Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/3134372e3132352e3230382e302f32342d3234203d3e20313336373434.roa
File: 3134372e3132352e3230382e302f32342d3234203d3e20313336373434.roa (raw, json)
Hash identifier: nzngQqWQ+FyVhyGC8eaB+zl6yKAbJ4yEneoW7C594s4=
Subject key identifier: AC:34:01:73:50:FC:23:38:CD:D5:71:E8:CA:50:9C:C3:84:8B:42:3B
Certificate issuer: /CN=6ccdc82bae7800f7d507c737924869bdeb5a76ea
Certificate serial: 1EFC86D2F26C5D49ABA92E4521BB1BDE6DA38F29
Authority key identifier: 6C:CD:C8:2B:AE:78:00:F7:D5:07:C7:37:92:48:69:BD:EB:5A:76:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bM3IK654APfVB8c3kkhpvetaduo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/3134372e3132352e3230382e302f32342d3234203d3e20313336373434.roa
Signing time: Tue 21 Apr 2026 09:09:13 +0000
ROA not before: Tue 21 Apr 2026 09:04:13 +0000
ROA not after: Tue 20 Apr 2027 09:09:13 +0000
asID: 136744
IP address blocks: 147.125.208.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/6CCDC82BAE7800F7D507C737924869BDEB5A76EA.crl
rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/6CCDC82BAE7800F7D507C737924869BDEB5A76EA.mft
rsync://rpki.ripe.net/repository/DEFAULT/bM3IK654APfVB8c3kkhpvetaduo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 30 Apr 2026 18:36:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1e:fc:86:d2:f2:6c:5d:49:ab:a9:2e:45:21:bb:1b:de:6d:a3:8f:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ccdc82bae7800f7d507c737924869bdeb5a76ea
Validity
Not Before: Apr 21 09:04:13 2026 GMT
Not After : Apr 20 09:09:13 2027 GMT
Subject: CN=AC34017350FC2338CDD571E8CA509CC3848B423B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:1e:f5:59:a2:71:0b:2a:87:25:af:6d:e4:1e:
6c:ce:63:2c:c2:63:e4:25:e8:c3:e2:77:c0:71:97:
ea:d4:e0:e6:2a:89:a6:13:61:e4:40:85:b8:94:5c:
5a:3e:5d:2e:a8:d2:94:98:de:18:7c:97:3e:d1:17:
8f:4a:95:25:19:ce:05:46:74:bf:da:1e:e0:ca:b8:
0e:89:22:48:8b:2f:c9:0c:01:49:08:9c:df:ad:27:
8b:96:8d:88:37:0d:76:70:a3:98:56:44:3d:8d:8b:
03:cb:66:39:d2:ee:b1:a5:0b:2a:54:3a:01:9f:37:
ac:d0:79:7a:4a:35:f7:72:ed:0b:18:a4:0c:bb:78:
30:0f:61:9b:70:e3:61:8e:be:26:93:7a:be:ca:c5:
9d:f6:6a:2e:39:3b:b0:3c:94:de:25:a6:e4:e3:2c:
4f:b4:06:c2:cb:04:87:a6:ae:4d:72:16:b3:90:34:
25:64:2c:59:e0:f2:2d:7a:67:18:32:4b:e5:a9:5c:
09:e4:92:8a:35:0a:c8:eb:a4:6d:08:c2:7b:a4:80:
5d:a9:cb:17:da:8c:ba:d6:87:cf:b3:fa:aa:b9:7b:
c6:1c:49:b6:e9:6b:c2:dd:6d:39:25:d7:bc:64:32:
9e:b0:fe:87:b8:9f:a8:bd:d0:6c:57:d4:51:a3:32:
58:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:34:01:73:50:FC:23:38:CD:D5:71:E8:CA:50:9C:C3:84:8B:42:3B
X509v3 Authority Key Identifier:
keyid:6C:CD:C8:2B:AE:78:00:F7:D5:07:C7:37:92:48:69:BD:EB:5A:76:EA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/6CCDC82BAE7800F7D507C737924869BDEB5A76EA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bM3IK654APfVB8c3kkhpvetaduo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/3134372e3132352e3230382e302f32342d3234203d3e20313336373434.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.125.208.0/24
