Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/3134372e3132352e3232382e302f32322d3234203d3e2034373636.roa
File: 3134372e3132352e3232382e302f32322d3234203d3e2034373636.roa (raw, json)
Hash identifier: PxhIzU6SxoMJB/ritTSVlN101+/0HexmlbzDq1XDKTc=
Subject key identifier: 0C:C2:B4:9F:BB:C3:9F:93:81:EB:21:97:E1:66:3F:72:80:60:A4:02
Certificate issuer: /CN=6ccdc82bae7800f7d507c737924869bdeb5a76ea
Certificate serial: 44ED84C92954F60E74619E2D6CE763FA8F6FF320
Authority key identifier: 6C:CD:C8:2B:AE:78:00:F7:D5:07:C7:37:92:48:69:BD:EB:5A:76:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bM3IK654APfVB8c3kkhpvetaduo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/3134372e3132352e3232382e302f32322d3234203d3e2034373636.roa
Signing time: Tue 21 Apr 2026 09:09:11 +0000
ROA not before: Tue 21 Apr 2026 09:04:11 +0000
ROA not after: Tue 20 Apr 2027 09:09:11 +0000
asID: 4766
IP address blocks: 147.125.228.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/6CCDC82BAE7800F7D507C737924869BDEB5A76EA.crl
rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/6CCDC82BAE7800F7D507C737924869BDEB5A76EA.mft
rsync://rpki.ripe.net/repository/DEFAULT/bM3IK654APfVB8c3kkhpvetaduo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 22:31:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
44:ed:84:c9:29:54:f6:0e:74:61:9e:2d:6c:e7:63:fa:8f:6f:f3:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ccdc82bae7800f7d507c737924869bdeb5a76ea
Validity
Not Before: Apr 21 09:04:11 2026 GMT
Not After : Apr 20 09:09:11 2027 GMT
Subject: CN=0CC2B49FBBC39F9381EB2197E1663F728060A402
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:0b:19:ec:08:83:e6:c5:f1:99:76:bd:e2:79:
52:cc:77:c7:20:a7:0d:b8:e8:c0:37:b5:5d:14:14:
2b:33:a5:e9:fd:32:7d:93:af:50:85:36:41:30:de:
ef:86:83:91:cb:91:fd:f6:86:71:15:c6:89:66:c1:
71:fa:a4:5a:21:e6:c5:39:d2:cc:43:24:f7:c2:3d:
99:02:06:2c:14:83:54:c9:d9:fe:6e:28:54:c7:ec:
e6:57:c3:de:a6:63:5c:e8:19:c8:69:db:b3:5b:b0:
57:24:c1:7d:07:e9:44:86:1f:ce:44:df:ef:33:66:
85:2d:54:a3:12:53:88:d0:d4:c1:47:e6:b2:fc:4f:
84:1e:a7:74:0f:f7:0f:a7:fb:d8:a2:65:43:72:53:
ab:7c:57:65:5c:8a:5c:12:86:7d:93:80:93:59:9a:
57:8d:00:1c:18:8d:1c:5b:ea:e4:ed:9e:73:ae:87:
8d:89:cc:e0:93:88:cd:38:93:12:5f:ca:a2:b3:c1:
65:f8:0b:8c:cd:fc:1c:b6:b5:d4:44:05:7f:ee:ba:
55:37:a6:9e:fa:9e:34:fa:4a:74:c4:dd:43:60:d0:
4f:2f:fb:78:81:c4:60:95:f7:19:37:95:7d:fb:d6:
3f:aa:3f:5b:ae:ba:72:0b:5c:f1:a0:45:96:78:1b:
5d:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:C2:B4:9F:BB:C3:9F:93:81:EB:21:97:E1:66:3F:72:80:60:A4:02
X509v3 Authority Key Identifier:
keyid:6C:CD:C8:2B:AE:78:00:F7:D5:07:C7:37:92:48:69:BD:EB:5A:76:EA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/6CCDC82BAE7800F7D507C737924869BDEB5A76EA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bM3IK654APfVB8c3kkhpvetaduo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/3134372e3132352e3232382e302f32322d3234203d3e2034373636.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.125.228.0/22
