Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/3134372e3132352e3231342e302f32342d3234203d3e20323131343430.roa
File: 3134372e3132352e3231342e302f32342d3234203d3e20323131343430.roa (raw, json)
Hash identifier: kHVVoSVH8Ti8jg/+/D65jET+pq4cVRWmlxagUSGnqfg=
Subject key identifier: C4:D1:C8:2C:19:C8:61:B7:41:15:D1:93:0C:D5:C0:DE:E9:4C:9D:15
Certificate issuer: /CN=6ccdc82bae7800f7d507c737924869bdeb5a76ea
Certificate serial: 040727B7255D2EEA76C8C7C7089FF43199230D0E
Authority key identifier: 6C:CD:C8:2B:AE:78:00:F7:D5:07:C7:37:92:48:69:BD:EB:5A:76:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bM3IK654APfVB8c3kkhpvetaduo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/3134372e3132352e3231342e302f32342d3234203d3e20323131343430.roa
Signing time: Tue 21 Apr 2026 09:09:13 +0000
ROA not before: Tue 21 Apr 2026 09:04:13 +0000
ROA not after: Tue 20 Apr 2027 09:09:13 +0000
asID: 211440
IP address blocks: 147.125.214.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/6CCDC82BAE7800F7D507C737924869BDEB5A76EA.crl
rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/6CCDC82BAE7800F7D507C737924869BDEB5A76EA.mft
rsync://rpki.ripe.net/repository/DEFAULT/bM3IK654APfVB8c3kkhpvetaduo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 22:31:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
04:07:27:b7:25:5d:2e:ea:76:c8:c7:c7:08:9f:f4:31:99:23:0d:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ccdc82bae7800f7d507c737924869bdeb5a76ea
Validity
Not Before: Apr 21 09:04:13 2026 GMT
Not After : Apr 20 09:09:13 2027 GMT
Subject: CN=C4D1C82C19C861B74115D1930CD5C0DEE94C9D15
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:76:75:e5:39:6b:b7:c5:eb:b4:9b:6a:64:dc:
13:96:7c:75:89:4f:b3:d0:6b:80:95:3a:aa:38:91:
55:65:92:0c:c7:d7:8c:da:78:c3:2b:41:f4:0a:02:
30:94:7c:a4:8e:0e:4c:13:56:ac:f6:bb:18:2e:f7:
95:23:c5:55:d6:02:08:7b:c7:52:28:6a:9d:31:b8:
9a:09:41:63:e7:f6:6b:c3:ba:cd:a9:ab:f0:22:88:
24:78:80:27:91:58:3d:ee:e3:7c:12:ec:9e:ae:f7:
03:ab:7e:78:2a:cd:27:a3:db:da:49:6d:58:53:4e:
f1:42:74:a6:e9:18:c3:b8:f4:41:a2:45:85:06:de:
f0:1f:83:f9:b3:44:fd:6d:2d:34:4b:fc:50:f4:d0:
79:ae:d9:1f:79:cd:ed:98:09:82:08:a8:da:4d:90:
fd:e2:fd:ee:fc:f0:52:5e:3f:de:51:c7:4a:7b:77:
61:98:1e:fa:ce:8d:29:88:8d:38:aa:3e:3d:4f:cd:
41:ca:02:0b:17:a8:f0:93:fd:77:a1:9a:17:ea:78:
b8:09:2c:37:04:ae:b4:9e:fe:c0:2e:71:92:02:67:
21:d9:bb:a4:29:cc:59:71:03:b9:24:bb:73:45:3f:
27:90:8b:84:63:d8:a2:2f:d6:55:45:cb:1c:61:fa:
bf:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:D1:C8:2C:19:C8:61:B7:41:15:D1:93:0C:D5:C0:DE:E9:4C:9D:15
X509v3 Authority Key Identifier:
keyid:6C:CD:C8:2B:AE:78:00:F7:D5:07:C7:37:92:48:69:BD:EB:5A:76:EA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/6CCDC82BAE7800F7D507C737924869BDEB5A76EA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bM3IK654APfVB8c3kkhpvetaduo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/3134372e3132352e3231342e302f32342d3234203d3e20323131343430.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.125.214.0/24
