Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/3134372e3132352e3234312e302f32342d3234203d3e203236363636.roa
File: 3134372e3132352e3234312e302f32342d3234203d3e203236363636.roa (raw, json)
Hash identifier: ljzeyv3c/Bw8upDHA8h/aQBZukI3kgPwEVC4XuDhhwI=
Subject key identifier: EE:60:2C:B2:2D:82:EE:BD:99:98:F3:45:56:A4:9B:CA:27:62:18:F6
Certificate issuer: /CN=6ccdc82bae7800f7d507c737924869bdeb5a76ea
Certificate serial: 5F1BC51C556387E18B7F774A138BC0D5CBB92AA5
Authority key identifier: 6C:CD:C8:2B:AE:78:00:F7:D5:07:C7:37:92:48:69:BD:EB:5A:76:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bM3IK654APfVB8c3kkhpvetaduo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/3134372e3132352e3234312e302f32342d3234203d3e203236363636.roa
Signing time: Tue 21 Apr 2026 09:09:10 +0000
ROA not before: Tue 21 Apr 2026 09:04:10 +0000
ROA not after: Tue 20 Apr 2027 09:09:10 +0000
asID: 26666
IP address blocks: 147.125.241.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/6CCDC82BAE7800F7D507C737924869BDEB5A76EA.crl
rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/6CCDC82BAE7800F7D507C737924869BDEB5A76EA.mft
rsync://rpki.ripe.net/repository/DEFAULT/bM3IK654APfVB8c3kkhpvetaduo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 22:31:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5f:1b:c5:1c:55:63:87:e1:8b:7f:77:4a:13:8b:c0:d5:cb:b9:2a:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ccdc82bae7800f7d507c737924869bdeb5a76ea
Validity
Not Before: Apr 21 09:04:10 2026 GMT
Not After : Apr 20 09:09:10 2027 GMT
Subject: CN=EE602CB22D82EEBD9998F34556A49BCA276218F6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:24:9b:8d:9d:95:fc:01:6c:0c:3c:3b:93:71:
85:1f:f8:d5:7b:36:48:3d:7d:7a:14:10:28:3f:0c:
96:9a:19:99:ce:3f:4d:90:35:d4:b3:33:19:b8:74:
08:40:8d:d1:d7:19:78:f0:e0:d3:21:c9:ca:5e:6f:
f0:1e:86:50:72:28:8a:2d:69:eb:85:df:3b:14:7b:
cd:e5:2a:ae:c1:77:87:8e:eb:40:32:fb:24:81:9e:
8c:f2:27:3f:7b:9a:67:b4:e9:e8:23:94:78:e0:2c:
0a:ec:4e:44:e7:93:34:94:6e:eb:34:9c:39:33:42:
ba:88:fa:43:23:6d:7b:ae:ca:48:e5:9f:a2:60:d8:
7d:e6:57:f2:10:83:b4:a0:35:9f:95:e4:68:ba:82:
da:dc:b5:bd:ec:e8:6f:d7:e3:59:c1:67:49:21:c2:
67:90:53:52:a5:13:69:da:3e:04:20:0b:82:e7:49:
6f:49:54:3c:7d:e8:c9:79:3e:a9:a0:c7:63:6b:4e:
ec:25:60:24:9a:c3:a2:c6:ea:f6:b8:42:29:56:28:
19:b2:e2:bd:59:1a:99:df:b9:28:fe:4f:78:34:d0:
55:94:ef:15:b3:95:0d:6b:9f:d9:a5:ce:a4:0d:58:
25:96:f4:66:26:d0:01:de:d2:92:9b:89:c3:ec:e4:
61:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:60:2C:B2:2D:82:EE:BD:99:98:F3:45:56:A4:9B:CA:27:62:18:F6
X509v3 Authority Key Identifier:
keyid:6C:CD:C8:2B:AE:78:00:F7:D5:07:C7:37:92:48:69:BD:EB:5A:76:EA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/6CCDC82BAE7800F7D507C737924869BDEB5A76EA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bM3IK654APfVB8c3kkhpvetaduo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/3134372e3132352e3234312e302f32342d3234203d3e203236363636.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.125.241.0/24
