Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS60781.roa
File: AS60781.roa (raw, json)
Hash identifier: dnAmMzG1LWEZZcmkhrqAUHf8OCNxlVmxSGDPZzFHh+c=
Subject key identifier: 3F:47:D2:26:72:A1:40:F7:F2:57:AF:1D:DB:81:11:A6:D4:75:DC:7E
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 2C7B5ECC4065A29C66560439C4AFF0E67A07C2FE
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS60781.roa
Signing time: Fri 17 Oct 2025 12:55:08 +0000
ROA not before: Fri 17 Oct 2025 12:50:08 +0000
ROA not after: Fri 16 Oct 2026 12:55:08 +0000
asID: 60781
IP address blocks: 191.96.128.0/24 maxlen: 24
191.96.134.0/24 maxlen: 24
191.101.175.0/24 maxlen: 24
191.101.200.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 15:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2c:7b:5e:cc:40:65:a2:9c:66:56:04:39:c4:af:f0:e6:7a:07:c2:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Oct 17 12:50:08 2025 GMT
Not After : Oct 16 12:55:08 2026 GMT
Subject: CN=3F47D22672A140F7F257AF1DDB8111A6D475DC7E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:5e:e1:65:a5:72:6f:77:9c:9c:50:9b:ed:35:
cb:16:8c:62:d0:46:0d:0c:be:ef:96:ee:03:0a:d4:
97:c9:74:d0:12:79:46:8b:f2:b8:ad:6e:38:b0:d7:
f3:1f:0d:8e:60:ef:d1:56:a7:f1:45:91:28:b1:9d:
d3:26:21:52:28:13:a3:54:36:c6:20:e5:29:ae:c5:
b2:32:a7:7f:c6:25:66:75:aa:ab:94:bb:2e:f1:41:
cb:b9:65:ec:8c:b6:e0:55:5a:bd:a4:77:c3:84:73:
72:60:76:5b:4b:38:6a:4a:23:d6:89:5b:88:33:8a:
f8:12:f7:6a:4e:4e:29:6c:d3:49:2f:09:94:4e:4e:
b5:7a:84:d0:70:67:b8:09:c2:63:5f:68:0e:aa:7c:
da:9a:af:55:1c:bb:02:c3:8c:42:9f:e4:e8:fc:71:
f8:7c:e7:49:cd:fb:3f:34:32:08:21:33:e8:94:07:
68:89:bc:2c:66:9c:d5:13:75:50:1a:83:3c:dc:3d:
01:d9:16:e3:bf:55:73:aa:aa:c8:f5:72:a6:54:f8:
7f:24:3e:20:6b:a8:9f:97:c2:31:b1:63:0c:40:70:
de:7e:38:3a:0d:10:8c:0a:b8:63:98:f4:f3:c6:eb:
8b:8a:9a:a8:7e:59:c8:80:9a:0d:ba:78:c9:77:1b:
91:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:47:D2:26:72:A1:40:F7:F2:57:AF:1D:DB:81:11:A6:D4:75:DC:7E
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS60781.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
191.96.128.0/24
191.96.134.0/24
191.101.175.0/24
191.101.200.0/24
Signature Algorithm: sha256WithRSAEncryption
02:5b:ba:80:79:fe:83:c1:19:74:84:e9:de:53:ba:a9:77:4f:
9e:ae:90:5e:20:45:a8:3f:3a:f9:c9:67:27:96:df:15:a2:70:
d8:c3:78:fc:cb:98:43:b9:50:f6:a9:51:83:24:31:71:8e:cb:
4c:44:69:a5:a7:b5:94:2a:cb:9a:1e:6f:6f:af:85:93:11:0f:
52:4e:63:aa:c4:2c:41:30:c2:a8:5e:17:a1:28:d1:5c:6a:1c:
d8:e0:4a:1e:e7:76:dc:4f:a1:e3:45:d6:0e:0b:47:34:fe:72:
4c:d3:f6:58:0f:35:37:a1:de:ad:e0:80:ba:82:6b:db:6f:47:
fc:81:e3:cc:e7:15:4f:d8:c7:73:ab:1f:7f:a8:9a:01:7e:a5:
2b:3a:65:e8:62:80:8f:63:bc:6c:31:55:ba:43:c6:3e:59:e0:
01:6d:d8:85:43:92:f2:56:5f:3c:0b:63:f8:43:0e:f2:58:2a:
68:d5:be:9e:3b:1b:c0:ef:2a:86:34:2d:78:5c:bb:79:f5:8f:
28:1a:1f:04:c1:6f:09:22:78:af:f4:90:6a:c2:d0:42:4a:51:
a3:3d:fc:bb:73:38:94:bf:b9:97:70:38:0d:71:70:7d:ec:71:
23:7a:cc:06:55:6e:f5:69:5f:03:73:dd:58:04:73:33:4e:ac:
fd:1e:f2:8b
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgIULHtezEBlopxmVgQ5xK/w5noHwv4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNTEwMTcxMjUwMDhaFw0yNjEwMTYxMjU1MDhaMDMxMTAvBgNV
BAMTKDNGNDdEMjI2NzJBMTQwRjdGMjU3QUYxRERCODExMUE2RDQ3NURDN0UwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDFXuFlpXJvd5ycUJvtNcsWjGLQ
Rg0Mvu+W7gMK1JfJdNASeUaL8ritbjiw1/MfDY5g79FWp/FFkSixndMmIVIoE6NU
NsYg5SmuxbIyp3/GJWZ1qquUuy7xQcu5ZeyMtuBVWr2kd8OEc3JgdltLOGpKI9aJ
W4gzivgS92pOTils00kvCZROTrV6hNBwZ7gJwmNfaA6qfNqar1UcuwLDjEKf5Oj8
cfh850nN+z80MgghM+iUB2iJvCxmnNUTdVAagzzcPQHZFuO/VXOqqsj1cqZU+H8k
PiBrqJ+XwjGxYwxAcN5+ODoNEIwKuGOY9PPG64uKmqh+WciAmg26eMl3G5FVAgMB
AAGjggIbMIICFzAdBgNVHQ4EFgQUP0fSJnKhQPfyV68d24ERptR13H4wHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTNjA3ODEucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwMQYIKwYBBQUHAQcBAf8EIjAgMB4EAgABMBgDBAC/YIAD
BAC/YIYDBAC/Za8DBAC/ZcgwDQYJKoZIhvcNAQELBQADggEBAAJbuoB5/oPBGXSE
6d5Tuql3T56ukF4gRag/OvnJZyeW3xWicNjDePzLmEO5UPapUYMkMXGOy0xEaaWn
tZQqy5oeb2+vhZMRD1JOY6rELEEwwqheF6Eo0VxqHNjgSh7ndtxPoeNF1g4LRzT+
ckzT9lgPNTeh3q3ggLqCa9tvR/yB48znFU/Yx3OrH3+omgF+pSs6ZehigI9jvGwx
VbpDxj5Z4AFt2IVDkvJWXzwLY/hDDvJYKmjVvp47G8DvKoY0LXhcu3n1jygaHwTB
bwkieK/0kGrC0EJKUaM9/LtzOJS/uZdwOA1xcH3scSN6zAZVbvVpXwNz3VgEczNO
rP0e8os=
-----END CERTIFICATE-----
Generated at Sun Oct 19 23:12:09 2025 by rpki-client