Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/3134372e3132352e3235302e302f32342d3234203d3e20333938343635.roa
File: 3134372e3132352e3235302e302f32342d3234203d3e20333938343635.roa (raw, json)
Hash identifier: HjPAuAoB8QtvL5mIPBu0WMDGKqaM36JgfQAF3k//TE0=
Subject key identifier: B7:2D:02:2C:C9:27:4F:86:21:FE:24:83:D2:26:B0:74:D4:C4:7D:DC
Certificate issuer: /CN=6ccdc82bae7800f7d507c737924869bdeb5a76ea
Certificate serial: 5C7D7E95F8EB8FB030B9D72A2C1647601A0FE3AB
Authority key identifier: 6C:CD:C8:2B:AE:78:00:F7:D5:07:C7:37:92:48:69:BD:EB:5A:76:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bM3IK654APfVB8c3kkhpvetaduo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/3134372e3132352e3235302e302f32342d3234203d3e20333938343635.roa
Signing time: Tue 21 Apr 2026 09:09:11 +0000
ROA not before: Tue 21 Apr 2026 09:04:11 +0000
ROA not after: Tue 20 Apr 2027 09:09:11 +0000
asID: 398465
IP address blocks: 147.125.250.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/6CCDC82BAE7800F7D507C737924869BDEB5A76EA.crl
rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/6CCDC82BAE7800F7D507C737924869BDEB5A76EA.mft
rsync://rpki.ripe.net/repository/DEFAULT/bM3IK654APfVB8c3kkhpvetaduo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 22:31:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5c:7d:7e:95:f8:eb:8f:b0:30:b9:d7:2a:2c:16:47:60:1a:0f:e3:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ccdc82bae7800f7d507c737924869bdeb5a76ea
Validity
Not Before: Apr 21 09:04:11 2026 GMT
Not After : Apr 20 09:09:11 2027 GMT
Subject: CN=B72D022CC9274F8621FE2483D226B074D4C47DDC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:89:27:f9:6d:d7:32:cf:35:67:c3:25:68:a7:
54:ce:87:d4:db:69:c4:52:bc:91:2d:83:1d:a5:33:
39:65:c7:7d:7d:d9:d8:69:1e:29:d3:f9:1c:8c:64:
db:b5:d3:fe:8a:dd:93:76:4c:a7:9f:8b:f0:f5:8e:
f0:4b:82:33:04:c5:85:10:8e:3c:cb:5e:cd:b9:6e:
38:0a:e3:0b:d0:2c:8f:fd:f0:b8:29:cb:c1:90:2d:
9e:a5:66:57:29:57:83:af:0d:05:91:16:c8:eb:d9:
6c:9a:6f:51:66:b1:66:b7:c2:09:bc:a4:72:8d:e8:
0e:c6:24:00:61:8a:be:71:ff:c2:38:79:6e:a8:a2:
51:15:05:0e:3a:1f:c6:43:00:82:c5:97:71:35:bd:
37:a8:79:99:4f:e4:21:cb:07:bd:8d:05:5b:aa:8a:
eb:4c:ea:39:d1:ab:f3:bc:bc:fd:c4:78:f8:59:47:
66:09:d0:d1:c9:c6:28:62:5f:84:dd:2f:52:8c:3e:
5a:ac:b1:7c:21:df:4e:e9:04:fc:65:bf:e8:82:0b:
4f:b2:07:cf:7d:40:65:50:3b:22:3f:2a:4b:77:da:
fa:f2:9d:76:c2:c9:ae:83:2f:e5:17:20:37:4d:83:
09:f6:5e:94:5c:d3:91:1a:ea:43:b1:a7:fd:ca:85:
cf:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:2D:02:2C:C9:27:4F:86:21:FE:24:83:D2:26:B0:74:D4:C4:7D:DC
X509v3 Authority Key Identifier:
keyid:6C:CD:C8:2B:AE:78:00:F7:D5:07:C7:37:92:48:69:BD:EB:5A:76:EA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/6CCDC82BAE7800F7D507C737924869BDEB5A76EA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bM3IK654APfVB8c3kkhpvetaduo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/3134372e3132352e3235302e302f32342d3234203d3e20333938343635.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.125.250.0/24
