Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS152179.roa
File: AS152179.roa (raw, json)
Hash identifier: HT1GxQY0Xy8UAlV2mCieqC2fcTXNVxnFrglBl/Q706s=
Subject key identifier: 12:4A:3D:DA:7F:4E:75:4F:69:84:0E:89:BA:D5:86:55:65:F6:E5:4D
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 69ED2F7C48A890317B7A50F07F7BF9F6FDE07A3E
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS152179.roa
Signing time: Tue 15 Jul 2025 00:01:59 +0000
ROA not before: Mon 14 Jul 2025 23:56:59 +0000
ROA not after: Tue 14 Jul 2026 00:01:59 +0000
asID: 152179
IP address blocks: 179.61.173.0/24 maxlen: 24
181.214.2.0/24 maxlen: 24
181.214.25.0/24 maxlen: 24
181.214.33.0/24 maxlen: 24
181.214.75.0/24 maxlen: 24
181.214.130.0/24 maxlen: 24
181.214.132.0/24 maxlen: 24
181.214.185.0/24 maxlen: 24
181.214.205.0/24 maxlen: 24
181.214.250.0/24 maxlen: 24
181.215.110.0/24 maxlen: 24
181.215.127.0/24 maxlen: 24
181.215.136.0/24 maxlen: 24
181.215.148.0/24 maxlen: 24
181.215.154.0/24 maxlen: 24
181.215.190.0/24 maxlen: 24
181.215.239.0/24 maxlen: 24
185.173.27.0/24 maxlen: 24
194.53.142.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Jul 2025 22:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
69:ed:2f:7c:48:a8:90:31:7b:7a:50:f0:7f:7b:f9:f6:fd:e0:7a:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Jul 14 23:56:59 2025 GMT
Not After : Jul 14 00:01:59 2026 GMT
Subject: CN=124A3DDA7F4E754F69840E89BAD5865565F6E54D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:88:a3:03:44:0e:ca:4d:5d:2d:ae:43:2c:bc:
b3:bb:69:f7:ad:77:21:f0:58:de:5e:2e:32:b2:53:
24:c0:9b:d5:e9:a3:39:4a:79:e8:81:cb:fc:87:ee:
df:af:8f:75:d2:54:c5:a6:0b:ec:2e:8a:ec:79:9b:
60:53:27:ed:3c:2b:6d:87:02:1e:7f:6a:9f:a3:f9:
0f:e2:4f:2e:78:63:db:a7:c0:cb:67:42:24:68:22:
57:ed:4e:95:a2:16:ef:4f:51:1b:1d:5a:12:b9:e9:
61:72:42:3c:70:79:e9:a2:da:ff:7f:ff:c3:3e:79:
92:fa:3f:bd:b4:e2:b5:c6:da:86:78:cc:95:49:35:
dd:fb:1b:25:2b:d0:1f:4e:b3:3f:a3:33:5d:ed:57:
cc:b9:8c:1d:b3:c0:c4:e5:69:75:ef:f4:47:3a:66:
97:37:23:dc:58:48:32:b7:16:2c:8b:43:1e:f0:49:
d8:36:a3:d0:ed:75:cd:0e:bf:25:6f:83:be:a8:da:
00:0a:41:07:71:c6:41:96:3e:a9:06:29:15:4c:31:
d4:cf:2e:48:fc:47:df:2a:12:66:0a:0d:bf:aa:bf:
9c:b8:0d:b7:4b:2b:48:fd:63:39:d4:fa:d3:3e:84:
86:8e:64:19:fc:45:0a:30:bc:00:3d:f2:c7:29:d7:
fa:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:4A:3D:DA:7F:4E:75:4F:69:84:0E:89:BA:D5:86:55:65:F6:E5:4D
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS152179.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
179.61.173.0/24
181.214.2.0/24
181.214.25.0/24
181.214.33.0/24
