Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/3134372e3132352e3232342e302f32322d3232203d3e2035363530.roa
File: 3134372e3132352e3232342e302f32322d3232203d3e2035363530.roa (raw, json)
Hash identifier: X4fHhIJlJwZ2LDXHWMdHhvMPsVUWvdH8npbsljGuQV4=
Subject key identifier: B3:B3:A3:00:44:D6:81:13:A1:AF:7E:7A:E7:45:B6:22:F1:E9:AA:78
Certificate issuer: /CN=6ccdc82bae7800f7d507c737924869bdeb5a76ea
Certificate serial: 4B78D08BD71A4300E195951984AD4EFBBC872945
Authority key identifier: 6C:CD:C8:2B:AE:78:00:F7:D5:07:C7:37:92:48:69:BD:EB:5A:76:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bM3IK654APfVB8c3kkhpvetaduo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/3134372e3132352e3232342e302f32322d3232203d3e2035363530.roa
Signing time: Tue 21 Apr 2026 09:09:12 +0000
ROA not before: Tue 21 Apr 2026 09:04:12 +0000
ROA not after: Tue 20 Apr 2027 09:09:12 +0000
asID: 5650
IP address blocks: 147.125.224.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/6CCDC82BAE7800F7D507C737924869BDEB5A76EA.crl
rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/6CCDC82BAE7800F7D507C737924869BDEB5A76EA.mft
rsync://rpki.ripe.net/repository/DEFAULT/bM3IK654APfVB8c3kkhpvetaduo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 22:31:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4b:78:d0:8b:d7:1a:43:00:e1:95:95:19:84:ad:4e:fb:bc:87:29:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ccdc82bae7800f7d507c737924869bdeb5a76ea
Validity
Not Before: Apr 21 09:04:12 2026 GMT
Not After : Apr 20 09:09:12 2027 GMT
Subject: CN=B3B3A30044D68113A1AF7E7AE745B622F1E9AA78
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:96:ed:0e:37:94:92:a5:e1:07:a2:7a:1f:4a:
29:2e:56:33:34:fa:7d:b7:a7:a0:8c:31:02:35:ac:
71:04:43:84:21:74:4b:45:5e:22:b9:ed:84:49:2f:
fe:bb:c1:de:3d:6b:50:75:95:2c:b8:31:f1:c4:d1:
57:b7:ca:53:4c:8a:c0:00:28:5a:bf:d8:98:65:22:
da:fc:1d:a9:d4:58:17:50:d0:30:f9:07:3f:cb:24:
fa:0c:34:17:8e:28:ac:80:89:6d:57:ad:81:ff:48:
a4:85:53:6f:db:b9:74:e2:a9:25:7a:3d:d3:51:49:
fc:d8:1c:f0:77:2f:d9:5f:35:85:86:59:f9:1c:86:
10:75:44:62:f4:7e:62:19:94:ab:ce:8f:e4:70:70:
79:27:3d:b8:c4:c2:bd:b6:15:27:ca:15:74:8d:3f:
47:8d:26:97:9a:25:a5:30:d5:e4:52:e2:b7:e6:ba:
4f:70:b7:e9:d2:80:35:7f:fd:02:f6:85:a0:6d:71:
30:6e:d8:b1:24:37:8f:cd:50:55:54:3e:5c:20:f3:
a8:85:c5:0f:f9:b0:6a:cf:04:01:a7:9c:22:5c:b4:
4e:77:a5:09:be:ec:03:7d:36:04:19:e2:d0:ff:86:
fa:b8:b3:ea:76:b1:66:5a:0b:6f:e4:6d:c2:78:ce:
85:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:B3:A3:00:44:D6:81:13:A1:AF:7E:7A:E7:45:B6:22:F1:E9:AA:78
X509v3 Authority Key Identifier:
keyid:6C:CD:C8:2B:AE:78:00:F7:D5:07:C7:37:92:48:69:BD:EB:5A:76:EA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/6CCDC82BAE7800F7D507C737924869BDEB5A76EA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bM3IK654APfVB8c3kkhpvetaduo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/3134372e3132352e3232342e302f32322d3232203d3e2035363530.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.125.224.0/22
