Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS137409.roa
File: AS137409.roa (raw, json)
Hash identifier: BtFKINX5xpZxi9Og8O2uJFoyILDzKGWpJDuJp9bg/24=
Subject key identifier: B3:F6:97:19:FA:80:9F:EE:66:DA:09:07:0C:26:47:B8:0A:F1:45:2E
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 13C7B984819DE06415516CF54C3E8C9398330CEA
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS137409.roa
Signing time: Wed 15 Apr 2026 16:48:09 +0000
ROA not before: Wed 15 Apr 2026 16:43:09 +0000
ROA not after: Wed 14 Apr 2027 16:48:09 +0000
asID: 137409
IP address blocks: 5.252.80.0/24 maxlen: 24
181.214.73.0/24 maxlen: 24
181.214.122.0/24 maxlen: 24
185.141.167.0/24 maxlen: 24
2a0a:8e00::/32 maxlen: 48
2a0a:9606::/32 maxlen: 48
2a0a:9607::/32 maxlen: 48
2a0a:be00::/32 maxlen: 48
2a0a:ce00::/32 maxlen: 48
2a0a:ce01::/32 maxlen: 48
2a0a:ce03::/32 maxlen: 48
2a0a:ce04::/32 maxlen: 48
2a0a:ce05::/32 maxlen: 48
2a0a:ce06::/32 maxlen: 48
2a0a:ce07::/32 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 15:58:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
13:c7:b9:84:81:9d:e0:64:15:51:6c:f5:4c:3e:8c:93:98:33:0c:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Apr 15 16:43:09 2026 GMT
Not After : Apr 14 16:48:09 2027 GMT
Subject: CN=B3F69719FA809FEE66DA09070C2647B80AF1452E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:f5:4d:02:fb:c8:77:70:11:fb:47:a9:6f:69:
bf:1a:90:86:ea:5a:f5:8a:95:9f:c1:b8:fc:2b:e4:
68:b5:d3:05:c3:74:82:02:b0:31:d8:50:ee:b4:14:
99:d4:94:39:b6:68:21:bf:2b:be:8d:47:45:20:6b:
c2:64:f6:93:04:03:d0:d5:c8:52:11:9f:c9:3b:38:
bc:33:f0:24:75:8d:ed:e2:fd:2d:ae:99:1a:b8:a6:
0b:ea:7c:82:89:fc:ed:6f:5b:ce:7f:3d:09:e2:ee:
03:66:79:e6:f2:a4:49:03:13:a6:46:1d:3a:95:8d:
2f:bc:c8:81:a0:64:b8:c2:65:ba:84:de:dd:68:94:
3b:d7:60:bf:26:ab:28:d8:9e:64:e9:36:b9:f2:e2:
7e:26:86:59:46:74:5e:4a:74:48:17:64:df:60:8b:
20:8b:9c:ba:f0:af:c2:f5:fb:6d:77:6f:5d:7c:52:
c3:de:b0:41:59:e0:af:12:6f:92:57:bd:c0:d5:dd:
38:1f:fe:5c:45:a0:90:a1:e5:50:6f:e6:5b:33:e5:
95:2d:a0:87:9d:0b:c8:08:73:50:66:f6:f1:f8:8b:
35:8a:37:10:d0:45:c7:4d:d7:0f:e9:2f:69:15:c3:
80:48:45:55:f7:ed:b2:77:4b:b4:05:3e:66:61:f4:
b7:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:F6:97:19:FA:80:9F:EE:66:DA:09:07:0C:26:47:B8:0A:F1:45:2E
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS137409.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.252.80.0/24
181.214.73.0/24
