Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/55b4d9e8-4111-4394-a3a6-bd8251e7fbbd/0/AS17497.roa
File: AS17497.roa (raw, json)
Hash identifier: obqdBXE5Xqn+N4auq0/JcxSWMWSXlOPKQId+/CZWxmA=
Subject key identifier: DF:2D:CC:A8:07:5B:AF:4C:E8:37:A0:86:69:AE:63:D2:C3:82:1C:1A
Certificate issuer: /CN=9dfbff217105df8877d463f6e9bac28a4084d20c
Certificate serial: 20CFDB3E7BD45D991BDBAADB961C24F37E5FBA44
Authority key identifier: 9D:FB:FF:21:71:05:DF:88:77:D4:63:F6:E9:BA:C2:8A:40:84:D2:0C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nfv_IXEF34h31GP26brCikCE0gw.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/55b4d9e8-4111-4394-a3a6-bd8251e7fbbd/0/AS17497.roa
Signing time: Thu 26 Mar 2026 11:32:38 +0000
ROA not before: Thu 26 Mar 2026 11:27:38 +0000
ROA not after: Thu 25 Mar 2027 11:32:38 +0000
asID: 17497
IP address blocks: 193.32.207.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/55b4d9e8-4111-4394-a3a6-bd8251e7fbbd/0/9DFBFF217105DF8877D463F6E9BAC28A4084D20C.crl
rsync://rsync.paas.rpki.ripe.net/repository/55b4d9e8-4111-4394-a3a6-bd8251e7fbbd/0/9DFBFF217105DF8877D463F6E9BAC28A4084D20C.mft
rsync://rpki.ripe.net/repository/DEFAULT/nfv_IXEF34h31GP26brCikCE0gw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 13:27:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
20:cf:db:3e:7b:d4:5d:99:1b:db:aa:db:96:1c:24:f3:7e:5f:ba:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9dfbff217105df8877d463f6e9bac28a4084d20c
Validity
Not Before: Mar 26 11:27:38 2026 GMT
Not After : Mar 25 11:32:38 2027 GMT
Subject: CN=DF2DCCA8075BAF4CE837A08669AE63D2C3821C1A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:1c:b6:ef:36:83:26:e2:f0:ed:ba:6c:97:1f:
af:4f:a0:5e:7a:7b:2d:61:53:a5:48:6c:73:d8:8a:
f1:13:35:57:7f:ab:10:ef:be:69:1c:13:35:8a:f1:
f4:a2:ec:9e:81:cb:3a:11:04:20:e4:31:15:ab:40:
09:0f:b7:f9:36:1b:28:7a:65:3c:4c:45:f5:2d:3b:
47:2b:ed:74:03:60:80:8c:66:13:2d:06:5f:95:d4:
2a:60:b1:d3:40:bb:5d:75:77:e1:cf:7d:64:59:c8:
40:6e:24:3c:c2:ce:47:58:d0:06:b5:3e:ea:28:90:
d0:8b:9d:db:e8:71:c1:be:71:92:58:4d:a2:55:4d:
8b:3d:58:90:4e:2c:22:ef:8e:e2:d1:61:cd:8f:b7:
3b:bf:32:83:93:83:72:45:0c:fa:0c:ed:09:6d:36:
5e:ac:b1:c5:20:f7:9d:4f:18:c5:fd:c4:a4:6a:dc:
67:8c:1f:ea:1d:00:8c:f3:14:b6:e2:ae:a3:08:49:
6a:2d:e8:a0:48:36:a6:57:dd:ec:02:ac:64:1d:15:
a9:e8:e3:d9:f9:e5:a5:02:8c:8d:a6:d9:1e:75:99:
25:fb:d1:49:e4:a2:9e:56:e3:15:a6:6d:a7:05:87:
33:bd:b8:2c:fd:8b:65:38:4f:02:3c:1d:1f:31:2b:
64:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:2D:CC:A8:07:5B:AF:4C:E8:37:A0:86:69:AE:63:D2:C3:82:1C:1A
X509v3 Authority Key Identifier:
