Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS137409.roa
File: AS137409.roa (raw, json)
Hash identifier: pmCJP2s/2DgI7/DcW9S+BoIfUpcLOcMZPaHPZEMw+6s=
Subject key identifier: 02:EC:E7:FE:EE:74:A7:9C:09:6E:BB:90:B6:66:7E:51:08:95:FC:6C
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 7308563798310CB51FA4BB27988AF9BB2F980688
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS137409.roa
Signing time: Mon 01 Sep 2025 00:16:42 +0000
ROA not before: Mon 01 Sep 2025 00:11:42 +0000
ROA not after: Mon 31 Aug 2026 00:16:42 +0000
asID: 137409
IP address blocks: 5.252.80.0/24 maxlen: 24
181.214.73.0/24 maxlen: 24
181.214.122.0/24 maxlen: 24
185.141.167.0/24 maxlen: 24
2a0a:8e00::/32 maxlen: 48
2a0a:9606::/32 maxlen: 48
2a0a:9607::/32 maxlen: 48
2a0a:be00::/32 maxlen: 48
2a0a:ce00::/32 maxlen: 48
2a0a:ce01::/32 maxlen: 48
2a0a:ce02::/32 maxlen: 48
2a0a:ce03::/32 maxlen: 48
2a0a:ce04::/32 maxlen: 48
2a0a:ce05::/32 maxlen: 48
2a0a:ce06::/32 maxlen: 48
2a0a:ce07::/32 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 06 Sep 2025 10:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
73:08:56:37:98:31:0c:b5:1f:a4:bb:27:98:8a:f9:bb:2f:98:06:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Sep 1 00:11:42 2025 GMT
Not After : Aug 31 00:16:42 2026 GMT
Subject: CN=02ECE7FEEE74A79C096EBB90B6667E510895FC6C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:f7:91:3f:76:ac:d6:bc:a8:58:2e:c5:2f:0e:
81:5d:f6:03:57:cf:1d:0d:94:3e:13:d5:85:f3:59:
5b:9a:d8:9d:de:61:3f:40:45:97:80:cd:d0:af:17:
e9:c1:b1:07:3f:4f:99:c9:91:95:81:03:c9:3d:f0:
23:4c:6e:31:1d:54:2a:b5:1b:d0:9a:b0:09:1a:00:
61:26:35:24:98:df:91:1b:8c:6c:e7:39:f3:14:6e:
33:3a:6c:c8:d3:23:5f:2d:dd:64:9d:5a:25:87:31:
b2:1a:24:f8:2c:05:b1:5b:1e:e3:86:c2:c4:8e:ea:
0b:cc:d6:e4:f1:5b:ed:5a:7c:bc:da:7d:64:d1:0e:
32:d8:2c:35:48:40:17:63:5f:43:51:41:b7:64:84:
3c:cc:87:e6:d5:42:08:d5:f3:de:c1:e9:cb:af:cb:
16:28:29:56:de:3c:e3:2c:40:8f:86:24:89:83:7a:
f2:cf:c4:c8:29:d8:a4:c7:3e:a5:14:0c:02:a4:b2:
05:96:8a:a9:45:c1:c7:9c:a7:3b:39:8c:3e:3e:4b:
ae:3a:b1:b4:85:ba:9d:25:29:da:8f:ac:a0:c6:74:
7a:8b:b0:c8:c6:bb:fe:4c:e0:3d:d9:2f:e3:4d:81:
da:b6:e7:bf:24:01:be:0c:f5:bb:46:d4:49:b1:64:
4b:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:EC:E7:FE:EE:74:A7:9C:09:6E:BB:90:B6:66:7E:51:08:95:FC:6C
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS137409.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.252.80.0/24
