Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS135392.roa
File: AS135392.roa (raw, json)
Hash identifier: /Iy+e9q4KU/ID/0AzOTxUahyZO6OOzAhA9t0mhgApY4=
Subject key identifier: CA:CF:E2:63:4B:01:6B:09:18:98:54:31:73:CC:69:94:DB:64:56:BE
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 67033E0C14DE83C5D511974D535C4101565B51CA
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS135392.roa
Signing time: Mon 23 Mar 2026 12:08:49 +0000
ROA not before: Mon 23 Mar 2026 12:03:49 +0000
ROA not after: Mon 22 Mar 2027 12:08:49 +0000
asID: 135392
IP address blocks: 181.215.41.0/24 maxlen: 24
181.215.186.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
67:03:3e:0c:14:de:83:c5:d5:11:97:4d:53:5c:41:01:56:5b:51:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Mar 23 12:03:49 2026 GMT
Not After : Mar 22 12:08:49 2027 GMT
Subject: CN=CACFE2634B016B091898543173CC6994DB6456BE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:6e:c0:75:b7:4b:d1:72:73:5a:d7:6c:b6:65:
8b:5f:5a:f3:9b:94:28:f9:80:7f:18:72:e6:7b:aa:
15:27:71:e7:16:74:bd:f1:24:93:30:5f:aa:8e:07:
e0:52:12:cd:7e:b5:87:37:b9:0a:06:13:cc:b5:31:
0b:13:c2:51:3b:69:bc:f9:aa:6f:61:11:5c:a3:22:
ff:f7:aa:cc:0b:66:05:77:f9:19:0d:ee:0f:61:c1:
ca:de:13:6f:1b:4b:fe:b3:17:d9:9c:a8:f8:20:84:
da:f1:81:30:ef:df:d6:64:0d:ca:b4:79:c2:20:5e:
7d:7a:4c:8d:8a:d4:37:ad:6f:a6:6a:23:22:e6:e7:
59:49:a7:b2:2a:f8:6b:d7:8d:ce:58:27:11:38:38:
1f:f2:f5:4a:b2:8d:31:7c:ab:0a:43:fe:3b:e6:2a:
fe:16:13:25:c7:69:84:8f:58:8f:48:90:c6:ba:0b:
16:f9:11:c7:e1:b3:d7:2a:b3:96:bf:1e:b0:4d:74:
85:d0:13:72:34:44:6f:8c:bb:fa:51:23:28:37:ef:
2d:1f:4e:0a:cb:2c:f6:32:e4:09:5e:50:20:42:ec:
12:bb:f8:3b:f2:57:1b:17:6b:74:5f:a4:a3:ba:f1:
14:e8:f8:34:28:cf:24:4c:b1:0a:0c:1a:75:d1:0a:
bf:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:CF:E2:63:4B:01:6B:09:18:98:54:31:73:CC:69:94:DB:64:56:BE
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS135392.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
181.215.41.0/24
181.215.186.0/24
Signature Algorithm: sha256WithRSAEncryption
53:9f:35:39:93:cc:b2:95:f8:e1:82:f0:15:5a:2c:21:7f:89:
55:8c:a5:72:37:33:11:32:30:de:10:fb:82:7a:d5:b5:05:d9:
82:9c:55:58:2a:6d:cc:a9:7c:f7:61:4b:25:8e:fd:2b:89:d9:
79:08:33:47:36:d1:68:d4:5a:07:d9:87:96:01:ff:da:dc:f0:
b0:d0:d3:f3:65:08:81:89:34:0a:65:25:4c:77:06:68:75:fd:
94:21:a3:29:41:02:a7:43:1a:f7:a8:78:ed:a8:20:2d:9d:89:
39:df:b6:e9:0b:08:9a:3b:f4:17:d1:2d:38:2c:b0:99:f7:fc:
dc:26:52:64:c0:98:c5:71:9d:6f:f5:3f:1e:6d:da:7f:63:e6:
7a:19:a5:31:f5:38:a4:37:26:5f:f6:48:54:93:f5:09:83:e0:
04:54:c0:9e:aa:1a:91:f6:01:e5:a2:81:aa:f4:55:35:ea:f4:
ec:66:e2:dc:84:65:2f:79:87:0a:f7:a9:84:8f:fd:71:eb:19:
69:7d:e4:2a:50:ec:82:06:c7:39:d4:10:12:48:3c:8a:e3:97:
39:c4:9e:8b:28:dc:13:34:f8:af:86:a3:d9:a6:54:57:15:f3:
b6:b6:cc:c5:eb:ef:2d:cb:2d:16:d3:9d:45:2d:d9:e9:09:62:
6c:99:cd:ab
-----BEGIN CERTIFICATE-----
MIIFBjCCA+6gAwIBAgIUZwM+DBTeg8XVEZdNU1xBAVZbUcowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNjAzMjMxMjAzNDlaFw0yNzAzMjIxMjA4NDlaMDMxMTAvBgNV
BAMTKENBQ0ZFMjYzNEIwMTZCMDkxODk4NTQzMTczQ0M2OTk0REI2NDU2QkUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCibsB1t0vRcnNa12y2ZYtfWvOb
lCj5gH8YcuZ7qhUncecWdL3xJJMwX6qOB+BSEs1+tYc3uQoGE8y1MQsTwlE7abz5
qm9hEVyjIv/3qswLZgV3+RkN7g9hwcreE28bS/6zF9mcqPgghNrxgTDv39ZkDcq0
ecIgXn16TI2K1Detb6ZqIyLm51lJp7Iq+GvXjc5YJxE4OB/y9UqyjTF8qwpD/jvm
Kv4WEyXHaYSPWI9IkMa6Cxb5Ecfhs9cqs5a/HrBNdIXQE3I0RG+Mu/pRIyg37y0f
TgrLLPYy5AleUCBC7BK7+DvyVxsXa3RfpKO68RTo+DQozyRMsQoMGnXRCr+DAgMB
AAGjggIQMIICDDAdBgNVHQ4EFgQUys/iY0sBawkYmFQxc8xplNtkVr4wHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMTM1MzkyLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAtdcp
AwQAtde6MA0GCSqGSIb3DQEBCwUAA4IBAQBTnzU5k8yylfjhgvAVWiwhf4lVjKVy
NzMRMjDeEPuCetW1BdmCnFVYKm3MqXz3YUsljv0ridl5CDNHNtFo1FoH2YeWAf/a
3PCw0NPzZQiBiTQKZSVMdwZodf2UIaMpQQKnQxr3qHjtqCAtnYk537bpCwiaO/QX
0S04LLCZ9/zcJlJkwJjFcZ1v9T8ebdp/Y+Z6GaUx9TikNyZf9khUk/UJg+AEVMCe
qhqR9gHlooGq9FU16vTsZuLchGUveYcK96mEj/1x6xlpfeQqUOyCBsc51BASSDyK
45c5xJ6LKNwTNPivhqPZplRXFfO2tszF6+8tyy0W051FLdnpCWJsmc2r
-----END CERTIFICATE-----
Generated at Thu Mar 26 11:00:14 2026 by rpki-client