Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS397979.roa
File: AS397979.roa (raw, json)
Hash identifier: b4rxpMQjsDd/YOQMUE0bnZ/LjogyTk4NLhM2goQo/sQ=
Subject key identifier: 75:6D:46:03:AB:B1:44:58:E5:9E:32:10:60:BD:9F:EE:E5:DA:6C:59
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 3893C828A6191837D79965CB31BCDDDCEB0487E2
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS397979.roa
Signing time: Wed 25 Mar 2026 14:53:15 +0000
ROA not before: Wed 25 Mar 2026 14:48:15 +0000
ROA not after: Wed 24 Mar 2027 14:53:15 +0000
asID: 397979
IP address blocks: 178.83.137.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 15:17:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
38:93:c8:28:a6:19:18:37:d7:99:65:cb:31:bc:dd:dc:eb:04:87:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Mar 25 14:48:15 2026 GMT
Not After : Mar 24 14:53:15 2027 GMT
Subject: CN=756D4603ABB14458E59E321060BD9FEEE5DA6C59
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:11:e0:f6:b4:68:87:2a:92:2c:e6:8d:26:14:
e7:db:de:7b:2f:0e:0f:35:9f:72:82:d9:b7:f3:62:
b0:ad:2b:35:25:25:bb:17:3a:92:9d:ab:56:6d:4a:
75:2c:68:39:cb:c4:df:cd:98:f5:b4:17:22:8f:2c:
1d:a8:ac:9d:2a:a6:8c:dc:8c:f8:a1:4c:31:6b:52:
86:77:06:38:0d:95:1e:95:8d:23:96:79:6c:29:7e:
1c:6b:db:71:fc:f2:6e:1e:6e:08:76:9e:99:73:93:
63:5a:a8:f2:dc:20:01:8a:01:17:4c:87:20:5d:72:
80:5e:8c:76:36:13:9d:89:c8:ee:65:43:f0:12:d9:
52:53:64:07:e6:b2:28:59:48:55:90:32:5a:09:56:
b7:a4:d2:d8:56:53:0a:90:dd:b6:55:56:09:be:6f:
06:fc:fa:33:5b:d5:11:b2:63:f1:cb:17:75:18:58:
6f:67:9e:21:d9:41:9b:84:67:62:9b:5a:97:7e:ac:
27:13:9b:c3:f9:24:4d:d8:f6:c5:c2:ec:7f:6d:32:
c8:c7:d7:47:e3:a3:75:3a:cc:55:ab:93:be:6f:a7:
3d:b4:6f:1f:64:c7:0b:6b:d6:cd:a7:2a:f5:4d:f9:
9a:d3:eb:17:9f:b0:e1:f4:9c:05:60:ef:18:89:bf:
ff:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:6D:46:03:AB:B1:44:58:E5:9E:32:10:60:BD:9F:EE:E5:DA:6C:59
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS397979.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.83.137.0/24
Signature Algorithm: sha256WithRSAEncryption
53:c2:19:79:e8:b1:5d:f8:84:a0:58:2e:b2:2b:f1:0a:78:e8:
bd:f8:e4:af:4f:39:7e:3d:15:d7:f4:3f:78:64:27:9f:98:a9:
52:b0:f4:aa:35:1b:42:2a:5b:a7:ee:31:b2:f3:b1:8a:0b:b8:
1e:81:00:8b:63:3a:c7:8c:c0:df:fe:c2:f1:f3:ff:9e:5f:34:
90:7f:74:64:b3:70:eb:b2:15:dd:29:b2:58:e4:43:cb:81:d4:
c5:c0:42:55:6b:75:30:a5:9e:78:41:35:6d:91:e3:e2:e1:85:
dc:e0:01:0b:38:d8:6e:3b:13:65:64:dc:5c:f3:3b:a7:b5:4b:
3b:54:6a:bf:32:aa:1e:9f:1e:e7:fb:70:c7:62:fc:b0:ae:b0:
08:3b:1c:4d:c2:56:a8:3a:6a:3a:9a:7d:d4:5a:e4:1d:0f:d3:
5f:71:85:51:98:51:f4:9d:37:74:6e:01:b7:03:65:f5:cb:b8:
88:39:c0:38:c1:71:7c:20:db:2d:e0:ef:ca:a4:34:1d:eb:36:
04:3a:40:8f:27:49:81:32:45:02:c7:40:80:63:3d:8a:67:15:
07:c2:f8:e3:a5:68:4d:d0:b1:59:2e:5d:27:85:e2:2a:92:1e:
cf:81:08:24:af:97:23:84:fb:4a:f8:2e:c6:5e:6c:18:0a:66:
ab:48:e5:c9
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIUOJPIKKYZGDfXmWXLMbzd3OsEh+IwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjAzMjUxNDQ4MTVaFw0yNzAzMjQxNDUzMTVaMDMxMTAvBgNV
BAMTKDc1NkQ0NjAzQUJCMTQ0NThFNTlFMzIxMDYwQkQ5RkVFRTVEQTZDNTkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5EeD2tGiHKpIs5o0mFOfb3nsv
Dg81n3KC2bfzYrCtKzUlJbsXOpKdq1ZtSnUsaDnLxN/NmPW0FyKPLB2orJ0qpozc
jPihTDFrUoZ3BjgNlR6VjSOWeWwpfhxr23H88m4ebgh2nplzk2NaqPLcIAGKARdM
hyBdcoBejHY2E52JyO5lQ/AS2VJTZAfmsihZSFWQMloJVrek0thWUwqQ3bZVVgm+
bwb8+jNb1RGyY/HLF3UYWG9nniHZQZuEZ2KbWpd+rCcTm8P5JE3Y9sXC7H9tMsjH
10fjo3U6zFWrk75vpz20bx9kxwtr1s2nKvVN+ZrT6xefsOH0nAVg7xiJv/+/AgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQUdW1GA6uxRFjlnjIQYL2f7uXabFkwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMzk3OTc5LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAslOJ
MA0GCSqGSIb3DQEBCwUAA4IBAQBTwhl56LFd+ISgWC6yK/EKeOi9+OSvTzl+PRXX
9D94ZCefmKlSsPSqNRtCKlun7jGy87GKC7gegQCLYzrHjMDf/sLx8/+eXzSQf3Rk
s3DrshXdKbJY5EPLgdTFwEJVa3UwpZ54QTVtkePi4YXc4AELONhuOxNlZNxc8zun
tUs7VGq/Mqoenx7n+3DHYvywrrAIOxxNwlaoOmo6mn3UWuQdD9NfcYVRmFH0nTd0
bgG3A2X1y7iIOcA4wXF8INst4O/KpDQd6zYEOkCPJ0mBMkUCx0CAYz2KZxUHwvjj
pWhN0LFZLl0nheIqkh7PgQgkr5cjhPtK+C7GXmwYCmarSOXJ
-----END CERTIFICATE-----
Generated at Thu Mar 26 01:34:47 2026 by rpki-client