Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/3134372e3132352e3235322e302f32322d3234203d3e2039333034.roa
File: 3134372e3132352e3235322e302f32322d3234203d3e2039333034.roa (raw, json)
Hash identifier: wwM7msdsmMce3oyKxvkFjbbmSXFi9/hXksyPGF1mwBM=
Subject key identifier: 74:C7:46:FB:1E:43:36:AF:78:06:93:D3:1A:05:9B:F3:41:79:52:BF
Certificate issuer: /CN=6ccdc82bae7800f7d507c737924869bdeb5a76ea
Certificate serial: 573A8ADE2743D6BFB035CE51322D6CAAE6C1575A
Authority key identifier: 6C:CD:C8:2B:AE:78:00:F7:D5:07:C7:37:92:48:69:BD:EB:5A:76:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bM3IK654APfVB8c3kkhpvetaduo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/3134372e3132352e3235322e302f32322d3234203d3e2039333034.roa
Signing time: Tue 23 Sep 2025 05:42:12 +0000
ROA not before: Tue 23 Sep 2025 05:37:12 +0000
ROA not after: Tue 22 Sep 2026 05:42:12 +0000
asID: 9304
IP address blocks: 147.125.252.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/6CCDC82BAE7800F7D507C737924869BDEB5A76EA.crl
rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/6CCDC82BAE7800F7D507C737924869BDEB5A76EA.mft
rsync://rpki.ripe.net/repository/DEFAULT/bM3IK654APfVB8c3kkhpvetaduo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 19 Oct 2025 22:29:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
57:3a:8a:de:27:43:d6:bf:b0:35:ce:51:32:2d:6c:aa:e6:c1:57:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ccdc82bae7800f7d507c737924869bdeb5a76ea
Validity
Not Before: Sep 23 05:37:12 2025 GMT
Not After : Sep 22 05:42:12 2026 GMT
Subject: CN=74C746FB1E4336AF780693D31A059BF3417952BF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:e2:dc:27:e5:4c:07:ad:a6:10:e4:a1:48:61:
0f:a3:71:1a:5b:f6:e3:14:7e:11:40:e9:1f:15:7d:
1b:7a:69:8c:29:9d:3e:67:f3:34:08:5a:d3:e2:af:
21:39:32:d2:9f:bf:b4:80:38:c3:27:7b:61:c9:76:
ea:21:f3:59:a7:92:a1:5b:26:d3:6d:f2:20:10:69:
40:f0:6f:0b:5c:1c:49:d0:b1:58:dd:94:d2:11:6e:
12:ac:90:ad:62:8c:11:77:1c:98:10:13:98:3b:69:
24:34:d6:7a:3a:21:cc:68:02:be:3b:7d:1e:3b:99:
5c:e5:24:ba:74:6f:17:8b:76:62:97:3f:37:72:a2:
37:f0:56:0e:81:7d:b6:78:32:6d:18:51:47:18:3d:
f9:83:86:fc:a2:40:e0:52:96:e5:d6:cb:d3:20:a7:
26:f4:11:48:12:13:ab:68:ac:c5:63:25:66:26:e1:
20:15:bb:33:e5:ef:fd:a6:b8:a1:9d:39:14:d7:84:
0f:ca:80:d4:9e:7f:9a:ca:44:23:25:74:f0:fa:6e:
c8:c9:8a:d1:7b:ed:bc:df:81:59:09:d7:d8:78:8c:
2d:7f:bb:d9:46:02:3b:d1:7b:24:1f:f3:90:b7:de:
34:16:e0:2a:2c:09:f9:56:9d:8f:d2:96:cb:f5:5a:
21:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:C7:46:FB:1E:43:36:AF:78:06:93:D3:1A:05:9B:F3:41:79:52:BF
X509v3 Authority Key Identifier:
keyid:6C:CD:C8:2B:AE:78:00:F7:D5:07:C7:37:92:48:69:BD:EB:5A:76:EA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/6CCDC82BAE7800F7D507C737924869BDEB5A76EA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bM3IK654APfVB8c3kkhpvetaduo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/3134372e3132352e3235322e302f32322d3234203d3e2039333034.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.125.252.0/22
