Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/3134372e3132352e3135322e302f32322d3232203d3e2035363530.roa
File: 3134372e3132352e3135322e302f32322d3232203d3e2035363530.roa (raw, json)
Hash identifier: FO+Duitmf8Cq2lmRGQqnXkI+Dmsefex4quwTxnV9W+0=
Subject key identifier: 9D:92:D5:AF:D7:5B:CA:AC:B5:9D:46:34:67:B0:13:07:58:7A:9C:E9
Certificate issuer: /CN=6ccdc82bae7800f7d507c737924869bdeb5a76ea
Certificate serial: 4FCB400225FC1D6DEADC17069E4FA6A4A6F6E4E0
Authority key identifier: 6C:CD:C8:2B:AE:78:00:F7:D5:07:C7:37:92:48:69:BD:EB:5A:76:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bM3IK654APfVB8c3kkhpvetaduo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/3134372e3132352e3135322e302f32322d3232203d3e2035363530.roa
Signing time: Tue 21 Apr 2026 09:09:13 +0000
ROA not before: Tue 21 Apr 2026 09:04:13 +0000
ROA not after: Tue 20 Apr 2027 09:09:13 +0000
asID: 5650
IP address blocks: 147.125.152.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/6CCDC82BAE7800F7D507C737924869BDEB5A76EA.crl
rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/6CCDC82BAE7800F7D507C737924869BDEB5A76EA.mft
rsync://rpki.ripe.net/repository/DEFAULT/bM3IK654APfVB8c3kkhpvetaduo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 22:31:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4f:cb:40:02:25:fc:1d:6d:ea:dc:17:06:9e:4f:a6:a4:a6:f6:e4:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ccdc82bae7800f7d507c737924869bdeb5a76ea
Validity
Not Before: Apr 21 09:04:13 2026 GMT
Not After : Apr 20 09:09:13 2027 GMT
Subject: CN=9D92D5AFD75BCAACB59D463467B01307587A9CE9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:f9:c7:ff:f2:cd:ef:6b:db:42:49:42:26:4f:
82:71:22:4b:12:32:e4:b7:70:3c:57:c7:32:0c:d2:
1b:35:20:71:ba:13:4d:59:7a:e9:85:26:cc:b5:41:
b5:fb:52:ad:88:60:a2:af:e4:eb:c4:40:50:ea:90:
7c:55:62:d2:cd:a6:8a:76:a7:18:41:cc:2d:02:cf:
15:d8:82:5b:21:48:b2:5a:4a:2b:2f:d7:18:cd:d6:
ee:40:f5:10:ca:93:60:35:92:53:b3:44:a9:00:bf:
11:5c:c7:8a:0c:c3:85:69:31:6b:4a:e4:9d:6e:e7:
c2:db:cb:31:76:a4:71:77:94:f0:a2:3f:b4:b6:da:
2e:ff:dc:7f:56:a5:52:05:81:b3:24:b5:ce:da:df:
06:b0:10:3e:61:c9:84:7c:a3:4b:4d:0d:76:73:1d:
f5:bc:32:4e:d2:3e:51:e6:a4:8d:7a:4e:f8:99:48:
b6:57:55:e3:70:18:2e:f3:00:f3:0d:c0:89:2c:1a:
e0:9c:e7:6b:c3:ee:f3:bc:ca:7f:7e:47:14:dc:df:
c3:32:b8:ce:25:ff:c9:be:44:49:fe:f0:ce:f3:90:
dd:b2:cf:ae:50:e4:8d:cb:05:ee:96:f3:b0:88:83:
6f:bb:d5:d7:b6:b2:b0:97:b7:63:fa:19:bc:a6:5f:
c1:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:92:D5:AF:D7:5B:CA:AC:B5:9D:46:34:67:B0:13:07:58:7A:9C:E9
X509v3 Authority Key Identifier:
keyid:6C:CD:C8:2B:AE:78:00:F7:D5:07:C7:37:92:48:69:BD:EB:5A:76:EA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/6CCDC82BAE7800F7D507C737924869BDEB5A76EA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bM3IK654APfVB8c3kkhpvetaduo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/3134372e3132352e3135322e302f32322d3232203d3e2035363530.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.125.152.0/22
