Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS397373.roa
File: AS397373.roa (raw, json)
Hash identifier: 3LWZcmduDfU/jgokMS7L0s85WjFTMk9AHtaC0+T3MZU=
Subject key identifier: 78:50:34:4A:84:7C:8C:94:13:32:7B:A9:BD:A5:48:30:94:9E:95:F5
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 6203CAE8C1ED6431D4ADF2CA6651DE4A1794DFF7
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS397373.roa
Signing time: Wed 16 Jul 2025 14:54:13 +0000
ROA not before: Wed 16 Jul 2025 14:49:13 +0000
ROA not after: Wed 15 Jul 2026 14:54:13 +0000
asID: 397373
IP address blocks: 179.61.223.0/24 maxlen: 24
179.61.252.0/24 maxlen: 24
181.41.215.0/24 maxlen: 24
181.214.217.0/24 maxlen: 24
181.215.5.0/24 maxlen: 24
181.215.242.0/24 maxlen: 24
181.215.243.0/24 maxlen: 24
181.215.248.0/24 maxlen: 24
185.172.64.0/24 maxlen: 24
185.172.67.0/24 maxlen: 24
191.96.25.0/24 maxlen: 24
191.96.32.0/24 maxlen: 24
191.96.131.0/24 maxlen: 24
191.96.177.0/24 maxlen: 24
191.96.194.0/24 maxlen: 24
191.96.221.0/24 maxlen: 24
191.96.246.0/24 maxlen: 24
191.101.16.0/24 maxlen: 24
191.101.44.0/22 maxlen: 24
191.101.191.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Jul 2025 22:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
62:03:ca:e8:c1:ed:64:31:d4:ad:f2:ca:66:51:de:4a:17:94:df:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Jul 16 14:49:13 2025 GMT
Not After : Jul 15 14:54:13 2026 GMT
Subject: CN=7850344A847C8C9413327BA9BDA54830949E95F5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:d6:1c:b3:38:94:e4:d8:a0:ca:54:6e:aa:86:
53:79:62:5e:30:a1:e7:46:63:6e:08:75:7e:86:51:
d8:9f:dc:04:63:79:e3:ca:a6:bf:24:a8:2d:c5:b3:
43:b5:ca:f2:2d:7e:d4:2f:84:d6:a1:35:55:81:24:
42:3b:16:8a:0a:40:5d:3a:6c:62:71:8d:43:22:24:
5f:93:3a:5d:17:44:11:d8:6e:34:a1:73:89:71:bf:
23:bf:7f:1c:c8:3b:28:c9:87:ec:51:6c:26:1d:0b:
f4:83:34:dd:d3:20:7f:ca:b1:94:ed:b1:52:dd:95:
bf:34:a9:69:01:4b:ca:07:04:2a:49:0b:1a:00:79:
0b:ca:c4:41:0c:07:ce:c2:e2:80:11:0a:ba:82:0d:
48:c9:ad:3d:26:fe:74:47:c5:7e:5f:41:ad:1f:54:
58:45:de:39:57:25:29:1c:9e:2c:c3:2f:7e:ad:30:
56:35:e4:09:73:71:84:39:df:8f:3f:5d:2e:8a:5a:
f3:a7:fd:35:8a:eb:5a:6d:84:c1:b8:1b:21:f7:f7:
08:e2:c7:0e:22:ef:cf:40:c9:d7:06:e2:f0:40:d2:
87:44:3f:cf:8f:a4:81:12:63:52:34:ee:06:e3:84:
35:d5:e0:2e:91:14:b0:66:44:9a:1e:f6:d1:13:1d:
55:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:50:34:4A:84:7C:8C:94:13:32:7B:A9:BD:A5:48:30:94:9E:95:F5
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS397373.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
179.61.223.0/24
179.61.252.0/24
181.41.215.0/24
