Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS272696.roa
File: AS272696.roa (raw, json)
Hash identifier: oJM4YsroxeOaB55Zn0+tyM6P0rUU7H7gtLpFjy6S0MA=
Subject key identifier: 17:B0:4D:BF:00:D6:74:B0:39:98:B2:3F:3C:5C:80:39:E5:DE:77:F9
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 5E6BBF03790EF635CC9A2B97E2569B6EDAB590AA
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS272696.roa
Signing time: Tue 24 Feb 2026 22:23:59 +0000
ROA not before: Tue 24 Feb 2026 22:18:59 +0000
ROA not after: Tue 23 Feb 2027 22:23:59 +0000
asID: 272696
IP address blocks: 181.215.4.0/24 maxlen: 24
185.135.159.0/24 maxlen: 24
191.96.156.0/24 maxlen: 24
191.101.163.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5e:6b:bf:03:79:0e:f6:35:cc:9a:2b:97:e2:56:9b:6e:da:b5:90:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Feb 24 22:18:59 2026 GMT
Not After : Feb 23 22:23:59 2027 GMT
Subject: CN=17B04DBF00D674B03998B23F3C5C8039E5DE77F9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:1e:07:9d:01:af:08:81:82:71:e8:3c:e8:66:
6c:fa:d4:4e:f9:0c:b5:fb:ee:35:68:0b:1d:27:0d:
8b:1f:ea:14:bf:0f:16:3f:4a:bf:2d:5a:8c:ad:12:
e0:d4:2b:7c:09:6c:0a:18:79:78:a5:f7:00:1b:4b:
ec:67:7d:1c:f6:08:f0:1b:e4:32:b9:0b:01:dc:05:
2b:2c:a5:c5:30:3f:7c:e5:48:63:32:bb:27:33:12:
b5:74:64:df:73:53:df:2a:4a:6f:6b:ec:2f:3a:2e:
c6:03:94:c0:dd:3e:f0:c0:ff:95:3d:64:f1:2c:f8:
9a:c8:70:13:64:50:04:22:47:50:3f:9f:b0:52:a7:
13:13:d9:c1:2f:66:c6:2e:ae:3e:17:a3:29:b0:6d:
17:46:c4:c0:45:5d:f0:1f:3c:a4:4c:e2:76:d3:79:
4c:7b:89:13:0a:d2:75:03:bb:0a:fd:47:1c:c0:b4:
92:fb:27:9d:a2:f6:61:62:2a:a7:94:3d:0a:19:d2:
55:26:95:f2:c6:47:94:d5:ec:b6:b3:73:fd:d2:88:
03:1d:4c:90:d1:b5:7a:43:78:c2:2c:bd:1f:e0:a7:
24:dd:16:b6:38:7c:33:36:8c:27:6c:84:cf:1c:fd:
ac:8a:51:7a:75:e5:5c:f5:a0:5e:f1:89:55:21:e4:
0b:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:B0:4D:BF:00:D6:74:B0:39:98:B2:3F:3C:5C:80:39:E5:DE:77:F9
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS272696.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
181.215.4.0/24
185.135.159.0/24
191.96.156.0/24
191.101.163.0/24
Signature Algorithm: sha256WithRSAEncryption
b6:80:a1:bb:28:89:7f:cb:aa:c7:3e:a2:38:74:08:42:f1:4e:
6b:89:88:09:f6:20:34:ef:fd:23:1e:aa:b4:96:c2:9c:51:09:
f2:cd:f9:f0:1a:cc:87:a2:57:21:13:23:8b:74:37:e3:05:d9:
d7:8b:bb:35:01:98:16:4a:fc:ab:41:21:09:7e:80:fe:e8:b2:
d3:6b:fe:7e:1c:ca:4f:f9:57:b3:c1:12:00:fc:b2:fb:a8:e3:
1c:00:d0:80:4f:3c:93:f3:2d:8f:69:25:8c:00:8e:0a:68:51:
9c:63:05:d3:70:cd:08:1a:9c:af:3f:25:33:72:25:f1:11:90:
f8:bf:10:3f:74:bc:7f:a5:d2:54:a1:6f:ed:9f:ca:03:10:34:
ab:e4:2b:ef:93:aa:6b:5b:3d:6f:81:97:b2:37:34:95:76:03:
2e:32:ee:29:3a:8e:d8:47:c1:db:b9:89:d9:5a:60:b7:0e:4e:
21:d5:2d:67:d8:02:1e:70:79:bb:8e:62:cb:e5:22:16:17:6e:
18:76:0d:ab:ca:e0:f0:9a:ab:59:87:ce:f4:5f:2d:c1:eb:49:
15:7d:9f:dc:45:28:96:86:28:d3:9b:4f:c8:c5:e3:c6:68:11:
c7:24:07:ba:1d:29:1c:25:4a:68:a0:5a:4e:1a:c2:cf:e8:88:
c8:7b:da:f5
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgIUXmu/A3kO9jXMmiuX4labbtq1kKowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNjAyMjQyMjE4NTlaFw0yNzAyMjMyMjIzNTlaMDMxMTAvBgNV
BAMTKDE3QjA0REJGMDBENjc0QjAzOTk4QjIzRjNDNUM4MDM5RTVERTc3RjkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCOHgedAa8IgYJx6DzoZmz61E75
DLX77jVoCx0nDYsf6hS/DxY/Sr8tWoytEuDUK3wJbAoYeXil9wAbS+xnfRz2CPAb
5DK5CwHcBSsspcUwP3zlSGMyuyczErV0ZN9zU98qSm9r7C86LsYDlMDdPvDA/5U9
ZPEs+JrIcBNkUAQiR1A/n7BSpxMT2cEvZsYurj4XoymwbRdGxMBFXfAfPKRM4nbT
eUx7iRMK0nUDuwr9RxzAtJL7J52i9mFiKqeUPQoZ0lUmlfLGR5TV7Lazc/3SiAMd
TJDRtXpDeMIsvR/gpyTdFrY4fDM2jCdshM8c/ayKUXp15Vz1oF7xiVUh5AuhAgMB
AAGjggIcMIICGDAdBgNVHQ4EFgQUF7BNvwDWdLA5mLI/PFyAOeXed/kwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMjcyNjk2LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAtdcE
AwQAuYefAwQAv2CcAwQAv2WjMA0GCSqGSIb3DQEBCwUAA4IBAQC2gKG7KIl/y6rH
PqI4dAhC8U5riYgJ9iA07/0jHqq0lsKcUQnyzfnwGsyHolchEyOLdDfjBdnXi7s1
AZgWSvyrQSEJfoD+6LLTa/5+HMpP+VezwRIA/LL7qOMcANCATzyT8y2PaSWMAI4K
aFGcYwXTcM0IGpyvPyUzciXxEZD4vxA/dLx/pdJUoW/tn8oDEDSr5Cvvk6prWz1v
gZeyNzSVdgMuMu4pOo7YR8HbuYnZWmC3Dk4h1S1n2AIecHm7jmLL5SIWF24Ydg2r
yuDwmqtZh870Xy3B60kVfZ/cRSiWhijTm0/IxePGaBHHJAe6HSkcJUpooFpOGsLP
6IjIe9r1
-----END CERTIFICATE-----
Generated at Sun Mar 1 22:02:48 2026 by rpki-client