Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS197537.roa
File: AS197537.roa (raw, json)
Hash identifier: M0sPWdtoV8Yw+AEF71lfSlfbmOErRE8EtbWpPrHJdgc=
Subject key identifier: DF:DE:82:CE:20:5D:AE:47:BD:89:28:10:38:83:5A:E4:A2:12:A4:F0
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 1E8D9E8938380B409F4D80A5D3A986E450211F24
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS197537.roa
Signing time: Tue 03 Jun 2025 17:47:31 +0000
ROA not before: Tue 03 Jun 2025 17:42:31 +0000
ROA not after: Tue 02 Jun 2026 17:47:31 +0000
asID: 197537
IP address blocks: 82.21.77.0/24 maxlen: 24
82.22.176.0/24 maxlen: 24
82.23.148.0/24 maxlen: 24
82.24.84.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1e:8d:9e:89:38:38:0b:40:9f:4d:80:a5:d3:a9:86:e4:50:21:1f:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Jun 3 17:42:31 2025 GMT
Not After : Jun 2 17:47:31 2026 GMT
Subject: CN=DFDE82CE205DAE47BD89281038835AE4A212A4F0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:0f:7c:74:99:07:e0:84:8f:9e:e6:9a:d9:a2:
06:96:e3:2e:08:19:2e:f8:21:b4:43:99:2b:a4:af:
4e:b2:7e:35:0d:7f:0d:94:f9:c0:3f:9b:dc:e3:14:
92:c0:4b:3d:9a:52:c2:1a:ee:7c:d4:10:41:b9:54:
3b:3d:66:c0:18:31:83:5e:bd:55:a9:4d:cf:a5:d8:
4c:f5:c9:ea:47:66:bc:ea:70:95:8b:f0:46:e8:83:
d0:6d:58:a1:1c:19:36:c1:2d:fa:ca:b6:3a:2d:af:
ae:71:e2:a7:ec:5a:86:00:34:a6:77:f6:11:05:94:
f9:07:9f:2e:ef:74:41:c6:18:2d:a0:e5:85:d3:9e:
35:d7:69:94:7e:de:7b:0a:eb:b5:b9:3b:b5:ef:b6:
1f:f1:f0:a0:e9:75:75:3e:48:ff:47:d4:d2:b9:59:
65:04:f8:3d:b7:13:d5:23:9e:2a:b8:7b:f5:fe:8d:
5e:a5:9a:e0:95:b7:74:08:0c:13:df:13:d7:24:89:
e2:ed:62:58:3a:61:44:0f:d9:2e:03:be:91:35:d8:
ef:f0:12:3e:08:ad:24:a1:a9:b5:a5:19:b4:fe:2c:
d2:f5:72:f8:ab:77:09:d2:ae:04:1f:81:14:fc:42:
b2:7e:98:80:99:82:ce:b9:fe:a0:0c:4e:6a:60:d7:
65:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:DE:82:CE:20:5D:AE:47:BD:89:28:10:38:83:5A:E4:A2:12:A4:F0
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS197537.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.77.0/24
82.22.176.0/24
82.23.148.0/24
82.24.84.0/24
Signature Algorithm: sha256WithRSAEncryption
47:67:89:a1:ea:5f:98:f9:1f:ea:5e:b0:a9:06:bc:f3:1a:b0:
f0:15:0b:61:83:54:a8:47:59:65:70:2c:2c:d5:2d:ba:ae:c9:
61:45:87:a2:64:ee:62:7d:ab:b5:4d:ac:e5:fa:0c:17:95:35:
de:df:ba:0f:e1:40:c6:9c:f4:f5:b6:7d:6d:45:1a:c0:ba:32:
1d:5e:ee:a5:bc:2c:80:c9:55:6c:7b:5c:7a:6c:45:ed:dd:37:
11:eb:5d:b5:e6:3b:ce:83:88:d4:95:9e:13:22:ba:3b:63:8b:
a1:44:8f:0b:97:d7:d1:7c:2c:2b:94:66:93:1a:f1:0f:7f:96:
c1:66:e8:c7:ac:8e:ba:58:fe:30:cc:e1:90:1c:c4:76:4a:b6:
46:da:f9:55:36:85:4b:a9:4b:a7:ec:4b:8f:67:e3:1e:ca:95:
9d:97:c9:7b:6b:ea:2e:f6:90:30:60:7d:52:39:05:f1:4b:3d:
82:be:41:46:ef:49:85:5b:b8:db:4f:e6:7b:df:c1:b4:d7:fd:
cb:27:e1:40:e9:73:55:db:6d:c1:63:73:6c:a0:59:ba:3b:7a:
3b:5f:78:5f:75:6c:c0:4b:b5:e8:8c:b4:ee:ba:b5:b2:30:23:
4b:87:ac:e9:7b:9c:d9:ed:be:b5:a6:13:48:12:ca:bb:0d:5d:
e8:ca:28:d4
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgIUHo2eiTg4C0CfTYCl06mG5FAhHyQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTA2MDMxNzQyMzFaFw0yNjA2MDIxNzQ3MzFaMDMxMTAvBgNV
BAMTKERGREU4MkNFMjA1REFFNDdCRDg5MjgxMDM4ODM1QUU0QTIxMkE0RjAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCkD3x0mQfghI+e5prZogaW4y4I
GS74IbRDmSukr06yfjUNfw2U+cA/m9zjFJLASz2aUsIa7nzUEEG5VDs9ZsAYMYNe
vVWpTc+l2Ez1yepHZrzqcJWL8Ebog9BtWKEcGTbBLfrKtjotr65x4qfsWoYANKZ3
9hEFlPkHny7vdEHGGC2g5YXTnjXXaZR+3nsK67W5O7Xvth/x8KDpdXU+SP9H1NK5
WWUE+D23E9Ujniq4e/X+jV6lmuCVt3QIDBPfE9ckieLtYlg6YUQP2S4DvpE12O/w
Ej4IrSShqbWlGbT+LNL1cvirdwnSrgQfgRT8QrJ+mICZgs65/qAMTmpg12UfAgMB
AAGjggIcMIICGDAdBgNVHQ4EFgQU396CziBdrke9iSgQOINa5KISpPAwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMTk3NTM3LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAUhVN
AwQAUhawAwQAUheUAwQAUhhUMA0GCSqGSIb3DQEBCwUAA4IBAQBHZ4mh6l+Y+R/q
XrCpBrzzGrDwFQthg1SoR1llcCws1S26rslhRYeiZO5ifau1Tazl+gwXlTXe37oP
4UDGnPT1tn1tRRrAujIdXu6lvCyAyVVse1x6bEXt3TcR61215jvOg4jUlZ4TIro7
Y4uhRI8Ll9fRfCwrlGaTGvEPf5bBZujHrI66WP4wzOGQHMR2SrZG2vlVNoVLqUun
7EuPZ+MeypWdl8l7a+ou9pAwYH1SOQXxSz2CvkFG70mFW7jbT+Z738G01/3LJ+FA
6XNV223BY3NsoFm6O3o7X3hfdWzAS7XojLTuurWyMCNLh6zpe5zZ7b61phNIEsq7
DV3oyijU
-----END CERTIFICATE-----
Generated at Sat Jun 7 11:29:39 2025 by rpki-client