Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/AS47377.roa
File: AS47377.roa (raw, json)
Hash identifier: OQL0cZs5RWvoFjz2M63yQuFroA+WBXFRgA/pdv3BbhE=
Subject key identifier: 9B:C0:77:C5:87:71:12:56:DC:EE:56:22:63:5C:3C:08:75:CB:28:65
Certificate issuer: /CN=6ccdc82bae7800f7d507c737924869bdeb5a76ea
Certificate serial: 4CA1BD39AF15DFEBC8B3DD2F2EE626E19F8ED0E9
Authority key identifier: 6C:CD:C8:2B:AE:78:00:F7:D5:07:C7:37:92:48:69:BD:EB:5A:76:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bM3IK654APfVB8c3kkhpvetaduo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/AS47377.roa
Signing time: Wed 04 Mar 2026 08:30:28 +0000
ROA not before: Wed 04 Mar 2026 08:25:28 +0000
ROA not after: Wed 03 Mar 2027 08:30:28 +0000
asID: 47377
IP address blocks: 147.125.151.0/24 maxlen: 24
147.125.156.0/24 maxlen: 24
147.125.196.0/24 maxlen: 24
147.125.197.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/6CCDC82BAE7800F7D507C737924869BDEB5A76EA.crl
rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/6CCDC82BAE7800F7D507C737924869BDEB5A76EA.mft
rsync://rpki.ripe.net/repository/DEFAULT/bM3IK654APfVB8c3kkhpvetaduo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 13 Mar 2026 14:14:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4c:a1:bd:39:af:15:df:eb:c8:b3:dd:2f:2e:e6:26:e1:9f:8e:d0:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ccdc82bae7800f7d507c737924869bdeb5a76ea
Validity
Not Before: Mar 4 08:25:28 2026 GMT
Not After : Mar 3 08:30:28 2027 GMT
Subject: CN=9BC077C587711256DCEE5622635C3C0875CB2865
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:8e:49:f7:9e:78:e4:f8:76:d1:3f:98:13:46:
64:56:35:99:7e:d1:ee:45:e0:cc:3d:cc:85:65:79:
fb:10:b8:00:e9:dc:06:ad:a9:ab:6e:d6:b7:45:2f:
da:08:36:48:cb:02:af:83:c9:c5:16:c5:78:f7:05:
0c:df:ca:a1:a3:33:3f:5f:3f:fc:1a:9f:77:aa:72:
15:ca:57:01:d0:d3:de:fb:79:7e:c6:71:a0:62:44:
34:91:df:92:c0:06:01:74:61:59:ed:30:20:1d:ff:
ac:8b:19:f0:07:ef:15:f8:ec:ec:87:74:8a:96:03:
2a:1f:ff:3e:0b:5f:50:a8:dc:56:61:98:60:3d:89:
3d:3c:7d:fc:54:b9:b7:59:9d:78:e2:6d:33:d3:0d:
34:66:5a:e5:cf:57:e0:0d:eb:63:00:9e:b2:91:02:
72:13:7f:9b:d9:86:a9:5e:64:02:a6:4f:62:10:af:
79:40:0a:bf:0d:8e:e9:6d:4f:72:4a:98:fb:4d:9c:
cc:7f:39:84:10:49:49:09:cd:1e:61:01:e1:5c:64:
ec:66:66:29:fb:8f:0f:9f:9b:8d:52:34:ea:39:f1:
b7:f6:b4:b2:82:38:26:2a:25:5e:b7:56:65:be:b4:
fb:20:2c:c6:e6:a0:e4:74:01:58:a4:04:ac:10:a7:
8f:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:C0:77:C5:87:71:12:56:DC:EE:56:22:63:5C:3C:08:75:CB:28:65
X509v3 Authority Key Identifier:
keyid:6C:CD:C8:2B:AE:78:00:F7:D5:07:C7:37:92:48:69:BD:EB:5A:76:EA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/6CCDC82BAE7800F7D507C737924869BDEB5A76EA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bM3IK654APfVB8c3kkhpvetaduo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/AS47377.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.125.151.0/24