Signature Algorithm: sha256WithRSAEncryption
07:56:94:a1:f6:ce:5a:cd:57:dc:d3:06:09:37:f6:a0:92:60:
86:cf:79:8f:1b:e9:8c:83:60:14:3c:6f:19:b3:7f:0e:80:b2:
99:a5:ee:3f:71:30:6c:d3:b7:95:7a:fd:12:18:76:ce:ea:cf:
5d:e5:66:ea:d6:14:94:5f:83:84:f2:cb:87:fd:0b:97:e5:df:
d9:76:0d:16:c3:e3:fd:52:c1:7c:bf:91:c5:39:a5:c2:8a:5b:
f6:50:2a:41:6c:88:8d:80:b1:16:b4:ce:99:fc:f5:0e:58:bb:
ce:5e:5e:75:7e:98:b3:a7:dc:1a:f5:6c:ab:a2:17:a0:fc:f3:
33:58:35:a0:7f:50:f8:5f:2c:d0:ae:3f:4e:ea:b4:c9:fc:78:
1f:55:bc:ec:63:7b:6e:e6:66:8b:e7:a8:2c:2d:ea:af:7f:92:
f1:a7:19:65:54:99:fc:ee:c5:25:b3:f9:24:cb:20:29:35:84:
ff:1e:be:36:13:ca:02:a4:6c:ed:52:6f:28:d2:ad:42:1e:b3:
59:86:05:0f:58:3a:a4:6f:0a:13:aa:61:1e:1e:d8:d0:b5:67:
49:ad:2f:41:b3:49:a3:05:30:48:e6:00:bf:b3:56:57:c5:57:
80:54:0e:a8:1d:ad:a1:1c:aa:68:f8:84:1b:04:06:ba:4c:7f:
4b:36:fd:fd
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUBAcntyVdLup2yMfHCJ/0MZkjDQ4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNmNjZGM4MmJhZTc4MDBmN2Q1MDdjNzM3OTI0ODY5YmRl
YjVhNzZlYTAeFw0yNjA0MjEwOTA0MTNaFw0yNzA0MjAwOTA5MTNaMDMxMTAvBgNV
BAMTKEM0RDFDODJDMTlDODYxQjc0MTE1RDE5MzBDRDVDMERFRTk0QzlEMTUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCUdnXlOWu3xeu0m2pk3BOWfHWJ
T7PQa4CVOqo4kVVlkgzH14zaeMMrQfQKAjCUfKSODkwTVqz2uxgu95UjxVXWAgh7
x1Ioap0xuJoJQWPn9mvDus2pq/AiiCR4gCeRWD3u43wS7J6u9wOrfngqzSej29pJ
bVhTTvFCdKbpGMO49EGiRYUG3vAfg/mzRP1tLTRL/FD00Hmu2R95ze2YCYIIqNpN
kP3i/e788FJeP95Rx0p7d2GYHvrOjSmIjTiqPj1PzUHKAgsXqPCT/XehmhfqeLgJ
LDcErrSe/sAucZICZyHZu6QpzFlxA7kku3NFPyeQi4Rj2KIv1lVFyxxh+r+vAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUxNHILBnIYbdBFdGTDNXA3ulMnRUwHwYDVR0j
BBgwFoAUbM3IK654APfVB8c3kkhpvetaduowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvY2NkMzg4NGEtYzM4NS00YjY1LTk4NjYtNGY2MzgzMTcy
NjcyLzAvNkNDREM4MkJBRTc4MDBGN0Q1MDdDNzM3OTI0ODY5QkRFQjVBNzZFQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2JNM0lLNjU0QVBmVkI4YzNra2hwdmV0
YWR1by5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvY2NkMzg4NGEt
YzM4NS00YjY1LTk4NjYtNGY2MzgzMTcyNjcyLzAvMzEzNDM3MmUzMTMyMzUyZTMy
MzEzNDJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzEzMTM0MzQzMC5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAJN91jANBgkqhkiG9w0BAQsFAAOCAQEAB1aUofbOWs1X3NMGCTf2oJJghs95
jxvpjINgFDxvGbN/DoCymaXuP3EwbNO3lXr9Ehh2zurPXeVm6tYUlF+DhPLLh/0L
l+Xf2XYNFsPj/VLBfL+RxTmlwopb9lAqQWyIjYCxFrTOmfz1Dli7zl5edX6Ys6fc
GvVsq6IXoPzzM1g1oH9Q+F8s0K4/Tuq0yfx4H1W87GN7buZmi+eoLC3qr3+S8acZ
ZVSZ/O7FJbP5JMsgKTWE/x6+NhPKAqRs7VJvKNKtQh6zWYYFD1g6pG8KE6phHh7Y
0LVnSa0vQbNJowUwSOYAv7NWV8VXgFQOqB2toRyqaPiEGwQGukx/Szb9/Q==
-----END CERTIFICATE-----
Generated at Wed May 13 09:40:47 2026 by rpki-client