Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS37153.roa
File: AS37153.roa (raw, json)
Hash identifier: FlgCV/DqNChP28toGus6K7cGmS+y9hV7Y//Z9rsab3c=
Subject key identifier: 85:EF:30:09:11:FA:5F:88:3D:E4:CD:82:A2:BD:92:81:69:34:C2:3B
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 32585C35B12DDF4CA69BA312811A19193C45ACBC
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS37153.roa
Signing time: Mon 31 Mar 2025 13:08:38 +0000
ROA not before: Mon 31 Mar 2025 13:03:38 +0000
ROA not after: Mon 30 Mar 2026 13:08:38 +0000
asID: 37153
IP address blocks: 82.21.244.0/24 maxlen: 24
82.21.245.0/24 maxlen: 24
82.22.245.0/24 maxlen: 24
82.23.235.0/24 maxlen: 24
82.24.245.0/24 maxlen: 24
82.25.245.0/24 maxlen: 24
82.26.245.0/24 maxlen: 24
82.26.246.0/24 maxlen: 24
82.27.245.0/24 maxlen: 24
82.27.246.0/24 maxlen: 24
82.29.244.0/24 maxlen: 24
82.29.245.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 15 Apr 2025 23:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
32:58:5c:35:b1:2d:df:4c:a6:9b:a3:12:81:1a:19:19:3c:45:ac:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Mar 31 13:03:38 2025 GMT
Not After : Mar 30 13:08:38 2026 GMT
Subject: CN=85EF300911FA5F883DE4CD82A2BD92816934C23B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:0a:56:13:9d:77:88:ea:b7:09:12:61:59:05:
25:56:72:9c:a7:de:c7:25:b9:6a:91:7b:fb:94:64:
41:9b:02:fa:c8:c3:8c:75:a8:18:7d:97:9f:e1:1c:
a8:c5:3e:12:c6:a4:b3:21:8c:30:44:ca:29:d7:a5:
dd:f1:48:41:2b:12:fa:4c:ab:3e:14:85:d0:79:55:
44:64:9a:5c:47:22:1b:9b:79:63:1b:db:ca:a7:63:
28:d5:89:1b:da:06:0d:ca:e8:07:3b:ed:7a:5d:25:
86:0d:96:a5:60:38:b9:31:83:96:5a:19:d3:36:42:
73:8a:c2:62:00:a6:b9:e8:ca:ca:09:1e:e1:c8:47:
53:67:24:65:3c:4f:1e:0b:03:b1:81:1e:46:c7:ae:
dd:45:21:a4:ea:2e:cc:3b:4c:b9:f6:ad:c9:63:91:
81:c3:0c:14:85:17:59:4d:ba:4c:8b:ca:6c:1f:54:
00:38:a2:85:83:bd:20:9e:7c:3e:5f:90:c8:fe:41:
9c:c1:74:5d:43:3a:a8:84:eb:68:cf:5d:37:93:27:
2e:c3:e3:46:f9:06:4b:5b:2f:6f:ad:f0:6e:9b:80:
6a:9a:be:4e:2c:d7:7a:98:31:53:47:d4:ec:77:96:
be:a7:70:0a:5d:5f:00:a5:fa:ff:b7:23:c8:7f:47:
2e:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:EF:30:09:11:FA:5F:88:3D:E4:CD:82:A2:BD:92:81:69:34:C2:3B
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS37153.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.244.0/23
82.22.245.0/24
82.23.235.0/24