Signature Algorithm: sha256WithRSAEncryption
57:65:5d:fb:52:85:5d:30:90:72:12:32:ce:f0:9e:45:36:61:
e5:10:e8:9d:2f:57:31:5e:72:4c:4f:3d:76:52:e8:1f:b6:02:
38:03:83:f5:af:50:aa:20:4c:9f:11:92:ff:20:99:f2:d4:ef:
c9:f7:1c:12:47:a8:a5:11:a7:77:9d:ed:86:a1:a1:e2:5c:7b:
76:2e:76:41:90:4a:56:d4:23:5c:1c:b6:e6:a4:63:98:db:3f:
ae:b9:27:4c:f2:3a:80:29:af:ee:61:18:86:83:8e:4d:eb:ef:
a7:4d:2b:f9:74:ab:b0:c8:db:88:01:23:5f:e7:67:d6:12:38:
d9:2d:47:b8:ba:97:89:f9:46:60:89:b3:d9:f1:fd:05:21:39:
30:ea:e4:49:09:3c:7c:66:32:41:f1:e0:e9:c1:0e:66:d7:f0:
0b:8c:22:6c:0e:22:15:eb:84:b5:0c:97:45:00:89:d6:88:64:
15:cd:e9:d1:70:0f:df:f8:92:27:f8:32:c7:4d:34:cb:e4:84:
2c:be:33:d8:e4:0a:70:37:35:5a:1a:89:62:c2:71:ef:e6:3f:
14:d4:c4:4a:43:5a:77:3e:79:6a:da:91:7d:f1:e6:7e:dd:94:
ff:4c:24:53:99:91:bc:23:49:39:94:03:43:da:3d:0c:f0:8c:
f7:42:e2:97
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUS3jQi9caQwDhlZUZhK1O+7yHKUUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNmNjZGM4MmJhZTc4MDBmN2Q1MDdjNzM3OTI0ODY5YmRl
YjVhNzZlYTAeFw0yNjA0MjEwOTA0MTJaFw0yNzA0MjAwOTA5MTJaMDMxMTAvBgNV
BAMTKEIzQjNBMzAwNDRENjgxMTNBMUFGN0U3QUU3NDVCNjIyRjFFOUFBNzgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCYlu0ON5SSpeEHonofSikuVjM0
+n23p6CMMQI1rHEEQ4QhdEtFXiK57YRJL/67wd49a1B1lSy4MfHE0Ve3ylNMisAA
KFq/2JhlItr8HanUWBdQ0DD5Bz/LJPoMNBeOKKyAiW1XrYH/SKSFU2/buXTiqSV6
PdNRSfzYHPB3L9lfNYWGWfkchhB1RGL0fmIZlKvOj+RwcHknPbjEwr22FSfKFXSN
P0eNJpeaJaUw1eRS4rfmuk9wt+nSgDV//QL2haBtcTBu2LEkN4/NUFVUPlwg86iF
xQ/5sGrPBAGnnCJctE53pQm+7AN9NgQZ4tD/hvq4s+p2sWZaC2/kbcJ4zoVbAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUs7OjAETWgROhr35650W2IvHpqngwHwYDVR0j
BBgwFoAUbM3IK654APfVB8c3kkhpvetaduowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvY2NkMzg4NGEtYzM4NS00YjY1LTk4NjYtNGY2MzgzMTcy
NjcyLzAvNkNDREM4MkJBRTc4MDBGN0Q1MDdDNzM3OTI0ODY5QkRFQjVBNzZFQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2JNM0lLNjU0QVBmVkI4YzNra2hwdmV0
YWR1by5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvY2NkMzg4NGEt
YzM4NS00YjY1LTk4NjYtNGY2MzgzMTcyNjcyLzAvMzEzNDM3MmUzMTMyMzUyZTMy
MzIzNDJlMzAyZjMyMzIyZDMyMzIyMDNkM2UyMDM1MzYzNTMwLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQC
k33gMA0GCSqGSIb3DQEBCwUAA4IBAQBXZV37UoVdMJByEjLO8J5FNmHlEOidL1cx
XnJMTz12UugftgI4A4P1r1CqIEyfEZL/IJny1O/J9xwSR6ilEad3ne2GoaHiXHt2
LnZBkEpW1CNcHLbmpGOY2z+uuSdM8jqAKa/uYRiGg45N6++nTSv5dKuwyNuIASNf
52fWEjjZLUe4upeJ+UZgibPZ8f0FITkw6uRJCTx8ZjJB8eDpwQ5m1/ALjCJsDiIV
64S1DJdFAInWiGQVzenRcA/f+JIn+DLHTTTL5IQsvjPY5ApwNzVaGoliwnHv5j8U
1MRKQ1p3Pnlq2pF98eZ+3ZT/TCRTmZG8I0k5lAND2j0M8Iz3QuKX
-----END CERTIFICATE-----
Generated at Wed May 13 09:40:49 2026 by rpki-client