Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/3134372e3132352e3232382e302f32322d3234203d3e2034373636.roa
File: 3134372e3132352e3232382e302f32322d3234203d3e2034373636.roa (raw, json)
Hash identifier: PVVcyUK2P5//ata0jnwAz9lNNY70RdkLtJoVoUxLuN0=
Subject key identifier: BD:79:BF:FE:EE:DD:51:CC:3E:4B:C5:25:5F:00:86:44:28:C3:67:37
Certificate issuer: /CN=6ccdc82bae7800f7d507c737924869bdeb5a76ea
Certificate serial: 28241A7C4DC3E0709DE331BD7D6D6E099A96EEEC
Authority key identifier: 6C:CD:C8:2B:AE:78:00:F7:D5:07:C7:37:92:48:69:BD:EB:5A:76:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bM3IK654APfVB8c3kkhpvetaduo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/3134372e3132352e3232382e302f32322d3234203d3e2034373636.roa
Signing time: Mon 01 Sep 2025 16:59:30 +0000
ROA not before: Mon 01 Sep 2025 16:54:30 +0000
ROA not after: Mon 31 Aug 2026 16:59:30 +0000
asID: 4766
IP address blocks: 147.125.228.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/6CCDC82BAE7800F7D507C737924869BDEB5A76EA.crl
rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/6CCDC82BAE7800F7D507C737924869BDEB5A76EA.mft
rsync://rpki.ripe.net/repository/DEFAULT/bM3IK654APfVB8c3kkhpvetaduo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 05 Sep 2025 15:50:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
28:24:1a:7c:4d:c3:e0:70:9d:e3:31:bd:7d:6d:6e:09:9a:96:ee:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ccdc82bae7800f7d507c737924869bdeb5a76ea
Validity
Not Before: Sep 1 16:54:30 2025 GMT
Not After : Aug 31 16:59:30 2026 GMT
Subject: CN=BD79BFFEEEDD51CC3E4BC5255F00864428C36737
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:54:df:5b:a0:ed:92:57:e9:15:40:b4:36:bd:
cb:b3:2c:b5:aa:aa:84:64:55:62:ea:c1:04:e4:69:
26:7c:41:61:03:df:6b:19:16:89:74:72:ed:16:fd:
68:a1:2b:13:95:a5:f0:87:7b:75:39:65:1f:2f:25:
dd:95:2b:54:d7:83:d8:ff:52:1d:87:8d:dd:59:c4:
ae:50:80:6c:c4:d0:c7:25:40:de:8e:7e:c2:0a:aa:
95:b5:54:99:ec:d2:aa:ab:79:6e:68:76:86:fe:dc:
91:df:02:70:ac:1f:b4:64:15:cf:00:ce:15:6d:31:
f1:e3:10:80:2d:f4:85:ae:93:91:08:18:86:9a:06:
5d:46:c3:8a:b1:f1:4c:3f:52:23:74:fc:89:71:5d:
9e:b1:58:43:55:2e:36:d1:60:02:41:78:20:6a:cd:
eb:72:b7:69:8e:3a:8e:70:26:54:7c:99:f7:c4:c1:
c5:e6:4e:cb:02:40:46:2c:23:34:d1:24:3d:d3:82:
fa:c2:7f:45:ec:c5:2f:cc:c1:39:d4:c6:a9:4d:b9:
c6:17:31:f1:a4:da:8d:52:a4:c6:5f:ea:ce:65:a4:
47:1d:7f:2a:84:68:d2:10:e6:b6:ab:3f:d5:fa:1d:
10:bb:86:d5:75:e1:2b:0d:65:67:2d:17:97:a1:8f:
2c:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:79:BF:FE:EE:DD:51:CC:3E:4B:C5:25:5F:00:86:44:28:C3:67:37
X509v3 Authority Key Identifier:
keyid:6C:CD:C8:2B:AE:78:00:F7:D5:07:C7:37:92:48:69:BD:EB:5A:76:EA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/6CCDC82BAE7800F7D507C737924869BDEB5A76EA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bM3IK654APfVB8c3kkhpvetaduo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/3134372e3132352e3232382e302f32322d3234203d3e2034373636.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.125.228.0/22
