Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS197137.roa
File: AS197137.roa (raw, json)
Hash identifier: UHa+rWetxjka209ZZPOKLsHMraMCElEM2FPfFUYneq0=
Subject key identifier: 23:1E:AF:7C:B3:93:1B:71:95:30:27:F3:C4:44:CF:01:A8:AE:03:CC
Certificate issuer: /CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Certificate serial: 51DE44C9ADBCBB0635D88338C176315359D7EEF8
Authority key identifier: A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS197137.roa
Signing time: Wed 03 Jun 2026 10:17:31 +0000
ROA not before: Wed 03 Jun 2026 10:12:31 +0000
ROA not after: Wed 02 Jun 2027 10:17:31 +0000
asID: 197137
IP address blocks: 2a14:7583:effa::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft
rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 06 Jun 2026 17:49:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
51:de:44:c9:ad:bc:bb:06:35:d8:83:38:c1:76:31:53:59:d7:ee:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Validity
Not Before: Jun 3 10:12:31 2026 GMT
Not After : Jun 2 10:17:31 2027 GMT
Subject: CN=231EAF7CB3931B71953027F3C444CF01A8AE03CC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:fc:33:d1:88:a5:fc:12:89:cf:39:c9:75:31:
91:f2:e9:13:7a:41:82:64:74:aa:97:d4:17:60:72:
43:cc:bf:b9:1b:7b:a4:45:65:62:48:df:7e:3b:2b:
e7:a3:27:c1:4c:63:a7:60:e1:27:b3:a9:26:6b:dd:
af:9f:4c:b6:ce:a6:10:19:48:42:8f:5f:af:31:e4:
bf:01:fc:f4:ed:75:37:b5:f0:05:91:e2:31:d7:ac:
c8:8b:39:a4:cd:96:e6:8a:75:24:8c:d7:72:88:47:
a6:06:dc:84:ca:d7:33:99:2a:62:bb:d3:10:81:32:
46:bc:af:90:d6:60:b0:97:bd:96:2f:aa:4e:73:96:
d1:d7:5b:e2:d5:6d:02:44:0e:27:ed:6c:42:79:6a:
e6:6f:58:a7:3f:ac:ff:59:7c:8a:39:85:5c:85:b5:
38:60:ec:1d:fd:d2:7b:e2:d8:80:54:44:03:59:77:
79:b6:6e:55:ca:a4:6b:4b:e1:6a:05:ec:db:09:2c:
eb:f6:df:90:58:75:58:70:6e:5f:db:cd:92:29:20:
6d:7e:a5:66:21:9f:95:40:cf:99:62:b2:f7:f2:2a:
82:5f:69:c0:b0:85:94:6e:ae:af:a5:cf:e0:fc:66:
40:b3:4d:77:a0:62:da:36:8f:36:0a:30:e4:a1:c7:
88:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:1E:AF:7C:B3:93:1B:71:95:30:27:F3:C4:44:CF:01:A8:AE:03:CC
X509v3 Authority Key Identifier:
keyid:A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS197137.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:7583:effa::/48
Signature Algorithm: sha256WithRSAEncryption
59:07:29:a0:08:41:95:56:ea:00:3e:b2:89:06:3e:41:6f:99:
d0:83:72:f6:ce:f8:1a:b6:08:8f:cc:8c:c8:9a:c3:c8:ff:e1:
