Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/AS137517.roa
File: AS137517.roa (raw, json)
Hash identifier: Q2lRGKlHcIUIWz2gEDz9aEVc/B534SvP0yEfA/W2v+E=
Subject key identifier: 63:53:95:5F:7A:5E:4A:EB:8A:78:45:7B:13:79:1E:CA:53:F1:CD:1D
Certificate issuer: /CN=03b1ba3fdb91d8d9ea76c5776320eb7eb2d6ed9d
Certificate serial: 2B8190F9067A36ED4E1ED2AADC72AD06830C7FC1
Authority key identifier: 03:B1:BA:3F:DB:91:D8:D9:EA:76:C5:77:63:20:EB:7E:B2:D6:ED:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/A7G6P9uR2NnqdsV3YyDrfrLW7Z0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/AS137517.roa
Signing time: Thu 28 May 2026 09:28:31 +0000
ROA not before: Thu 28 May 2026 09:23:31 +0000
ROA not after: Thu 27 May 2027 09:28:31 +0000
asID: 137517
IP address blocks: 45.158.168.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/03B1BA3FDB91D8D9EA76C5776320EB7EB2D6ED9D.crl
rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/03B1BA3FDB91D8D9EA76C5776320EB7EB2D6ED9D.mft
rsync://rpki.ripe.net/repository/DEFAULT/A7G6P9uR2NnqdsV3YyDrfrLW7Z0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 05 Jun 2026 06:29:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2b:81:90:f9:06:7a:36:ed:4e:1e:d2:aa:dc:72:ad:06:83:0c:7f:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=03b1ba3fdb91d8d9ea76c5776320eb7eb2d6ed9d
Validity
Not Before: May 28 09:23:31 2026 GMT
Not After : May 27 09:28:31 2027 GMT
Subject: CN=6353955F7A5E4AEB8A78457B13791ECA53F1CD1D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:4e:7e:8b:10:fd:42:5f:a8:c5:19:46:6b:76:
90:13:34:f7:3d:59:f9:4d:e9:77:7e:ae:0f:c8:a5:
b1:ec:12:03:ed:26:70:95:15:86:6a:ae:31:31:e4:
cd:15:94:bd:a5:48:41:bc:66:75:5d:31:d5:07:00:
da:e5:51:2b:b2:89:23:f9:9d:94:9f:37:27:fe:14:
7a:5f:3a:e7:af:0f:f5:c5:05:95:11:08:df:3b:11:
1e:31:24:c6:49:cd:ce:ba:e0:8e:7b:a9:b7:c4:9b:
9e:25:fd:57:4b:86:c1:07:29:0a:6a:7d:b8:de:71:
be:6b:c6:06:71:6a:21:0e:79:7d:5c:f0:32:98:91:
c6:09:6d:a3:4b:04:97:2e:12:17:dc:6f:e4:a1:c3:
b8:83:f9:b7:2c:9a:31:fa:18:dd:1e:dc:b9:20:53:
a9:01:d5:34:b6:c4:06:d7:9b:b3:46:37:42:a4:75:
b6:02:32:ad:4a:e9:7d:f4:16:b3:4a:6e:66:bb:93:
b6:25:70:d0:ea:0f:5d:28:02:be:51:cb:36:43:16:
c2:3f:35:9f:a1:d9:e0:96:db:5e:ec:95:8c:a3:d3:
c0:15:f0:c3:1a:57:66:a4:ec:8c:1f:73:fd:1b:0b:
ef:09:4d:ef:ca:4c:9f:c3:3c:6d:8b:4f:24:94:2e:
6c:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:53:95:5F:7A:5E:4A:EB:8A:78:45:7B:13:79:1E:CA:53:F1:CD:1D
X509v3 Authority Key Identifier:
keyid:03:B1:BA:3F:DB:91:D8:D9:EA:76:C5:77:63:20:EB:7E:B2:D6:ED:9D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/03B1BA3FDB91D8D9EA76C5776320EB7EB2D6ED9D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A7G6P9uR2NnqdsV3YyDrfrLW7Z0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/AS137517.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.158.168.0/24
