Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/3134372e3132352e3235302e302f32332d3234203d3e2034373636.roa
File: 3134372e3132352e3235302e302f32332d3234203d3e2034373636.roa (raw, json)
Hash identifier: JnjdW5zSEHH9cRKXo+YrZ+m75+isMdzrTHr55fls/hw=
Subject key identifier: 38:11:81:84:71:0F:88:C1:6C:47:B3:17:7C:69:62:B1:21:E2:B2:A5
Certificate issuer: /CN=6ccdc82bae7800f7d507c737924869bdeb5a76ea
Certificate serial: 288ABE3C1C05223D3E50AA0AE13146290DFADEC1
Authority key identifier: 6C:CD:C8:2B:AE:78:00:F7:D5:07:C7:37:92:48:69:BD:EB:5A:76:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bM3IK654APfVB8c3kkhpvetaduo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/3134372e3132352e3235302e302f32332d3234203d3e2034373636.roa
Signing time: Mon 06 Oct 2025 17:48:56 +0000
ROA not before: Mon 06 Oct 2025 17:43:56 +0000
ROA not after: Mon 05 Oct 2026 17:48:56 +0000
asID: 4766
IP address blocks: 147.125.250.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/6CCDC82BAE7800F7D507C737924869BDEB5A76EA.crl
rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/6CCDC82BAE7800F7D507C737924869BDEB5A76EA.mft
rsync://rpki.ripe.net/repository/DEFAULT/bM3IK654APfVB8c3kkhpvetaduo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 06:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
28:8a:be:3c:1c:05:22:3d:3e:50:aa:0a:e1:31:46:29:0d:fa:de:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ccdc82bae7800f7d507c737924869bdeb5a76ea
Validity
Not Before: Oct 6 17:43:56 2025 GMT
Not After : Oct 5 17:48:56 2026 GMT
Subject: CN=38118184710F88C16C47B3177C6962B121E2B2A5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:9b:24:2e:25:92:a0:f6:9d:74:61:63:83:eb:
3e:19:a3:80:bd:19:d8:f9:a2:d9:f3:f0:f4:7a:f0:
bb:60:24:8d:d9:c6:9a:40:8a:86:5a:85:16:5d:68:
95:1f:ed:24:35:93:63:a8:b1:26:ac:de:7c:3f:d8:
24:70:3d:31:4f:d7:47:ca:16:36:30:75:c1:18:4e:
6e:bb:c7:15:3e:a7:31:64:a8:8d:34:fa:fe:34:1f:
1e:23:4b:15:2e:30:93:e5:49:15:a1:70:77:84:2c:
ca:cf:b7:b5:49:fd:04:e3:c4:6a:ab:f9:b3:20:1a:
4c:ee:e8:ec:9b:c8:70:ff:77:97:78:94:a1:99:8b:
b5:fe:b6:30:c6:fb:6d:0c:a5:1f:fc:9c:70:3b:fc:
15:8b:dc:85:71:d8:cd:1d:ce:1c:2c:1d:3c:6d:c4:
a4:9e:50:eb:6c:09:19:f1:f6:54:a2:93:4c:23:19:
78:7c:7b:94:38:2c:11:af:1d:07:01:05:fe:44:c2:
51:76:a7:9b:be:71:12:50:33:88:2a:62:44:43:7e:
ee:40:6e:fd:6f:95:d8:d9:16:93:bc:01:c8:a5:d5:
07:16:ec:45:bb:e9:cf:d4:ae:50:2f:f3:fb:dc:74:
8f:6b:67:9f:d5:2b:9a:89:e3:25:fd:e3:c6:20:e2:
bf:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:11:81:84:71:0F:88:C1:6C:47:B3:17:7C:69:62:B1:21:E2:B2:A5
X509v3 Authority Key Identifier:
keyid:6C:CD:C8:2B:AE:78:00:F7:D5:07:C7:37:92:48:69:BD:EB:5A:76:EA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/6CCDC82BAE7800F7D507C737924869BDEB5A76EA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bM3IK654APfVB8c3kkhpvetaduo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/3134372e3132352e3235302e302f32332d3234203d3e2034373636.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.125.250.0/23
