Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS396190.roa
File: AS396190.roa (raw, json)
Hash identifier: lycig+qNNUW3MGjJUV+N1QzEIy08rsWR23xiaXmf5JA=
Subject key identifier: 60:13:B4:00:ED:8B:F6:D2:49:E9:2C:D5:5C:0F:3F:89:C8:F1:6D:03
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 223860753B4BA138A3325D2ED62B5B00277147DC
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS396190.roa
Signing time: Mon 08 Sep 2025 09:55:00 +0000
ROA not before: Mon 08 Sep 2025 09:50:00 +0000
ROA not after: Mon 07 Sep 2026 09:55:00 +0000
asID: 396190
IP address blocks: 191.96.104.0/24 maxlen: 24
191.96.202.0/24 maxlen: 24
191.96.254.0/24 maxlen: 24
191.101.11.0/24 maxlen: 24
191.101.25.0/24 maxlen: 24
191.101.181.0/24 maxlen: 24
191.101.188.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 15:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
22:38:60:75:3b:4b:a1:38:a3:32:5d:2e:d6:2b:5b:00:27:71:47:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Sep 8 09:50:00 2025 GMT
Not After : Sep 7 09:55:00 2026 GMT
Subject: CN=6013B400ED8BF6D249E92CD55C0F3F89C8F16D03
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:33:03:8b:03:5a:66:75:e4:df:ce:c1:53:89:
07:6e:2d:0b:f9:2a:e6:31:c9:c6:3d:21:d2:db:fb:
68:c3:43:53:b0:22:c0:de:75:11:93:d2:90:ce:62:
f1:13:84:d5:e8:1e:04:89:49:92:8b:1e:dc:5e:a1:
ee:8e:47:3b:87:60:30:d6:bb:d0:95:df:88:6c:2f:
9f:ee:f8:1e:9d:97:46:e9:f9:a4:07:0d:2b:1e:9b:
be:08:77:f0:ec:a7:01:94:1e:b5:aa:5e:42:3f:a1:
53:ea:7a:a9:10:6d:a3:98:ac:8f:08:51:a8:29:40:
69:cd:b0:a9:9e:68:74:a7:3f:ce:ab:d2:97:2a:e7:
6f:bc:a2:e1:48:32:9a:1d:e1:26:9e:86:f7:44:e4:
57:1b:7b:b7:ec:c8:1d:a9:59:8a:e2:38:cc:5f:98:
6d:5d:7f:e3:5b:68:39:00:76:b3:4c:13:54:c5:38:
f4:25:eb:d1:98:9b:d0:13:f2:f2:ba:90:71:10:05:
5d:ea:8a:d8:f8:aa:c5:10:1d:5d:d3:f6:0f:3d:83:
dd:1f:9d:03:f7:dd:73:37:40:bf:1b:d2:38:eb:5a:
4c:92:39:b4:8a:ef:a5:3d:e0:c4:d1:3e:2c:f2:0d:
d0:ce:76:d0:c6:a4:e1:ad:02:78:24:db:bb:cb:8e:
45:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:13:B4:00:ED:8B:F6:D2:49:E9:2C:D5:5C:0F:3F:89:C8:F1:6D:03
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS396190.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
191.96.104.0/24
191.96.202.0/24
191.96.254.0/24
191.101.11.0/24
191.101.25.0/24
191.101.181.0/24
191.101.188.0/24
Signature Algorithm: sha256WithRSAEncryption
32:85:54:16:b0:7a:97:05:f0:0d:14:f9:ca:d4:25:a2:08:ce:
7d:28:ee:e0:c2:90:bd:11:7c:43:74:d3:cf:4d:ec:0d:74:b3:
28:88:3f:1e:a3:68:0d:a6:ba:34:b8:91:aa:3a:fe:a3:91:7b:
72:8e:a0:ef:1b:4a:ec:43:ca:82:0e:13:14:ac:8e:e6:60:10:
7a:d3:a4:ba:40:c4:8f:b0:95:5b:f8:80:75:61:c4:c2:d4:26:
9e:b3:99:92:a5:f8:87:0d:e5:c1:91:d3:a7:93:d4:93:10:5c:
0a:d8:51:64:25:32:7d:a5:df:f3:60:b4:ee:de:81:3e:a0:6c:
48:1a:24:56:29:79:ed:4a:2f:3d:dd:2f:b3:d6:e3:01:b9:da:
50:71:ff:2a:b0:02:24:48:50:4b:6e:6e:8a:99:49:a0:64:8a:
d5:b7:8d:ba:a9:cd:72:b0:6e:40:36:e4:46:b3:3a:cf:b9:a5:
fd:69:e7:02:5a:e2:cb:0a:71:44:1f:d2:b9:37:b0:57:b0:b1:
77:c2:36:93:10:07:27:ed:06:8c:68:86:50:84:c9:fe:e0:8b:
99:66:80:50:27:f9:a1:1f:c4:b6:28:71:07:63:57:3c:3b:ae:
e3:b7:f0:64:43:39:ad:82:ac:54:fa:37:68:55:92:97:ae:d3:
af:4b:75:f2
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgIUIjhgdTtLoTijMl0u1itbACdxR9wwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNTA5MDgwOTUwMDBaFw0yNjA5MDcwOTU1MDBaMDMxMTAvBgNV
BAMTKDYwMTNCNDAwRUQ4QkY2RDI0OUU5MkNENTVDMEYzRjg5QzhGMTZEMDMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDOMwOLA1pmdeTfzsFTiQduLQv5
KuYxycY9IdLb+2jDQ1OwIsDedRGT0pDOYvEThNXoHgSJSZKLHtxeoe6ORzuHYDDW
u9CV34hsL5/u+B6dl0bp+aQHDSsem74Id/DspwGUHrWqXkI/oVPqeqkQbaOYrI8I
UagpQGnNsKmeaHSnP86r0pcq52+8ouFIMpod4SaehvdE5Fcbe7fsyB2pWYriOMxf
mG1df+NbaDkAdrNME1TFOPQl69GYm9AT8vK6kHEQBV3qitj4qsUQHV3T9g89g90f
nQP33XM3QL8b0jjrWkySObSK76U94MTRPizyDdDOdtDGpOGtAngk27vLjkUDAgMB
AAGjggIuMIICKjAdBgNVHQ4EFgQUYBO0AO2L9tJJ6SzVXA8/icjxbQMwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMzk2MTkwLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAv2Bo
AwQAv2DKAwQAv2D+AwQAv2ULAwQAv2UZAwQAv2W1AwQAv2W8MA0GCSqGSIb3DQEB
CwUAA4IBAQAyhVQWsHqXBfANFPnK1CWiCM59KO7gwpC9EXxDdNPPTewNdLMoiD8e
o2gNpro0uJGqOv6jkXtyjqDvG0rsQ8qCDhMUrI7mYBB606S6QMSPsJVb+IB1YcTC
1Caes5mSpfiHDeXBkdOnk9STEFwK2FFkJTJ9pd/zYLTu3oE+oGxIGiRWKXntSi89
3S+z1uMBudpQcf8qsAIkSFBLbm6KmUmgZIrVt426qc1ysG5ANuRGszrPuaX9aecC
WuLLCnFEH9K5N7BXsLF3wjaTEAcn7QaMaIZQhMn+4IuZZoBQJ/mhH8S2KHEHY1c8
O67jt/BkQzmtgqxU+jdoVZKXrtOvS3Xy
-----END CERTIFICATE-----
Generated at Sun Oct 19 23:11:37 2025 by rpki-client