Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS153928.roa
File: AS153928.roa (raw, json)
Hash identifier: gpdIG0lC4pwDgfLF9p3MTbuVdgnOpa0tnpYncIrsuIg=
Subject key identifier: E5:EF:33:8F:13:36:CD:B1:27:5A:17:60:8E:93:35:40:70:9A:16:7E
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 7BB70AF43E0A5B358C4F7463BA5AB7998CE857C4
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS153928.roa
Signing time: Fri 22 May 2026 08:19:42 +0000
ROA not before: Fri 22 May 2026 08:14:42 +0000
ROA not after: Fri 21 May 2027 08:19:42 +0000
asID: 153928
IP address blocks: 179.61.170.0/24 maxlen: 24
181.215.64.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 04 Jun 2026 14:59:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7b:b7:0a:f4:3e:0a:5b:35:8c:4f:74:63:ba:5a:b7:99:8c:e8:57:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: May 22 08:14:42 2026 GMT
Not After : May 21 08:19:42 2027 GMT
Subject: CN=E5EF338F1336CDB1275A17608E933540709A167E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:bf:cb:96:40:db:1d:64:94:4a:3a:70:7c:a9:
82:65:9b:99:0d:4a:52:73:17:3e:88:09:49:1c:68:
45:2d:61:4c:26:ff:57:de:7f:85:0c:41:0c:4a:d4:
dd:4f:b0:c7:46:ab:2f:61:87:92:6e:0e:98:b9:45:
93:b6:25:da:51:cb:16:de:d0:6c:fd:50:f2:67:28:
b5:9f:b4:05:73:72:50:84:46:86:d3:b8:8e:d4:3d:
c0:df:16:b2:ce:b1:d2:b2:11:2b:4d:db:7e:7b:b6:
41:b4:fe:f4:c8:94:c8:d1:36:cb:dc:5d:37:f6:ae:
8d:c3:75:f8:e2:fc:b9:36:38:11:62:73:ff:b3:d1:
96:60:89:03:96:25:dd:ad:0d:94:5c:cf:e8:6c:dc:
3b:79:03:82:c5:5c:1a:73:e5:15:ca:db:7e:36:02:
6f:8a:9b:1d:31:c7:2b:fd:eb:3b:f6:44:4a:96:b9:
eb:86:40:15:31:86:70:26:ef:9a:de:de:41:00:80:
77:a7:ef:80:52:52:eb:3f:72:29:9e:ef:78:9a:fa:
5d:11:15:59:22:91:f9:b0:d7:6c:84:e0:d7:ae:0c:
a9:47:da:51:0f:c1:aa:c9:0c:05:3b:df:72:18:9a:
79:80:7e:08:24:d9:d5:a5:53:0e:17:9d:12:fc:76:
96:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:EF:33:8F:13:36:CD:B1:27:5A:17:60:8E:93:35:40:70:9A:16:7E
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS153928.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
179.61.170.0/24
181.215.64.0/24
Signature Algorithm: sha256WithRSAEncryption
2f:64:0b:c9:5e:8b:bc:55:e8:c8:e5:93:fb:90:90:ee:e9:49:
ee:51:a0:79:c6:52:e0:67:3c:30:62:2a:e2:f9:e6:26:89:2e:
c6:d3:09:95:aa:e0:d7:8c:be:c8:47:89:31:86:21:50:f0:20:
3f:ff:45:fc:db:2d:c0:3b:96:c1:07:e7:cf:e1:e6:f9:da:39:
a5:ee:44:88:5d:dd:5d:f1:39:f2:7e:a7:02:e1:ca:51:e4:72:
cb:79:ac:31:73:7d:e6:7f:0c:f3:0a:c9:ad:92:84:91:a5:26:
c0:67:0f:9f:38:b4:1c:2d:5e:be:24:0b:5e:d3:0f:57:4b:da:
da:16:e5:67:8b:27:f8:3a:51:ea:6f:a0:c2:69:ec:db:d4:f2:
e9:a7:9f:8c:6a:be:52:48:a2:9d:63:37:37:5a:c6:db:72:5c:
2c:eb:0e:4a:b3:c9:56:23:69:44:2b:ac:49:45:d4:b2:56:3d:
f0:a9:dd:31:c3:21:6b:10:98:87:35:81:85:ae:5d:2a:cc:92:
59:e4:6f:f6:c1:29:7b:50:03:34:f6:b4:69:88:81:b1:00:af:
c0:10:23:db:c7:96:62:29:11:d3:d3:de:8b:b7:44:62:0d:7f:
59:ff:87:0d:79:39:62:5f:22:97:83:ac:aa:6c:0d:c8:af:15:
29:d5:b3:fb
-----BEGIN CERTIFICATE-----
MIIFBjCCA+6gAwIBAgIUe7cK9D4KWzWMT3Rjulq3mYzoV8QwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNjA1MjIwODE0NDJaFw0yNzA1MjEwODE5NDJaMDMxMTAvBgNV
BAMTKEU1RUYzMzhGMTMzNkNEQjEyNzVBMTc2MDhFOTMzNTQwNzA5QTE2N0UwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCgv8uWQNsdZJRKOnB8qYJlm5kN
SlJzFz6ICUkcaEUtYUwm/1fef4UMQQxK1N1PsMdGqy9hh5JuDpi5RZO2JdpRyxbe
0Gz9UPJnKLWftAVzclCERobTuI7UPcDfFrLOsdKyEStN2357tkG0/vTIlMjRNsvc
XTf2ro3Ddfji/Lk2OBFic/+z0ZZgiQOWJd2tDZRcz+hs3Dt5A4LFXBpz5RXK2342
Am+Kmx0xxyv96zv2REqWueuGQBUxhnAm75re3kEAgHen74BSUus/cime73ia+l0R
FVkikfmw12yE4NeuDKlH2lEPwarJDAU733IYmnmAfggk2dWlUw4XnRL8dpaVAgMB
AAGjggIQMIICDDAdBgNVHQ4EFgQU5e8zjxM2zbEnWhdgjpM1QHCaFn4wHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMTUzOTI4LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAsz2q
AwQAtddAMA0GCSqGSIb3DQEBCwUAA4IBAQAvZAvJXou8VejI5ZP7kJDu6UnuUaB5
xlLgZzwwYiri+eYmiS7G0wmVquDXjL7IR4kxhiFQ8CA//0X82y3AO5bBB+fP4eb5
2jml7kSIXd1d8TnyfqcC4cpR5HLLeawxc33mfwzzCsmtkoSRpSbAZw+fOLQcLV6+
JAte0w9XS9raFuVniyf4OlHqb6DCaezb1PLpp5+Mar5SSKKdYzc3Wsbbclws6w5K
s8lWI2lEK6xJRdSyVj3wqd0xwyFrEJiHNYGFrl0qzJJZ5G/2wSl7UAM09rRpiIGx
AK/AECPbx5ZiKRHT096Lt0RiDX9Z/4cNeTliXyKXg6yqbA3IrxUp1bP7
-----END CERTIFICATE-----
Generated at Thu Jun 4 01:16:20 2026 by rpki-client