Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/3134372e3132352e3230312e302f32342d3234203d3e203339383535.roa
File: 3134372e3132352e3230312e302f32342d3234203d3e203339383535.roa (raw, json)
Hash identifier: oLxbF2/hORwuMddpJhsBv1NOg6uDF4e18LrPqLSeTnk=
Subject key identifier: D2:4C:59:25:9E:82:E7:F6:F5:4A:51:17:6B:5D:89:81:6B:AB:13:04
Certificate issuer: /CN=6ccdc82bae7800f7d507c737924869bdeb5a76ea
Certificate serial: 52FCD61BB1F4820850EFB252589CB436B0B87B18
Authority key identifier: 6C:CD:C8:2B:AE:78:00:F7:D5:07:C7:37:92:48:69:BD:EB:5A:76:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bM3IK654APfVB8c3kkhpvetaduo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/3134372e3132352e3230312e302f32342d3234203d3e203339383535.roa
Signing time: Tue 21 Apr 2026 09:09:11 +0000
ROA not before: Tue 21 Apr 2026 09:04:11 +0000
ROA not after: Tue 20 Apr 2027 09:09:11 +0000
asID: 39855
IP address blocks: 147.125.201.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/6CCDC82BAE7800F7D507C737924869BDEB5A76EA.crl
rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/6CCDC82BAE7800F7D507C737924869BDEB5A76EA.mft
rsync://rpki.ripe.net/repository/DEFAULT/bM3IK654APfVB8c3kkhpvetaduo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 22:31:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
52:fc:d6:1b:b1:f4:82:08:50:ef:b2:52:58:9c:b4:36:b0:b8:7b:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ccdc82bae7800f7d507c737924869bdeb5a76ea
Validity
Not Before: Apr 21 09:04:11 2026 GMT
Not After : Apr 20 09:09:11 2027 GMT
Subject: CN=D24C59259E82E7F6F54A51176B5D89816BAB1304
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:ea:2e:e9:be:ed:7f:30:67:c5:2b:67:38:27:
de:5c:27:11:cb:38:32:42:2f:1c:60:ac:db:84:c1:
a1:b4:7e:96:9d:2a:7f:9e:7f:46:99:74:14:f4:56:
cc:e0:0e:85:7d:fa:f7:70:22:5e:fc:d3:61:41:5b:
b8:c0:1f:5e:9a:60:31:f7:f8:e2:78:05:09:59:bf:
06:2e:47:5f:92:67:14:c4:fd:eb:93:79:d9:8a:dc:
37:22:79:ad:c3:39:35:29:21:20:03:19:a2:01:e2:
26:7a:aa:2c:00:e8:dd:aa:7e:70:aa:7c:98:a8:17:
6b:35:ba:76:82:06:51:03:4f:63:83:3e:d0:71:ee:
6e:16:d8:0a:f2:a3:38:b6:ca:06:4b:ee:1f:3b:21:
e7:4b:08:99:7f:eb:ff:c6:54:8b:b0:83:22:96:aa:
5b:65:af:57:27:e5:38:06:e3:76:cb:fd:db:f3:93:
3f:4b:20:99:ac:92:6d:f3:90:42:71:6d:35:30:25:
e0:82:a1:f8:34:5e:5e:b8:23:a2:5c:22:55:62:fb:
97:29:4b:45:0c:d7:a3:fa:39:f8:bd:44:6d:3a:d0:
d6:96:9d:b1:fe:d1:1f:22:41:2f:e6:4d:29:97:7f:
6a:43:96:ab:45:43:c7:ea:17:5d:8f:4b:ee:85:7c:
31:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:4C:59:25:9E:82:E7:F6:F5:4A:51:17:6B:5D:89:81:6B:AB:13:04
X509v3 Authority Key Identifier:
keyid:6C:CD:C8:2B:AE:78:00:F7:D5:07:C7:37:92:48:69:BD:EB:5A:76:EA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/6CCDC82BAE7800F7D507C737924869BDEB5A76EA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bM3IK654APfVB8c3kkhpvetaduo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/3134372e3132352e3230312e302f32342d3234203d3e203339383535.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.125.201.0/24
