Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS17497.roa
File: AS17497.roa (raw, json)
Hash identifier: 8zoEFlozfhG0c1Bki4mjjSs0osgPpm2eR2KoloXQYe8=
Subject key identifier: 18:40:7F:3A:DD:96:06:1F:CF:6E:BD:23:8D:C6:D3:88:0F:CA:37:5A
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 3079E9B05D092F96BC8E6BE19B290549D687720E
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS17497.roa
Signing time: Fri 24 Apr 2026 05:36:45 +0000
ROA not before: Fri 24 Apr 2026 05:31:45 +0000
ROA not after: Fri 23 Apr 2027 05:36:45 +0000
asID: 17497
IP address blocks: 162.141.96.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 27 Apr 2026 14:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
30:79:e9:b0:5d:09:2f:96:bc:8e:6b:e1:9b:29:05:49:d6:87:72:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Apr 24 05:31:45 2026 GMT
Not After : Apr 23 05:36:45 2027 GMT
Subject: CN=18407F3ADD96061FCF6EBD238DC6D3880FCA375A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:59:0d:b1:4a:b9:cb:a7:aa:75:c4:c5:a3:01:
96:e5:ab:53:ca:93:c1:f5:0c:f1:54:70:2b:70:ef:
86:64:ac:fe:78:b9:43:da:31:e9:19:52:3b:d5:49:
f8:13:c5:7f:8a:6d:0c:9e:4b:46:08:ec:33:fa:bd:
ae:0f:3c:61:34:04:5a:a9:f5:f9:d2:d8:50:01:81:
dc:1f:7a:9e:3e:cd:94:4d:30:ed:a1:17:c0:2c:e7:
ce:fc:79:ab:bb:0e:d7:c8:d0:0f:1b:60:0c:19:e7:
2f:c2:4e:7c:46:a4:18:54:80:92:7d:aa:e6:bf:88:
08:47:75:0e:e6:ee:60:ab:56:16:cd:ea:e0:6d:62:
09:95:c3:33:0b:9c:e7:76:0a:bd:e6:51:e0:25:3e:
05:f1:f4:ca:18:9e:77:df:5e:1e:2e:64:12:74:d0:
ef:ff:73:06:50:1f:a7:a3:82:c5:54:1c:9f:be:d9:
ba:2c:78:44:73:9a:42:c2:11:e5:9b:42:07:55:d5:
7a:47:1e:d5:ec:32:2c:6b:5c:09:64:ab:80:55:61:
97:2c:5a:72:13:08:83:99:9f:1f:2b:6e:ea:93:d1:
83:c9:70:91:00:15:8f:08:97:39:42:26:09:79:98:
a2:5a:f7:77:2f:1d:c2:f4:97:75:8f:43:94:bf:aa:
4f:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:40:7F:3A:DD:96:06:1F:CF:6E:BD:23:8D:C6:D3:88:0F:CA:37:5A
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS17497.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
162.141.96.0/24
Signature Algorithm: sha256WithRSAEncryption
97:ab:d9:90:76:49:ab:7b:70:9e:fd:ff:ae:1d:98:08:03:13:
ac:9f:bc:62:87:66:3a:d0:f9:3d:10:b3:69:00:4e:d2:88:40:
cf:bd:6a:3c:1d:eb:d3:f4:02:f2:b6:a6:79:c0:22:a9:e7:f5:
56:e2:8b:e7:ef:6f:d0:b2:bc:13:da:57:ce:3a:64:eb:44:33:
be:5c:79:5a:fb:73:50:9e:9d:c8:a4:4c:44:23:15:4e:ed:82:
77:c0:49:b7:34:b1:74:74:d9:b0:3b:24:f9:ce:d0:ce:cd:9a:
0f:87:57:c3:47:4e:bf:42:23:a6:eb:41:76:9c:fe:e1:fa:31:
00:f1:d4:4b:26:fa:ed:a7:f7:15:19:dc:d8:26:c1:51:2b:f3:
0b:eb:2a:3b:90:fd:25:9e:59:bf:46:4c:70:00:c3:ed:14:56:
63:2a:d5:12:7c:bf:35:6b:66:2b:78:0f:90:6a:c7:b9:f2:22:
40:a6:13:90:36:fa:34:6e:21:11:ae:bb:b2:3a:8e:6b:f6:55:
94:fd:60:f7:9c:b2:6b:ec:c0:93:34:51:e6:3b:ad:0e:02:00:
e0:77:44:01:d6:95:dd:9d:5e:3e:c8:d8:8b:94:ba:ce:8c:3f:
bf:9a:9c:1f:80:b9:0b:9a:63:65:71:6e:d6:2d:06:ce:3a:09:
e7:36:fe:47
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgIUMHnpsF0JL5a8jmvhmykFSdaHcg4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNjA0MjQwNTMxNDVaFw0yNzA0MjMwNTM2NDVaMDMxMTAvBgNV
BAMTKDE4NDA3RjNBREQ5NjA2MUZDRjZFQkQyMzhEQzZEMzg4MEZDQTM3NUEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCjWQ2xSrnLp6p1xMWjAZblq1PK
k8H1DPFUcCtw74ZkrP54uUPaMekZUjvVSfgTxX+KbQyeS0YI7DP6va4PPGE0BFqp
9fnS2FABgdwfep4+zZRNMO2hF8As5878eau7DtfI0A8bYAwZ5y/CTnxGpBhUgJJ9
qua/iAhHdQ7m7mCrVhbN6uBtYgmVwzMLnOd2Cr3mUeAlPgXx9MoYnnffXh4uZBJ0
0O//cwZQH6ejgsVUHJ++2boseERzmkLCEeWbQgdV1XpHHtXsMixrXAlkq4BVYZcs
WnITCIOZnx8rbuqT0YPJcJEAFY8IlzlCJgl5mKJa93cvHcL0l3WPQ5S/qk+7AgMB
AAGjggIJMIICBTAdBgNVHQ4EFgQUGEB/Ot2WBh/Pbr0jjcbTiA/KN1owHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMTc0OTcucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACijWAw
DQYJKoZIhvcNAQELBQADggEBAJer2ZB2Sat7cJ79/64dmAgDE6yfvGKHZjrQ+T0Q
s2kATtKIQM+9ajwd69P0AvK2pnnAIqnn9Vbii+fvb9CyvBPaV846ZOtEM75ceVr7
c1CencikTEQjFU7tgnfASbc0sXR02bA7JPnO0M7Nmg+HV8NHTr9CI6brQXac/uH6
MQDx1Esm+u2n9xUZ3NgmwVEr8wvrKjuQ/SWeWb9GTHAAw+0UVmMq1RJ8vzVrZit4
D5Bqx7nyIkCmE5A2+jRuIRGuu7I6jmv2VZT9YPecsmvswJM0UeY7rQ4CAOB3RAHW
ld2dXj7I2IuUus6MP7+anB+AuQuaY2VxbtYtBs46Cec2/kc=
-----END CERTIFICATE-----
Generated at Sun Apr 26 21:18:54 2026 by rpki-client