Route Origin Authorization
$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/AS61138.roa
File: AS61138.roa (raw, json)
Hash identifier: D91SKdOf1y8NOOxl6/+0eBiPA7mAsufDkmo+oJYQ4c4=
Subject key identifier: 09:87:40:7D:0B:C7:D1:C2:03:3A:8C:BA:54:D6:9B:A1:D9:A8:A3:94
Certificate issuer: /CN=d14b6fcf2b2c69be085e9f959872dcbe8ea54177
Certificate serial: 1881E70FDC438B8A5663A4BF3FB4AB7A5A05BC6E
Authority key identifier: D1:4B:6F:CF:2B:2C:69:BE:08:5E:9F:95:98:72:DC:BE:8E:A5:41:77
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
Subject info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/AS61138.roa
Signing time: Sat 27 Sep 2025 06:44:46 +0000
ROA not before: Sat 27 Sep 2025 06:39:46 +0000
ROA not after: Sat 26 Sep 2026 06:44:46 +0000
asID: 61138
IP address blocks: 5.253.84.0/22 maxlen: 24
5.253.86.0/24 maxlen: 24
27.0.232.0/22 maxlen: 24
81.31.208.0/21 maxlen: 24
83.142.30.0/23 maxlen: 24
85.90.220.0/23 maxlen: 24
89.39.210.0/23 maxlen: 24
94.24.108.0/23 maxlen: 24
94.26.24.0/23 maxlen: 24
103.68.108.0/22 maxlen: 24
103.68.108.0/24 maxlen: 24
103.204.192.0/22 maxlen: 24
103.214.68.0/22 maxlen: 24
103.230.140.0/22 maxlen: 24
104.167.16.0/23 maxlen: 24
118.91.184.0/22 maxlen: 24
144.48.80.0/22 maxlen: 24
160.202.132.0/22 maxlen: 24
185.90.62.0/23 maxlen: 24
185.99.132.0/22 maxlen: 24
185.121.160.0/22 maxlen: 24
185.121.168.0/22 maxlen: 24
185.121.168.0/24 maxlen: 24
185.121.176.0/22 maxlen: 24
185.147.32.0/22 maxlen: 24
185.195.238.0/23 maxlen: 24
185.214.172.0/22 maxlen: 24
185.236.212.0/22 maxlen: 24
194.58.64.0/23 maxlen: 24
195.184.246.0/23 maxlen: 24
2a06:1280::/32 maxlen: 48
2a06:a004::/32 maxlen: 48
2a06:a006::/32 maxlen: 48
2a06:a007::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl
rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.mft
rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 09 Oct 2025 13:21:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
18:81:e7:0f:dc:43:8b:8a:56:63:a4:bf:3f:b4:ab:7a:5a:05:bc:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d14b6fcf2b2c69be085e9f959872dcbe8ea54177
Validity
Not Before: Sep 27 06:39:46 2025 GMT
Not After : Sep 26 06:44:46 2026 GMT
Subject: CN=0987407D0BC7D1C2033A8CBA54D69BA1D9A8A394
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:b8:90:ba:54:77:fd:7d:a9:fe:8d:5f:2a:8a:
ed:18:30:8d:58:43:b4:f6:d9:ac:4c:d0:4e:4a:34:
d7:07:cb:0c:a9:04:11:e0:be:6e:89:81:d6:1e:bb:
c3:f4:ef:11:ef:7c:14:0b:34:04:18:1c:20:bb:b4:
8a:67:d1:c8:08:46:a0:c1:91:47:85:8e:91:53:86:
65:a5:d4:25:74:63:34:c5:80:12:1a:36:4e:1b:36:
90:c9:b8:bc:db:99:3a:86:42:bd:58:2c:82:70:73:
d8:36:81:b1:7f:b5:5e:d9:8a:e5:f5:f3:f5:7c:7a:
e0:6f:af:c6:19:a9:43:7f:df:05:1d:35:7f:eb:e2:
eb:a5:b3:8f:09:07:bb:67:1a:7d:27:82:14:52:60:
0b:5f:63:d1:2a:39:cc:64:31:d9:46:f3:2d:3a:49:
77:49:e9:26:dd:a4:2f:dd:07:af:71:d2:69:6b:ca:
3e:8d:d4:f3:78:f6:79:1f:57:75:b5:28:b8:4f:5e:
d2:61:30:dd:cc:96:ad:ba:23:6a:e9:9a:c1:be:f2:
20:2a:87:a6:af:64:18:da:cd:54:e7:29:07:d9:1b:
40:f2:3a:ba:b0:8c:5b:09:ac:20:39:a9:58:d2:2a:
9b:8f:94:b6:46:78:ff:ab:73:2f:1f:a0:1d:79:ca:
a3:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:87:40:7D:0B:C7:D1:C2:03:3A:8C:BA:54:D6:9B:A1:D9:A8:A3:94
X509v3 Authority Key Identifier:
keyid:D1:4B:6F:CF:2B:2C:69:BE:08:5E:9F:95:98:72:DC:BE:8E:A5:41:77