147.125.156.0/24
147.125.196.0/23
Signature Algorithm: sha256WithRSAEncryption
01:e5:c7:b9:7d:a4:0b:a1:63:22:46:49:36:82:c7:a2:c1:7a:
c8:a5:de:0e:61:d9:fe:b0:5f:6e:05:d7:22:80:3b:4e:dd:76:
be:c9:9d:8e:5b:23:95:64:7f:6f:85:c2:13:6a:9b:bd:92:36:
01:34:f4:2f:fe:f3:e8:5f:cd:76:79:a7:5d:22:68:47:04:c8:
11:d6:53:b6:9e:2c:65:80:2a:10:86:5c:9d:e4:b6:53:4a:af:
c9:a4:1e:46:48:8e:bd:1f:b1:c5:66:78:d1:c2:09:10:2e:56:
88:3a:7b:1d:b2:16:2b:f1:43:62:b9:58:79:8d:8e:35:71:61:
43:51:a5:e2:2c:f5:9a:16:d4:08:e8:69:0d:71:88:6f:c9:2f:
dc:cd:49:3c:7a:c3:32:16:06:9a:ba:e2:8d:42:91:d0:a3:8c:
bc:01:53:b8:33:f1:25:1f:1b:4b:26:47:a2:68:df:52:ea:eb:
42:67:7e:9d:a9:0d:e2:29:70:c8:40:f4:7b:e0:e2:8a:db:1d:
3c:17:b5:2a:95:37:b5:9d:2a:59:71:71:2e:f0:fa:1a:06:1d:
47:7a:53:70:80:6f:6c:80:b7:84:98:69:95:f3:10:99:4d:be:
90:93:8a:4a:2b:9e:b0:b1:d0:ce:f9:e5:d4:36:9e:a1:96:ed:
5a:8f:4c:ea
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgIUTKG9Oa8V3+vIs90vLuYm4Z+O0OkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNmNjZGM4MmJhZTc4MDBmN2Q1MDdjNzM3OTI0ODY5YmRl
YjVhNzZlYTAeFw0yNjAzMDQwODI1MjhaFw0yNzAzMDMwODMwMjhaMDMxMTAvBgNV
BAMTKDlCQzA3N0M1ODc3MTEyNTZEQ0VFNTYyMjYzNUMzQzA4NzVDQjI4NjUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDejkn3nnjk+HbRP5gTRmRWNZl+
0e5F4Mw9zIVlefsQuADp3Aatqatu1rdFL9oINkjLAq+DycUWxXj3BQzfyqGjMz9f
P/wan3eqchXKVwHQ0977eX7GcaBiRDSR35LABgF0YVntMCAd/6yLGfAH7xX47OyH
dIqWAyof/z4LX1Co3FZhmGA9iT08ffxUubdZnXjibTPTDTRmWuXPV+AN62MAnrKR
AnITf5vZhqleZAKmT2IQr3lACr8NjultT3JKmPtNnMx/OYQQSUkJzR5hAeFcZOxm
Zin7jw+fm41SNOo58bf2tLKCOCYqJV63VmW+tPsgLMbmoOR0AVikBKwQp49pAgMB
AAGjggIVMIICETAdBgNVHQ4EFgQUm8B3xYdxElbc7lYiY1w8CHXLKGUwHwYDVR0j
BBgwFoAUbM3IK654APfVB8c3kkhpvetaduowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvY2NkMzg4NGEtYzM4NS00YjY1LTk4NjYtNGY2MzgzMTcy
NjcyLzAvNkNDREM4MkJBRTc4MDBGN0Q1MDdDNzM3OTI0ODY5QkRFQjVBNzZFQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2JNM0lLNjU0QVBmVkI4YzNra2hwdmV0
YWR1by5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2NjZDM4ODRhLWMzODUt
NGI2NS05ODY2LTRmNjM4MzE3MjY3Mi8wL0FTNDczNzcucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBIDBACTfZcD
BACTfZwDBAGTfcQwDQYJKoZIhvcNAQELBQADggEBAAHlx7l9pAuhYyJGSTaCx6LB
esil3g5h2f6wX24F1yKAO07ddr7JnY5bI5Vkf2+FwhNqm72SNgE09C/+8+hfzXZ5
p10iaEcEyBHWU7aeLGWAKhCGXJ3ktlNKr8mkHkZIjr0fscVmeNHCCRAuVog6ex2y
FivxQ2K5WHmNjjVxYUNRpeIs9ZoW1AjoaQ1xiG/JL9zNSTx6wzIWBpq64o1CkdCj
jLwBU7gz8SUfG0smR6Jo31Lq60Jnfp2pDeIpcMhA9Hvg4orbHTwXtSqVN7WdKllx
cS7w+hoGHUd6U3CAb2yAt4SYaZXzEJlNvpCTikornrCx0M755dQ2nqGW7VqPTOo=
-----END CERTIFICATE-----
Generated at Fri Mar 13 03:04:37 2026 by rpki-client