Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS17497.roa
File: AS17497.roa (raw, json)
Hash identifier: u4OcA+xpsXvHKKvIZjT+GLhsUDsbcKg0eguG1epg8YM=
Subject key identifier: 49:ED:B2:F0:C6:D3:E0:AE:AE:D1:02:AA:CD:59:46:C8:02:CF:3E:60
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 6CC1ACD4AC4EFCCDA7DA9F39A5AB4C9DE6FC7AA7
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS17497.roa
Signing time: Tue 24 Mar 2026 05:43:06 +0000
ROA not before: Tue 24 Mar 2026 05:38:06 +0000
ROA not after: Tue 23 Mar 2027 05:43:06 +0000
asID: 17497
IP address blocks: 143.14.51.0/24 maxlen: 24
148.135.172.0/24 maxlen: 24
155.117.51.0/24 maxlen: 24
162.141.20.0/24 maxlen: 24
162.141.50.0/24 maxlen: 24
162.141.96.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Mar 2026 00:55:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6c:c1:ac:d4:ac:4e:fc:cd:a7:da:9f:39:a5:ab:4c:9d:e6:fc:7a:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Mar 24 05:38:06 2026 GMT
Not After : Mar 23 05:43:06 2027 GMT
Subject: CN=49EDB2F0C6D3E0AEAED102AACD5946C802CF3E60
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:55:a5:11:b8:d1:77:84:c2:12:de:63:ff:f3:
28:c2:e9:b9:a7:c4:eb:61:f4:c1:b3:0e:25:9d:46:
cd:45:00:90:2b:03:12:d1:f1:1f:c9:ed:e4:50:de:
19:71:a8:0e:8f:3c:d1:88:27:d6:f5:72:de:c3:7a:
bb:b2:5d:7e:a8:76:89:10:fd:19:83:f9:32:78:64:
a4:9f:cb:b7:3e:68:fe:81:be:f8:d6:53:da:8a:ec:
87:85:6a:8d:b7:69:63:f1:ce:0e:1a:6a:51:99:55:
41:35:2b:76:11:0e:cb:bf:a1:cd:44:9a:2c:ad:82:
57:9d:86:cb:3c:29:24:9b:2f:a4:fa:3c:de:a9:ea:
7a:14:8a:69:08:8a:1b:5d:ea:27:8e:c1:c5:38:24:
9a:71:48:f7:22:01:8f:a7:bd:4b:8e:f9:a6:99:01:
1e:e4:ca:6f:f3:46:d9:19:2b:55:f2:e1:0f:26:18:
bd:ed:f0:ac:05:92:11:90:78:b7:f2:76:3d:26:78:
be:f8:0b:61:22:d4:c2:50:d1:3c:2f:82:53:7f:6b:
f4:bf:c3:33:c3:44:80:7b:18:53:66:d7:dc:ab:06:
22:68:c1:ec:69:b5:c0:4e:a0:3f:47:8e:4c:7a:cf:
e5:e2:d7:e8:ef:0d:98:9d:12:88:b3:e2:b1:61:b7:
8c:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:ED:B2:F0:C6:D3:E0:AE:AE:D1:02:AA:CD:59:46:C8:02:CF:3E:60
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS17497.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.14.51.0/24
148.135.172.0/24
155.117.51.0/24
162.141.20.0/24
162.141.50.0/24
162.141.96.0/24
Signature Algorithm: sha256WithRSAEncryption
5c:7f:f1:d8:7c:1d:47:fd:c9:91:b6:64:8a:d0:f0:54:f1:6a:
69:cf:7a:57:2d:bc:5a:a1:4d:ef:95:7d:eb:59:54:c4:97:67:
5f:12:bc:cf:07:42:5b:28:d9:69:3f:70:24:94:a5:39:34:ff:
f9:d2:86:64:8c:b2:c0:a7:ac:e4:6d:7d:d3:64:5f:b8:cf:18:
43:16:f2:e0:50:07:41:ba:40:b1:16:58:c8:9b:5b:d3:3e:43:
07:3e:c1:7d:36:18:26:52:eb:7e:95:63:ed:0f:15:df:cf:62:
48:0b:68:83:de:29:6a:5b:d7:88:41:ce:44:76:24:a7:29:df:
64:5c:12:b0:25:a9:cd:11:d3:5e:70:f2:cb:b8:83:98:21:21:
9c:de:69:93:9c:8c:f0:80:0c:c8:6e:30:45:a2:f3:20:10:cf:
e4:92:14:e1:39:4c:8b:19:4e:ef:c2:50:9b:e2:59:8e:09:21:
30:af:31:87:69:7a:b6:80:a7:ab:13:1a:9a:e1:0b:69:ea:fd:
8a:d7:9f:ee:a9:29:71:12:55:22:c5:0b:52:ab:3b:c5:60:48:
ba:83:24:89:66:34:6b:16:07:fc:ae:5c:ec:7f:ae:4d:34:c8:
9b:e7:06:98:8d:90:a4:2a:cc:8b:fc:fa:ad:17:56:90:e5:09:
40:09:a4:c2
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgIUbMGs1KxO/M2n2p85patMneb8eqcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNjAzMjQwNTM4MDZaFw0yNzAzMjMwNTQzMDZaMDMxMTAvBgNV
BAMTKDQ5RURCMkYwQzZEM0UwQUVBRUQxMDJBQUNENTk0NkM4MDJDRjNFNjAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDQVaURuNF3hMIS3mP/8yjC6bmn
xOth9MGzDiWdRs1FAJArAxLR8R/J7eRQ3hlxqA6PPNGIJ9b1ct7DeruyXX6odokQ
/RmD+TJ4ZKSfy7c+aP6BvvjWU9qK7IeFao23aWPxzg4aalGZVUE1K3YRDsu/oc1E
miytgledhss8KSSbL6T6PN6p6noUimkIihtd6ieOwcU4JJpxSPciAY+nvUuO+aaZ
AR7kym/zRtkZK1Xy4Q8mGL3t8KwFkhGQeLfydj0meL74C2Ei1MJQ0TwvglN/a/S/
wzPDRIB7GFNm19yrBiJowexptcBOoD9Hjkx6z+Xi1+jvDZidEoiz4rFht4wFAgMB
AAGjggInMIICIzAdBgNVHQ4EFgQUSe2y8MbT4K6u0QKqzVlGyALPPmAwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMTc0OTcucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwPQYIKwYBBQUHAQcBAf8ELjAsMCoEAgABMCQDBACPDjMD
BACUh6wDBACbdTMDBACijRQDBACijTIDBACijWAwDQYJKoZIhvcNAQELBQADggEB
AFx/8dh8HUf9yZG2ZIrQ8FTxamnPelctvFqhTe+VfetZVMSXZ18SvM8HQlso2Wk/
cCSUpTk0//nShmSMssCnrORtfdNkX7jPGEMW8uBQB0G6QLEWWMibW9M+Qwc+wX02
GCZS636VY+0PFd/PYkgLaIPeKWpb14hBzkR2JKcp32RcErAlqc0R015w8su4g5gh
IZzeaZOcjPCADMhuMEWi8yAQz+SSFOE5TIsZTu/CUJviWY4JITCvMYdperaAp6sT
GprhC2nq/YrXn+6pKXESVSLFC1KrO8VgSLqDJIlmNGsWB/yuXOx/rk00yJvnBpiN
kKQqzIv8+q0XVpDlCUAJpMI=
-----END CERTIFICATE-----
Generated at Sat Mar 28 10:13:41 2026 by rpki-client