Signature Algorithm: sha256WithRSAEncryption
a0:83:73:02:73:f9:9a:1a:ae:db:d7:71:b9:6f:c4:2e:84:86:
8d:96:7e:3d:a0:6e:f0:c7:17:ee:ce:f4:a3:20:fd:25:7b:bc:
58:87:f0:1e:a8:8f:84:c4:36:14:a7:09:71:e4:98:84:e2:31:
fc:18:53:59:a8:e7:bc:20:56:23:1e:4d:7d:c2:d8:43:ab:cf:
2f:77:6d:38:97:7f:2c:b1:e8:4c:8f:9b:b4:23:79:17:e5:eb:
5e:37:86:6f:8e:1a:cb:f8:47:af:29:fc:79:0d:0b:18:9d:36:
4d:dc:2b:1a:e6:e5:78:31:d0:00:a4:93:a8:a8:6b:b8:46:0e:
ff:17:40:49:b8:61:a8:48:e8:e6:e1:ce:a8:b3:6c:79:22:d0:
93:18:f0:2b:8c:db:c0:09:70:14:cf:f6:12:44:45:2f:a3:87:
f4:0b:aa:4b:20:c3:b8:b4:a3:0a:02:28:46:5b:2e:75:ae:77:
eb:46:fe:29:d8:cb:ba:e0:e0:89:b9:fd:1b:49:88:22:6a:fb:
55:0d:0b:5a:8d:ff:2a:25:04:7c:ca:aa:8f:72:b8:11:8a:a6:
f0:07:50:70:1b:33:e1:88:41:3b:78:cc:cd:c6:b9:b2:84:2c:
2c:fa:30:c8:3c:a0:41:5e:85:ee:70:38:7f:42:9c:e1:1f:e0:
75:27:7f:56
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUHvyG0vJsXUmrqS5FIbsb3m2jjykwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNmNjZGM4MmJhZTc4MDBmN2Q1MDdjNzM3OTI0ODY5YmRl
YjVhNzZlYTAeFw0yNjA0MjEwOTA0MTNaFw0yNzA0MjAwOTA5MTNaMDMxMTAvBgNV
BAMTKEFDMzQwMTczNTBGQzIzMzhDREQ1NzFFOENBNTA5Q0MzODQ4QjQyM0IwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCnHvVZonELKoclr23kHmzOYyzC
Y+Ql6MPid8Bxl+rU4OYqiaYTYeRAhbiUXFo+XS6o0pSY3hh8lz7RF49KlSUZzgVG
dL/aHuDKuA6JIkiLL8kMAUkInN+tJ4uWjYg3DXZwo5hWRD2NiwPLZjnS7rGlCypU
OgGfN6zQeXpKNfdy7QsYpAy7eDAPYZtw42GOviaTer7KxZ32ai45O7A8lN4lpuTj
LE+0BsLLBIemrk1yFrOQNCVkLFng8i16ZxgyS+WpXAnkkoo1CsjrpG0IwnukgF2p
yxfajLrWh8+z+qq5e8YcSbbpa8LdbTkl17xkMp6w/oe4n6i90GxX1FGjMliXAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUrDQBc1D8IzjN1XHoylCcw4SLQjswHwYDVR0j
BBgwFoAUbM3IK654APfVB8c3kkhpvetaduowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvY2NkMzg4NGEtYzM4NS00YjY1LTk4NjYtNGY2MzgzMTcy
NjcyLzAvNkNDREM4MkJBRTc4MDBGN0Q1MDdDNzM3OTI0ODY5QkRFQjVBNzZFQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2JNM0lLNjU0QVBmVkI4YzNra2hwdmV0
YWR1by5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvY2NkMzg4NGEt
YzM4NS00YjY1LTk4NjYtNGY2MzgzMTcyNjcyLzAvMzEzNDM3MmUzMTMyMzUyZTMy
MzAzODJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzMzNjM3MzQzNC5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAJN90DANBgkqhkiG9w0BAQsFAAOCAQEAoINzAnP5mhqu29dxuW/ELoSGjZZ+
PaBu8McX7s70oyD9JXu8WIfwHqiPhMQ2FKcJceSYhOIx/BhTWajnvCBWIx5NfcLY
Q6vPL3dtOJd/LLHoTI+btCN5F+XrXjeGb44ay/hHryn8eQ0LGJ02TdwrGubleDHQ
AKSTqKhruEYO/xdASbhhqEjo5uHOqLNseSLQkxjwK4zbwAlwFM/2EkRFL6OH9Auq
SyDDuLSjCgIoRlsuda5360b+KdjLuuDgibn9G0mIImr7VQ0LWo3/KiUEfMqqj3K4
EYqm8AdQcBsz4YhBO3jMzca5soQsLPowyDygQV6F7nA4f0Kc4R/gdSd/Vg==
-----END CERTIFICATE-----
Generated at Thu Apr 30 06:38:34 2026 by rpki-client