Route Origin Authorization
$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS61138.roa
File: AS61138.roa (raw, json)
Hash identifier: rfBv3akY6MYe8OJ2FCSEExDecHXaYV28Z/TsoOPlSI8=
Subject key identifier: 5A:52:2F:CB:EB:56:5E:30:9F:F8:43:6A:0A:9E:CB:11:8B:C5:46:E4
Certificate issuer: /CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Certificate serial: 37C7801356C843DB2D88955FE6AE72F2665A375B
Authority key identifier: 79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS61138.roa
Signing time: Fri 23 May 2025 05:50:27 +0000
ROA not before: Fri 23 May 2025 05:45:27 +0000
ROA not after: Fri 22 May 2026 05:50:27 +0000
asID: 61138
IP address blocks: 5.253.84.0/22 maxlen: 24
5.253.86.0/24 maxlen: 24
27.0.232.0/22 maxlen: 24
81.31.208.0/21 maxlen: 24
83.142.30.0/23 maxlen: 24
85.90.220.0/23 maxlen: 24
89.39.210.0/23 maxlen: 24
94.24.108.0/23 maxlen: 24
94.26.24.0/23 maxlen: 24
103.204.192.0/22 maxlen: 24
103.214.68.0/22 maxlen: 24
103.230.140.0/22 maxlen: 24
104.167.16.0/23 maxlen: 24
118.91.184.0/22 maxlen: 24
144.48.80.0/22 maxlen: 24
160.202.132.0/22 maxlen: 24
185.90.62.0/23 maxlen: 24
185.99.132.0/22 maxlen: 24
185.121.160.0/22 maxlen: 24
185.121.168.0/22 maxlen: 24
185.121.168.0/24 maxlen: 24
185.121.176.0/22 maxlen: 24
185.147.32.0/22 maxlen: 24
185.195.238.0/23 maxlen: 24
185.214.172.0/22 maxlen: 24
185.236.212.0/22 maxlen: 24
194.58.64.0/23 maxlen: 24
195.184.246.0/23 maxlen: 24
2a06:1280::/32 maxlen: 48
2a06:9f45::/32 maxlen: 48
2a06:9f46::/32 maxlen: 48
2a06:a004::/32 maxlen: 48
2a06:a006::/32 maxlen: 48
2a06:a007::/32 maxlen: 48
2a09:54c1::/32 maxlen: 48
2a0a:6047::/32 maxlen: 48
2a0d:d903::/32 maxlen: 48
2a0d:d906::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 04 Jun 2025 08:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
37:c7:80:13:56:c8:43:db:2d:88:95:5f:e6:ae:72:f2:66:5a:37:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Validity
Not Before: May 23 05:45:27 2025 GMT
Not After : May 22 05:50:27 2026 GMT
Subject: CN=5A522FCBEB565E309FF8436A0A9ECB118BC546E4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:2f:1b:ba:f9:1d:99:2c:28:23:d1:cf:d6:9c:
f6:44:19:8f:1a:3a:b9:3e:8b:7d:02:25:d5:c6:9d:
0a:12:51:41:b8:62:69:e2:35:64:2b:54:07:37:b9:
19:b5:95:5d:5c:25:22:67:74:66:53:fd:07:99:f9:
a4:bd:40:f3:db:45:18:ff:81:13:72:b8:ca:d7:82:
ab:4f:ee:5f:44:b1:52:26:9a:a5:45:e2:32:a1:87:
ef:67:4e:4d:ea:d5:e5:a3:74:af:f3:72:3b:14:16:
bf:53:14:10:c5:e0:d8:66:98:ee:d5:59:69:4c:9e:
5e:c7:b1:61:d1:e4:9b:93:ac:43:27:84:a8:fa:2b:
bc:22:af:f6:a6:6a:4d:e6:59:51:9c:5f:79:64:2e:
dd:d7:28:ae:2f:75:6a:d7:8b:ff:8d:c7:8d:61:62:
1b:16:a8:91:98:48:20:38:0b:b8:5d:2c:1f:f9:2f:
d9:f3:e2:ed:d1:92:54:84:c7:3f:c3:0d:e7:f5:03:
a2:4e:ff:3b:15:c4:fd:57:17:9d:5d:b5:af:4c:d5:
a4:0a:3b:f7:6a:06:99:ba:5c:81:4e:d6:0b:62:9e:
7b:57:9b:c8:2d:84:51:40:ff:7a:61:18:84:39:76:
5e:bf:71:fb:40:55:16:73:75:d1:15:bc:d2:42:9b:
2f:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:52:2F:CB:EB:56:5E:30:9F:F8:43:6A:0A:9E:CB:11:8B:C5:46:E4
X509v3 Authority Key Identifier:
keyid:79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS61138.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.253.84.0/22
27.0.232.0/22
81.31.208.0/21
83.142.30.0/23
85.90.220.0/23
89.39.210.0/23
94.24.108.0/23
94.26.24.0/23
103.204.192.0/22