Signature Algorithm: sha256WithRSAEncryption
68:1a:9f:bd:09:6d:ed:98:8f:75:4a:d4:e8:93:ef:ad:c9:e1:
50:ce:3b:11:32:8c:98:b5:ca:e3:d7:00:06:a5:0b:99:3b:bf:
d9:00:a0:43:d3:fa:95:9f:ed:f8:20:4b:a9:d9:fb:a3:21:3c:
cc:ab:fc:92:e5:00:06:78:04:60:cc:f2:e5:42:96:7d:f6:a6:
05:a5:d5:88:b5:49:20:25:9f:10:f8:76:02:01:03:1c:88:39:
af:eb:5b:38:a5:c2:43:a2:ed:0b:df:aa:7e:4f:cb:e2:5c:0f:
88:48:cc:7f:d8:91:65:24:8c:95:d4:41:d0:55:1a:86:22:7e:
ed:ae:20:77:0e:3f:af:11:b3:7b:b2:87:c8:61:b0:a4:10:7d:
12:58:dd:6f:10:ec:e2:ae:e4:93:ef:4a:1e:fd:76:35:b6:c4:
81:b4:27:d9:b1:f7:f5:dd:aa:9c:46:69:ec:15:f9:37:c6:68:
6a:ba:e8:70:66:6a:9d:db:ae:80:41:ef:6e:31:5d:d0:3c:ac:
c2:f7:29:30:12:30:91:0b:e1:d6:25:d0:2c:46:b5:c1:50:1f:
af:66:9a:a6:4f:0f:f2:2d:88:0c:a1:6f:49:ce:f9:5d:b3:20:
35:1f:e7:88:bb:ba:81:50:38:fc:85:00:69:ed:9b:ea:91:1c:
fc:36:74:41
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUT8tAAiX8HW3q3BcGnk+mpKb25OAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNmNjZGM4MmJhZTc4MDBmN2Q1MDdjNzM3OTI0ODY5YmRl
YjVhNzZlYTAeFw0yNjA0MjEwOTA0MTNaFw0yNzA0MjAwOTA5MTNaMDMxMTAvBgNV
BAMTKDlEOTJENUFGRDc1QkNBQUNCNTlENDYzNDY3QjAxMzA3NTg3QTlDRTkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCN+cf/8s3va9tCSUImT4JxIksS
MuS3cDxXxzIM0hs1IHG6E01ZeumFJsy1QbX7Uq2IYKKv5OvEQFDqkHxVYtLNpop2
pxhBzC0CzxXYglshSLJaSisv1xjN1u5A9RDKk2A1klOzRKkAvxFcx4oMw4VpMWtK
5J1u58LbyzF2pHF3lPCiP7S22i7/3H9WpVIFgbMktc7a3wawED5hyYR8o0tNDXZz
HfW8Mk7SPlHmpI16TviZSLZXVeNwGC7zAPMNwIksGuCc52vD7vO8yn9+RxTc38My
uM4l/8m+REn+8M7zkN2yz65Q5I3LBe6W87CIg2+71de2srCXt2P6GbymX8HlAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUnZLVr9dbyqy1nUY0Z7ATB1h6nOkwHwYDVR0j
BBgwFoAUbM3IK654APfVB8c3kkhpvetaduowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvY2NkMzg4NGEtYzM4NS00YjY1LTk4NjYtNGY2MzgzMTcy
NjcyLzAvNkNDREM4MkJBRTc4MDBGN0Q1MDdDNzM3OTI0ODY5QkRFQjVBNzZFQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2JNM0lLNjU0QVBmVkI4YzNra2hwdmV0
YWR1by5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvY2NkMzg4NGEt
YzM4NS00YjY1LTk4NjYtNGY2MzgzMTcyNjcyLzAvMzEzNDM3MmUzMTMyMzUyZTMx
MzUzMjJlMzAyZjMyMzIyZDMyMzIyMDNkM2UyMDM1MzYzNTMwLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQC
k32YMA0GCSqGSIb3DQEBCwUAA4IBAQBoGp+9CW3tmI91StTok++tyeFQzjsRMoyY
tcrj1wAGpQuZO7/ZAKBD0/qVn+34IEup2fujITzMq/yS5QAGeARgzPLlQpZ99qYF
pdWItUkgJZ8Q+HYCAQMciDmv61s4pcJDou0L36p+T8viXA+ISMx/2JFlJIyV1EHQ
VRqGIn7triB3Dj+vEbN7sofIYbCkEH0SWN1vEOziruST70oe/XY1tsSBtCfZsff1
3aqcRmnsFfk3xmhquuhwZmqd266AQe9uMV3QPKzC9ykwEjCRC+HWJdAsRrXBUB+v
ZpqmTw/yLYgMoW9JzvldsyA1H+eIu7qBUDj8hQBp7ZvqkRz8NnRB
-----END CERTIFICATE-----
Generated at Wed May 13 07:12:47 2026 by rpki-client