Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS397423.roa
File: AS397423.roa (raw, json)
Hash identifier: LoPt6kp5wMUsncqaa6N4MrWGUZJgELkynXXtod+rpV8=
Subject key identifier: D9:96:30:38:59:53:3A:B3:81:91:62:FD:6E:C7:7C:5F:10:A1:F0:EA
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 52817C1708B491E585CF6F9F7B1173B48EA841BD
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS397423.roa
Signing time: Thu 12 Jun 2025 16:30:45 +0000
ROA not before: Thu 12 Jun 2025 16:25:45 +0000
ROA not after: Thu 11 Jun 2026 16:30:45 +0000
asID: 397423
IP address blocks: 179.61.194.0/24 maxlen: 24
181.214.133.0/24 maxlen: 24
181.214.149.0/24 maxlen: 24
181.214.152.0/24 maxlen: 24
181.215.47.0/24 maxlen: 24
181.215.49.0/24 maxlen: 24
181.215.242.0/24 maxlen: 24
181.215.243.0/24 maxlen: 24
181.215.244.0/24 maxlen: 24
191.96.101.0/24 maxlen: 24
191.96.155.0/24 maxlen: 24
191.96.166.0/24 maxlen: 24
191.96.186.0/24 maxlen: 24
191.96.233.0/24 maxlen: 24
191.101.30.0/24 maxlen: 24
191.101.166.0/24 maxlen: 24
191.101.172.0/24 maxlen: 24
191.101.207.0/24 maxlen: 24
191.101.227.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 19:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
52:81:7c:17:08:b4:91:e5:85:cf:6f:9f:7b:11:73:b4:8e:a8:41:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Jun 12 16:25:45 2025 GMT
Not After : Jun 11 16:30:45 2026 GMT
Subject: CN=D996303859533AB3819162FD6EC77C5F10A1F0EA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:ab:2a:72:9a:51:31:61:07:27:4e:7a:03:cc:
ce:5a:73:41:f0:fd:1d:33:c3:e1:20:4c:6d:37:2a:
b6:ed:ec:cf:89:a0:99:c5:a6:62:b6:fe:0c:b3:c3:
63:7f:a5:86:50:9a:48:51:d1:ba:6f:22:12:7d:d9:
bf:26:ea:6b:21:ea:bb:01:6f:ff:91:fa:fd:3b:60:
c6:8d:ba:94:c5:c8:da:b3:ee:a5:25:ad:9c:d8:fa:
7e:f1:49:c8:f5:6a:1d:29:80:4d:5e:db:b3:55:e2:
f8:d6:f4:2d:cf:2f:4d:6d:3d:78:9a:d1:3c:32:2e:
c5:78:1f:1e:b3:73:30:e2:71:fb:6f:dd:83:71:dc:
c7:8a:3f:2e:a8:18:d5:0b:c7:4c:ee:ac:84:ed:d0:
4e:28:cc:0f:33:79:c9:86:e8:99:81:a6:f0:66:00:
5b:f9:63:ec:09:1f:e8:bc:43:c5:46:7a:0b:a4:75:
07:3a:07:a7:d8:0a:24:e0:98:82:57:4c:d5:b9:9c:
06:d8:57:34:b0:46:9e:ca:6a:60:99:bd:8e:32:e7:
6a:d4:1e:37:f9:36:39:c6:cc:4a:f6:ec:65:16:1e:
73:58:e3:f7:e9:e8:5d:58:38:6e:ff:22:83:de:bf:
85:b3:f9:65:2e:52:aa:a0:5e:39:64:9b:60:28:14:
13:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:96:30:38:59:53:3A:B3:81:91:62:FD:6E:C7:7C:5F:10:A1:F0:EA
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS397423.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
179.61.194.0/24
181.214.133.0/24
181.214.149.0/24
