Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/3134372e3132352e3234322e302f32342d3234203d3e20323135363037.roa
File: 3134372e3132352e3234322e302f32342d3234203d3e20323135363037.roa (raw, json)
Hash identifier: l8KLbRUOiGrXH3Uk9FSZHn5CFUYwT4fTa76eyiHPQN8=
Subject key identifier: 3D:22:D0:61:F5:F0:E1:60:5E:1C:F9:CD:9C:74:49:8C:90:86:8F:F8
Certificate issuer: /CN=6ccdc82bae7800f7d507c737924869bdeb5a76ea
Certificate serial: 3BF828DEC40801992941323998EDC89D7846C512
Authority key identifier: 6C:CD:C8:2B:AE:78:00:F7:D5:07:C7:37:92:48:69:BD:EB:5A:76:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bM3IK654APfVB8c3kkhpvetaduo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/3134372e3132352e3234322e302f32342d3234203d3e20323135363037.roa
Signing time: Tue 21 Apr 2026 09:09:13 +0000
ROA not before: Tue 21 Apr 2026 09:04:13 +0000
ROA not after: Tue 20 Apr 2027 09:09:13 +0000
asID: 215607
IP address blocks: 147.125.242.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/6CCDC82BAE7800F7D507C737924869BDEB5A76EA.crl
rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/6CCDC82BAE7800F7D507C737924869BDEB5A76EA.mft
rsync://rpki.ripe.net/repository/DEFAULT/bM3IK654APfVB8c3kkhpvetaduo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 09 May 2026 08:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3b:f8:28:de:c4:08:01:99:29:41:32:39:98:ed:c8:9d:78:46:c5:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ccdc82bae7800f7d507c737924869bdeb5a76ea
Validity
Not Before: Apr 21 09:04:13 2026 GMT
Not After : Apr 20 09:09:13 2027 GMT
Subject: CN=3D22D061F5F0E1605E1CF9CD9C74498C90868FF8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:3c:a7:e4:bb:87:96:28:0c:fa:65:58:c3:f6:
22:24:be:12:4e:8a:a8:79:9c:97:88:a1:f7:ba:f8:
6e:0d:11:b1:7f:e3:53:aa:09:8a:8c:3a:7f:a3:09:
57:ae:96:84:6b:57:18:87:94:17:05:47:e9:b7:c1:
f4:fd:05:f4:6d:9f:e0:5b:e2:9b:91:8d:cf:c6:c2:
1f:63:c3:a1:2c:b5:e6:aa:d1:f1:ab:ff:03:0c:03:
29:55:87:be:19:2a:b8:ab:51:6b:b5:48:39:34:6c:
8e:0f:90:f4:3a:64:35:0f:9b:f3:e2:9a:1e:91:65:
01:00:e1:2e:6b:8c:02:ab:0b:f3:cf:5e:ad:33:55:
91:c7:f1:dd:40:8a:2c:4d:a6:05:4f:e4:a4:c9:e3:
24:27:8d:83:e6:d1:80:9f:af:5b:85:66:94:a2:08:
bd:b6:1f:e9:d7:dd:ac:dc:c4:c8:97:c7:bf:99:a9:
71:cd:ac:04:2d:c0:f1:4d:7f:4d:c3:d2:f5:a4:bd:
60:50:8d:77:af:d4:ca:b8:08:d3:37:48:64:8b:ca:
cd:c1:93:c1:23:7c:30:3f:92:19:59:77:13:e6:68:
25:85:5f:75:84:54:50:bf:ca:4a:17:35:4f:c2:24:
25:52:35:06:13:bc:c4:4d:b9:95:d9:44:4e:4e:6f:
7f:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:22:D0:61:F5:F0:E1:60:5E:1C:F9:CD:9C:74:49:8C:90:86:8F:F8
X509v3 Authority Key Identifier:
keyid:6C:CD:C8:2B:AE:78:00:F7:D5:07:C7:37:92:48:69:BD:EB:5A:76:EA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/6CCDC82BAE7800F7D507C737924869BDEB5A76EA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bM3IK654APfVB8c3kkhpvetaduo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/3134372e3132352e3234322e302f32342d3234203d3e20323135363037.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.125.242.0/24