Signature Algorithm: sha256WithRSAEncryption
27:fe:d7:4e:28:55:ad:48:03:85:6b:db:e6:ca:89:5a:ff:24:
48:cd:ba:e4:2a:83:b8:c4:1f:94:f2:7d:68:a3:c3:42:6e:1d:
e5:b5:3e:ee:47:46:38:e9:16:d4:ab:92:25:bc:d5:6f:95:f5:
6c:04:ca:fd:80:ce:79:82:7f:b6:af:71:ca:0d:1d:b1:48:1d:
70:d9:cc:29:d1:76:4d:95:6a:19:4c:97:68:e6:98:b1:6b:c9:
83:04:39:2b:1d:1a:34:ce:fb:ce:15:54:63:91:72:c5:cb:20:
cb:69:d4:a5:e5:23:f1:f7:32:4f:25:f3:88:bd:b9:87:ff:65:
0c:ea:f0:60:1b:1f:51:05:4f:40:94:20:6d:a1:91:7a:66:85:
b2:57:1e:94:ea:48:d1:90:a6:6e:cb:37:2f:a2:aa:cb:cb:a4:
03:b6:58:d8:18:d5:a4:6b:bd:8d:39:f7:94:29:d7:5f:7f:b8:
7c:5c:f1:a9:c7:09:f9:79:bd:cb:eb:21:2e:bb:3c:d9:e6:24:
31:a3:6c:a7:65:93:b0:6b:6c:da:5d:56:1d:bb:d0:cb:0f:1e:
02:e7:8d:db:92:3d:9b:e5:3f:47:0f:4f:8f:9d:2e:fe:ec:a5:
4f:f9:e3:c6:98:7a:25:ce:ba:cf:12:b2:bf:5c:29:e0:10:1f:
78:b8:57:00
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUKCQafE3D4HCd4zG9fW1uCZqW7uwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNmNjZGM4MmJhZTc4MDBmN2Q1MDdjNzM3OTI0ODY5YmRl
YjVhNzZlYTAeFw0yNTA5MDExNjU0MzBaFw0yNjA4MzExNjU5MzBaMDMxMTAvBgNV
BAMTKEJENzlCRkZFRUVERDUxQ0MzRTRCQzUyNTVGMDA4NjQ0MjhDMzY3MzcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDAVN9boO2SV+kVQLQ2vcuzLLWq
qoRkVWLqwQTkaSZ8QWED32sZFol0cu0W/WihKxOVpfCHe3U5ZR8vJd2VK1TXg9j/
Uh2Hjd1ZxK5QgGzE0MclQN6OfsIKqpW1VJns0qqreW5odob+3JHfAnCsH7RkFc8A
zhVtMfHjEIAt9IWuk5EIGIaaBl1Gw4qx8Uw/UiN0/IlxXZ6xWENVLjbRYAJBeCBq
zetyt2mOOo5wJlR8mffEwcXmTssCQEYsIzTRJD3TgvrCf0XsxS/MwTnUxqlNucYX
MfGk2o1SpMZf6s5lpEcdfyqEaNIQ5rarP9X6HRC7htV14SsNZWctF5ehjyxBAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUvXm//u7dUcw+S8UlXwCGRCjDZzcwHwYDVR0j
BBgwFoAUbM3IK654APfVB8c3kkhpvetaduowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvY2NkMzg4NGEtYzM4NS00YjY1LTk4NjYtNGY2MzgzMTcy
NjcyLzAvNkNDREM4MkJBRTc4MDBGN0Q1MDdDNzM3OTI0ODY5QkRFQjVBNzZFQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2JNM0lLNjU0QVBmVkI4YzNra2hwdmV0
YWR1by5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvY2NkMzg4NGEt
YzM4NS00YjY1LTk4NjYtNGY2MzgzMTcyNjcyLzAvMzEzNDM3MmUzMTMyMzUyZTMy
MzIzODJlMzAyZjMyMzIyZDMyMzQyMDNkM2UyMDM0MzczNjM2LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQC
k33kMA0GCSqGSIb3DQEBCwUAA4IBAQAn/tdOKFWtSAOFa9vmyola/yRIzbrkKoO4
xB+U8n1oo8NCbh3ltT7uR0Y46RbUq5IlvNVvlfVsBMr9gM55gn+2r3HKDR2xSB1w
2cwp0XZNlWoZTJdo5pixa8mDBDkrHRo0zvvOFVRjkXLFyyDLadSl5SPx9zJPJfOI
vbmH/2UM6vBgGx9RBU9AlCBtoZF6ZoWyVx6U6kjRkKZuyzcvoqrLy6QDtljYGNWk
a72NOfeUKddff7h8XPGpxwn5eb3L6yEuuzzZ5iQxo2ynZZOwa2zaXVYdu9DLDx4C
543bkj2b5T9HD0+PnS7+7KVP+ePGmHolzrrPErK/XCngEB94uFcA
-----END CERTIFICATE-----
Generated at Fri Sep 5 08:39:42 2025 by rpki-client