Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS137897.roa
File: AS137897.roa (raw, json)
Hash identifier: Gxp2jvMVpoNlGP9Sc5cq/gnAIZGcp3fVAFBkW8tTzFI=
Subject key identifier: 1A:5D:28:7A:EF:98:41:E2:71:5F:AF:6D:0B:66:C2:D9:1C:3E:B9:EE
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 1A91417FE864A293B51449FEF209A1EE4D096D3B
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS137897.roa
Signing time: Wed 26 Mar 2025 00:00:26 +0000
ROA not before: Tue 25 Mar 2025 23:55:26 +0000
ROA not after: Wed 25 Mar 2026 00:00:26 +0000
asID: 137897
IP address blocks: 82.24.57.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 16 Apr 2025 15:22:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1a:91:41:7f:e8:64:a2:93:b5:14:49:fe:f2:09:a1:ee:4d:09:6d:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Mar 25 23:55:26 2025 GMT
Not After : Mar 25 00:00:26 2026 GMT
Subject: CN=1A5D287AEF9841E2715FAF6D0B66C2D91C3EB9EE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:7e:9a:ad:14:4b:26:23:63:47:79:55:25:78:
7d:11:c5:ba:18:ee:b4:9e:d3:02:01:7e:ac:5e:d6:
72:96:37:1d:fc:4a:02:05:35:c5:c4:5b:e4:46:0d:
9e:1e:0b:ba:89:28:71:f6:cd:51:60:4f:84:94:4b:
e2:4f:d4:f4:39:41:7e:4c:72:ac:3c:e0:47:ba:31:
7a:40:22:0c:77:d6:2b:50:7c:2a:de:97:6e:79:50:
64:42:9d:16:bb:c6:b1:f2:50:79:5c:71:da:1a:3c:
6d:fb:33:93:5b:5d:3a:c8:5b:4f:fe:45:43:cb:ea:
0e:c8:35:83:5a:de:dd:41:e7:0e:64:70:45:a1:d1:
2e:bf:8b:7f:dc:1f:08:57:c5:bb:29:07:43:b0:a9:
dc:aa:88:fb:b4:c9:dc:4a:78:18:48:9b:a8:83:fe:
e4:78:7d:69:8c:ea:b8:e4:57:4f:34:4e:e7:f9:cb:
95:df:c6:c8:e8:cf:f6:a4:14:27:1a:da:68:f6:6e:
b7:bb:c3:43:76:02:f8:d5:9e:af:dd:1b:f5:f7:5b:
8f:04:ed:0f:28:b3:bb:07:4f:6c:3d:90:06:50:1e:
b4:39:7b:75:8a:4c:0a:8a:7a:74:e8:d0:cb:9a:8c:
82:b5:c9:19:59:bf:58:3a:04:c3:82:8a:4d:8f:8c:
97:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:5D:28:7A:EF:98:41:E2:71:5F:AF:6D:0B:66:C2:D9:1C:3E:B9:EE
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS137897.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.24.57.0/24
Signature Algorithm: sha256WithRSAEncryption
71:bb:bb:48:36:f1:91:e8:17:8a:e7:0f:40:fd:57:a3:e9:61:
3c:5a:b9:1e:75:43:e7:97:f7:a5:59:7d:cc:b7:61:e0:45:bf:
16:18:13:ef:d4:7a:47:91:ff:d1:37:78:cb:06:26:43:42:28:
95:89:53:ca:b0:b2:0a:c9:5d:ee:26:ac:21:7b:a9:b0:12:90:
e6:4c:8a:38:6a:07:95:28:7e:04:6e:11:c6:28:42:63:d0:01:
ea:f5:fd:52:66:36:ba:de:b3:46:c1:fc:90:43:9b:b7:aa:40:
38:35:6e:58:91:29:d1:3f:df:e6:22:8f:bf:0e:5d:53:b9:f1:
c4:bd:56:56:c4:24:1e:f8:b1:db:54:70:6a:0e:2e:d5:d0:bc:
f9:47:b1:f1:ae:05:7d:20:3b:55:f6:1f:b3:0a:ca:08:57:4f:
da:95:9d:ca:d7:a7:54:05:c3:97:10:fe:8d:18:bc:37:66:56:
6d:eb:8e:1c:f0:c7:df:01:d4:6b:4d:20:8b:3e:ed:90:98:6f:
ae:32:d9:bd:7b:77:da:af:0b:dd:9f:83:71:46:48:0b:50:47:
48:ed:d8:49:c6:56:97:b9:a9:dd:51:04:55:5b:b4:d2:c8:12:
82:43:32:03:9f:c1:94:d6:a3:83:6f:9b:95:fa:39:4c:3d:0f:
24:65:c9:d7
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIUGpFBf+hkopO1FEn+8gmh7k0JbTswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTAzMjUyMzU1MjZaFw0yNjAzMjUwMDAwMjZaMDMxMTAvBgNV
BAMTKDFBNUQyODdBRUY5ODQxRTI3MTVGQUY2RDBCNjZDMkQ5MUMzRUI5RUUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC1fpqtFEsmI2NHeVUleH0RxboY
7rSe0wIBfqxe1nKWNx38SgIFNcXEW+RGDZ4eC7qJKHH2zVFgT4SUS+JP1PQ5QX5M
cqw84Ee6MXpAIgx31itQfCrel255UGRCnRa7xrHyUHlccdoaPG37M5NbXTrIW0/+
RUPL6g7INYNa3t1B5w5kcEWh0S6/i3/cHwhXxbspB0OwqdyqiPu0ydxKeBhIm6iD
/uR4fWmM6rjkV080Tuf5y5Xfxsjoz/akFCca2mj2bre7w0N2AvjVnq/dG/X3W48E
7Q8os7sHT2w9kAZQHrQ5e3WKTAqKenTo0MuajIK1yRlZv1g6BMOCik2PjJfPAgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQUGl0oeu+YQeJxX69tC2bC2Rw+ue4wHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMTM3ODk3LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUhg5
MA0GCSqGSIb3DQEBCwUAA4IBAQBxu7tINvGR6BeK5w9A/Vej6WE8WrkedUPnl/el
WX3Mt2HgRb8WGBPv1HpHkf/RN3jLBiZDQiiViVPKsLIKyV3uJqwhe6mwEpDmTIo4
ageVKH4EbhHGKEJj0AHq9f1SZja63rNGwfyQQ5u3qkA4NW5YkSnRP9/mIo+/Dl1T
ufHEvVZWxCQe+LHbVHBqDi7V0Lz5R7HxrgV9IDtV9h+zCsoIV0/alZ3K16dUBcOX
EP6NGLw3ZlZt644c8MffAdRrTSCLPu2QmG+uMtm9e3farwvdn4NxRkgLUEdI7dhJ
xlaXuandUQRVW7TSyBKCQzIDn8GU1qODb5uV+jlMPQ8kZcnX
-----END CERTIFICATE-----
Generated at Tue Apr 15 23:19:52 2025 by rpki-client