Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/3134372e3132352e3235302e302f32342d3234203d3e2034363337.roa
File: 3134372e3132352e3235302e302f32342d3234203d3e2034363337.roa (raw, json)
Hash identifier: ibBGeFTQ2ZXfDiFpTHDaaY1+hkU1TludLEorffS17k4=
Subject key identifier: B7:F0:F8:73:07:31:9C:41:A1:44:99:00:2B:DD:71:A1:22:DB:E6:03
Certificate issuer: /CN=6ccdc82bae7800f7d507c737924869bdeb5a76ea
Certificate serial: 20B73809FBEC73BD34B91DF0E5B681BC11C70572
Authority key identifier: 6C:CD:C8:2B:AE:78:00:F7:D5:07:C7:37:92:48:69:BD:EB:5A:76:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bM3IK654APfVB8c3kkhpvetaduo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/3134372e3132352e3235302e302f32342d3234203d3e2034363337.roa
Signing time: Tue 21 Apr 2026 09:09:10 +0000
ROA not before: Tue 21 Apr 2026 09:04:10 +0000
ROA not after: Tue 20 Apr 2027 09:09:10 +0000
asID: 4637
IP address blocks: 147.125.250.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/6CCDC82BAE7800F7D507C737924869BDEB5A76EA.crl
rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/6CCDC82BAE7800F7D507C737924869BDEB5A76EA.mft
rsync://rpki.ripe.net/repository/DEFAULT/bM3IK654APfVB8c3kkhpvetaduo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 06 May 2026 15:56:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
20:b7:38:09:fb:ec:73:bd:34:b9:1d:f0:e5:b6:81:bc:11:c7:05:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ccdc82bae7800f7d507c737924869bdeb5a76ea
Validity
Not Before: Apr 21 09:04:10 2026 GMT
Not After : Apr 20 09:09:10 2027 GMT
Subject: CN=B7F0F87307319C41A14499002BDD71A122DBE603
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:78:36:34:ba:0f:21:a6:8e:78:02:18:2f:1f:
5b:92:b6:2d:42:d6:a9:bd:75:e1:d8:55:cc:9c:92:
02:bc:e9:f5:ee:41:f0:b0:a8:54:67:a3:67:a5:0c:
89:d7:d0:74:e2:3e:e9:d6:12:11:4f:6a:16:e9:97:
4b:13:cd:81:ea:54:c2:93:a6:79:bb:59:d6:25:da:
6e:f9:ed:d3:43:83:5b:3f:5a:62:14:be:09:d8:00:
c9:72:78:25:41:57:37:20:09:cb:d3:20:75:4e:db:
23:d4:c6:1b:66:54:c9:08:d0:85:4c:89:d3:ec:75:
a7:72:e5:d6:72:a2:4c:03:a7:6b:e1:29:d2:24:f9:
29:41:e4:ef:97:74:72:c3:07:27:cb:8d:a9:82:7c:
ac:28:c9:8a:fb:9a:0f:2a:b8:42:74:77:82:11:87:
ab:bf:7f:fb:c2:fe:d4:98:eb:80:ff:36:87:85:62:
1c:d3:73:28:c2:17:83:40:55:78:e4:1e:9a:6c:eb:
41:30:6b:98:f3:a1:a8:dd:3d:14:d5:79:9a:9c:e2:
59:ce:a4:1f:f9:95:b3:32:3e:18:bc:d2:11:4e:4d:
fd:b4:b2:8a:66:19:91:2c:17:3c:d6:42:db:f9:7d:
bf:98:4a:7c:f4:65:52:09:0c:de:2e:fb:fd:0d:01:
41:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:F0:F8:73:07:31:9C:41:A1:44:99:00:2B:DD:71:A1:22:DB:E6:03
X509v3 Authority Key Identifier:
keyid:6C:CD:C8:2B:AE:78:00:F7:D5:07:C7:37:92:48:69:BD:EB:5A:76:EA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/6CCDC82BAE7800F7D507C737924869BDEB5A76EA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bM3IK654APfVB8c3kkhpvetaduo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/3134372e3132352e3235302e302f32342d3234203d3e2034363337.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.125.250.0/24