82.24.245.0/24
82.25.245.0/24
82.26.245.0-82.26.246.255
82.27.245.0-82.27.246.255
82.29.244.0/23
Signature Algorithm: sha256WithRSAEncryption
00:a1:04:51:6a:62:b0:b2:5e:62:9c:90:87:84:03:e9:fb:b7:
63:b5:ea:71:76:fc:71:e3:ab:dd:72:4c:f0:96:d3:53:48:df:
b8:42:c3:b9:84:8f:7c:bc:15:95:df:cb:96:32:79:81:a4:44:
ab:65:2f:ee:32:54:6a:dc:71:c4:40:8c:90:49:9a:56:ad:2e:
12:af:e4:44:6d:03:9e:b8:f0:a6:1e:7e:5f:36:28:9a:4d:da:
3b:59:bf:ec:b2:ee:b4:6a:a5:ba:97:bb:cc:fe:01:06:fc:de:
85:0a:ca:d4:c6:84:3a:b5:a7:96:fa:d9:cb:1b:60:48:3d:f9:
66:cb:80:9d:f0:a7:f1:11:90:22:d9:ad:23:20:a4:9e:32:ac:
db:53:42:e4:9a:7a:f2:13:29:f4:49:72:e4:61:24:f2:d8:f2:
b3:70:a2:8b:78:92:23:ff:49:f9:36:e2:41:cd:07:f4:ca:7d:
35:04:57:dc:f2:a2:1b:16:42:cb:d9:26:63:a4:ab:5b:fb:bb:
11:c3:f2:0f:e3:93:9b:ca:bf:ff:50:df:86:ee:9d:30:07:3d:
b3:71:ab:e1:4e:e4:25:11:e7:a8:92:94:06:3e:ff:11:0a:d7:
1c:f8:c3:3f:c4:6f:0c:52:37:b9:a9:0c:b5:4f:05:ba:b6:8c:
12:90:d0:03
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgIUMlhcNbEt30ymm6MSgRoZGTxFrLwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTAzMzExMzAzMzhaFw0yNjAzMzAxMzA4MzhaMDMxMTAvBgNV
BAMTKDg1RUYzMDA5MTFGQTVGODgzREU0Q0Q4MkEyQkQ5MjgxNjkzNEMyM0IwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDZClYTnXeI6rcJEmFZBSVWcpyn
3scluWqRe/uUZEGbAvrIw4x1qBh9l5/hHKjFPhLGpLMhjDBEyinXpd3xSEErEvpM
qz4UhdB5VURkmlxHIhubeWMb28qnYyjViRvaBg3K6Ac77XpdJYYNlqVgOLkxg5Za
GdM2QnOKwmIAprnoysoJHuHIR1NnJGU8Tx4LA7GBHkbHrt1FIaTqLsw7TLn2rclj
kYHDDBSFF1lNukyLymwfVAA4ooWDvSCefD5fkMj+QZzBdF1DOqiE62jPXTeTJy7D
40b5BktbL2+t8G6bgGqavk4s13qYMVNH1Ox3lr6ncApdXwCl+v+3I8h/Ry6/AgMB
AAGjggJDMIICPzAdBgNVHQ4EFgQUhe8wCRH6X4g95M2Cor2SgWk0wjswHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMzcxNTMucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwWQYIKwYBBQUHAQcBAf8ESjBIMEYEAgABMEADBAFSFfQD
BABSFvUDBABSF+sDBABSGPUDBABSGfUwDAMEAFIa9QMEAFIa9jAMAwQAUhv1AwQA
Uhv2AwQBUh30MA0GCSqGSIb3DQEBCwUAA4IBAQAAoQRRamKwsl5inJCHhAPp+7dj
tepxdvxx46vdckzwltNTSN+4QsO5hI98vBWV38uWMnmBpESrZS/uMlRq3HHEQIyQ
SZpWrS4Sr+REbQOeuPCmHn5fNiiaTdo7Wb/ssu60aqW6l7vM/gEG/N6FCsrUxoQ6
taeW+tnLG2BIPflmy4Cd8KfxEZAi2a0jIKSeMqzbU0LkmnryEyn0SXLkYSTy2PKz
cKKLeJIj/0n5NuJBzQf0yn01BFfc8qIbFkLL2SZjpKtb+7sRw/IP45Obyr//UN+G
7p0wBz2zcavhTuQlEeeokpQGPv8RCtcc+MM/xG8MUje5qQy1TwW6towSkNAD
-----END CERTIFICATE-----
Generated at Tue Apr 15 04:59:35 2025 by rpki-client