181.214.75.0/24
181.214.130.0/24
181.214.132.0/24
181.214.185.0/24
181.214.205.0/24
181.214.250.0/24
181.215.110.0/24
181.215.127.0/24
181.215.136.0/24
181.215.148.0/24
181.215.154.0/24
181.215.190.0/24
181.215.239.0/24
185.173.27.0/24
194.53.142.0/24
Signature Algorithm: sha256WithRSAEncryption
65:a9:11:13:5b:82:2a:56:74:1d:7f:03:85:72:df:1a:e0:8f:
b2:24:28:b2:b4:58:8f:97:9b:c3:ca:1c:4c:a2:64:cc:99:e5:
f5:a5:f4:0c:a4:b3:3b:5d:ef:63:0b:80:6a:e1:24:d3:5b:4d:
b7:ca:d0:96:52:48:a9:f7:1a:c8:4d:4f:9e:e2:ba:64:7f:55:
f6:f1:e8:e2:48:18:24:24:f6:6f:82:cf:aa:48:1d:6c:50:96:
49:7b:73:48:19:71:a4:f0:cc:42:07:51:45:72:4e:6b:a3:cc:
cc:8a:94:d0:be:1d:f8:5b:68:d6:41:f5:7b:5c:e1:ab:d4:b4:
3d:ca:e6:19:c7:33:f0:ec:91:d2:87:15:fc:80:8f:33:9e:ca:
b9:51:76:84:da:a6:0f:e3:1f:fe:fd:f8:bc:ac:46:67:75:10:
4f:16:54:14:ce:5b:5c:ab:fe:d5:40:fd:09:05:a3:5f:e6:02:
08:5c:36:8f:9c:ef:d2:55:ab:a0:7a:8e:13:20:54:a7:f3:e7:
72:d2:0e:2b:1c:10:a6:29:06:d2:e1:12:92:98:70:97:75:e3:
6f:49:04:32:a9:00:de:46:60:fd:30:93:82:37:f5:36:79:78:
ea:21:13:b3:0d:67:45:01:af:f5:cc:c6:86:6e:92:e3:4b:ed:
40:2e:1e:64
-----BEGIN CERTIFICATE-----
MIIFbTCCBFWgAwIBAgIUae0vfEiokDF7elDwf3v59v3gej4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNTA3MTQyMzU2NTlaFw0yNjA3MTQwMDAxNTlaMDMxMTAvBgNV
BAMTKDEyNEEzRERBN0Y0RTc1NEY2OTg0MEU4OUJBRDU4NjU1NjVGNkU1NEQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCZiKMDRA7KTV0trkMsvLO7afet
dyHwWN5eLjKyUyTAm9XpozlKeeiBy/yH7t+vj3XSVMWmC+wuiux5m2BTJ+08K22H
Ah5/ap+j+Q/iTy54Y9unwMtnQiRoIlftTpWiFu9PURsdWhK56WFyQjxweemi2v9/
/8M+eZL6P7204rXG2oZ4zJVJNd37GyUr0B9Osz+jM13tV8y5jB2zwMTlaXXv9Ec6
Zpc3I9xYSDK3FiyLQx7wSdg2o9Dtdc0OvyVvg76o2gAKQQdxxkGWPqkGKRVMMdTP
Lkj8R98qEmYKDb+qv5y4DbdLK0j9YznU+tM+hIaOZBn8RQowvAA98scp1/oBAgMB
AAGjggJ3MIICczAdBgNVHQ4EFgQUEko92n9OdU9phA6JutWGVWX25U0wHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMTUyMTc5LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMIGLBggrBgEFBQcBBwEB/wR8MHoweAQCAAEwcgMEALM9
rQMEALXWAgMEALXWGQMEALXWIQMEALXWSwMEALXWggMEALXWhAMEALXWuQMEALXW
zQMEALXW+gMEALXXbgMEALXXfwMEALXXiAMEALXXlAMEALXXmgMEALXXvgMEALXX
7wMEALmtGwMEAMI1jjANBgkqhkiG9w0BAQsFAAOCAQEAZakRE1uCKlZ0HX8DhXLf
GuCPsiQosrRYj5ebw8ocTKJkzJnl9aX0DKSzO13vYwuAauEk01tNt8rQllJIqfca
yE1PnuK6ZH9V9vHo4kgYJCT2b4LPqkgdbFCWSXtzSBlxpPDMQgdRRXJOa6PMzIqU
0L4d+Fto1kH1e1zhq9S0PcrmGccz8OyR0ocV/ICPM57KuVF2hNqmD+Mf/v34vKxG
Z3UQTxZUFM5bXKv+1UD9CQWjX+YCCFw2j5zv0lWroHqOEyBUp/PnctIOKxwQpikG
0uESkphwl3Xjb0kEMqkA3kZg/TCTgjf1Nnl46iETsw1nRQGv9czGhm6S40vtQC4e
ZA==
-----END CERTIFICATE-----
Generated at Mon Jul 21 03:08:45 2025 by rpki-client