Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/3134372e3132352e3231352e302f32342d3234203d3e203239383032.roa
File: 3134372e3132352e3231352e302f32342d3234203d3e203239383032.roa (raw, json)
Hash identifier: cjPxaAG/N9l0DAxuYhRGJJyYzdIfmYIqSneK+aEY/tY=
Subject key identifier: DB:D0:37:BD:1F:2B:8E:7F:CE:6F:06:03:CE:E7:0E:9D:A5:DB:63:50
Certificate issuer: /CN=6ccdc82bae7800f7d507c737924869bdeb5a76ea
Certificate serial: 703550656F975EA50FAB940D4B65F3DAD8AF0F2A
Authority key identifier: 6C:CD:C8:2B:AE:78:00:F7:D5:07:C7:37:92:48:69:BD:EB:5A:76:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bM3IK654APfVB8c3kkhpvetaduo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/3134372e3132352e3231352e302f32342d3234203d3e203239383032.roa
Signing time: Tue 21 Apr 2026 09:09:13 +0000
ROA not before: Tue 21 Apr 2026 09:04:13 +0000
ROA not after: Tue 20 Apr 2027 09:09:13 +0000
asID: 29802
IP address blocks: 147.125.215.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/6CCDC82BAE7800F7D507C737924869BDEB5A76EA.crl
rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/6CCDC82BAE7800F7D507C737924869BDEB5A76EA.mft
rsync://rpki.ripe.net/repository/DEFAULT/bM3IK654APfVB8c3kkhpvetaduo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 02 May 2026 04:09:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
70:35:50:65:6f:97:5e:a5:0f:ab:94:0d:4b:65:f3:da:d8:af:0f:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ccdc82bae7800f7d507c737924869bdeb5a76ea
Validity
Not Before: Apr 21 09:04:13 2026 GMT
Not After : Apr 20 09:09:13 2027 GMT
Subject: CN=DBD037BD1F2B8E7FCE6F0603CEE70E9DA5DB6350
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:38:8c:66:27:d2:c8:c1:f3:04:54:c9:e2:0c:
92:26:bb:f9:13:9c:c6:db:74:f1:b7:d3:7f:64:5e:
ac:a1:d8:99:37:61:8a:f7:be:81:4b:e8:d6:fb:ed:
f5:8c:b5:8b:8e:0e:67:d7:29:bd:dc:9c:29:81:98:
bc:ab:5c:36:38:f3:3d:1c:03:6a:92:b3:31:18:87:
98:77:fd:6c:a2:92:68:0b:02:7b:6a:9d:df:f2:59:
1e:bb:9f:2a:08:02:d0:55:51:b5:58:64:ed:8c:41:
d0:4a:8f:a3:29:92:cb:c5:a9:c2:dc:90:45:93:8f:
9c:69:7a:5f:9c:8d:d9:5b:4d:96:4b:fc:dd:77:b4:
0b:16:22:91:34:de:e1:1c:aa:0b:97:4b:62:73:48:
95:45:0b:77:d0:b6:a3:fe:90:7f:39:1e:2d:cf:a7:
4b:68:d1:78:29:9c:c7:50:8a:30:16:25:8d:35:a2:
69:2c:e5:88:1b:4e:b1:a6:9f:5d:65:f2:67:5f:cd:
73:1e:be:97:92:c4:a3:63:e5:cd:d7:47:91:b9:34:
2d:7c:93:97:0a:7a:54:63:e2:ae:4d:4f:57:63:13:
1f:20:dd:91:74:cd:d7:b8:9a:9c:41:2d:8a:01:c0:
5b:47:9c:05:7a:2e:c5:d9:bc:c0:78:d3:ce:6b:fe:
4e:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:D0:37:BD:1F:2B:8E:7F:CE:6F:06:03:CE:E7:0E:9D:A5:DB:63:50
X509v3 Authority Key Identifier:
keyid:6C:CD:C8:2B:AE:78:00:F7:D5:07:C7:37:92:48:69:BD:EB:5A:76:EA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/6CCDC82BAE7800F7D507C737924869BDEB5A76EA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bM3IK654APfVB8c3kkhpvetaduo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/3134372e3132352e3231352e302f32342d3234203d3e203239383032.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.125.215.0/24