92:fa:56:e2:62:f9:40:ca:80:8c:31:ed:40:41:c2:43:41:37:
b5:12:e4:1f:5c:51:f3:16:6a:37:dd:a5:68:8e:1e:6c:39:dc:
6b:c4:2c:1e:9f:c6:5e:87:35:a1:03:5e:d3:cc:a6:eb:70:21:
d8:e2:cb:28:86:68:1e:17:41:a4:fe:66:1f:a0:e3:7a:1e:e9:
4a:25:ea:48:ee:6a:a2:02:dd:33:90:37:67:06:35:c3:d6:ba:
d4:f2:8e:b9:30:8f:30:28:ef:b2:6c:a1:50:9c:5a:7a:0e:0d:
d6:d1:85:5d:9b:b1:55:33:85:42:92:05:e8:55:c6:76:07:86:
5e:e8:0b:8e:12:62:a4:9a:37:d4:ee:ee:a9:83:70:80:98:be:
57:12:cf:f7:84:77:32:27:22:ec:6b:b7:8d:b2:c0:c8:d6:f8:
cf:08:67:18:e5:28:45:7f:d0:cd:55:e1:f8:7f:b4:ab:81:ad:
8a:4c:00:fc:ec:c3:f1:1f:cd:0a:de:65:3a:ec:97:d8:8e:45:
3a:01:06:55:a6:c5:8a:c5:ab:81:07:0d:a4:09:0a:ba:a2:36:
26:d4:cc:13
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIUUd5Eya28uwY12IM4wXYxU1nX7vgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTgzZDQ4NjUyZjNiMmRmNzRmNmJmOWJhYThhOWMxNzRj
Y2ZkMzc3MjAeFw0yNjA2MDMxMDEyMzFaFw0yNzA2MDIxMDE3MzFaMDMxMTAvBgNV
BAMTKDIzMUVBRjdDQjM5MzFCNzE5NTMwMjdGM0M0NDRDRjAxQThBRTAzQ0MwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCY/DPRiKX8EonPOcl1MZHy6RN6
QYJkdKqX1BdgckPMv7kbe6RFZWJI3347K+ejJ8FMY6dg4SezqSZr3a+fTLbOphAZ
SEKPX68x5L8B/PTtdTe18AWR4jHXrMiLOaTNluaKdSSM13KIR6YG3ITK1zOZKmK7
0xCBMka8r5DWYLCXvZYvqk5zltHXW+LVbQJEDiftbEJ5auZvWKc/rP9ZfIo5hVyF
tThg7B390nvi2IBURANZd3m2blXKpGtL4WoF7NsJLOv235BYdVhwbl/bzZIpIG1+
pWYhn5VAz5lisvfyKoJfacCwhZRurq+lz+D8ZkCzTXegYto2jzYKMOShx4i1AgMB
AAGjggINMIICCTAdBgNVHQ4EFgQUIx6vfLOTG3GVMCfzxETPAaiuA8wwHwYDVR0j
BBgwFoAUqD1IZS87LfdPa/m6qKnBdMz9N3IwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODkyNzBmNmMtYTNmZS00Mjk5LWIwNzktMzA5ZWQ5N2Yz
ODI0LzAvQTgzRDQ4NjUyRjNCMkRGNzRGNkJGOUJBQThBOUMxNzRDQ0ZEMzc3Mi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FEMUlaUzg3TGZkUGFfbTZxS25CZE16
OU4zSS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5Lzg5MjcwZjZjLWEzZmUt
NDI5OS1iMDc5LTMwOWVkOTdmMzgyNC8wL0FTMTk3MTM3LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKhR1
g+/6MA0GCSqGSIb3DQEBCwUAA4IBAQBZBymgCEGVVuoAPrKJBj5Bb5nQg3L2zvga
tgiPzIzImsPI/+GS+lbiYvlAyoCMMe1AQcJDQTe1EuQfXFHzFmo33aVojh5sOdxr
xCwen8ZehzWhA17TzKbrcCHY4ssohmgeF0Gk/mYfoON6HulKJepI7mqiAt0zkDdn
BjXD1rrU8o65MI8wKO+ybKFQnFp6Dg3W0YVdm7FVM4VCkgXoVcZ2B4Ze6AuOEmKk
mjfU7u6pg3CAmL5XEs/3hHcyJyLsa7eNssDI1vjPCGcY5ShFf9DNVeH4f7Srga2K
TAD87MPxH80K3mU67JfYjkU6AQZVpsWKxauBBw2kCQq6ojYm1MwT
-----END CERTIFICATE-----
Generated at Sat Jun 6 02:27:40 2026 by rpki-client