Signature Algorithm: sha256WithRSAEncryption
81:0a:fe:cc:17:f0:4a:90:12:cd:2f:aa:56:ab:0a:24:56:15:
b4:96:51:7a:32:42:0f:fc:15:dd:a0:df:ff:96:b9:7e:86:b2:
a2:c7:12:3e:5a:61:8a:ea:6e:7c:8f:89:49:82:61:08:82:48:
c4:4a:5b:e6:7b:ba:0e:61:6e:20:2b:cb:4e:2d:8b:6e:a0:df:
d6:48:93:86:34:11:7e:3d:b1:11:b9:62:b7:35:da:0d:0b:e0:
cd:94:34:35:3d:a3:8d:5f:ad:3d:78:b5:6a:0c:85:fd:8a:ab:
cd:cd:bd:e6:69:af:ad:4b:e1:43:0b:6d:10:41:7a:49:7d:97:
69:9d:6d:ad:7a:62:9c:ea:df:dd:7d:1c:06:84:79:c6:32:a1:
c6:37:da:aa:5e:3b:1b:10:56:3b:d0:a6:d6:85:b2:83:c7:98:
73:c8:ca:d5:70:1b:96:4d:5a:a5:ed:e4:0a:fa:97:39:3e:63:
f4:af:44:db:92:79:64:81:97:d1:48:f4:45:e8:e1:31:b7:67:
94:c3:a4:23:11:32:44:74:5e:71:6e:1e:7c:f3:33:73:c4:ea:
4e:4f:65:cb:53:50:f7:0b:63:7a:27:53:61:17:4d:3b:15:fb:
59:5e:47:17:0c:b3:6d:a1:69:72:3e:93:dd:82:a0:d2:85:c4:
ec:e0:e9:17
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUO/go3sQIAZkpQTI5mO3InXhGxRIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNmNjZGM4MmJhZTc4MDBmN2Q1MDdjNzM3OTI0ODY5YmRl
YjVhNzZlYTAeFw0yNjA0MjEwOTA0MTNaFw0yNzA0MjAwOTA5MTNaMDMxMTAvBgNV
BAMTKDNEMjJEMDYxRjVGMEUxNjA1RTFDRjlDRDlDNzQ0OThDOTA4NjhGRjgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDRPKfku4eWKAz6ZVjD9iIkvhJO
iqh5nJeIofe6+G4NEbF/41OqCYqMOn+jCVeuloRrVxiHlBcFR+m3wfT9BfRtn+Bb
4puRjc/Gwh9jw6Esteaq0fGr/wMMAylVh74ZKrirUWu1SDk0bI4PkPQ6ZDUPm/Pi
mh6RZQEA4S5rjAKrC/PPXq0zVZHH8d1AiixNpgVP5KTJ4yQnjYPm0YCfr1uFZpSi
CL22H+nX3azcxMiXx7+ZqXHNrAQtwPFNf03D0vWkvWBQjXev1Mq4CNM3SGSLys3B
k8EjfDA/khlZdxPmaCWFX3WEVFC/ykoXNU/CJCVSNQYTvMRNuZXZRE5Ob3+FAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUPSLQYfXw4WBeHPnNnHRJjJCGj/gwHwYDVR0j
BBgwFoAUbM3IK654APfVB8c3kkhpvetaduowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvY2NkMzg4NGEtYzM4NS00YjY1LTk4NjYtNGY2MzgzMTcy
NjcyLzAvNkNDREM4MkJBRTc4MDBGN0Q1MDdDNzM3OTI0ODY5QkRFQjVBNzZFQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2JNM0lLNjU0QVBmVkI4YzNra2hwdmV0
YWR1by5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvY2NkMzg4NGEt
YzM4NS00YjY1LTk4NjYtNGY2MzgzMTcyNjcyLzAvMzEzNDM3MmUzMTMyMzUyZTMy
MzQzMjJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzEzNTM2MzAzNy5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAJN98jANBgkqhkiG9w0BAQsFAAOCAQEAgQr+zBfwSpASzS+qVqsKJFYVtJZR
ejJCD/wV3aDf/5a5foayoscSPlphiupufI+JSYJhCIJIxEpb5nu6DmFuICvLTi2L
bqDf1kiThjQRfj2xEblitzXaDQvgzZQ0NT2jjV+tPXi1agyF/Yqrzc295mmvrUvh
QwttEEF6SX2XaZ1trXpinOrf3X0cBoR5xjKhxjfaql47GxBWO9Cm1oWyg8eYc8jK
1XAblk1ape3kCvqXOT5j9K9E25J5ZIGX0Uj0RejhMbdnlMOkIxEyRHRecW4efPMz
c8TqTk9ly1NQ9wtjeidTYRdNOxX7WV5HFwyzbaFpcj6T3YKg0oXE7ODpFw==
-----END CERTIFICATE-----
Generated at Fri May 8 15:35:29 2026 by rpki-client