Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS397423.roa
File: AS397423.roa (raw, json)
Hash identifier: cs69voz6TZf4gU/NM0CqU6ALXRPVh9tZFWXBMLuWPuU=
Subject key identifier: 0A:8F:4D:A7:DB:8A:40:8D:9F:48:4C:64:A0:A1:D5:7F:E5:F3:36:5E
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 5B6B5710D654E58F2A8B10F231EFCF8DCBC5674E
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS397423.roa
Signing time: Sat 21 Mar 2026 04:04:08 +0000
ROA not before: Sat 21 Mar 2026 03:59:08 +0000
ROA not after: Sat 20 Mar 2027 04:04:08 +0000
asID: 397423
IP address blocks: 179.61.194.0/24 maxlen: 24
181.214.133.0/24 maxlen: 24
181.214.149.0/24 maxlen: 24
181.214.152.0/24 maxlen: 24
181.215.47.0/24 maxlen: 24
181.215.49.0/24 maxlen: 24
181.215.242.0/24 maxlen: 24
181.215.243.0/24 maxlen: 24
181.215.244.0/24 maxlen: 24
191.96.101.0/24 maxlen: 24
191.96.155.0/24 maxlen: 24
191.96.166.0/24 maxlen: 24
191.96.186.0/24 maxlen: 24
191.96.233.0/24 maxlen: 24
191.101.30.0/24 maxlen: 24
191.101.166.0/24 maxlen: 24
191.101.172.0/24 maxlen: 24
191.101.207.0/24 maxlen: 24
191.101.227.0/24 maxlen: 24
191.101.251.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5b:6b:57:10:d6:54:e5:8f:2a:8b:10:f2:31:ef:cf:8d:cb:c5:67:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Mar 21 03:59:08 2026 GMT
Not After : Mar 20 04:04:08 2027 GMT
Subject: CN=0A8F4DA7DB8A408D9F484C64A0A1D57FE5F3365E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:7c:92:93:69:b0:d8:1c:14:84:ae:ec:a5:6c:
df:74:6d:a9:ea:26:3e:3b:02:44:aa:0b:14:4c:1f:
15:af:40:41:79:68:4e:53:d9:f6:cb:59:17:55:56:
c6:62:a8:31:68:eb:33:89:eb:58:95:c1:28:c5:23:
bc:95:6a:ba:b7:da:fb:ab:86:d3:7b:0d:d4:ac:68:
0c:c6:28:6e:c8:cd:30:28:2b:65:a0:92:5d:5a:22:
78:72:b8:5c:08:d0:73:ec:c3:5f:a3:07:12:cb:44:
b6:15:68:03:69:19:bf:c6:f2:fb:34:2d:6c:a6:fc:
d5:f9:97:6e:68:50:b0:6f:29:33:08:44:1a:c8:43:
ae:c5:b8:97:64:60:dc:a1:d2:c3:f1:af:9d:92:1e:
a9:f1:6b:40:dc:f1:6a:76:61:46:5d:f1:36:d1:f7:
2f:ec:46:be:3a:ed:fa:d6:cc:a3:fa:10:c0:36:5c:
3d:0a:13:f4:d0:f5:3d:60:52:ba:6d:04:55:f1:a8:
1c:c4:95:99:1b:40:49:d6:d2:93:cf:6f:02:0b:a5:
9f:77:22:45:d9:48:6a:18:a9:2f:05:9c:f5:5c:43:
a6:a7:2d:55:9a:5b:de:b7:1d:76:a9:00:16:67:15:
1c:ab:5d:03:5e:ec:bd:e3:51:2d:23:9f:85:0f:3f:
d5:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:8F:4D:A7:DB:8A:40:8D:9F:48:4C:64:A0:A1:D5:7F:E5:F3:36:5E
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS397423.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
179.61.194.0/24
181.214.133.0/24
181.214.149.0/24
181.214.152.0/24
181.215.47.0/24
