Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS41720.roa
File: AS41720.roa (raw, json)
Hash identifier: B9rf5yJI1nUjSp3PAS+Mjz+pl2e1/brxSVwEVFlOQaM=
Subject key identifier: 47:4A:86:E3:F9:BC:EC:1B:E8:F3:09:92:33:5D:7D:49:14:B4:50:00
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 0298A81DE9CFD930ACF8C84A2923657BD37DD3FD
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS41720.roa
Signing time: Tue 29 Jul 2025 07:54:13 +0000
ROA not before: Tue 29 Jul 2025 07:49:13 +0000
ROA not after: Tue 28 Jul 2026 07:54:13 +0000
asID: 41720
IP address blocks: 179.61.148.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 03:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
02:98:a8:1d:e9:cf:d9:30:ac:f8:c8:4a:29:23:65:7b:d3:7d:d3:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Jul 29 07:49:13 2025 GMT
Not After : Jul 28 07:54:13 2026 GMT
Subject: CN=474A86E3F9BCEC1BE8F30992335D7D4914B45000
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:d4:05:e2:ee:8d:a9:5f:f1:78:d2:e7:44:73:
2b:5e:1e:5f:37:a0:31:c7:a4:fd:7c:8a:08:21:2e:
ff:01:76:49:ef:ec:de:83:cc:a5:29:f3:ac:3d:f6:
32:d3:2c:55:99:a7:23:00:3b:c6:c5:55:ff:11:10:
9e:e8:95:89:e1:f9:23:1d:35:96:23:c1:29:4b:a1:
32:12:1f:b0:6d:5e:48:57:47:f6:a1:ad:74:5c:c2:
cb:65:89:0b:29:38:a7:20:fa:2e:6b:07:d8:4e:79:
d3:61:9f:5f:41:ad:42:fa:3b:2d:a0:ec:27:40:6b:
9d:e0:44:f0:44:ed:01:10:e0:8c:9d:ce:18:27:36:
d6:a3:71:db:69:1f:7c:0b:6c:24:6a:92:4a:65:77:
fa:96:29:b4:56:d5:05:cc:49:90:15:91:7d:f1:45:
26:1a:b8:df:94:96:ce:ca:a7:24:7f:66:15:06:d8:
55:2b:50:ac:b4:66:ea:cb:03:0a:a0:9f:82:e5:8c:
c4:d0:1b:9a:43:ad:8c:e5:7b:fb:97:7a:a4:ee:c0:
a8:dd:2b:bb:25:a3:9a:85:9f:26:bb:c6:a5:fc:af:
20:68:73:d1:18:b8:85:96:e3:c6:66:d6:7a:2b:db:
fb:e0:ab:39:7e:87:ec:73:a7:1b:6d:a8:16:cb:ab:
87:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:4A:86:E3:F9:BC:EC:1B:E8:F3:09:92:33:5D:7D:49:14:B4:50:00
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS41720.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
179.61.148.0/24
Signature Algorithm: sha256WithRSAEncryption
b5:4e:cb:bc:24:4f:ea:95:e6:fe:65:84:97:a3:e2:e4:00:47:
c4:53:29:77:a5:8c:79:44:d8:87:c2:01:51:7b:a6:21:d4:bb:
1d:38:01:22:02:a2:76:df:42:7a:a8:2f:4b:0a:ee:9a:10:fa:
af:aa:6d:c0:1f:ee:23:ba:21:87:d0:ba:3b:12:8f:f5:34:ad:
be:61:b1:22:05:c4:f5:56:f0:27:ef:40:13:04:82:43:5c:28:
82:7c:cd:c5:fa:a7:29:36:dc:39:6b:27:7a:d4:bd:ea:b9:be:
55:5d:a3:f9:61:c0:9f:be:50:c3:6b:1c:f6:1b:7d:bc:54:b3:
ea:9b:36:b3:50:a7:b1:f6:5f:3a:53:b4:62:0d:64:79:cc:e6:
9b:ba:73:7a:66:ff:c6:cc:cd:24:0a:10:be:25:56:c8:83:27:
1c:3e:b9:fc:fa:87:ef:54:2e:77:db:8d:65:58:cc:cc:f4:17:
69:90:1c:e9:39:22:4b:09:c6:8e:9c:71:df:b8:d8:23:52:c3:
aa:69:27:cb:6c:71:b1:90:d2:05:d2:8a:d8:ea:3d:03:ec:d0:
f7:f4:60:72:07:0c:68:69:1b:78:da:dd:41:0d:ac:20:6f:28:
3e:72:8d:01:1d:18:30:65:bc:45:9e:35:b9:58:59:c5:12:41:
de:07:b5:d1
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgIUApioHenP2TCs+MhKKSNle9N90/0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNTA3MjkwNzQ5MTNaFw0yNjA3MjgwNzU0MTNaMDMxMTAvBgNV
BAMTKDQ3NEE4NkUzRjlCQ0VDMUJFOEYzMDk5MjMzNUQ3RDQ5MTRCNDUwMDAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCl1AXi7o2pX/F40udEcyteHl83
oDHHpP18igghLv8Bdknv7N6DzKUp86w99jLTLFWZpyMAO8bFVf8REJ7olYnh+SMd
NZYjwSlLoTISH7BtXkhXR/ahrXRcwstliQspOKcg+i5rB9hOedNhn19BrUL6Oy2g
7CdAa53gRPBE7QEQ4IydzhgnNtajcdtpH3wLbCRqkkpld/qWKbRW1QXMSZAVkX3x
RSYauN+Uls7KpyR/ZhUG2FUrUKy0ZurLAwqgn4LljMTQG5pDrYzle/uXeqTuwKjd
K7slo5qFnya7xqX8ryBoc9EYuIWW48Zm1nor2/vgqzl+h+xzpxttqBbLq4cTAgMB
AAGjggIJMIICBTAdBgNVHQ4EFgQUR0qG4/m87Bvo8wmSM119SRS0UAAwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTNDE3MjAucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACzPZQw
DQYJKoZIhvcNAQELBQADggEBALVOy7wkT+qV5v5lhJej4uQAR8RTKXeljHlE2IfC
AVF7piHUux04ASIConbfQnqoL0sK7poQ+q+qbcAf7iO6IYfQujsSj/U0rb5hsSIF
xPVW8CfvQBMEgkNcKIJ8zcX6pyk23DlrJ3rUveq5vlVdo/lhwJ++UMNrHPYbfbxU
s+qbNrNQp7H2XzpTtGINZHnM5pu6c3pm/8bMzSQKEL4lVsiDJxw+ufz6h+9ULnfb
jWVYzMz0F2mQHOk5IksJxo6ccd+42CNSw6ppJ8tscbGQ0gXSitjqPQPs0Pf0YHIH
DGhpG3ja3UENrCBvKD5yjQEdGDBlvEWeNblYWcUSQd4HtdE=
-----END CERTIFICATE-----
Generated at Mon Aug 4 07:40:41 2025 by rpki-client