Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/3134372e3132352e3235352e302f32342d3234203d3e20333936333536.roa
File: 3134372e3132352e3235352e302f32342d3234203d3e20333936333536.roa (raw, json)
Hash identifier: jxhjjg5d8Nq9dEmVX6+U5Zx7JSnz9NbZMgdPvYtW1Sk=
Subject key identifier: C4:9C:04:D1:67:92:E7:00:DB:63:7E:40:B6:4A:86:7F:FB:2B:09:E8
Certificate issuer: /CN=6ccdc82bae7800f7d507c737924869bdeb5a76ea
Certificate serial: 62645EE3171644E46D04509477D83C603AA2D349
Authority key identifier: 6C:CD:C8:2B:AE:78:00:F7:D5:07:C7:37:92:48:69:BD:EB:5A:76:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bM3IK654APfVB8c3kkhpvetaduo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/3134372e3132352e3235352e302f32342d3234203d3e20333936333536.roa
Signing time: Tue 21 Apr 2026 09:09:10 +0000
ROA not before: Tue 21 Apr 2026 09:04:10 +0000
ROA not after: Tue 20 Apr 2027 09:09:10 +0000
asID: 396356
IP address blocks: 147.125.255.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/6CCDC82BAE7800F7D507C737924869BDEB5A76EA.crl
rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/6CCDC82BAE7800F7D507C737924869BDEB5A76EA.mft
rsync://rpki.ripe.net/repository/DEFAULT/bM3IK654APfVB8c3kkhpvetaduo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 22:31:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
62:64:5e:e3:17:16:44:e4:6d:04:50:94:77:d8:3c:60:3a:a2:d3:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ccdc82bae7800f7d507c737924869bdeb5a76ea
Validity
Not Before: Apr 21 09:04:10 2026 GMT
Not After : Apr 20 09:09:10 2027 GMT
Subject: CN=C49C04D16792E700DB637E40B64A867FFB2B09E8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:a2:b7:d0:ce:f1:6a:a0:86:78:91:aa:f4:76:
c9:83:ef:67:c1:e3:fd:ef:2c:25:85:f8:92:31:dc:
59:5b:01:60:74:9a:f4:1c:df:3b:c5:a7:ee:94:68:
33:19:16:a7:5a:29:dc:21:8b:c5:52:3d:73:be:76:
a8:95:23:24:e9:15:73:b1:0f:33:36:28:f3:25:f2:
36:9c:94:fc:11:e6:fa:91:4c:eb:1f:8b:3a:3e:5e:
05:27:68:1d:86:1a:69:e2:16:b1:46:9a:42:80:4f:
45:0d:f9:05:ef:fb:9e:e4:54:ec:3a:db:42:ae:9f:
05:e1:13:e1:5b:9a:d2:0c:a2:fd:f8:57:6a:78:4b:
93:88:77:4b:de:b2:14:fc:6b:f2:cd:bd:84:1c:08:
01:1f:fa:3f:27:44:da:d1:f8:ae:c2:67:17:f2:ef:
69:85:6f:3f:98:37:3b:a0:43:e8:60:c8:71:c0:57:
d0:92:89:74:21:8e:54:b6:9f:cb:e5:82:a7:6b:19:
e4:f9:c6:59:79:57:d8:dc:2c:9c:5a:b5:2f:c6:d8:
d5:45:5e:19:ca:8c:5a:c2:73:f7:dd:48:ab:e2:16:
1c:06:95:5c:d8:3d:2a:e2:10:bb:b9:a9:53:6f:9f:
69:c2:73:94:56:2e:ed:5e:ac:eb:88:8b:90:fd:b0:
8b:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:9C:04:D1:67:92:E7:00:DB:63:7E:40:B6:4A:86:7F:FB:2B:09:E8
X509v3 Authority Key Identifier:
keyid:6C:CD:C8:2B:AE:78:00:F7:D5:07:C7:37:92:48:69:BD:EB:5A:76:EA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/6CCDC82BAE7800F7D507C737924869BDEB5A76EA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bM3IK654APfVB8c3kkhpvetaduo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/3134372e3132352e3235352e302f32342d3234203d3e20333936333536.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.125.255.0/24