Signature Algorithm: sha256WithRSAEncryption
84:31:55:c1:43:a7:5b:eb:f4:45:5e:0a:56:05:81:fb:73:5d:
c5:52:cf:04:b9:cd:32:2a:85:50:21:3d:5d:b6:2d:b2:d2:b7:
df:0d:37:d6:bc:c6:01:1e:75:b8:0f:bf:90:74:78:5e:3c:52:
88:70:84:a2:d2:83:c1:5d:fa:47:b1:b7:5b:e6:a2:3b:6b:27:
c4:3c:34:e4:3c:7c:55:18:30:64:d0:9e:84:d3:b4:5f:e2:d3:
39:14:f6:e5:1e:4f:d8:a3:45:e4:ac:ce:86:2d:f4:7e:2c:1f:
b2:4a:96:9a:5d:7c:4d:a7:85:10:1f:53:fe:d9:5f:ac:66:6a:
cc:aa:b4:46:f8:28:83:25:14:52:15:94:e9:5e:dc:aa:f5:62:
29:0d:92:54:51:d3:89:fa:19:66:88:04:b2:ce:ac:32:c6:e9:
80:c9:24:5b:72:22:78:16:3f:df:e5:a3:37:f7:16:41:8d:fc:
64:ce:77:d5:53:aa:a6:5e:4d:ff:82:d9:38:ed:e0:ab:a5:d1:
a8:42:98:66:13:24:22:db:59:f4:2d:bf:32:23:5e:c2:76:cf:
af:4c:02:40:f1:15:36:f8:68:06:23:f2:d0:19:3f:34:e9:6d:
84:b2:43:58:eb:ae:85:0e:bb:95:2d:b2:2c:00:71:0b:aa:bb:
2d:e7:d9:96
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIURO2EySlU9g50YZ4tbOdj+o9v8yAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNmNjZGM4MmJhZTc4MDBmN2Q1MDdjNzM3OTI0ODY5YmRl
YjVhNzZlYTAeFw0yNjA0MjEwOTA0MTFaFw0yNzA0MjAwOTA5MTFaMDMxMTAvBgNV
BAMTKDBDQzJCNDlGQkJDMzlGOTM4MUVCMjE5N0UxNjYzRjcyODA2MEE0MDIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDNCxnsCIPmxfGZdr3ieVLMd8cg
pw246MA3tV0UFCszpen9Mn2Tr1CFNkEw3u+Gg5HLkf32hnEVxolmwXH6pFoh5sU5
0sxDJPfCPZkCBiwUg1TJ2f5uKFTH7OZXw96mY1zoGchp27NbsFckwX0H6USGH85E
3+8zZoUtVKMSU4jQ1MFH5rL8T4Qep3QP9w+n+9iiZUNyU6t8V2VcilwShn2TgJNZ
mleNABwYjRxb6uTtnnOuh42JzOCTiM04kxJfyqKzwWX4C4zN/By2tdREBX/uulU3
pp76njT6SnTE3UNg0E8v+3iBxGCV9xk3lX371j+qP1uuunILXPGgRZZ4G10VAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUDMK0n7vDn5OB6yGX4WY/coBgpAIwHwYDVR0j
BBgwFoAUbM3IK654APfVB8c3kkhpvetaduowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvY2NkMzg4NGEtYzM4NS00YjY1LTk4NjYtNGY2MzgzMTcy
NjcyLzAvNkNDREM4MkJBRTc4MDBGN0Q1MDdDNzM3OTI0ODY5QkRFQjVBNzZFQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2JNM0lLNjU0QVBmVkI4YzNra2hwdmV0
YWR1by5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvY2NkMzg4NGEt
YzM4NS00YjY1LTk4NjYtNGY2MzgzMTcyNjcyLzAvMzEzNDM3MmUzMTMyMzUyZTMy
MzIzODJlMzAyZjMyMzIyZDMyMzQyMDNkM2UyMDM0MzczNjM2LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQC
k33kMA0GCSqGSIb3DQEBCwUAA4IBAQCEMVXBQ6db6/RFXgpWBYH7c13FUs8Euc0y
KoVQIT1dti2y0rffDTfWvMYBHnW4D7+QdHhePFKIcISi0oPBXfpHsbdb5qI7ayfE
PDTkPHxVGDBk0J6E07Rf4tM5FPblHk/Yo0XkrM6GLfR+LB+ySpaaXXxNp4UQH1P+
2V+sZmrMqrRG+CiDJRRSFZTpXtyq9WIpDZJUUdOJ+hlmiASyzqwyxumAySRbciJ4
Fj/f5aM39xZBjfxkznfVU6qmXk3/gtk47eCrpdGoQphmEyQi21n0Lb8yI17Cds+v
TAJA8RU2+GgGI/LQGT806W2EskNY666FDruVLbIsAHELqrst59mW
-----END CERTIFICATE-----
Generated at Wed May 13 09:41:07 2026 by rpki-client