
Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS397373.roa
File: AS397373.roa (raw, json)
Hash identifier: INl6tMTifIDg0dNLI5m/BBO1F9F+3YvGXEaLwcVkcw8=
Subject key identifier: 95:22:FF:09:91:73:6D:E9:FC:68:F6:2A:DA:06:C0:34:44:A2:F8:CC
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 5E3599B68ACF4190B0AA8471925B3FD24D1FB5F2
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS397373.roa
Signing time: Wed 17 Jun 2026 15:47:41 +0000
ROA not before: Wed 17 Jun 2026 15:42:41 +0000
ROA not after: Wed 16 Jun 2027 15:47:41 +0000
asID: 397373
IP address blocks: 179.61.223.0/24 maxlen: 24
179.61.252.0/24 maxlen: 24
181.41.215.0/24 maxlen: 24
181.214.217.0/24 maxlen: 24
181.215.5.0/24 maxlen: 24
181.215.242.0/24 maxlen: 24
181.215.243.0/24 maxlen: 24
181.215.248.0/24 maxlen: 24
185.172.64.0/24 maxlen: 24
185.172.67.0/24 maxlen: 24
191.96.25.0/24 maxlen: 24
191.96.32.0/24 maxlen: 24
191.96.131.0/24 maxlen: 24
191.96.177.0/24 maxlen: 24
191.96.194.0/24 maxlen: 24
191.96.221.0/24 maxlen: 24
191.96.246.0/24 maxlen: 24
191.101.16.0/24 maxlen: 24
191.101.44.0/22 maxlen: 24
191.101.191.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Jul 2026 07:32:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5e:35:99:b6:8a:cf:41:90:b0:aa:84:71:92:5b:3f:d2:4d:1f:b5:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Jun 17 15:42:41 2026 GMT
Not After : Jun 16 15:47:41 2027 GMT
Subject: CN=9522FF0991736DE9FC68F62ADA06C03444A2F8CC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:56:8f:ce:c8:c0:65:5b:07:56:61:2b:bf:74:
20:4f:b7:97:0c:aa:9e:29:b9:ee:76:c9:41:b2:f7:
25:8f:57:8e:54:ff:d5:c2:5c:fb:0d:47:f1:6c:e0:
bb:7f:5a:cf:56:f4:2b:40:9b:bc:2b:a1:c1:f5:87:
ed:67:c3:b2:68:3b:53:88:35:2f:03:2f:d0:53:c3:
cf:72:c6:30:95:18:5b:fa:6c:a9:a9:d9:00:d6:ed:
26:79:9c:22:3a:68:d4:51:2d:79:8a:05:b2:9b:6e:
5c:8b:f0:af:c4:b1:1a:a7:75:91:8e:47:3d:b7:62:
10:67:61:90:dc:f4:09:ec:91:31:35:0d:1d:32:93:
40:af:6d:7a:27:5f:64:1f:9a:34:2a:f3:4f:e2:21:
3c:cb:00:22:9c:e6:33:cf:b6:6c:d1:0a:ba:a9:d2:
1b:6d:b4:16:26:09:0f:33:b0:06:4e:19:78:90:9c:
5a:de:b4:08:29:c4:af:3b:45:48:eb:af:da:1f:93:
71:98:3e:94:7f:ff:38:b5:93:fd:23:36:bd:b4:ee:
a2:61:e4:aa:62:11:6f:42:ee:fe:dd:f3:3b:a2:29:
00:7e:45:ad:70:0a:d1:3a:a3:0a:bd:91:0d:90:e8:
f5:b5:2a:5d:79:ae:48:90:16:54:b4:fe:ab:e0:82:
69:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:22:FF:09:91:73:6D:E9:FC:68:F6:2A:DA:06:C0:34:44:A2:F8:CC
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS397373.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
179.61.223.0/24
179.61.252.0/24
181.41.215.0/24