Signature Algorithm: sha256WithRSAEncryption
43:29:81:68:5a:86:01:ac:35:6b:02:5c:bc:c8:d1:6c:c3:6c:
e4:34:1a:2c:58:94:23:f7:a4:ce:ee:ea:b8:ca:35:8b:c7:c7:
21:c0:64:27:d1:8e:30:04:b3:81:82:da:8e:58:71:16:cc:37:
4d:1d:51:61:66:3c:66:a3:c2:02:a3:0b:f4:91:8d:e2:8e:f5:
fc:9a:e9:8e:26:34:20:2b:d0:b5:a9:a6:4c:66:05:46:3d:b7:
5d:e5:16:41:2b:80:13:bf:be:74:32:d5:1f:bc:60:bf:0c:29:
1d:1d:27:8e:5e:20:a4:14:80:41:65:65:7c:c0:14:d6:d2:08:
35:e6:fd:95:f9:10:a4:1f:a3:d8:3b:33:42:16:4b:3b:99:1f:
b1:d7:e3:ca:31:26:71:d0:d4:6f:1e:1a:2b:19:c4:63:52:7c:
d4:04:f3:e5:0e:08:22:a6:1f:ba:c8:a6:f3:9e:5f:fe:a0:34:
0b:20:b1:09:ee:0e:4d:20:7f:1c:a4:73:b0:6d:83:41:52:97:
42:19:b9:5e:78:0a:66:5f:31:ed:84:9e:a4:52:e6:07:36:20:
fb:fc:db:ff:23:c5:7e:95:81:4c:17:72:cf:43:07:72:02:31:
23:88:40:05:b9:0a:01:b3:e4:a0:97:52:1c:ea:73:b5:33:44:
7c:19:a6:f2
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUUvzWG7H0gghQ77JSWJy0NrC4exgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNmNjZGM4MmJhZTc4MDBmN2Q1MDdjNzM3OTI0ODY5YmRl
YjVhNzZlYTAeFw0yNjA0MjEwOTA0MTFaFw0yNzA0MjAwOTA5MTFaMDMxMTAvBgNV
BAMTKEQyNEM1OTI1OUU4MkU3RjZGNTRBNTExNzZCNUQ4OTgxNkJBQjEzMDQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC86i7pvu1/MGfFK2c4J95cJxHL
ODJCLxxgrNuEwaG0fpadKn+ef0aZdBT0VszgDoV9+vdwIl7802FBW7jAH16aYDH3
+OJ4BQlZvwYuR1+SZxTE/euTedmK3Dciea3DOTUpISADGaIB4iZ6qiwA6N2qfnCq
fJioF2s1unaCBlEDT2ODPtBx7m4W2Aryozi2ygZL7h87IedLCJl/6//GVIuwgyKW
qltlr1cn5TgG43bL/dvzkz9LIJmskm3zkEJxbTUwJeCCofg0Xl64I6JcIlVi+5cp
S0UM16P6Ofi9RG060NaWnbH+0R8iQS/mTSmXf2pDlqtFQ8fqF12PS+6FfDHDAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQU0kxZJZ6C5/b1SlEXa12JgWurEwQwHwYDVR0j
BBgwFoAUbM3IK654APfVB8c3kkhpvetaduowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvY2NkMzg4NGEtYzM4NS00YjY1LTk4NjYtNGY2MzgzMTcy
NjcyLzAvNkNDREM4MkJBRTc4MDBGN0Q1MDdDNzM3OTI0ODY5QkRFQjVBNzZFQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2JNM0lLNjU0QVBmVkI4YzNra2hwdmV0
YWR1by5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvY2NkMzg4NGEt
YzM4NS00YjY1LTk4NjYtNGY2MzgzMTcyNjcyLzAvMzEzNDM3MmUzMTMyMzUyZTMy
MzAzMTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMzMzkzODM1MzUucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BACTfckwDQYJKoZIhvcNAQELBQADggEBAEMpgWhahgGsNWsCXLzI0WzDbOQ0GixY
lCP3pM7u6rjKNYvHxyHAZCfRjjAEs4GC2o5YcRbMN00dUWFmPGajwgKjC/SRjeKO
9fya6Y4mNCAr0LWppkxmBUY9t13lFkErgBO/vnQy1R+8YL8MKR0dJ45eIKQUgEFl
ZXzAFNbSCDXm/ZX5EKQfo9g7M0IWSzuZH7HX48oxJnHQ1G8eGisZxGNSfNQE8+UO
CCKmH7rIpvOeX/6gNAsgsQnuDk0gfxykc7Btg0FSl0IZuV54CmZfMe2EnqRS5gc2
IPv82/8jxX6VgUwXcs9DB3ICMSOIQAW5CgGz5KCXUhzqc7UzRHwZpvI=
-----END CERTIFICATE-----
Generated at Wed May 13 10:58:48 2026 by rpki-client