Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS137897.roa
File: AS137897.roa (raw, json)
Hash identifier: +u8cooBzI5fcBcfDbSrIeoOn7CxfOX6rG+cj5/bbXg0=
Subject key identifier: 2D:EF:82:27:E6:95:27:6A:75:18:9A:44:AC:F6:C6:51:70:4D:19:6C
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 429E6F7918DF1D1693A7A4B83F8F34D478A92FFB
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS137897.roa
Signing time: Sun 26 Jan 2025 14:39:26 +0000
ROA not before: Sun 26 Jan 2025 14:34:26 +0000
ROA not after: Sun 25 Jan 2026 14:39:26 +0000
asID: 137897
IP address blocks: 82.21.187.0/24 maxlen: 24
82.22.200.0/24 maxlen: 24
82.23.196.0/24 maxlen: 24
82.24.57.0/24 maxlen: 24
82.24.183.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
42:9e:6f:79:18:df:1d:16:93:a7:a4:b8:3f:8f:34:d4:78:a9:2f:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Jan 26 14:34:26 2025 GMT
Not After : Jan 25 14:39:26 2026 GMT
Subject: CN=2DEF8227E695276A75189A44ACF6C651704D196C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:60:7a:cf:a4:b1:5f:48:76:bc:30:f2:33:66:
d0:c4:80:37:86:74:c7:33:22:f6:59:40:1d:ff:e1:
59:76:bd:f2:50:14:eb:e8:f0:d7:ef:2d:ca:0c:21:
c2:62:32:2c:14:4a:6d:f2:77:5a:30:46:de:63:ea:
07:4f:99:bf:58:ae:0a:fb:7c:80:d7:cc:e2:19:67:
91:30:19:8c:f1:33:e2:02:90:0c:e6:4d:45:1f:1d:
bd:df:35:ed:49:ad:2b:07:2d:41:19:2f:84:df:30:
8a:fc:83:25:df:e9:13:97:91:43:a2:8a:7a:0f:8e:
8c:42:5d:e6:c6:80:0c:9f:ef:68:d3:0b:d7:df:63:
17:57:1c:31:d1:99:32:00:c9:5d:d4:d5:e7:6e:46:
19:94:3c:fd:24:5f:5a:ce:67:60:29:66:31:01:a7:
0d:28:3e:c5:5e:d6:01:75:ff:ae:33:77:fd:95:9c:
1f:63:e9:35:86:73:28:a8:d9:a0:70:b5:f6:33:dc:
04:80:cb:2f:04:e1:08:d6:2b:94:49:d6:fb:7d:79:
2d:a1:82:2f:3f:50:09:82:dd:07:45:62:ee:c6:8b:
2f:3f:e2:cf:4b:50:1d:f5:e8:89:52:b4:39:85:65:
19:4c:e6:ab:78:05:aa:4a:9f:4d:09:3e:24:12:b2:
53:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:EF:82:27:E6:95:27:6A:75:18:9A:44:AC:F6:C6:51:70:4D:19:6C
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS137897.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.187.0/24
82.22.200.0/24
82.23.196.0/24
82.24.57.0/24
82.24.183.0/24
Signature Algorithm: sha256WithRSAEncryption
3f:81:a4:2e:2e:dc:35:39:89:54:a7:c9:67:a5:63:35:4b:e5:
69:76:79:75:1a:7b:c4:5a:87:59:90:22:2e:6e:0f:62:1e:96:
12:c9:6c:44:e5:be:a4:51:0d:01:af:07:d2:10:76:32:d0:9b:
f9:78:fa:3e:d3:80:7c:02:8a:36:b5:20:d7:45:c4:97:bf:08:
61:6f:87:8d:d0:c7:cf:7e:bc:78:67:fc:c3:9c:8b:1b:d1:fc:
50:9d:77:d9:32:cc:11:93:7d:4f:02:a1:65:9a:a1:09:8a:42:
d2:35:0d:55:a1:bd:06:18:a9:4f:6b:c2:23:74:c1:f1:d1:d1:
73:22:00:a7:86:35:7e:7b:4b:67:bd:4f:bf:ec:d0:f7:96:8f:
3e:b1:cb:c8:51:9d:c9:b1:a2:81:fb:c1:f4:06:82:2f:9d:30:
5c:70:c8:81:e3:8b:84:94:6e:c0:cf:e5:64:96:2a:fc:49:58:
7c:b4:7c:f9:54:03:d7:34:2b:bf:04:fa:c1:c6:7f:e0:ee:e8:
a5:dd:f2:cd:28:05:84:14:15:21:65:57:05:5a:f1:3c:f0:2f:
bb:6a:a2:d8:3d:d4:58:d1:89:59:4a:fa:de:c0:a1:97:5f:cb:
81:08:c5:7a:d0:c1:de:75:7a:25:b5:72:b9:1f:e0:25:b6:27:
1a:53:26:29
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgIUQp5veRjfHRaTp6S4P4801HipL/swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTAxMjYxNDM0MjZaFw0yNjAxMjUxNDM5MjZaMDMxMTAvBgNV
BAMTKDJERUY4MjI3RTY5NTI3NkE3NTE4OUE0NEFDRjZDNjUxNzA0RDE5NkMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDBYHrPpLFfSHa8MPIzZtDEgDeG
dMczIvZZQB3/4Vl2vfJQFOvo8NfvLcoMIcJiMiwUSm3yd1owRt5j6gdPmb9Yrgr7
fIDXzOIZZ5EwGYzxM+ICkAzmTUUfHb3fNe1JrSsHLUEZL4TfMIr8gyXf6ROXkUOi
inoPjoxCXebGgAyf72jTC9ffYxdXHDHRmTIAyV3U1eduRhmUPP0kX1rOZ2ApZjEB
pw0oPsVe1gF1/64zd/2VnB9j6TWGcyio2aBwtfYz3ASAyy8E4QjWK5RJ1vt9eS2h
gi8/UAmC3QdFYu7Giy8/4s9LUB316IlStDmFZRlM5qt4BapKn00JPiQSslNjAgMB
AAGjggIiMIICHjAdBgNVHQ4EFgQULe+CJ+aVJ2p1GJpErPbGUXBNGWwwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMTM3ODk3LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAUhW7
AwQAUhbIAwQAUhfEAwQAUhg5AwQAUhi3MA0GCSqGSIb3DQEBCwUAA4IBAQA/gaQu
Ltw1OYlUp8lnpWM1S+Vpdnl1GnvEWodZkCIubg9iHpYSyWxE5b6kUQ0BrwfSEHYy
0Jv5ePo+04B8Aoo2tSDXRcSXvwhhb4eN0MfPfrx4Z/zDnIsb0fxQnXfZMswRk31P
AqFlmqEJikLSNQ1Vob0GGKlPa8IjdMHx0dFzIgCnhjV+e0tnvU+/7ND3lo8+scvI
UZ3JsaKB+8H0BoIvnTBccMiB44uElG7Az+Vklir8SVh8tHz5VAPXNCu/BPrBxn/g
7uil3fLNKAWEFBUhZVcFWvE88C+7aqLYPdRY0YlZSvrewKGXX8uBCMV60MHedXol
tXK5H+AlticaUyYp
-----END CERTIFICATE-----
Generated at Sun Feb 2 09:53:13 2025 by rpki-client