Signature Algorithm: sha256WithRSAEncryption
59:4a:38:27:44:54:50:47:56:7c:e4:5f:bc:0c:c7:08:0b:36:
54:65:f8:d3:0a:29:07:50:fc:7b:c0:d5:e2:48:c0:42:4d:8f:
c8:03:7b:68:4d:fd:0b:cc:6e:32:b2:f2:d8:6a:ab:e6:13:6b:
d5:b4:8a:a6:79:f3:3d:42:c8:8b:13:d2:b4:d1:82:df:bb:53:
91:61:51:62:a6:e6:b6:b4:30:60:18:12:2a:fa:04:1c:88:1f:
3c:de:9d:29:c4:bc:13:99:69:03:dd:88:48:4a:cd:64:98:96:
38:da:98:b4:61:41:82:72:f8:53:40:b7:50:7a:a2:78:d5:ad:
56:2b:db:49:63:2b:ad:c1:c5:10:b4:ec:2a:bd:82:b9:ea:a0:
0d:a9:a5:e4:3e:88:41:bc:92:37:33:a8:0a:da:02:9a:56:f0:
fe:78:22:da:9f:eb:76:af:4d:e4:83:95:01:ee:bb:0d:87:23:
ec:bf:0c:a0:40:0e:66:78:ca:6c:ca:55:ab:ff:5b:0c:91:07:
07:4f:ff:2d:ce:66:fd:b0:00:22:37:ed:75:93:94:65:21:72:
32:e6:1c:b9:5d:4c:cc:66:bb:41:79:88:de:33:6e:b4:f9:a1:
c8:0a:ab:ba:2d:81:60:b0:b1:35:32:4f:42:f7:ad:a0:8b:ff:
2c:85:0c:18
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUVzqK3idD1r+wNc5RMi1squbBV1owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNmNjZGM4MmJhZTc4MDBmN2Q1MDdjNzM3OTI0ODY5YmRl
YjVhNzZlYTAeFw0yNTA5MjMwNTM3MTJaFw0yNjA5MjIwNTQyMTJaMDMxMTAvBgNV
BAMTKDc0Qzc0NkZCMUU0MzM2QUY3ODA2OTNEMzFBMDU5QkYzNDE3OTUyQkYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCa4twn5UwHraYQ5KFIYQ+jcRpb
9uMUfhFA6R8VfRt6aYwpnT5n8zQIWtPiryE5MtKfv7SAOMMne2HJduoh81mnkqFb
JtNt8iAQaUDwbwtcHEnQsVjdlNIRbhKskK1ijBF3HJgQE5g7aSQ01no6IcxoAr47
fR47mVzlJLp0bxeLdmKXPzdyojfwVg6BfbZ4Mm0YUUcYPfmDhvyiQOBSluXWy9Mg
pyb0EUgSE6torMVjJWYm4SAVuzPl7/2muKGdORTXhA/KgNSef5rKRCMldPD6bsjJ
itF77bzfgVkJ19h4jC1/u9lGAjvReyQf85C33jQW4CosCflWnY/Slsv1WiFVAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUdMdG+x5DNq94BpPTGgWb80F5Ur8wHwYDVR0j
BBgwFoAUbM3IK654APfVB8c3kkhpvetaduowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvY2NkMzg4NGEtYzM4NS00YjY1LTk4NjYtNGY2MzgzMTcy
NjcyLzAvNkNDREM4MkJBRTc4MDBGN0Q1MDdDNzM3OTI0ODY5QkRFQjVBNzZFQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2JNM0lLNjU0QVBmVkI4YzNra2hwdmV0
YWR1by5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvY2NkMzg4NGEt
YzM4NS00YjY1LTk4NjYtNGY2MzgzMTcyNjcyLzAvMzEzNDM3MmUzMTMyMzUyZTMy
MzUzMjJlMzAyZjMyMzIyZDMyMzQyMDNkM2UyMDM5MzMzMDM0LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQC
k338MA0GCSqGSIb3DQEBCwUAA4IBAQBZSjgnRFRQR1Z85F+8DMcICzZUZfjTCikH
UPx7wNXiSMBCTY/IA3toTf0LzG4ysvLYaqvmE2vVtIqmefM9QsiLE9K00YLfu1OR
YVFipua2tDBgGBIq+gQciB883p0pxLwTmWkD3YhISs1kmJY42pi0YUGCcvhTQLdQ
eqJ41a1WK9tJYyutwcUQtOwqvYK56qANqaXkPohBvJI3M6gK2gKaVvD+eCLan+t2
r03kg5UB7rsNhyPsvwygQA5meMpsylWr/1sMkQcHT/8tzmb9sAAiN+11k5RlIXIy
5hy5XUzMZrtBeYjeM260+aHICqu6LYFgsLE1Mk9C962gi/8shQwY
-----END CERTIFICATE-----
Generated at Sun Oct 19 15:23:57 2025 by rpki-client