Signature Algorithm: sha256WithRSAEncryption
6a:97:de:3b:b2:a4:eb:21:24:a9:75:5c:a0:86:c9:e7:e7:38:
2d:13:81:16:22:55:fa:35:b7:62:bd:8a:f9:5d:a7:85:10:31:
bc:57:8d:47:dc:10:4b:3a:5e:17:9b:d8:6f:e6:0d:c1:53:ab:
48:91:de:17:3a:42:be:24:55:27:2c:00:92:f7:12:62:e6:99:
6d:58:03:b7:0e:de:75:03:d1:5e:79:12:34:6d:50:c1:ad:38:
7d:49:28:e6:c3:a4:43:a4:62:f9:48:34:15:81:9b:1a:29:fe:
be:d6:0b:24:2c:a7:3e:e6:e0:f6:a0:05:de:67:6a:e6:7b:6d:
7f:90:7d:ab:20:3a:51:3a:71:83:6f:9f:5b:98:94:38:61:13:
52:6d:d1:07:a7:36:e6:82:74:39:cd:0b:1f:34:ab:42:d0:f0:
41:64:f6:26:0b:44:3f:8d:ee:17:08:d6:ad:c5:42:32:97:20:
7f:f4:43:6a:69:ba:3b:64:89:e2:19:b5:f8:78:28:96:62:38:
b5:ec:e3:35:60:73:51:da:6f:97:e5:52:f0:61:88:39:a3:a3:
dc:ce:75:00:65:47:00:10:69:b3:6b:d5:1c:25:63:dc:3a:f9:
31:42:53:5d:69:ca:fb:ad:7e:bc:9a:39:f5:12:2f:b2:e8:2a:
41:a3:9b:9c
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIUK4GQ+QZ6Nu1OHtKq3HKtBoMMf8EwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDNiMWJhM2ZkYjkxZDhkOWVhNzZjNTc3NjMyMGViN2Vi
MmQ2ZWQ5ZDAeFw0yNjA1MjgwOTIzMzFaFw0yNzA1MjcwOTI4MzFaMDMxMTAvBgNV
BAMTKDYzNTM5NTVGN0E1RTRBRUI4QTc4NDU3QjEzNzkxRUNBNTNGMUNEMUQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCpTn6LEP1CX6jFGUZrdpATNPc9
WflN6Xd+rg/IpbHsEgPtJnCVFYZqrjEx5M0VlL2lSEG8ZnVdMdUHANrlUSuyiSP5
nZSfNyf+FHpfOuevD/XFBZURCN87ER4xJMZJzc664I57qbfEm54l/VdLhsEHKQpq
fbjecb5rxgZxaiEOeX1c8DKYkcYJbaNLBJcuEhfcb+Shw7iD+bcsmjH6GN0e3Lkg
U6kB1TS2xAbXm7NGN0KkdbYCMq1K6X30FrNKbma7k7YlcNDqD10oAr5RyzZDFsI/
NZ+h2eCW217slYyj08AV8MMaV2ak7Iwfc/0bC+8JTe/KTJ/DPG2LTySULmwbAgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQUY1OVX3peSuuKeEV7E3keylPxzR0wHwYDVR0j
BBgwFoAUA7G6P9uR2NnqdsV3YyDrfrLW7Z0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvN2ZmMGY1NTUtZGJhNy00MTkyLWEwMWQtZjY5MTZkNWJi
ODRlLzAvMDNCMUJBM0ZEQjkxRDhEOUVBNzZDNTc3NjMyMEVCN0VCMkQ2RUQ5RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0E3RzZQOXVSMk5ucWRzVjNZeURyZnJM
VzdaMC5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzdmZjBmNTU1LWRiYTct
NDE5Mi1hMDFkLWY2OTE2ZDViYjg0ZS8wL0FTMTM3NTE3LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZ6o
MA0GCSqGSIb3DQEBCwUAA4IBAQBql947sqTrISSpdVyghsnn5zgtE4EWIlX6Nbdi
vYr5XaeFEDG8V41H3BBLOl4Xm9hv5g3BU6tIkd4XOkK+JFUnLACS9xJi5pltWAO3
Dt51A9FeeRI0bVDBrTh9SSjmw6RDpGL5SDQVgZsaKf6+1gskLKc+5uD2oAXeZ2rm
e21/kH2rIDpROnGDb59bmJQ4YRNSbdEHpzbmgnQ5zQsfNKtC0PBBZPYmC0Q/je4X
CNatxUIylyB/9ENqabo7ZIniGbX4eCiWYji17OM1YHNR2m+X5VLwYYg5o6PcznUA
ZUcAEGmza9UcJWPcOvkxQlNdacr7rX68mjn1Ei+y6CpBo5uc
-----END CERTIFICATE-----
Generated at Thu Jun 4 09:01:42 2026 by rpki-client