Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS7203.roa
File: AS7203.roa (raw, json)
Hash identifier: 1S9nl9vH7u5Cl5bM/8v0+eCYdazgjX/LT3zura9jOlo=
Subject key identifier: 58:40:74:0E:81:1C:71:1A:A5:69:51:24:3E:AF:8D:03:72:B6:5A:EC
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 11D298998154F717A35989F7098D74C249B2DFD7
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS7203.roa
Signing time: Mon 13 Oct 2025 00:55:08 +0000
ROA not before: Mon 13 Oct 2025 00:50:08 +0000
ROA not after: Mon 12 Oct 2026 00:55:08 +0000
asID: 7203
IP address blocks: 179.61.166.0/24 maxlen: 24
179.61.245.0/24 maxlen: 24
191.96.130.0/24 maxlen: 24
191.101.41.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
11:d2:98:99:81:54:f7:17:a3:59:89:f7:09:8d:74:c2:49:b2:df:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Oct 13 00:50:08 2025 GMT
Not After : Oct 12 00:55:08 2026 GMT
Subject: CN=5840740E811C711AA56951243EAF8D0372B65AEC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:f8:36:cf:74:4d:f9:95:0e:c0:a8:ed:ec:bf:
4c:c2:83:41:86:82:a5:87:26:ae:12:e2:1b:4e:a9:
01:63:07:49:31:c6:61:a3:46:c3:fe:ab:36:65:78:
2c:1e:7d:83:d9:da:ae:6f:0b:e2:45:c3:3d:e2:e9:
01:86:38:99:c9:49:ad:49:fb:76:0d:49:83:4f:7b:
0c:b3:2d:7c:7b:f5:ea:bd:7b:1a:cb:9e:7c:e7:8d:
6f:bb:9b:dc:a0:95:38:53:a8:3b:1c:ea:f4:7b:50:
88:11:94:e0:04:1a:a3:c7:1f:21:f3:71:50:d7:51:
fd:00:0f:e3:37:43:cd:da:74:e7:d6:4b:43:bc:33:
3a:ba:55:fc:36:92:3d:3b:43:80:85:a6:8a:a4:cf:
5a:17:a5:e3:86:f1:e6:9c:c5:f9:72:29:8b:d4:6f:
f4:d7:25:c4:db:7a:4a:71:7f:be:9c:6e:ef:3e:7a:
fc:ce:7f:f5:99:47:29:bc:4b:a1:1a:04:30:f8:2e:
b2:57:6e:ae:4e:76:ef:75:f0:9f:b1:12:ad:24:46:
e0:6e:52:e6:c4:00:b0:d1:bc:b4:fe:86:13:29:ea:
02:b1:6a:aa:d5:33:f7:7b:98:4e:72:ac:27:7c:db:
64:06:b1:e1:15:16:fb:98:9b:00:54:01:8b:dc:b3:
3b:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:40:74:0E:81:1C:71:1A:A5:69:51:24:3E:AF:8D:03:72:B6:5A:EC
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS7203.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
179.61.166.0/24
179.61.245.0/24
191.96.130.0/24
191.101.41.0/24
Signature Algorithm: sha256WithRSAEncryption
0a:9d:f7:0d:86:e6:d4:93:cd:74:9a:66:50:9e:3e:0b:78:e4:
97:a8:54:37:ac:26:55:33:9e:0c:ec:f7:18:1e:0b:4c:6e:38:
b7:87:6e:ba:b7:00:50:33:2f:70:85:ca:9b:04:fa:1a:01:ce:
92:9c:db:ca:12:dc:f0:6f:58:8f:3c:c5:c1:1b:18:03:61:03:
05:e8:31:2a:0a:39:d5:1b:8a:91:0f:1d:a2:e6:f8:3b:e6:4c:
de:ae:18:12:47:a2:f1:03:82:13:ec:8f:32:7f:2b:d4:7f:2d:
19:41:18:44:e9:75:8d:3f:d9:dd:2d:d8:e9:00:0a:5f:a7:8b:
f9:70:40:42:9a:6b:4b:fc:24:71:9d:79:74:a1:8c:23:b4:3f:
0b:ea:ab:db:dc:65:c6:16:e9:6d:ce:4a:b9:4c:51:84:c0:36:
29:b6:8c:01:b1:38:8b:f8:92:b1:7b:d4:1a:2f:bb:67:2b:5e:
13:29:3d:b6:c1:45:27:4d:20:de:cc:cc:d6:94:86:e2:05:03:
d1:59:5d:3a:86:b4:03:16:72:dc:b3:61:d5:cb:24:ff:92:e2:
be:45:00:7a:b0:20:5a:d9:58:da:21:e1:a0:bd:a8:a7:32:f5:
e1:3f:e3:6a:82:79:9f:df:89:7b:45:bd:0d:ca:07:d2:e8:7b:
c3:6f:b8:89
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgIUEdKYmYFU9xejWYn3CY10wkmy39cwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNTEwMTMwMDUwMDhaFw0yNjEwMTIwMDU1MDhaMDMxMTAvBgNV
BAMTKDU4NDA3NDBFODExQzcxMUFBNTY5NTEyNDNFQUY4RDAzNzJCNjVBRUMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC8+DbPdE35lQ7AqO3sv0zCg0GG
gqWHJq4S4htOqQFjB0kxxmGjRsP+qzZleCwefYPZ2q5vC+JFwz3i6QGGOJnJSa1J
+3YNSYNPewyzLXx79eq9exrLnnznjW+7m9yglThTqDsc6vR7UIgRlOAEGqPHHyHz
cVDXUf0AD+M3Q83adOfWS0O8Mzq6Vfw2kj07Q4CFpoqkz1oXpeOG8eacxflyKYvU
b/TXJcTbekpxf76cbu8+evzOf/WZRym8S6EaBDD4LrJXbq5Odu918J+xEq0kRuBu
UubEALDRvLT+hhMp6gKxaqrVM/d7mE5yrCd822QGseEVFvuYmwBUAYvcszs5AgMB
AAGjggIaMIICFjAdBgNVHQ4EFgQUWEB0DoEccRqlaVEkPq+NA3K2WuwwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTNzIwMy5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAxBggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEALM9pgME
ALM99QMEAL9gggMEAL9lKTANBgkqhkiG9w0BAQsFAAOCAQEACp33DYbm1JPNdJpm
UJ4+C3jkl6hUN6wmVTOeDOz3GB4LTG44t4duurcAUDMvcIXKmwT6GgHOkpzbyhLc
8G9YjzzFwRsYA2EDBegxKgo51RuKkQ8doub4O+ZM3q4YEkei8QOCE+yPMn8r1H8t
GUEYROl1jT/Z3S3Y6QAKX6eL+XBAQpprS/wkcZ15dKGMI7Q/C+qr29xlxhbpbc5K
uUxRhMA2KbaMAbE4i/iSsXvUGi+7ZyteEyk9tsFFJ00g3szM1pSG4gUD0VldOoa0
AxZy3LNh1csk/5LivkUAerAgWtlY2iHhoL2opzL14T/jaoJ5n9+Je0W9DcoH0uh7
w2+4iQ==
-----END CERTIFICATE-----
Generated at Sun Oct 19 20:28:15 2025 by rpki-client