181.215.49.0/24
181.215.242.0-181.215.244.255
191.96.101.0/24
191.96.155.0/24
191.96.166.0/24
191.96.186.0/24
191.96.233.0/24
191.101.30.0/24
191.101.166.0/24
191.101.172.0/24
191.101.207.0/24
191.101.227.0/24
191.101.251.0/24
Signature Algorithm: sha256WithRSAEncryption
b2:f9:d1:5e:2f:a5:74:b7:21:ed:9e:bc:13:5c:bc:e0:a8:5e:
39:a4:6b:05:74:ad:0a:88:1e:bc:9f:84:c5:d8:96:f3:64:fd:
0a:0d:10:50:08:e0:1a:f6:29:8e:d5:3f:1b:f9:0b:f6:4a:22:
88:5f:7d:31:d2:69:83:76:da:84:87:06:ac:44:07:6c:ef:03:
af:53:83:eb:4b:92:d2:2c:0f:24:46:07:1f:ae:ac:4d:de:11:
31:1c:be:8e:47:5a:c9:95:3a:1e:79:82:90:f3:48:ea:b8:a3:
0d:d8:f2:de:2f:24:af:6d:22:21:61:85:f3:31:13:79:c8:99:
91:c0:53:ce:ad:65:da:bb:d7:29:7e:1c:7c:0f:73:f7:6a:c1:
d4:df:63:b2:33:f3:7b:d4:39:aa:0a:df:e9:bb:c3:18:75:c0:
99:03:48:78:77:78:21:71:66:f3:8d:d5:be:67:27:97:48:8b:
89:93:61:42:c4:87:28:2a:fa:29:5f:2e:9e:22:71:0c:89:9b:
48:84:d8:5a:8f:8d:4f:4d:85:46:82:55:92:ad:6e:e2:5c:60:
d1:43:6b:ea:4b:d8:5d:fa:f1:7b:37:ae:8f:aa:72:cd:a5:ce:
56:e2:0d:4e:ca:0c:a6:50:c8:50:14:f2:f7:27:6e:d0:54:23:
fc:3f:ff:89
-----BEGIN CERTIFICATE-----
MIIFbzCCBFegAwIBAgIUW2tXENZU5Y8qixDyMe/PjcvFZ04wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNjAzMjEwMzU5MDhaFw0yNzAzMjAwNDA0MDhaMDMxMTAvBgNV
BAMTKDBBOEY0REE3REI4QTQwOEQ5RjQ4NEM2NEEwQTFENTdGRTVGMzM2NUUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCjfJKTabDYHBSEruylbN90banq
Jj47AkSqCxRMHxWvQEF5aE5T2fbLWRdVVsZiqDFo6zOJ61iVwSjFI7yVarq32vur
htN7DdSsaAzGKG7IzTAoK2Wgkl1aInhyuFwI0HPsw1+jBxLLRLYVaANpGb/G8vs0
LWym/NX5l25oULBvKTMIRBrIQ67FuJdkYNyh0sPxr52SHqnxa0Dc8Wp2YUZd8TbR
9y/sRr467frWzKP6EMA2XD0KE/TQ9T1gUrptBFXxqBzElZkbQEnW0pPPbwILpZ93
IkXZSGoYqS8FnPVcQ6anLVWaW963HXapABZnFRyrXQNe7L3jUS0jn4UPP9XXAgMB
AAGjggJ5MIICdTAdBgNVHQ4EFgQUCo9Np9uKQI2fSExkoKHVf+XzNl4wHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMzk3NDIzLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMIGNBggrBgEFBQcBBwEB/wR+MHwwegQCAAEwdAMEALM9
wgMEALXWhQMEALXWlQMEALXWmAMEALXXLwMEALXXMTAMAwQBtdfyAwQAtdf0AwQA
v2BlAwQAv2CbAwQAv2CmAwQAv2C6AwQAv2DpAwQAv2UeAwQAv2WmAwQAv2WsAwQA
v2XPAwQAv2XjAwQAv2X7MA0GCSqGSIb3DQEBCwUAA4IBAQCy+dFeL6V0tyHtnrwT
XLzgqF45pGsFdK0KiB68n4TF2JbzZP0KDRBQCOAa9imO1T8b+Qv2SiKIX30x0mmD
dtqEhwasRAds7wOvU4PrS5LSLA8kRgcfrqxN3hExHL6OR1rJlToeeYKQ80jquKMN
2PLeLySvbSIhYYXzMRN5yJmRwFPOrWXau9cpfhx8D3P3asHU32OyM/N71DmqCt/p
u8MYdcCZA0h4d3ghcWbzjdW+ZyeXSIuJk2FCxIcoKvopXy6eInEMiZtIhNhaj41P
TYVGglWSrW7iXGDRQ2vqS9hd+vF7N66PqnLNpc5W4g1OygymUMhQFPL3J27QVCP8
P/+J
-----END CERTIFICATE-----
Generated at Thu Mar 26 11:41:06 2026 by rpki-client