Signature Algorithm: sha256WithRSAEncryption
46:dd:53:fb:88:64:f5:12:7e:a4:87:07:b4:40:3e:9e:85:dc:
19:d0:9e:b6:e5:21:25:58:cb:09:aa:4f:64:4c:7e:dd:c7:2e:
1f:6b:e7:de:a1:9d:81:9d:b7:c7:6b:9a:aa:66:d6:fe:6c:10:
e5:3a:eb:97:70:73:ff:09:f5:b3:8f:45:d3:ad:4b:2f:c8:87:
75:82:b8:09:07:83:68:f8:00:cd:41:6f:66:1d:0c:a4:66:4c:
51:f2:65:ea:f3:f7:4e:a6:db:9d:98:56:51:a5:cc:9a:74:a6:
0d:4d:24:e7:ad:0a:e5:f4:ea:ec:01:40:14:ba:71:3a:d4:1e:
1a:7f:76:89:54:24:39:c3:8c:32:45:6a:f8:00:22:4a:8f:73:
6e:1f:f6:fe:9d:20:98:1c:6f:f1:01:76:89:24:85:ad:9c:76:
94:ee:4f:e9:c7:2b:fe:4e:e3:33:45:56:f6:89:dd:08:30:c0:
23:ba:dd:06:36:87:36:e8:0d:eb:8c:0c:7f:b6:4b:17:8e:9d:
04:f7:07:dd:4f:de:6f:64:8d:f6:db:3e:71:9c:0e:81:02:13:
ee:7e:84:f1:28:de:77:df:6e:a4:88:a2:01:66:1b:19:ed:0c:
a4:e1:86:e6:d5:04:5a:4c:97:74:88:57:ee:8e:ff:55:13:66:
15:2a:0c:34
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUcDVQZW+XXqUPq5QNS2Xz2tivDyowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNmNjZGM4MmJhZTc4MDBmN2Q1MDdjNzM3OTI0ODY5YmRl
YjVhNzZlYTAeFw0yNjA0MjEwOTA0MTNaFw0yNzA0MjAwOTA5MTNaMDMxMTAvBgNV
BAMTKERCRDAzN0JEMUYyQjhFN0ZDRTZGMDYwM0NFRTcwRTlEQTVEQjYzNTAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDhOIxmJ9LIwfMEVMniDJImu/kT
nMbbdPG3039kXqyh2Jk3YYr3voFL6Nb77fWMtYuODmfXKb3cnCmBmLyrXDY48z0c
A2qSszEYh5h3/WyikmgLAntqnd/yWR67nyoIAtBVUbVYZO2MQdBKj6MpksvFqcLc
kEWTj5xpel+cjdlbTZZL/N13tAsWIpE03uEcqguXS2JzSJVFC3fQtqP+kH85Hi3P
p0to0XgpnMdQijAWJY01omks5YgbTrGmn11l8mdfzXMevpeSxKNj5c3XR5G5NC18
k5cKelRj4q5NT1djEx8g3ZF0zde4mpxBLYoBwFtHnAV6LsXZvMB4085r/k5xAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQU29A3vR8rjn/ObwYDzucOnaXbY1AwHwYDVR0j
BBgwFoAUbM3IK654APfVB8c3kkhpvetaduowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvY2NkMzg4NGEtYzM4NS00YjY1LTk4NjYtNGY2MzgzMTcy
NjcyLzAvNkNDREM4MkJBRTc4MDBGN0Q1MDdDNzM3OTI0ODY5QkRFQjVBNzZFQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2JNM0lLNjU0QVBmVkI4YzNra2hwdmV0
YWR1by5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvY2NkMzg4NGEt
YzM4NS00YjY1LTk4NjYtNGY2MzgzMTcyNjcyLzAvMzEzNDM3MmUzMTMyMzUyZTMy
MzEzNTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzkzODMwMzIucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BACTfdcwDQYJKoZIhvcNAQELBQADggEBAEbdU/uIZPUSfqSHB7RAPp6F3BnQnrbl
ISVYywmqT2RMft3HLh9r596hnYGdt8drmqpm1v5sEOU665dwc/8J9bOPRdOtSy/I
h3WCuAkHg2j4AM1Bb2YdDKRmTFHyZerz906m252YVlGlzJp0pg1NJOetCuX06uwB
QBS6cTrUHhp/dolUJDnDjDJFavgAIkqPc24f9v6dIJgcb/EBdokkha2cdpTuT+nH
K/5O4zNFVvaJ3QgwwCO63QY2hzboDeuMDH+2SxeOnQT3B91P3m9kjfbbPnGcDoEC
E+5+hPEo3nffbqSIogFmGxntDKThhubVBFpMl3SIV+6O/1UTZhUqDDQ=
-----END CERTIFICATE-----
Generated at Fri May 1 09:28:04 2026 by rpki-client