Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS25369.roa
File: AS25369.roa (raw, json)
Hash identifier: DqyLvJmMZuirQbaH7SZGwvLwZ0j4afEcJOZjML7TdhM=
Subject key identifier: 54:75:4A:25:DC:A0:97:3F:FD:EB:30:BF:95:96:D7:AB:67:69:D7:15
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 4287AA20265B8F3D9D3802000540C17B4C1D6221
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS25369.roa
Signing time: Fri 29 May 2026 07:33:06 +0000
ROA not before: Fri 29 May 2026 07:28:06 +0000
ROA not after: Fri 28 May 2027 07:33:06 +0000
asID: 25369
IP address blocks: 2.57.17.0/24 maxlen: 24
5.252.83.0/24 maxlen: 24
45.133.173.0/24 maxlen: 24
85.209.177.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 04 Jun 2026 14:59:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
42:87:aa:20:26:5b:8f:3d:9d:38:02:00:05:40:c1:7b:4c:1d:62:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: May 29 07:28:06 2026 GMT
Not After : May 28 07:33:06 2027 GMT
Subject: CN=54754A25DCA0973FFDEB30BF9596D7AB6769D715
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:19:77:1a:22:af:8c:39:9b:67:1e:cc:85:c2:
2a:df:0a:a8:d2:45:3b:42:f6:42:3d:6e:bf:b1:40:
20:ad:4e:e9:9e:76:ec:c8:9a:8b:17:65:04:e1:01:
d9:af:87:d5:98:07:e7:aa:82:60:8d:9d:b6:cd:b3:
3d:7a:83:47:e7:63:11:38:98:2c:c7:1a:f3:3a:54:
7e:2f:5d:42:f2:03:6d:43:f7:92:15:f9:82:ce:be:
ef:52:47:5e:19:04:b6:90:58:6c:86:55:be:11:64:
69:6e:c9:6b:1f:0c:26:3f:2a:eb:00:74:fd:f6:34:
71:9b:59:45:f5:2c:97:4a:09:09:e4:84:9e:15:c9:
93:61:df:dc:2e:e7:3f:4a:72:7f:b3:1f:95:2b:4f:
3e:54:f2:b1:c4:42:df:81:97:34:52:46:0b:47:fb:
f2:ec:4f:93:53:5d:0b:99:99:b1:39:42:20:5d:6f:
b1:f0:37:d1:54:6d:ec:8a:cc:1a:7a:39:8a:2c:75:
7b:0f:ae:b3:0a:3e:a6:d7:02:bf:31:b1:14:ca:1d:
22:2a:b5:7b:d8:2d:5f:c0:b0:28:d5:14:f3:38:58:
a8:34:2d:0b:8d:ac:c6:ce:18:84:0f:a2:32:67:75:
f7:95:2e:bb:4c:50:a3:8c:3d:cd:20:d8:ef:91:f0:
16:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:75:4A:25:DC:A0:97:3F:FD:EB:30:BF:95:96:D7:AB:67:69:D7:15
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS25369.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.57.17.0/24
5.252.83.0/24
45.133.173.0/24
85.209.177.0/24
Signature Algorithm: sha256WithRSAEncryption
6b:52:eb:c4:9c:4b:9d:43:d7:cc:de:ee:4e:26:d7:fb:95:ec:
c9:95:0a:16:48:36:d9:1a:99:ea:e2:d6:b5:dc:f9:d8:26:5f:
e5:eb:e3:47:9c:53:95:d6:dc:c5:e6:f3:fc:60:4e:72:c0:b5:
76:2f:9a:3b:ae:11:ba:42:65:48:aa:fc:68:da:e5:af:fb:b7:
7c:26:cd:3d:9d:85:c0:5c:65:71:26:ce:d3:36:bc:59:dc:93:
40:08:e1:be:68:fd:15:70:82:3f:90:a8:4a:61:4b:87:5c:0d:
f2:73:a4:e7:61:eb:e4:08:b9:ac:c6:fc:cf:79:79:a5:e0:26:
90:ef:a7:99:3a:c1:a3:a1:0d:19:46:2d:59:88:0f:d6:b7:03:
56:ca:f7:e7:6d:67:06:c9:21:64:f2:f0:73:0a:b7:7e:2a:7c:
7e:03:b0:24:9e:30:db:a2:74:ab:dd:f8:b6:94:27:d0:af:dd:
e7:d5:9f:f2:a9:ec:47:04:c9:be:bd:d7:20:34:ac:a3:52:bc:
c9:18:eb:a4:b2:56:aa:b8:b0:9f:c9:b6:6b:ee:ed:68:ed:7f:
fb:9a:56:37:7f:b7:63:1b:cd:f3:d9:10:bf:e6:7c:ef:be:ef:
8e:4c:17:c5:ab:c8:5d:e7:b3:b1:6f:ec:df:88:df:00:dd:65:
28:c6:95:6c
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgIUQoeqICZbjz2dOAIABUDBe0wdYiEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNjA1MjkwNzI4MDZaFw0yNzA1MjgwNzMzMDZaMDMxMTAvBgNV
BAMTKDU0NzU0QTI1RENBMDk3M0ZGREVCMzBCRjk1OTZEN0FCNjc2OUQ3MTUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDHGXcaIq+MOZtnHsyFwirfCqjS
RTtC9kI9br+xQCCtTumeduzImosXZQThAdmvh9WYB+eqgmCNnbbNsz16g0fnYxE4
mCzHGvM6VH4vXULyA21D95IV+YLOvu9SR14ZBLaQWGyGVb4RZGluyWsfDCY/KusA
dP32NHGbWUX1LJdKCQnkhJ4VyZNh39wu5z9Kcn+zH5UrTz5U8rHEQt+BlzRSRgtH
+/LsT5NTXQuZmbE5QiBdb7HwN9FUbeyKzBp6OYosdXsPrrMKPqbXAr8xsRTKHSIq
tXvYLV/AsCjVFPM4WKg0LQuNrMbOGIQPojJndfeVLrtMUKOMPc0g2O+R8BY9AgMB
AAGjggIbMIICFzAdBgNVHQ4EFgQUVHVKJdyglz/96zC/lZbXq2dp1xUwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMjUzNjkucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwMQYIKwYBBQUHAQcBAf8EIjAgMB4EAgABMBgDBAACORED
BAAF/FMDBAAtha0DBABV0bEwDQYJKoZIhvcNAQELBQADggEBAGtS68ScS51D18ze
7k4m1/uV7MmVChZINtkameri1rXc+dgmX+Xr40ecU5XW3MXm8/xgTnLAtXYvmjuu
EbpCZUiq/Gja5a/7t3wmzT2dhcBcZXEmztM2vFnck0AI4b5o/RVwgj+QqEphS4dc
DfJzpOdh6+QIuazG/M95eaXgJpDvp5k6waOhDRlGLVmID9a3A1bK9+dtZwbJIWTy
8HMKt34qfH4DsCSeMNuidKvd+LaUJ9Cv3efVn/Kp7EcEyb691yA0rKNSvMkY66Sy
Vqq4sJ/Jtmvu7Wjtf/uaVjd/t2MbzfPZEL/mfO++745MF8WryF3ns7Fv7N+I3wDd
ZSjGlWw=
-----END CERTIFICATE-----
Generated at Thu Jun 4 01:19:22 2026 by rpki-client