2NCSuPCfUXRak4
xPV62uAnAhJNdXqUlGZAq1UbGtmJk9Y6o5svMHX5GWnNkjpwfdjhCVF+Xj6NAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUnxRNHFDAOZ+a7EJHQp+32S21aHowHwYDVR0j
BBgwFoAUbM3IK654APfVB8c3kkhpvetaduowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvY2NkMzg4NGEtYzM4NS00YjY1LTk4NjYtNGY2MzgzMTcy
NjcyLzAvNkNDREM4MkJBRTc4MDBGN0Q1MDdDNzM3OTI0ODY5QkRFQjVBNzZFQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2JNM0lLNjU0QVBmVkI4YzNra2hwdmV0
YWR1by5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvY2NkMzg4NGEt
YzM4NS00YjY1LTk4NjYtNGY2MzgzMTcyNjcyLzAvMzEzNDM3MmUzMTMyMzUyZTMy
MzAzNjJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM0MzYzNDM3MzUucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BACTfc4wDQYJKoZIhvcNAQELBQADggEBAJ+X7+sLe/fvbTiQFRdQ+XdGWk4UsDRx
ApdSTC19x27fgW3CMVBib7MHd8PJjaEjFizIc9AfT/J5mz1Lt91gOIb3rqZNo1xM
kEqGYoSjhdNPL6RES1C4qMJggwTdrNVOyX4a2T4lCPSFHevTlFYcnPC0cT+Ig5ob
VhIcgpUW8rBkt7GOgTFUNzfzno5+FUqcHOvy/+9ROFcCtYtmIpTciSquYsK97fFk
FGanQ+QMdVLlcD1w7vY6EQMtasV/zX6pNjkgO/zrU3Mqr5t3JvRmV6VIMq0bpc8E
0XB0/lS5OZLXVo9PfEqra+wT9WmEFQcZEgzrdohtv4mE2FdvQsn7fgg=
-----END CERTIFICATE-----
Generated at Wed Apr 22 06:33:09 2026 by rpki-client