181.214.73.0/24
181.214.122.0/24
185.141.167.0/24
IPv6:
2a0a:8e00::/32
2a0a:9606::/31
2a0a:be00::/32
2a0a:ce00::/29
Signature Algorithm: sha256WithRSAEncryption
39:c4:dc:90:33:5a:00:ec:eb:63:1a:20:55:36:c9:54:e1:38:
32:a5:4d:a4:e0:35:7b:93:a8:3a:be:d4:11:f1:74:76:63:f0:
9e:61:20:0e:74:2b:e6:0d:c1:e0:bd:eb:c7:0d:d9:4b:1c:4c:
eb:b4:45:cf:49:45:af:f2:ba:d2:e3:31:d0:d6:0f:bf:60:7d:
4d:5b:c7:6f:ef:05:e2:e2:66:d4:1f:88:25:94:20:f8:6a:f0:
bf:23:f6:ce:bc:0c:d1:47:f9:f1:e6:c2:8f:88:ae:6f:6d:a3:
ba:43:48:6f:89:d4:49:19:f4:f4:a6:df:94:5a:16:9f:c5:30:
d4:8e:b5:4a:b9:6f:1a:d2:d3:23:4d:14:2f:a6:94:eb:18:2d:
67:14:bf:40:a9:6d:c5:b8:e9:67:da:4b:0b:6c:2a:e6:5d:2f:
ff:bd:91:ca:8a:99:d5:c3:af:87:cf:db:9f:00:5c:f7:07:51:
6c:47:b5:37:52:a3:7d:fe:6a:cf:22:ec:c7:9f:c3:8d:2e:1a:
cc:f8:b1:82:4a:57:3e:e9:6e:8b:48:00:ae:f6:5e:a3:c3:cd:
ca:8b:4b:a8:eb:20:72:df:30:22:16:e7:57:c6:b1:5d:0b:d6:
74:eb:2e:8c:31:26:54:2e:e9:59:d4:95:85:70:90:28:7e:cf:
d8:ad:a3:0a
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgIUcwhWN5gxDLUfpLsnmIr5uy+YBogwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNTA5MDEwMDExNDJaFw0yNjA4MzEwMDE2NDJaMDMxMTAvBgNV
BAMTKDAyRUNFN0ZFRUU3NEE3OUMwOTZFQkI5MEI2NjY3RTUxMDg5NUZDNkMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC+95E/dqzWvKhYLsUvDoFd9gNX
zx0NlD4T1YXzWVua2J3eYT9ARZeAzdCvF+nBsQc/T5nJkZWBA8k98CNMbjEdVCq1
G9CasAkaAGEmNSSY35EbjGznOfMUbjM6bMjTI18t3WSdWiWHMbIaJPgsBbFbHuOG
wsSO6gvM1uTxW+1afLzafWTRDjLYLDVIQBdjX0NRQbdkhDzMh+bVQgjV897B6cuv
yxYoKVbePOMsQI+GJImDevLPxMgp2KTHPqUUDAKksgWWiqlFwcecpzs5jD4+S646
sbSFup0lKdqPrKDGdHqLsMjGu/5M4D3ZL+NNgdq2578kAb4M9btG1EmxZEvpAgMB
AAGjggJAMIICPDAdBgNVHQ4EFgQUAuzn/u50p5wJbruQtmZ+UQiV/GwwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMTM3NDA5LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDAeBAIAATAYAwQABfxQ
AwQAtdZJAwQAtdZ6AwQAuY2nMCIEAgACMBwDBQAqCo4AAwUBKgqWBgMFACoKvgAD
BQMqCs4AMA0GCSqGSIb3DQEBCwUAA4IBAQA5xNyQM1oA7OtjGiBVNslU4TgypU2k
4DV7k6g6vtQR8XR2Y/CeYSAOdCvmDcHgvevHDdlLHEzrtEXPSUWv8rrS4zHQ1g+/
YH1NW8dv7wXi4mbUH4gllCD4avC/I/bOvAzRR/nx5sKPiK5vbaO6Q0hvidRJGfT0
pt+UWhafxTDUjrVKuW8a0tMjTRQvppTrGC1nFL9AqW3FuOln2ksLbCrmXS//vZHK
ipnVw6+Hz9ufAFz3B1FsR7U3UqN9/mrPIuzHn8ONLhrM+LGCSlc+6W6LSACu9l6j
w83Ki0uo6yBy3zAiFudXxrFdC9Z06y6MMSZULulZ1JWFcJAofs/YraMK
-----END CERTIFICATE-----
Generated at Fri Sep 5 12:13:13 2025 by rpki-client