Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS17497.roa
File: AS17497.roa (raw, json)
Hash identifier: kaoZhMxC6YdEbAWH62sjvPxLq3vtn0id+D5XgPkGAB4=
Subject key identifier: A3:47:84:D2:74:62:1E:60:BB:CF:8E:5C:8C:A3:FF:FD:AB:74:EF:B0
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 3822669C6837E8A43E2F9108AB8FC0B50C229F91
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS17497.roa
Signing time: Fri 06 Mar 2026 10:06:31 +0000
ROA not before: Fri 06 Mar 2026 10:01:31 +0000
ROA not after: Fri 05 Mar 2027 10:06:31 +0000
asID: 17497
IP address blocks: 82.41.0.0/24 maxlen: 24
82.41.27.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 13 Mar 2026 00:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
38:22:66:9c:68:37:e8:a4:3e:2f:91:08:ab:8f:c0:b5:0c:22:9f:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Mar 6 10:01:31 2026 GMT
Not After : Mar 5 10:06:31 2027 GMT
Subject: CN=A34784D274621E60BBCF8E5C8CA3FFFDAB74EFB0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:1a:c6:54:95:2f:cf:63:b1:30:20:3a:22:c2:
d2:dc:40:c1:6e:d0:cd:40:74:4b:9b:14:13:2a:ca:
c4:97:8f:1f:b3:d1:0a:31:fe:78:70:89:cd:cc:a2:
bf:d2:5d:f8:7b:e8:8f:c1:80:df:7e:80:05:b6:b2:
5d:3c:15:87:6d:50:1e:b5:a6:30:84:98:c9:31:6e:
ae:f7:d1:51:fe:8f:14:18:50:7b:36:be:6b:47:6f:
cb:27:23:2a:ed:5d:fc:13:16:07:b5:a8:56:bc:b8:
ac:c2:04:f0:eb:0c:ef:ed:c6:35:95:fb:99:2b:53:
e5:d5:b2:f3:7f:20:f9:6d:19:05:33:a3:49:6b:60:
36:8b:1d:ba:2b:1c:16:bf:e7:06:df:58:33:48:4a:
4c:b9:27:44:05:50:ca:8a:5f:47:f5:f9:7e:9d:ff:
c7:1b:f8:78:d5:fd:be:7c:60:c0:b2:51:29:c6:34:
64:85:d6:e5:d2:fc:20:d4:ca:8a:23:dc:89:61:57:
ec:10:1b:67:00:80:e4:7b:fc:8d:c1:2f:9b:91:b5:
e5:57:c9:c5:13:af:fa:dc:58:ee:a3:8f:ba:35:23:
b5:3b:41:5b:39:e2:cf:27:ad:97:01:08:c1:08:b3:
c2:33:20:49:2a:4d:e2:ff:d4:1d:e6:56:3a:8b:99:
38:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:47:84:D2:74:62:1E:60:BB:CF:8E:5C:8C:A3:FF:FD:AB:74:EF:B0
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS17497.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.41.0.0/24
82.41.27.0/24
Signature Algorithm: sha256WithRSAEncryption
8d:f6:13:b7:f5:fb:fb:d2:a8:68:86:0d:fd:73:2e:d5:0b:5e:
62:a0:a4:3a:45:57:41:97:0b:aa:cc:24:c7:56:63:84:8e:f3:
7c:21:09:bf:9e:11:d9:5f:6f:ad:a1:27:f0:3e:bd:ab:c6:58:
26:26:de:f0:ec:90:0d:95:b0:82:50:9c:78:fb:89:1a:69:07:
01:f1:fa:e7:28:5c:8f:a0:56:14:a0:38:c3:46:20:95:45:90:
c1:13:a2:f6:99:0f:38:31:38:fd:99:92:46:e4:5d:ed:5b:67:
8d:92:51:32:16:32:5f:7e:32:17:ec:48:9c:3a:11:6f:05:ac:
33:cd:15:a1:f4:ad:f5:ae:fb:8a:09:0b:48:fa:de:46:f9:cc:
2f:0a:e4:da:7e:0a:77:92:e6:46:9e:2b:2b:de:07:7b:66:4f:
d0:1c:36:89:f5:bd:0d:55:22:c3:11:a8:e8:fe:ff:af:55:e2:
fd:1f:2a:ba:8d:00:e0:44:d7:2c:1a:94:f2:c2:5c:ef:ba:59:
96:2c:12:af:b8:9b:0e:f7:e8:ad:b9:89:0d:a1:fa:9f:ec:6b:
bb:55:76:c5:d4:db:dd:b4:87:e6:e9:b2:00:9f:99:be:3b:7c:
7b:fd:51:f8:be:e0:2c:dd:3d:59:ce:45:85:ac:a7:84:d2:eb:
a6:0d:5c:5d
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgIUOCJmnGg36KQ+L5EIq4/AtQwin5EwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjAzMDYxMDAxMzFaFw0yNzAzMDUxMDA2MzFaMDMxMTAvBgNV
BAMTKEEzNDc4NEQyNzQ2MjFFNjBCQkNGOEU1QzhDQTNGRkZEQUI3NEVGQjAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDZGsZUlS/PY7EwIDoiwtLcQMFu
0M1AdEubFBMqysSXjx+z0Qox/nhwic3Mor/SXfh76I/BgN9+gAW2sl08FYdtUB61
pjCEmMkxbq730VH+jxQYUHs2vmtHb8snIyrtXfwTFge1qFa8uKzCBPDrDO/txjWV
+5krU+XVsvN/IPltGQUzo0lrYDaLHborHBa/5wbfWDNISky5J0QFUMqKX0f1+X6d
/8cb+HjV/b58YMCyUSnGNGSF1uXS/CDUyooj3IlhV+wQG2cAgOR7/I3BL5uRteVX
ycUTr/rcWO6jj7o1I7U7QVs54s8nrZcBCMEIs8IzIEkqTeL/1B3mVjqLmTjtAgMB
AAGjggIPMIICCzAdBgNVHQ4EFgQUo0eE0nRiHmC7z45cjKP//at077AwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMTc0OTcucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwDBABSKQAD
BABSKRswDQYJKoZIhvcNAQELBQADggEBAI32E7f1+/vSqGiGDf1zLtULXmKgpDpF
V0GXC6rMJMdWY4SO83whCb+eEdlfb62hJ/A+vavGWCYm3vDskA2VsIJQnHj7iRpp
BwHx+ucoXI+gVhSgOMNGIJVFkMETovaZDzgxOP2ZkkbkXe1bZ42SUTIWMl9+Mhfs
SJw6EW8FrDPNFaH0rfWu+4oJC0j63kb5zC8K5Np+CneS5kaeKyveB3tmT9AcNon1
vQ1VIsMRqOj+/69V4v0fKrqNAOBE1ywalPLCXO+6WZYsEq+4mw736K25iQ2h+p/s
a7tVdsXU2920h+bpsgCfmb47fHv9Ufi+4CzdPVnORYWsp4TS66YNXF0=
-----END CERTIFICATE-----
Generated at Thu Mar 12 09:30:47 2026 by rpki-client