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/AS61138.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.253.84.0/22
27.0.232.0/22
81.31.208.0/21
83.142.30.0/23
85.90.220.0/23
89.39.210.0/23
94.24.108.0/23
94.26.24.0/23
103.68.108.0/22
103.204.192.0/22
103.214.68.0/22
103.230.140.0/22
104.167.16.0/23
118.91.184.0/22
144.48.80.0/22
160.202.132.0/22
185.90.62.0/23
185.99.132.0/22
185.121.160.0/22
185.121.168.0/22
185.121.176.0/22
185.147.32.0/22
185.195.238.0/23
185.214.172.0/22
185.236.212.0/22
194.58.64.0/23
195.184.246.0/23
IPv6:
2a06:1280::/32
2a06:a004::/32
2a06:a006::/31
Signature Algorithm: sha256WithRSAEncryption
39:5c:09:86:5a:e9:f5:fa:1f:5e:b8:67:ae:99:ea:f4:ae:15:
19:eb:e6:b6:fb:af:8c:30:f9:4f:52:e0:94:24:a2:08:c6:59:
a5:19:7a:a1:b5:60:11:3c:70:44:2f:cf:bb:ed:66:54:a8:e5:
73:4a:2a:19:85:a4:4d:48:b4:82:06:24:a2:17:a2:e9:d7:1a:
5a:ae:6c:2c:19:4d:4c:5e:aa:7b:76:ab:b1:56:9d:4a:1f:54:
76:52:0a:38:5a:5e:9e:df:2a:ed:3f:a7:9e:5a:a3:52:b1:86:
f0:38:8d:4d:40:b2:bf:21:84:34:40:b5:65:b5:3c:5a:eb:1b:
a6:39:a7:12:a9:03:e1:b5:3e:09:08:2f:cc:5a:fb:f3:f5:33:
1c:57:8d:a0:19:58:93:13:3d:c9:9c:43:68:f1:90:af:01:bb:
fb:88:ac:0a:61:2d:3f:47:fe:8a:50:82:cf:58:f8:3d:25:a5:
8f:bc:78:61:e2:7f:57:01:3a:58:2d:fa:67:99:28:b3:cd:35:
03:8f:a5:92:28:46:80:1f:60:70:27:a3:e2:b1:e6:21:d1:e9:
5f:1d:4e:92:d9:5d:9e:32:73:0b:eb:4b:a0:85:02:ee:06:99:
64:7b:cf:e2:82:a0:f2:59:2a:6b:63:67:92:a9:fa:6d:44:3e:
e7:64:0d:98
-----BEGIN CERTIFICATE-----
MIIFojCCBIqgAwIBAgIUGIHnD9xDi4pWY6S/P7SreloFvG4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZDE0YjZmY2YyYjJjNjliZTA4NWU5Zjk1OTg3MmRjYmU4
ZWE1NDE3NzAeFw0yNTA5MjcwNjM5NDZaFw0yNjA5MjYwNjQ0NDZaMDMxMTAvBgNV
BAMTKDA5ODc0MDdEMEJDN0QxQzIwMzNBOENCQTU0RDY5QkExRDlBOEEzOTQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC+uJC6VHf9fan+jV8qiu0YMI1Y
Q7T22axM0E5KNNcHywypBBHgvm6JgdYeu8P07xHvfBQLNAQYHCC7tIpn0cgIRqDB
kUeFjpFThmWl1CV0YzTFgBIaNk4bNpDJuLzbmTqGQr1YLIJwc9g2gbF/tV7ZiuX1
8/V8euBvr8YZqUN/3wUdNX/r4uuls48JB7tnGn0nghRSYAtfY9EqOcxkMdlG8y06
SXdJ6SbdpC/dB69x0mlryj6N1PN49nkfV3W1KLhPXtJhMN3Mlq26I2rpmsG+8iAq
h6avZBjazVTnKQfZG0DyOrqwjFsJrCA5qVjSKpuPlLZGeP+rcy8foB15yqPHAgMB
AAGjggKsMIICqDAdBgNVHQ4EFgQUCYdAfQvH0cIDOoy6VNabodmoo5QwHwYDVR0j
BBgwFoAU0Utvzyssab4IXp+VmHLcvo6lQXcwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvNy9EMTRCNkZDRjJC
MkM2OUJFMDg1RTlGOTU5ODcyRENCRThFQTU0MTc3LmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMFV0dnp5c3NhYjRJWHAtVm1ITGN2bzZsUVhjLmNlcjBvBggrBgEF
BQcBCwRjMGEwXwYIKwYBBQUHMAuGU3JzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC83L0FT
NjExMzgucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwgdwGCCsGAQUFBwEH
AQH/BIHMMIHJMIGpBAIAATCBogMEAgX9VAMEAhsA6AMEA1Ef0AMEAVOOHgMEAVVa
3AMEAVkn0gMEAV4YbAMEAV4aGAMEAmdEbAMEAmfMwAMEAmfWRAMEAmfmjAMEAWin
EAMEAnZbuAMEApAwUAMEAqDKhAMEAblaPgMEArljhAMEArl5oAMEArl5qAMEArl5
sAMEArmTIAMEAbnD7gMEArnWrAMEArns1AMEAcI6QAMEAcO49jAbBAIAAjAVAwUA
KgYSgAMFACoGoAQDBQEqBqAGMA0GCSqGSIb3DQEBCwUAA4IBAQA5XAmGWun1+h9e
uGeumer0rhUZ6+a2+6+MMPlPUuCUJKIIxlmlGXqhtWARPHBEL8+77WZUqOVzSioZ
haRNSLSCBiSiF6Lp1xparmwsGU1MXqp7dquxVp1KH1R2Ugo4Wl6e3yrtP6eeWqNS
sYbwOI1NQLK/IYQ0QLVltTxa6xumOacSqQPhtT4JCC/MWvvz9TMcV42gGViTEz3J
nENo8ZCvAbv7iKwKYS0/R/6KUILPWPg9JaWPvHhh4n9XATpYLfpnmSizzTUDj6WS
KEaAH2BwJ6PiseYh0elfHU6S2V2eMnML60ughQLuBplke8/igqDyWSprY2eSqfpt
RD7nZA2Y
-----END CERTIFICATE-----
Generated at Wed Oct 8 17:25:16 2025 by rpki-client