Signature Algorithm: sha256WithRSAEncryption
37:74:81:05:06:c7:1b:ca:c9:32:50:52:82:53:75:82:0d:7f:
91:5e:7e:3e:20:3e:98:d3:b3:2b:8b:7e:b0:41:fa:89:97:f3:
1a:3d:d4:cd:1e:55:ee:78:69:d5:af:ed:a3:b1:0e:33:3d:21:
4c:75:60:98:36:08:5a:6d:16:eb:19:ed:9b:92:d6:9e:e8:9f:
20:19:9f:b4:00:0c:1c:91:83:9a:b0:e6:42:32:0a:c4:22:9f:
c7:2b:67:fc:a8:a6:85:f7:d7:af:c1:ee:d3:66:c4:06:3d:1c:
77:c8:54:53:da:67:5d:5f:89:fa:eb:ee:88:18:2c:9b:53:56:
91:bf:34:28:49:04:c9:44:3b:6b:45:46:fe:fb:3e:0d:df:a4:
32:64:ac:98:b2:c7:ba:34:70:f8:7e:27:0d:bf:f7:8d:4f:7e:
77:4e:82:c2:bf:2d:8c:f5:b5:6b:ab:d9:e2:97:94:82:80:2d:
5d:a7:58:49:a3:97:03:7e:bf:d9:e6:8f:3c:91:e3:22:34:a1:
0d:98:1c:7b:0e:86:20:56:2d:5b:38:80:1d:3f:53:8b:02:2e:
f6:5c:fb:13:35:37:b8:fc:14:d3:b1:e6:b9:53:4d:3e:61:3f:
45:60:ad:46:6a:9b:ba:fe:7e:df:35:dc:68:db:ea:2f:9f:73:
12:28:7b:b3
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUXH1+lfjrj7AwudcqLBZHYBoP46swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNmNjZGM4MmJhZTc4MDBmN2Q1MDdjNzM3OTI0ODY5YmRl
YjVhNzZlYTAeFw0yNjA0MjEwOTA0MTFaFw0yNzA0MjAwOTA5MTFaMDMxMTAvBgNV
BAMTKEI3MkQwMjJDQzkyNzRGODYyMUZFMjQ4M0QyMjZCMDc0RDRDNDdEREMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC4iSf5bdcyzzVnwyVop1TOh9Tb
acRSvJEtgx2lMzllx3192dhpHinT+RyMZNu10/6K3ZN2TKefi/D1jvBLgjMExYUQ
jjzLXs25bjgK4wvQLI/98Lgpy8GQLZ6lZlcpV4OvDQWRFsjr2Wyab1FmsWa3wgm8
pHKN6A7GJABhir5x/8I4eW6oolEVBQ46H8ZDAILFl3E1vTeoeZlP5CHLB72NBVuq
iutM6jnRq/O8vP3EePhZR2YJ0NHJxihiX4TdL1KMPlqssXwh307pBPxlv+iCC0+y
B899QGVQOyI/Kkt32vrynXbCya6DL+UXIDdNgwn2XpRc05Ea6kOxp/3Khc8/AgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUty0CLMknT4Yh/iSD0iawdNTEfdwwHwYDVR0j
BBgwFoAUbM3IK654APfVB8c3kkhpvetaduowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvY2NkMzg4NGEtYzM4NS00YjY1LTk4NjYtNGY2MzgzMTcy
NjcyLzAvNkNDREM4MkJBRTc4MDBGN0Q1MDdDNzM3OTI0ODY5QkRFQjVBNzZFQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2JNM0lLNjU0QVBmVkI4YzNra2hwdmV0
YWR1by5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvY2NkMzg4NGEt
YzM4NS00YjY1LTk4NjYtNGY2MzgzMTcyNjcyLzAvMzEzNDM3MmUzMTMyMzUyZTMy
MzUzMDJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMzMzkzODM0MzYzNS5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAJN9+jANBgkqhkiG9w0BAQsFAAOCAQEAN3SBBQbHG8rJMlBSglN1gg1/kV5+
PiA+mNOzK4t+sEH6iZfzGj3UzR5V7nhp1a/to7EOMz0hTHVgmDYIWm0W6xntm5LW
nuifIBmftAAMHJGDmrDmQjIKxCKfxytn/KimhffXr8Hu02bEBj0cd8hUU9pnXV+J
+uvuiBgsm1NWkb80KEkEyUQ7a0VG/vs+Dd+kMmSsmLLHujRw+H4nDb/3jU9+d06C
wr8tjPW1a6vZ4peUgoAtXadYSaOXA36/2eaPPJHjIjShDZgcew6GIFYtWziAHT9T
iwIu9lz7EzU3uPwU07HmuVNNPmE/RWCtRmqbuv5+3zXcaNvqL59zEih7sw==
-----END CERTIFICATE-----
Generated at Wed May 13 09:40:40 2026 by rpki-client