181.214.217.0/24
181.215.5.0/24
181.215.242.0/23
181.215.248.0/24
185.172.64.0/24
185.172.67.0/24
191.96.25.0/24
191.96.32.0/24
191.96.131.0/24
191.96.177.0/24
191.96.194.0/24
191.96.221.0/24
191.96.246.0/24
191.101.16.0/24
191.101.44.0/22
191.101.191.0/24
Signature Algorithm: sha256WithRSAEncryption
16:2b:b0:6d:56:93:76:c3:eb:2e:bb:e0:ad:7f:3c:7e:b7:01:
e0:cb:07:b4:82:b7:68:4a:5e:47:d0:a1:fd:b5:ec:9d:fc:5e:
0a:d7:e4:02:5d:f3:2b:20:82:1b:cd:3c:36:93:c6:95:82:dd:
5a:f4:c0:6d:52:f4:79:0d:9a:14:72:e4:a6:c5:ef:c6:44:48:
af:e5:43:33:a3:77:30:24:c2:12:45:4b:44:bb:0c:d2:40:e6:
9d:89:ba:c6:6e:a0:69:db:8d:1f:fe:5f:42:c1:14:2f:65:95:
a4:bc:ba:dc:b8:fd:87:82:b2:d7:58:7c:bd:a4:da:0e:54:c0:
f7:23:38:3b:ab:7a:fa:2c:cd:98:e3:85:b7:e4:68:7a:13:e3:
4f:2d:4e:34:ee:2a:1a:04:3b:a3:48:4d:54:c4:26:37:7c:bf:
94:23:c9:bb:e4:66:01:cd:33:56:b4:54:75:31:52:22:a7:95:
d6:a1:82:1c:85:43:ef:02:64:2c:95:b8:e9:ed:62:a7:a9:d3:
1e:5d:ef:1c:21:47:7b:fd:e6:2c:7c:8e:40:31:bf:a3:cc:c6:
74:c2:7a:76:de:38:71:b8:cc:a5:fb:50:44:27:80:14:bd:8e:
68:54:35:a0:23:4d:0c:ee:fa:9e:8d:b0:1b:d9:16:cf:78:ad:
66:73:8b:75
-----BEGIN CERTIFICATE-----
MIIFbTCCBFWgAwIBAgIUXjWZtorPQZCwqoRxkls/0k0ftfIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNjA2MTcxNTQyNDFaFw0yNzA2MTYxNTQ3NDFaMDMxMTAvBgNV
BAMTKDk1MjJGRjA5OTE3MzZERTlGQzY4RjYyQURBMDZDMDM0NDRBMkY4Q0MwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDGVo/OyMBlWwdWYSu/dCBPt5cM
qp4pue52yUGy9yWPV45U/9XCXPsNR/Fs4Lt/Ws9W9CtAm7wrocH1h+1nw7JoO1OI
NS8DL9BTw89yxjCVGFv6bKmp2QDW7SZ5nCI6aNRRLXmKBbKbblyL8K/EsRqndZGO
Rz23YhBnYZDc9AnskTE1DR0yk0CvbXonX2QfmjQq80/iITzLACKc5jPPtmzRCrqp
0htttBYmCQ8zsAZOGXiQnFretAgpxK87RUjrr9ofk3GYPpR//zi1k/0jNr207qJh
5KpiEW9C7v7d8zuiKQB+Ra1wCtE6owq9kQ2Q6PW1Kl15rkiQFlS0/qvggmm7AgMB
AAGjggJ3MIICczAdBgNVHQ4EFgQUlSL/CZFzben8aPYq2gbANESi+MwwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMzk3MzczLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMIGLBggrBgEFBQcBBwEB/wR8MHoweAQCAAEwcgMEALM9
3wMEALM9/AMEALUp1wMEALXW2QMEALXXBQMEAbXX8gMEALXX+AMEALmsQAMEALms
QwMEAL9gGQMEAL9gIAMEAL9ggwMEAL9gsQMEAL9gwgMEAL9g3QMEAL9g9gMEAL9l
EAMEAr9lLAMEAL9lvzANBgkqhkiG9w0BAQsFAAOCAQEAFiuwbVaTdsPrLrvgrX88
frcB4MsHtIK3aEpeR9Ch/bXsnfxeCtfkAl3zKyCCG808NpPGlYLdWvTAbVL0eQ2a
FHLkpsXvxkRIr+VDM6N3MCTCEkVLRLsM0kDmnYm6xm6gaduNH/5fQsEUL2WVpLy6
3Lj9h4Ky11h8vaTaDlTA9yM4O6t6+izNmOOFt+RoehPjTy1ONO4qGgQ7o0hNVMQm
N3y/lCPJu+RmAc0zVrRUdTFSIqeV1qGCHIVD7wJkLJW46e1ip6nTHl3vHCFHe/3m
LHyOQDG/o8zGdMJ6dt44cbjMpftQRCeAFL2OaFQ1oCNNDO76no2wG9kWz3itZnOL
dQ==
-----END CERTIFICATE-----
Generated at Sun Jul 19 16:39:25 2026 by rpki-client