Signature Algorithm: sha256WithRSAEncryption
6c:d3:2c:f9:4e:9a:8c:c4:5a:dd:b5:c6:91:0f:0e:db:47:cb:
93:23:59:ad:79:4a:fb:b0:37:3e:c8:67:b6:0f:64:1f:f0:e1:
ea:00:c4:cd:a9:e4:2f:0b:5d:3e:3f:e7:0a:ac:f4:3c:ee:b5:
13:b2:5f:ec:18:57:b4:cf:51:ef:a8:53:5b:db:f9:fb:88:6a:
bd:2f:91:62:a9:61:9e:92:50:3f:d5:fd:b1:47:3e:cc:47:24:
1a:5e:95:78:5a:62:e2:c2:be:88:2a:75:2c:9c:75:14:b5:36:
f0:51:57:53:10:17:f6:4a:42:9c:8b:e8:3c:dd:79:a9:df:8f:
17:c6:89:ec:ae:35:f7:0a:c4:ed:3b:04:95:a4:31:4b:a9:73:
36:97:18:0e:45:63:a2:ce:ae:53:91:2d:ee:d4:55:c9:52:a5:
5a:a7:4f:1d:5e:8b:66:a4:a1:7c:8d:e9:8f:20:08:ec:d1:aa:
46:71:9f:03:b4:02:15:11:4f:ef:eb:df:b7:8a:a5:d6:d3:53:
a8:c0:fb:0f:af:d3:fa:9a:f4:87:56:ad:9b:90:38:2a:0f:1b:
eb:b3:64:8a:6d:c7:a3:bd:30:29:15:63:c9:c1:cc:ce:03:ec:
01:b2:b3:4b:c5:df:6d:17:cc:52:64:d3:cd:ff:0a:f4:9d:62:
6c:06:9d:17
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUYmRe4xcWRORtBFCUd9g8YDqi00kwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNmNjZGM4MmJhZTc4MDBmN2Q1MDdjNzM3OTI0ODY5YmRl
YjVhNzZlYTAeFw0yNjA0MjEwOTA0MTBaFw0yNzA0MjAwOTA5MTBaMDMxMTAvBgNV
BAMTKEM0OUMwNEQxNjc5MkU3MDBEQjYzN0U0MEI2NEE4NjdGRkIyQjA5RTgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDAorfQzvFqoIZ4kar0dsmD72fB
4/3vLCWF+JIx3FlbAWB0mvQc3zvFp+6UaDMZFqdaKdwhi8VSPXO+dqiVIyTpFXOx
DzM2KPMl8jaclPwR5vqRTOsfizo+XgUnaB2GGmniFrFGmkKAT0UN+QXv+57kVOw6
20KunwXhE+FbmtIMov34V2p4S5OId0veshT8a/LNvYQcCAEf+j8nRNrR+K7CZxfy
72mFbz+YNzugQ+hgyHHAV9CSiXQhjlS2n8vlgqdrGeT5xll5V9jcLJxatS/G2NVF
XhnKjFrCc/fdSKviFhwGlVzYPSriELu5qVNvn2nCc5RWLu1erOuIi5D9sIvPAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUxJwE0WeS5wDbY35AtkqGf/srCegwHwYDVR0j
BBgwFoAUbM3IK654APfVB8c3kkhpvetaduowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvY2NkMzg4NGEtYzM4NS00YjY1LTk4NjYtNGY2MzgzMTcy
NjcyLzAvNkNDREM4MkJBRTc4MDBGN0Q1MDdDNzM3OTI0ODY5QkRFQjVBNzZFQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2JNM0lLNjU0QVBmVkI4YzNra2hwdmV0
YWR1by5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvY2NkMzg4NGEt
YzM4NS00YjY1LTk4NjYtNGY2MzgzMTcyNjcyLzAvMzEzNDM3MmUzMTMyMzUyZTMy
MzUzNTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMzMzkzNjMzMzUzNi5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAJN9/zANBgkqhkiG9w0BAQsFAAOCAQEAbNMs+U6ajMRa3bXGkQ8O20fLkyNZ
rXlK+7A3Pshntg9kH/Dh6gDEzankLwtdPj/nCqz0PO61E7Jf7BhXtM9R76hTW9v5
+4hqvS+RYqlhnpJQP9X9sUc+zEckGl6VeFpi4sK+iCp1LJx1FLU28FFXUxAX9kpC
nIvoPN15qd+PF8aJ7K419wrE7TsElaQxS6lzNpcYDkVjos6uU5Et7tRVyVKlWqdP
HV6LZqShfI3pjyAI7NGqRnGfA7QCFRFP7+vft4ql1tNTqMD7D6/T+pr0h1atm5A4
Kg8b67Nkim3Ho70wKRVjycHMzgPsAbKzS8XfbRfMUmTTzf8K9J1ibAadFw==
-----END CERTIFICATE-----
Generated at Wed May 13 08:49:09 2026 by rpki-client