Signature Algorithm: sha256WithRSAEncryption
14:05:12:6d:bd:26:bb:9e:47:e3:c2:70:48:83:dd:ec:75:c4:
28:f8:4e:dd:6f:f8:44:60:a8:53:e1:94:2a:cc:13:28:c5:c8:
91:63:11:7b:72:fb:7f:fd:45:68:9c:4b:ea:bf:0a:21:1e:7f:
67:b2:86:2f:ef:1c:b6:16:b2:6a:68:1d:86:fc:6f:3e:1d:cd:
a7:78:2b:d4:64:0b:94:94:f8:8e:94:cd:b4:37:fd:94:e8:a3:
f9:48:2a:59:85:28:16:56:b9:27:5d:d8:b6:e8:a1:e8:bb:e1:
fa:79:62:3c:e8:ba:36:d3:cf:2e:d2:ca:47:c9:c8:8a:01:7e:
cf:26:3f:bd:fb:94:a7:0d:ad:dc:61:fd:fb:c6:1d:cf:5f:4e:
a8:df:ba:8d:ee:26:fa:2c:a8:cc:75:a2:4c:74:3f:b4:f3:ac:
63:ad:25:26:a2:07:8e:61:1a:cc:b5:21:90:df:5f:80:1c:11:
2c:41:69:f0:a2:1f:57:60:71:c0:71:a9:84:8a:34:89:95:b8:
38:2c:b4:71:1a:a6:78:dc:8e:84:dd:55:c2:74:8f:72:60:0c:
36:24:1d:bd:25:24:a2:bf:16:c0:86:71:f8:d1:7b:ca:42:75:
05:3c:b8:8e:98:98:fa:c2:3e:6b:3d:59:f7:f1:06:43:3e:8c:
99:23:ef:a0
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUXxvFHFVjh+GLf3dKE4vA1cu5KqUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNmNjZGM4MmJhZTc4MDBmN2Q1MDdjNzM3OTI0ODY5YmRl
YjVhNzZlYTAeFw0yNjA0MjEwOTA0MTBaFw0yNzA0MjAwOTA5MTBaMDMxMTAvBgNV
BAMTKEVFNjAyQ0IyMkQ4MkVFQkQ5OTk4RjM0NTU2QTQ5QkNBMjc2MjE4RjYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDLJJuNnZX8AWwMPDuTcYUf+NV7
Nkg9fXoUECg/DJaaGZnOP02QNdSzMxm4dAhAjdHXGXjw4NMhycpeb/AehlByKIot
aeuF3zsUe83lKq7Bd4eO60Ay+ySBnozyJz97mme06egjlHjgLArsTkTnkzSUbus0
nDkzQrqI+kMjbXuuykjln6Jg2H3mV/IQg7SgNZ+V5Gi6gtrctb3s6G/X41nBZ0kh
wmeQU1KlE2naPgQgC4LnSW9JVDx96Ml5Pqmgx2NrTuwlYCSaw6LG6va4QilWKBmy
4r1ZGpnfuSj+T3g00FWU7xWzlQ1rn9mlzqQNWCWW9GYm0AHe0pKbicPs5GGRAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQU7mAssi2C7r2ZmPNFVqSbyidiGPYwHwYDVR0j
BBgwFoAUbM3IK654APfVB8c3kkhpvetaduowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvY2NkMzg4NGEtYzM4NS00YjY1LTk4NjYtNGY2MzgzMTcy
NjcyLzAvNkNDREM4MkJBRTc4MDBGN0Q1MDdDNzM3OTI0ODY5QkRFQjVBNzZFQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2JNM0lLNjU0QVBmVkI4YzNra2hwdmV0
YWR1by5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvY2NkMzg4NGEt
YzM4NS00YjY1LTk4NjYtNGY2MzgzMTcyNjcyLzAvMzEzNDM3MmUzMTMyMzUyZTMy
MzQzMTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzYzNjM2MzYucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BACTffEwDQYJKoZIhvcNAQELBQADggEBABQFEm29JrueR+PCcEiD3ex1xCj4Tt1v
+ERgqFPhlCrMEyjFyJFjEXty+3/9RWicS+q/CiEef2eyhi/vHLYWsmpoHYb8bz4d
zad4K9RkC5SU+I6UzbQ3/ZToo/lIKlmFKBZWuSdd2Lbooei74fp5YjzoujbTzy7S
ykfJyIoBfs8mP737lKcNrdxh/fvGHc9fTqjfuo3uJvosqMx1okx0P7TzrGOtJSai
B45hGsy1IZDfX4AcESxBafCiH1dgccBxqYSKNImVuDgstHEapnjcjoTdVcJ0j3Jg
DDYkHb0lJKK/FsCGcfjRe8pCdQU8uI6YmPrCPms9WffxBkM+jJkj76A=
-----END CERTIFICATE-----
Generated at Wed May 13 09:40:44 2026 by rpki-client