Signature Algorithm: sha256WithRSAEncryption
92:70:af:a1:c0:ec:ef:b5:26:b3:a9:8b:6d:c6:c4:f8:31:7e:
71:79:d0:c3:db:72:d5:65:16:e6:5e:35:16:cc:b5:b6:86:8a:
9d:36:54:c7:3f:53:a5:44:9e:a0:97:37:05:f9:a7:72:ab:c4:
8a:76:fd:5f:ab:1f:b7:51:43:b1:d9:08:30:2f:7d:9c:49:bf:
83:f0:e9:6c:e9:32:8d:6d:71:26:e6:35:11:26:43:a0:d3:00:
8d:1a:53:8c:33:fe:17:18:3b:80:8b:f6:95:72:7a:2a:21:f6:
e6:e6:90:17:0c:31:a0:37:ab:55:53:ba:19:d1:89:91:4b:ea:
47:38:33:16:75:6c:d3:a9:03:56:81:a5:95:51:d4:25:41:ab:
d2:48:ba:1c:b2:c3:ee:b5:ab:36:71:67:26:b1:e0:cd:fb:ff:
40:f4:cb:fa:f8:89:6e:8a:27:b3:b5:74:a2:d1:00:de:26:7a:
f6:ee:8d:24:36:ff:7f:cd:f7:c4:44:de:5f:8f:21:9d:40:49:
ba:24:74:dc:27:97:52:1b:e4:69:6f:6c:94:6c:22:d3:95:a8:
63:21:9b:4f:35:33:8e:4b:94:5b:80:ce:e2:61:01:90:6c:c9:
cc:f3:81:fe:fc:d8:e1:d2:ab:5d:df:9d:89:d5:41:d4:91:6b:
60:94:24:74
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUILc4Cfvsc700uR3w5baBvBHHBXIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNmNjZGM4MmJhZTc4MDBmN2Q1MDdjNzM3OTI0ODY5YmRl
YjVhNzZlYTAeFw0yNjA0MjEwOTA0MTBaFw0yNzA0MjAwOTA5MTBaMDMxMTAvBgNV
BAMTKEI3RjBGODczMDczMTlDNDFBMTQ0OTkwMDJCREQ3MUExMjJEQkU2MDMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCoeDY0ug8hpo54AhgvH1uSti1C
1qm9deHYVcyckgK86fXuQfCwqFRno2elDInX0HTiPunWEhFPahbpl0sTzYHqVMKT
pnm7WdYl2m757dNDg1s/WmIUvgnYAMlyeCVBVzcgCcvTIHVO2yPUxhtmVMkI0IVM
idPsdady5dZyokwDp2vhKdIk+SlB5O+XdHLDByfLjamCfKwoyYr7mg8quEJ0d4IR
h6u/f/vC/tSY64D/NoeFYhzTcyjCF4NAVXjkHpps60Ewa5jzoajdPRTVeZqc4lnO
pB/5lbMyPhi80hFOTf20sopmGZEsFzzWQtv5fb+YSnz0ZVIJDN4u+/0NAUElAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUt/D4cwcxnEGhRJkAK91xoSLb5gMwHwYDVR0j
BBgwFoAUbM3IK654APfVB8c3kkhpvetaduowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvY2NkMzg4NGEtYzM4NS00YjY1LTk4NjYtNGY2MzgzMTcy
NjcyLzAvNkNDREM4MkJBRTc4MDBGN0Q1MDdDNzM3OTI0ODY5QkRFQjVBNzZFQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2JNM0lLNjU0QVBmVkI4YzNra2hwdmV0
YWR1by5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvY2NkMzg4NGEt
YzM4NS00YjY1LTk4NjYtNGY2MzgzMTcyNjcyLzAvMzEzNDM3MmUzMTMyMzUyZTMy
MzUzMDJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM0MzYzMzM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
k336MA0GCSqGSIb3DQEBCwUAA4IBAQCScK+hwOzvtSazqYttxsT4MX5xedDD23LV
ZRbmXjUWzLW2hoqdNlTHP1OlRJ6glzcF+adyq8SKdv1fqx+3UUOx2QgwL32cSb+D
8Ols6TKNbXEm5jURJkOg0wCNGlOMM/4XGDuAi/aVcnoqIfbm5pAXDDGgN6tVU7oZ
0YmRS+pHODMWdWzTqQNWgaWVUdQlQavSSLocssPutas2cWcmseDN+/9A9Mv6+Ilu
iieztXSi0QDeJnr27o0kNv9/zffERN5fjyGdQEm6JHTcJ5dSG+Rpb2yUbCLTlahj
IZtPNTOOS5RbgM7iYQGQbMnM84H+/Njh0qtd352J1UHUkWtglCR0
-----END CERTIFICATE-----
Generated at Wed May 6 02:40:32 2026 by rpki-client