keyid:9D:FB:FF:21:71:05:DF:88:77:D4:63:F6:E9:BA:C2:8A:40:84:D2:0C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/55b4d9e8-4111-4394-a3a6-bd8251e7fbbd/0/9DFBFF217105DF8877D463F6E9BAC28A4084D20C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nfv_IXEF34h31GP26brCikCE0gw.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/55b4d9e8-4111-4394-a3a6-bd8251e7fbbd/0/AS17497.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.32.207.0/24
Signature Algorithm: sha256WithRSAEncryption
30:0b:b8:ec:91:35:e0:02:c8:5c:c0:32:4d:71:7b:f5:0d:04:
ed:d1:60:ab:de:97:85:a3:0a:1a:61:a4:c5:e2:44:68:64:74:
af:f6:da:5a:2d:7c:13:2d:43:87:d8:aa:17:d2:e3:e8:9e:cf:
ac:9b:cd:33:8c:f4:5b:d6:c8:cb:4d:c6:3a:e4:9d:61:22:e6:
78:c7:40:f4:76:2b:85:46:d5:c9:c0:5f:47:9f:8a:20:27:46:
f1:41:25:c2:95:6c:01:91:ec:0c:49:8b:b8:3a:bf:8b:00:1f:
30:7c:b0:25:d1:0a:a1:6d:33:c3:e9:a2:1f:19:d6:25:69:dc:
e2:fc:e4:a5:dc:dd:2a:42:06:17:9d:21:7b:c4:fc:21:2d:0d:
86:73:a7:19:5a:4e:a2:89:91:19:74:7f:ad:fc:89:d4:19:3d:
1d:7b:0e:53:9c:b2:ed:ad:c2:f2:02:83:1c:2e:aa:a6:87:38:
c3:e7:9d:5e:5a:b1:bf:66:ca:0a:2b:9f:bb:e6:06:98:8b:1c:
f3:e7:a0:af:60:fb:0b:f0:68:b8:11:6d:fb:3f:1a:51:bb:d8:
10:7e:f2:7c:3f:64:d5:20:87:c7:23:4e:4e:ea:b6:0b:f5:4d:
ff:80:a7:99:d8:50:27:05:65:7f:ed:55:97:3c:3e:ba:84:fd:
83:b0:e5:b3
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgIUIM/bPnvUXZkb26rblhwk835fukQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWRmYmZmMjE3MTA1ZGY4ODc3ZDQ2M2Y2ZTliYWMyOGE0
MDg0ZDIwYzAeFw0yNjAzMjYxMTI3MzhaFw0yNzAzMjUxMTMyMzhaMDMxMTAvBgNV
BAMTKERGMkRDQ0E4MDc1QkFGNENFODM3QTA4NjY5QUU2M0QyQzM4MjFDMUEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC3HLbvNoMm4vDtumyXH69PoF56
ey1hU6VIbHPYivETNVd/qxDvvmkcEzWK8fSi7J6ByzoRBCDkMRWrQAkPt/k2Gyh6
ZTxMRfUtO0cr7XQDYICMZhMtBl+V1CpgsdNAu111d+HPfWRZyEBuJDzCzkdY0Aa1
PuookNCLndvoccG+cZJYTaJVTYs9WJBOLCLvjuLRYc2Ptzu/MoOTg3JFDPoM7Qlt
Nl6sscUg951PGMX9xKRq3GeMH+odAIzzFLbirqMISWot6KBINqZX3ewCrGQdFano
49n55aUCjI2m2R51mSX70Unkop5W4xWmbacFhzO9uCz9i2U4TwI8HR8xK2TpAgMB
AAGjggIJMIICBTAdBgNVHQ4EFgQU3y3MqAdbr0zoN6CGaa5j0sOCHBowHwYDVR0j
BBgwFoAUnfv/IXEF34h31GP26brCikCE0gwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTViNGQ5ZTgtNDExMS00Mzk0LWEzYTYtYmQ4MjUxZTdm
YmJkLzAvOURGQkZGMjE3MTA1REY4ODc3RDQ2M0Y2RTlCQUMyOEE0MDg0RDIwQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL25mdl9JWEVGMzRoMzFHUDI2YnJDaWtD
RTBndy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzU1YjRkOWU4LTQxMTEt
NDM5NC1hM2E2LWJkODI1MWU3ZmJiZC8wL0FTMTc0OTcucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADBIM8w
DQYJKoZIhvcNAQELBQADggEBADALuOyRNeACyFzAMk1xe/UNBO3RYKvel4WjChph
pMXiRGhkdK/22lotfBMtQ4fYqhfS4+iez6ybzTOM9FvWyMtNxjrknWEi5njHQPR2
K4VG1cnAX0efiiAnRvFBJcKVbAGR7AxJi7g6v4sAHzB8sCXRCqFtM8Ppoh8Z1iVp
3OL85KXc3SpCBhedIXvE/CEtDYZzpxlaTqKJkRl0f638idQZPR17DlOcsu2twvIC
gxwuqqaHOMPnnV5asb9mygorn7vmBpiLHPPnoK9g+wvwaLgRbfs/GlG72BB+8nw/
ZNUgh8cjTk7qtgv1Tf+Ap5nYUCcFZX/tVZc8PrqE/YOw5bM=
-----END CERTIFICATE-----
Generated at Thu Mar 26 20:40:55 2026 by rpki-client