103.214.68.0/22
103.230.140.0/22
104.167.16.0/23
118.91.184.0/22
144.48.80.0/22
160.202.132.0/22
185.90.62.0/23
185.99.132.0/22
185.121.160.0/22
185.121.168.0/22
185.121.176.0/22
185.147.32.0/22
185.195.238.0/23
185.214.172.0/22
185.236.212.0/22
194.58.64.0/23
195.184.246.0/23
IPv6:
2a06:1280::/32
2a06:9f45::-2a06:9f46:ffff:ffff:ffff:ffff:ffff:ffff
2a06:a004::/32
2a06:a006::/31
2a09:54c1::/32
2a0a:6047::/32
2a0d:d903::/32
2a0d:d906::/32
Signature Algorithm: sha256WithRSAEncryption
67:f6:22:75:ea:ed:70:40:51:c3:58:31:33:0a:b8:61:fa:1a:
9b:4a:e2:e2:ad:c9:20:f9:f4:ae:9a:9a:37:18:4d:c2:de:c4:
47:6d:90:a3:d8:0b:64:ad:97:c2:2e:b9:d3:9e:c2:da:e5:c1:
e3:db:0d:d3:9a:69:43:28:92:89:66:ec:f8:e8:3b:f3:92:10:
dd:c7:14:10:51:fa:d0:8d:02:7a:4b:a4:48:5d:9a:c3:ff:ed:
9d:e2:3f:d3:d5:82:45:06:c5:d8:1f:a1:53:90:2c:55:8e:3e:
b8:71:40:7c:ed:3f:5c:7a:a5:79:e7:0b:61:6f:bd:19:aa:93:
a1:bd:1d:95:bc:f6:0f:09:0b:8c:31:83:e9:b0:97:03:d6:dc:
e2:d7:bf:9d:87:ff:3d:14:f6:d3:99:67:90:66:10:e3:35:08:
87:13:92:63:17:db:91:3e:68:87:d1:0c:04:ed:d8:81:61:d7:
b0:82:70:1b:9e:21:4e:7a:06:27:c7:32:4f:7e:f1:5d:a5:98:
6c:12:ba:52:cc:9b:66:7d:00:35:78:a9:f2:0b:70:a5:ee:1f:
27:da:b5:2b:4b:10:7e:de:77:4d:88:4f:20:58:bc:ad:34:89:
65:3b:9f:86:92:ef:d9:a6:95:aa:59:19:29:ba:a2:45:d0:24:
64:c4:52:92
-----BEGIN CERTIFICATE-----
MIIFyTCCBLGgAwIBAgIUN8eAE1bIQ9stiJVf5q5y8mZaN1swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzk5NDM4ZjFiMTc2MmFlZWY4YTM1Y2Y0ZTZjYmFlOTc2
OTliZDAyMDAeFw0yNTA1MjMwNTQ1MjdaFw0yNjA1MjIwNTUwMjdaMDMxMTAvBgNV
BAMTKDVBNTIyRkNCRUI1NjVFMzA5RkY4NDM2QTBBOUVDQjExOEJDNTQ2RTQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDWLxu6+R2ZLCgj0c/WnPZEGY8a
Ork+i30CJdXGnQoSUUG4YmniNWQrVAc3uRm1lV1cJSJndGZT/QeZ+aS9QPPbRRj/
gRNyuMrXgqtP7l9EsVImmqVF4jKhh+9nTk3q1eWjdK/zcjsUFr9TFBDF4NhmmO7V
WWlMnl7HsWHR5JuTrEMnhKj6K7wir/amak3mWVGcX3lkLt3XKK4vdWrXi/+Nx41h
YhsWqJGYSCA4C7hdLB/5L9nz4u3RklSExz/DDef1A6JO/zsVxP1XF51dta9M1aQK
O/dqBpm6XIFO1gtinntXm8gthFFA/3phGIQ5dl6/cftAVRZzddEVvNJCmy8rAgMB
AAGjggLTMIICzzAdBgNVHQ4EFgQUWlIvy+tWXjCf+ENqCp7LEYvFRuQwHwYDVR0j
BBgwFoAUeZQ48bF2Ku74o1z05suul2mb0CAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvMi83OTk0MzhGMUIx
NzYyQUVFRjhBMzVDRjRFNkNCQUU5NzY5OUJEMDIwLmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZVpRNDhiRjJLdTc0bzF6MDVzdXVsMm1iMENBLmNlcjBvBggrBgEF
BQcBCwRjMGEwXwYIKwYBBQUHMAuGU3JzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC8yL0FT
NjExMzgucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwggECBggrBgEFBQcB
BwEB/wSB8jCB7zCBowQCAAEwgZwDBAIF/VQDBAIbAOgDBANRH9ADBAFTjh4DBAFV
WtwDBAFZJ9IDBAFeGGwDBAFeGhgDBAJnzMADBAJn1kQDBAJn5owDBAFopxADBAJ2
W7gDBAKQMFADBAKgyoQDBAG5Wj4DBAK5Y4QDBAK5eaADBAK5eagDBAK5ebADBAK5
kyADBAG5w+4DBAK51qwDBAK57NQDBAHCOkADBAHDuPYwRwQCAAIwQQMFACoGEoAw
DgMFACoGn0UDBQAqBp9GAwUAKgagBAMFASoGoAYDBQAqCVTBAwUAKgpgRwMFACoN
2QMDBQAqDdkGMA0GCSqGSIb3DQEBCwUAA4IBAQBn9iJ16u1wQFHDWDEzCrhh+hqb
SuLirckg+fSumpo3GE3C3sRHbZCj2AtkrZfCLrnTnsLa5cHj2w3TmmlDKJKJZuz4
6DvzkhDdxxQQUfrQjQJ6S6RIXZrD/+2d4j/T1YJFBsXYH6FTkCxVjj64cUB87T9c
eqV55wthb70ZqpOhvR2VvPYPCQuMMYPpsJcD1tzi17+dh/89FPbTmWeQZhDjNQiH
E5JjF9uRPmiH0QwE7diBYdewgnAbniFOegYnxzJPfvFdpZhsErpSzJtmfQA1eKny
C3Cl7h8n2rUrSxB+3ndNiE8gWLytNIllO5+Gku/ZppWqWRkpuqJF0CRkxFKS
-----END CERTIFICATE-----
Generated at Tue Jun 3 12:15:38 2025 by rpki-client