181.214.217.0/24
181.215.5.0/24
181.215.242.0/23
181.215.248.0/24
185.172.64.0/24
185.172.67.0/24
191.96.25.0/24
191.96.32.0/24
191.96.131.0/24
191.96.177.0/24
191.96.194.0/24
191.96.221.0/24
191.96.246.0/24
191.101.16.0/24
191.101.44.0/22
191.101.191.0/24
Signature Algorithm: sha256WithRSAEncryption
16:62:49:13:e7:84:ef:be:58:a9:b1:eb:17:1b:91:38:0e:16:
77:0c:79:d4:6d:be:6f:7c:c1:d0:cd:0a:ce:a3:4a:06:63:57:
a4:3c:86:1d:51:52:b8:13:fd:46:11:2a:ab:03:2f:c5:d2:46:
61:af:5c:dc:86:c8:5c:1e:7a:0f:48:1d:84:2a:28:f1:9e:d2:
da:0f:37:37:e5:48:ca:ec:5a:d2:85:0a:1b:ec:e9:57:74:a1:
c2:99:7c:79:be:32:dd:6f:b5:0c:52:28:14:d1:8d:ac:27:31:
52:1e:35:92:cf:dc:6e:51:30:1d:9e:c4:76:20:0b:ff:01:e7:
b8:92:53:a0:db:f8:02:12:28:3d:e9:20:f4:9a:12:62:62:8b:
db:cf:a9:29:64:eb:9d:9d:2f:d9:7f:dc:8e:84:89:87:7c:58:
6a:7f:ab:d4:8a:9b:7d:d1:9a:4b:fe:69:d8:66:68:5b:ff:d1:
0b:fd:63:6a:61:76:2b:88:3d:4a:97:df:8b:81:b6:ae:6b:ce:
fb:a8:d7:92:b8:35:d1:53:78:c8:9b:ab:20:ed:99:d2:97:19:
22:f8:88:14:23:81:d8:14:d8:fa:a3:02:8a:0c:68:31:cb:e6:
b5:7e:27:be:c9:74:80:c2:7f:46:53:af:40:1d:c8:d6:d4:75:
66:e5:ed:8e
-----BEGIN CERTIFICATE-----
MIIFbTCCBFWgAwIBAgIUYgPK6MHtZDHUrfLKZlHeSheU3/cwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNTA3MTYxNDQ5MTNaFw0yNjA3MTUxNDU0MTNaMDMxMTAvBgNV
BAMTKDc4NTAzNDRBODQ3QzhDOTQxMzMyN0JBOUJEQTU0ODMwOTQ5RTk1RjUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDr1hyzOJTk2KDKVG6qhlN5Yl4w
oedGY24IdX6GUdif3ARjeePKpr8kqC3Fs0O1yvItftQvhNahNVWBJEI7FooKQF06
bGJxjUMiJF+TOl0XRBHYbjShc4lxvyO/fxzIOyjJh+xRbCYdC/SDNN3TIH/KsZTt
sVLdlb80qWkBS8oHBCpJCxoAeQvKxEEMB87C4oARCrqCDUjJrT0m/nRHxX5fQa0f
VFhF3jlXJSkcnizDL36tMFY15AlzcYQ5348/XS6KWvOn/TWK61pthMG4GyH39wji
xw4i789AydcG4vBA0odEP8+PpIESY1I07gbjhDXV4C6RFLBmRJoe9tETHVUDAgMB
AAGjggJ3MIICczAdBgNVHQ4EFgQUeFA0SoR8jJQTMnupvaVIMJSelfUwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMzk3MzczLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMIGLBggrBgEFBQcBBwEB/wR8MHoweAQCAAEwcgMEALM9
3wMEALM9/AMEALUp1wMEALXW2QMEALXXBQMEAbXX8gMEALXX+AMEALmsQAMEALms
QwMEAL9gGQMEAL9gIAMEAL9ggwMEAL9gsQMEAL9gwgMEAL9g3QMEAL9g9gMEAL9l
EAMEAr9lLAMEAL9lvzANBgkqhkiG9w0BAQsFAAOCAQEAFmJJE+eE775YqbHrFxuR
OA4Wdwx51G2+b3zB0M0KzqNKBmNXpDyGHVFSuBP9RhEqqwMvxdJGYa9c3IbIXB56
D0gdhCoo8Z7S2g83N+VIyuxa0oUKG+zpV3Shwpl8eb4y3W+1DFIoFNGNrCcxUh41
ks/cblEwHZ7EdiAL/wHnuJJToNv4AhIoPekg9JoSYmKL28+pKWTrnZ0v2X/cjoSJ
h3xYan+r1IqbfdGaS/5p2GZoW//RC/1jamF2K4g9Spffi4G2rmvO+6jXkrg10VN4
yJurIO2Z0pcZIviIFCOB2BTY+qMCigxoMcvmtX4nvsl0gMJ/RlOvQB3I1tR1ZuXt
jg==
-----END CERTIFICATE-----
Generated at Mon Jul 21 07:26:01 2025 by rpki-client