Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS17497.roa
File: AS17497.roa (raw, json)
Hash identifier: Z4wOFWdHm9nD3J/KX2iqj6/nDYHM/DsK3RcAVSpTTlI=
Subject key identifier: 5A:C3:E9:12:C2:71:32:5E:D5:06:9F:F0:FC:ED:CE:95:FA:93:0E:0D
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 332FC90AD517C988A0E6CBCCC2990D72CF6BC880
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS17497.roa
Signing time: Fri 17 Apr 2026 06:52:12 +0000
ROA not before: Fri 17 Apr 2026 06:47:12 +0000
ROA not after: Fri 16 Apr 2027 06:52:12 +0000
asID: 17497
IP address blocks: 143.14.51.0/24 maxlen: 24
155.117.51.0/24 maxlen: 24
162.141.50.0/24 maxlen: 24
162.141.96.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 07:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
33:2f:c9:0a:d5:17:c9:88:a0:e6:cb:cc:c2:99:0d:72:cf:6b:c8:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Apr 17 06:47:12 2026 GMT
Not After : Apr 16 06:52:12 2027 GMT
Subject: CN=5AC3E912C271325ED5069FF0FCEDCE95FA930E0D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:c3:b4:2c:93:23:e5:61:ec:ac:88:13:bf:14:
d8:e7:aa:75:77:bf:5f:ee:d0:0f:1f:9e:a4:1d:42:
15:77:9c:2f:2e:cd:c2:bd:19:a5:4b:0a:b2:0b:8d:
ac:48:b0:e7:1f:e1:b2:6d:72:ec:9a:c9:5d:f1:51:
87:7f:8d:3d:ac:69:06:9d:b4:ea:ec:7c:e6:f9:2a:
aa:93:d8:c0:3b:e1:1b:5f:07:09:48:68:80:92:16:
47:c9:63:10:d6:ba:c0:48:3d:e4:08:e0:7b:28:2c:
0f:45:7c:55:1d:52:81:36:78:56:19:3c:86:07:d3:
a6:88:0d:7e:75:e0:1a:42:d7:cc:92:bb:72:f4:cf:
ee:c8:d7:aa:78:63:d9:e4:aa:51:a1:98:e6:97:e9:
c2:e4:03:ab:b8:89:63:7a:c6:da:0a:19:ea:6d:28:
99:8a:08:52:31:8c:e7:a2:68:73:ff:5f:3a:1c:a1:
99:a2:42:3d:ba:92:2d:f7:3e:a1:ef:22:4e:45:19:
7e:68:0e:e0:a4:c6:7a:1b:55:86:9a:b6:d9:76:70:
af:f5:70:77:2f:82:3c:6f:f8:61:68:ed:0c:21:78:
e9:cd:cb:65:eb:08:9b:57:e8:c8:df:f7:47:bd:56:
fb:9c:d8:87:9c:7f:32:e0:3a:64:8f:dd:61:6e:0e:
a6:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:C3:E9:12:C2:71:32:5E:D5:06:9F:F0:FC:ED:CE:95:FA:93:0E:0D
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS17497.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.14.51.0/24
155.117.51.0/24
162.141.50.0/24
162.141.96.0/24
Signature Algorithm: sha256WithRSAEncryption
4d:1b:2b:0f:1b:5c:aa:a8:3b:13:df:b3:c7:fd:3c:72:06:d7:
12:8e:c4:88:2c:56:c6:94:a9:80:b7:5b:c3:5f:e4:9f:16:00:
c7:80:7e:62:d1:9b:7c:f1:80:de:79:c1:25:66:66:4f:64:9c:
4d:03:69:88:e3:c6:5e:8c:8d:bc:db:f4:6d:e9:a1:74:cc:82:
92:e3:1e:ad:cc:23:fd:b2:57:17:cc:74:db:c3:0b:ed:e7:53:
16:6d:72:9c:29:7b:5e:1b:af:da:2a:dc:4c:c9:30:7c:57:bb:
cb:a4:70:0e:82:ab:cd:8e:3d:61:5b:02:b5:ba:5e:0e:80:64:
d1:25:b1:4f:74:81:d3:9b:9d:2f:26:5e:2a:f3:2a:9c:e5:47:
cb:b8:3c:4b:cc:d7:2b:54:24:04:65:41:0e:fe:30:dd:28:20:
9e:ee:90:76:a5:95:78:4d:7c:8b:54:6f:ce:9f:ef:4e:6c:19:
76:95:3f:54:06:b5:50:3b:64:6d:be:d0:7a:07:5b:ec:41:8c:
9f:e8:b2:36:4c:c1:63:e3:08:71:bc:76:94:8a:0c:a1:6e:81:
45:fd:bc:2c:6b:a6:85:f6:a7:e0:e6:88:80:62:de:12:31:12:
35:f6:3e:33:19:f1:f5:bd:bd:cf:b7:74:aa:6d:27:6f:43:6e:
e5:a1:9a:30
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgIUMy/JCtUXyYig5svMwpkNcs9ryIAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNjA0MTcwNjQ3MTJaFw0yNzA0MTYwNjUyMTJaMDMxMTAvBgNV
BAMTKDVBQzNFOTEyQzI3MTMyNUVENTA2OUZGMEZDRURDRTk1RkE5MzBFMEQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCrw7QskyPlYeysiBO/FNjnqnV3
v1/u0A8fnqQdQhV3nC8uzcK9GaVLCrILjaxIsOcf4bJtcuyayV3xUYd/jT2saQad
tOrsfOb5KqqT2MA74RtfBwlIaICSFkfJYxDWusBIPeQI4HsoLA9FfFUdUoE2eFYZ
PIYH06aIDX514BpC18ySu3L0z+7I16p4Y9nkqlGhmOaX6cLkA6u4iWN6xtoKGept
KJmKCFIxjOeiaHP/XzocoZmiQj26ki33PqHvIk5FGX5oDuCkxnobVYaattl2cK/1
cHcvgjxv+GFo7QwheOnNy2XrCJtX6Mjf90e9Vvuc2IecfzLgOmSP3WFuDqZnAgMB
AAGjggIbMIICFzAdBgNVHQ4EFgQUWsPpEsJxMl7VBp/w/O3OlfqTDg0wHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMTc0OTcucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwMQYIKwYBBQUHAQcBAf8EIjAgMB4EAgABMBgDBACPDjMD
BACbdTMDBACijTIDBACijWAwDQYJKoZIhvcNAQELBQADggEBAE0bKw8bXKqoOxPf
s8f9PHIG1xKOxIgsVsaUqYC3W8Nf5J8WAMeAfmLRm3zxgN55wSVmZk9knE0DaYjj
xl6Mjbzb9G3poXTMgpLjHq3MI/2yVxfMdNvDC+3nUxZtcpwpe14br9oq3EzJMHxX
u8ukcA6Cq82OPWFbArW6Xg6AZNElsU90gdObnS8mXirzKpzlR8u4PEvM1ytUJARl
QQ7+MN0oIJ7ukHallXhNfItUb86f705sGXaVP1QGtVA7ZG2+0HoHW+xBjJ/osjZM
wWPjCHG8dpSKDKFugUX9vCxrpoX2p+DmiIBi3hIxEjX2PjMZ8fW9vc+3dKptJ29D
buWhmjA=
-----END CERTIFICATE-----
Generated at Fri Apr 17 15:11:01 2026 by rpki-client