181.214.122.0/24
185.141.167.0/24
IPv6:
2a0a:8e00::/32
2a0a:9606::/31
2a0a:be00::/32
2a0a:ce00::/31
2a0a:ce03::-2a0a:ce07:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
ac:85:d0:d3:fd:48:6b:62:7b:0b:c4:82:ea:82:3d:e4:01:09:
38:26:c8:9c:90:08:5c:af:8f:b3:a4:be:6e:92:d8:44:69:2e:
40:6e:2c:65:38:91:c8:f2:24:64:29:51:5d:b2:c3:24:7a:c2:
79:3c:88:f7:f5:86:c8:12:7d:41:fd:a8:fd:4b:0f:34:db:e3:
c0:e5:e0:ba:9f:20:78:71:c3:2d:2d:37:36:e4:72:ec:01:53:
ce:80:24:0d:1f:af:58:a6:12:af:4f:6a:25:26:d7:c2:66:d8:
cb:bf:51:95:35:9e:2f:38:f1:81:50:77:11:5f:5a:de:92:55:
8c:5b:75:bd:79:60:08:49:1d:83:23:f4:97:c9:4e:cf:0a:75:
ad:8f:60:c7:61:83:02:eb:8e:83:05:d5:52:3d:cc:ea:14:89:
c5:e8:be:53:1a:98:eb:4c:35:32:d1:38:c9:54:3f:00:4a:a8:
54:67:15:03:f1:9b:41:21:2e:a3:bb:8f:40:84:2c:ae:51:a5:
59:0d:66:9c:56:eb:9d:86:4c:f8:8e:ad:98:ed:79:28:1b:04:
71:08:ac:35:a1:b2:e3:49:a6:f8:88:e8:fa:6e:46:0b:f7:c3:
a3:a2:bc:4e:af:ba:9c:bd:e8:cc:db:6e:16:cf:2f:8e:82:5e:
d1:4d:68:6b
-----BEGIN CERTIFICATE-----
MIIFRjCCBC6gAwIBAgIUE8e5hIGd4GQVUWz1TD6Mk5gzDOowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNjA0MTUxNjQzMDlaFw0yNzA0MTQxNjQ4MDlaMDMxMTAvBgNV
BAMTKEIzRjY5NzE5RkE4MDlGRUU2NkRBMDkwNzBDMjY0N0I4MEFGMTQ1MkUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCh9U0C+8h3cBH7R6lvab8akIbq
WvWKlZ/BuPwr5Gi10wXDdIICsDHYUO60FJnUlDm2aCG/K76NR0Uga8Jk9pMEA9DV
yFIRn8k7OLwz8CR1je3i/S2umRq4pgvqfIKJ/O1vW85/PQni7gNmeebypEkDE6ZG
HTqVjS+8yIGgZLjCZbqE3t1olDvXYL8mqyjYnmTpNrny4n4mhllGdF5KdEgXZN9g
iyCLnLrwr8L1+213b118UsPesEFZ4K8Sb5JXvcDV3Tgf/lxFoJCh5VBv5lsz5ZUt
oIedC8gIc1Bm9vH4izWKNxDQRcdN1w/pL2kVw4BIRVX37bJ3S7QFPmZh9LfRAgMB
AAGjggJQMIICTDAdBgNVHQ4EFgQUs/aXGfqAn+5m2gkHDCZHuArxRS4wHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMTM3NDA5LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMGUGCCsGAQUFBwEHAQH/BFYwVDAeBAIAATAYAwQABfxQ
AwQAtdZJAwQAtdZ6AwQAuY2nMDIEAgACMCwDBQAqCo4AAwUBKgqWBgMFACoKvgAD
BQEqCs4AMA4DBQAqCs4DAwUDKgrOADANBgkqhkiG9w0BAQsFAAOCAQEArIXQ0/1I
a2J7C8SC6oI95AEJOCbInJAIXK+Ps6S+bpLYRGkuQG4sZTiRyPIkZClRXbLDJHrC
eTyI9/WGyBJ9Qf2o/UsPNNvjwOXgup8geHHDLS03NuRy7AFTzoAkDR+vWKYSr09q
JSbXwmbYy79RlTWeLzjxgVB3EV9a3pJVjFt1vXlgCEkdgyP0l8lOzwp1rY9gx2GD
AuuOgwXVUj3M6hSJxei+UxqY60w1MtE4yVQ/AEqoVGcVA/GbQSEuo7uPQIQsrlGl
WQ1mnFbrnYZM+I6tmO15KBsEcQisNaGy40mm+Ijo+m5GC/fDo6K8Tq+6nL3ozNtu
Fs8vjoJe0U1oaw==
-----END CERTIFICATE-----
Generated at Fri Apr 17 06:07:04 2026 by rpki-client