181.214.152.0/24
181.215.47.0/24
181.215.49.0/24
181.215.242.0-181.215.244.255
191.96.101.0/24
191.96.155.0/24
191.96.166.0/24
191.96.186.0/24
191.96.233.0/24
191.101.30.0/24
191.101.166.0/24
191.101.172.0/24
191.101.207.0/24
191.101.227.0/24
Signature Algorithm: sha256WithRSAEncryption
98:42:86:0b:b4:b1:0a:dc:5e:f5:8e:ca:e1:00:4c:90:0c:cd:
97:d2:c6:f2:38:c2:01:75:45:52:6b:10:0f:10:ae:da:fb:fc:
e6:c3:33:21:54:24:56:0a:7a:11:51:83:f3:a3:8f:08:ad:7f:
45:3e:5f:4c:26:5d:47:8b:bf:c8:23:7e:3d:28:61:a5:8f:95:
53:7d:02:e5:e2:f9:24:25:0c:f8:02:9e:80:93:9e:c0:2a:d5:
15:0f:4c:eb:d6:e9:63:df:9c:b3:01:8c:74:6e:35:28:bd:c4:
65:31:65:f9:5a:37:ee:b2:12:e9:7a:8d:a5:06:d3:2b:d7:4b:
2b:71:4c:71:a2:a9:0c:e8:29:d9:5e:0f:86:58:8f:79:6f:03:
d9:68:1f:97:9e:97:cb:cd:12:35:e9:cd:8b:e7:00:2f:7f:04:
44:b0:44:6e:c0:8e:60:6c:0d:48:b3:49:c4:6f:d6:98:68:de:
b1:27:10:a6:98:fd:4b:b7:ca:8f:91:9c:a8:c4:80:17:4c:17:
7b:ce:25:d4:8e:8f:7d:71:8b:c1:6d:eb:66:d3:16:fc:9f:fe:
51:33:43:7b:8b:a5:d3:d5:12:75:09:bc:33:16:5f:5c:c8:5b:
2b:6a:2b:e3:da:3d:4e:fd:d9:cc:ac:56:bd:07:e6:1e:8f:2d:
36:6d:81:d2
-----BEGIN CERTIFICATE-----
MIIFaTCCBFGgAwIBAgIUUoF8Fwi0keWFz2+fexFztI6oQb0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNTA2MTIxNjI1NDVaFw0yNjA2MTExNjMwNDVaMDMxMTAvBgNV
BAMTKEQ5OTYzMDM4NTk1MzNBQjM4MTkxNjJGRDZFQzc3QzVGMTBBMUYwRUEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvqypymlExYQcnTnoDzM5ac0Hw
/R0zw+EgTG03Krbt7M+JoJnFpmK2/gyzw2N/pYZQmkhR0bpvIhJ92b8m6msh6rsB
b/+R+v07YMaNupTFyNqz7qUlrZzY+n7xScj1ah0pgE1e27NV4vjW9C3PL01tPXia
0TwyLsV4Hx6zczDicftv3YNx3MeKPy6oGNULx0zurITt0E4ozA8zecmG6JmBpvBm
AFv5Y+wJH+i8Q8VGegukdQc6B6fYCiTgmIJXTNW5nAbYVzSwRp7KamCZvY4y52rU
Hjf5NjnGzEr27GUWHnNY4/fp6F1YOG7/IoPev4Wz+WUuUqqgXjlkm2AoFBMZAgMB
AAGjggJzMIICbzAdBgNVHQ4EFgQU2ZYwOFlTOrOBkWL9bsd8XxCh8OowHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMzk3NDIzLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMIGHBggrBgEFBQcBBwEB/wR4MHYwdAQCAAEwbgMEALM9
wgMEALXWhQMEALXWlQMEALXWmAMEALXXLwMEALXXMTAMAwQBtdfyAwQAtdf0AwQA
v2BlAwQAv2CbAwQAv2CmAwQAv2C6AwQAv2DpAwQAv2UeAwQAv2WmAwQAv2WsAwQA
v2XPAwQAv2XjMA0GCSqGSIb3DQEBCwUAA4IBAQCYQoYLtLEK3F71jsrhAEyQDM2X
0sbyOMIBdUVSaxAPEK7a+/zmwzMhVCRWCnoRUYPzo48IrX9FPl9MJl1Hi7/II349
KGGlj5VTfQLl4vkkJQz4Ap6Ak57AKtUVD0zr1ulj35yzAYx0bjUovcRlMWX5Wjfu
shLpeo2lBtMr10srcUxxoqkM6CnZXg+GWI95bwPZaB+XnpfLzRI16c2L5wAvfwRE
sERuwI5gbA1Is0nEb9aYaN6xJxCmmP1Lt8qPkZyoxIAXTBd7ziXUjo99cYvBbetm
0xb8n/5RM0N7i6XT1RJ1CbwzFl9cyFsraivj2j1O/dnMrFa9B+Yejy02bYHS
-----END CERTIFICATE-----
Generated at Sun Jun 15 01:41:28 2025 by rpki-client