Signature Algorithm: sha256WithRSAEncryption
56:93:8b:63:4d:b3:dc:5e:9a:96:31:e2:e4:df:cd:09:34:db:
17:d3:f5:d8:a5:da:a6:e8:3e:ac:40:ff:56:c2:80:2d:ef:0c:
ae:0e:34:aa:3a:4c:bf:b5:f3:43:94:72:59:9b:e9:71:83:72:
c5:32:a3:d9:b7:fb:cc:7f:6b:04:dd:34:8a:1f:52:e1:97:98:
66:e5:26:78:5c:44:34:a6:d6:66:88:89:32:ec:48:c8:cc:76:
0e:df:58:b8:d9:33:1a:ac:fb:25:67:28:40:9f:72:27:a6:e3:
3b:48:16:4b:7e:f3:8b:b0:48:9c:c5:11:56:5a:9e:e8:d3:74:
5c:4f:f9:cf:85:cf:21:4e:1e:8a:db:30:4b:25:2c:2a:2b:79:
0c:7b:15:9c:e4:8b:b3:29:f2:b3:45:f2:83:59:78:d0:ea:1f:
6f:63:3e:b4:67:d2:21:c2:f5:20:ce:1e:66:33:b6:a9:98:0f:
4d:95:9b:96:50:71:76:5a:bf:b2:d9:49:f1:e6:39:1a:32:c4:
af:64:76:39:ae:6c:c7:8a:0e:d8:b3:14:49:4f:51:c4:6c:e1:
82:0a:e9:c2:f8:b9:da:b8:36:77:9a:65:74:de:b1:4d:29:01:
e4:ef:26:06:19:63:71:b1:48:7f:15:00:21:06:2c:71:e7:5d:
14:03:d0:09
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUKIq+PBwFIj0+UKoK4TFGKQ363sEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNmNjZGM4MmJhZTc4MDBmN2Q1MDdjNzM3OTI0ODY5YmRl
YjVhNzZlYTAeFw0yNTEwMDYxNzQzNTZaFw0yNjEwMDUxNzQ4NTZaMDMxMTAvBgNV
BAMTKDM4MTE4MTg0NzEwRjg4QzE2QzQ3QjMxNzdDNjk2MkIxMjFFMkIyQTUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCVmyQuJZKg9p10YWOD6z4Zo4C9
Gdj5otnz8PR68LtgJI3ZxppAioZahRZdaJUf7SQ1k2OosSas3nw/2CRwPTFP10fK
FjYwdcEYTm67xxU+pzFkqI00+v40Hx4jSxUuMJPlSRWhcHeELMrPt7VJ/QTjxGqr
+bMgGkzu6OybyHD/d5d4lKGZi7X+tjDG+20MpR/8nHA7/BWL3IVx2M0dzhwsHTxt
xKSeUOtsCRnx9lSik0wjGXh8e5Q4LBGvHQcBBf5EwlF2p5u+cRJQM4gqYkRDfu5A
bv1vldjZFpO8Acil1QcW7EW76c/UrlAv8/vcdI9rZ5/VK5qJ4yX948Yg4r9TAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUOBGBhHEPiMFsR7MXfGlisSHisqUwHwYDVR0j
BBgwFoAUbM3IK654APfVB8c3kkhpvetaduowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvY2NkMzg4NGEtYzM4NS00YjY1LTk4NjYtNGY2MzgzMTcy
NjcyLzAvNkNDREM4MkJBRTc4MDBGN0Q1MDdDNzM3OTI0ODY5QkRFQjVBNzZFQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2JNM0lLNjU0QVBmVkI4YzNra2hwdmV0
YWR1by5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvY2NkMzg4NGEt
YzM4NS00YjY1LTk4NjYtNGY2MzgzMTcyNjcyLzAvMzEzNDM3MmUzMTMyMzUyZTMy
MzUzMDJlMzAyZjMyMzMyZDMyMzQyMDNkM2UyMDM0MzczNjM2LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQB
k336MA0GCSqGSIb3DQEBCwUAA4IBAQBWk4tjTbPcXpqWMeLk380JNNsX0/XYpdqm
6D6sQP9WwoAt7wyuDjSqOky/tfNDlHJZm+lxg3LFMqPZt/vMf2sE3TSKH1Lhl5hm
5SZ4XEQ0ptZmiIky7EjIzHYO31i42TMarPslZyhAn3InpuM7SBZLfvOLsEicxRFW
Wp7o03RcT/nPhc8hTh6K2zBLJSwqK3kMexWc5IuzKfKzRfKDWXjQ6h9vYz60Z9Ih
wvUgzh5mM7apmA9NlZuWUHF2Wr+y2Unx5jkaMsSvZHY5rmzHig7YsxRJT1HEbOGC
CunC+LnauDZ3mmV03rFNKQHk7yYGGWNxsUh/FQAhBixx510UA9AJ
-----END CERTIFICATE-----
Generated at Sun Oct 19 16:10:29 2025 by rpki-client