Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS37153.roa
File: AS37153.roa (raw, json)
Hash identifier: gklKo8tI8MVObPmZjLjzoZNVaSaJ5+UDYc8MSpUleCM=
Subject key identifier: D4:5B:49:9A:53:3A:52:58:07:E5:2F:B3:69:47:F2:89:57:E4:DA:81
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 02CB964E5147F04710EE73A60EB707A3D6CEA7A8
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS37153.roa
Signing time: Mon 02 Mar 2026 13:46:41 +0000
ROA not before: Mon 02 Mar 2026 13:41:41 +0000
ROA not after: Mon 01 Mar 2027 13:46:41 +0000
asID: 37153
IP address blocks: 82.21.244.0/24 maxlen: 24
82.21.245.0/24 maxlen: 24
82.22.245.0/24 maxlen: 24
82.23.235.0/24 maxlen: 24
82.24.245.0/24 maxlen: 24
82.25.245.0/24 maxlen: 24
82.26.245.0/24 maxlen: 24
82.26.246.0/24 maxlen: 24
82.27.245.0/24 maxlen: 24
82.27.246.0/24 maxlen: 24
82.29.244.0/24 maxlen: 24
82.29.245.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 05 Mar 2026 09:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
02:cb:96:4e:51:47:f0:47:10:ee:73:a6:0e:b7:07:a3:d6:ce:a7:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Mar 2 13:41:41 2026 GMT
Not After : Mar 1 13:46:41 2027 GMT
Subject: CN=D45B499A533A525807E52FB36947F28957E4DA81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:ac:91:ce:85:2a:c2:f5:ad:37:bd:7f:1f:1f:
c2:67:04:a6:82:63:93:a4:d7:f6:b6:ec:3b:24:b6:
d4:bd:2f:81:fc:73:84:27:39:cc:80:eb:93:bf:58:
59:bc:04:88:5a:d3:05:40:41:c4:c8:0c:10:5d:3f:
27:ac:fd:45:b9:05:39:75:a5:76:cb:1d:c3:c6:8e:
ed:5c:b8:4a:c0:b1:af:22:01:ab:4a:29:35:c6:07:
ca:95:78:86:85:07:b8:35:d1:4f:70:3b:9e:42:ff:
72:9c:2c:79:53:86:e5:6a:c7:5d:7d:75:9d:fc:c5:
4d:e3:ca:e8:d5:18:6d:8e:81:0f:ad:8b:f7:4d:ec:
41:5e:c8:89:02:22:69:be:a1:2f:ff:7b:98:50:f6:
ce:b9:d1:ce:4d:2c:a6:f5:c0:dc:51:c1:6d:01:4a:
cb:be:fd:70:1d:bf:bf:f9:2c:a4:8d:17:dc:b9:c3:
72:d2:f4:fa:cd:3e:03:2d:fa:8a:20:d4:99:f1:40:
2f:a1:5b:49:3d:17:52:c2:74:88:2c:ab:e7:6a:ae:
65:3a:54:b9:99:3b:1a:f5:ac:9c:73:fb:0c:3b:c4:
e0:6c:76:1f:b1:3a:5a:b6:84:46:55:54:44:3f:f5:
3c:f9:49:e1:e1:01:51:1e:5c:ab:32:0b:8e:67:da:
0b:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:5B:49:9A:53:3A:52:58:07:E5:2F:B3:69:47:F2:89:57:E4:DA:81
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS37153.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.244.0/23
82.22.245.0/24
82.23.235.0/24
82.24.245.0/24
82.25.245.0/24
82.26.245.0-82.26.246.255
82.27.245.0-82.27.246.255
82.29.244.0/23
Signature Algorithm: sha256WithRSAEncryption
51:5c:15:b8:c5:e4:52:55:5a:88:85:92:41:ac:48:75:e8:d2:
33:df:f4:0d:13:8f:1c:e1:e1:ba:cc:b4:82:58:85:8b:93:c1:
dd:65:5e:83:3d:3d:52:69:d9:c9:28:14:29:7e:54:c4:e8:a1:
e6:4b:ec:7d:8a:67:dc:57:fe:b6:ef:bb:3e:ec:73:32:61:b0:
c3:56:28:d1:74:a3:bb:62:56:9d:5f:22:3d:fc:06:d0:70:0e:
7d:8a:f9:ac:e1:7f:be:35:58:b8:c4:72:fc:b6:75:a1:ae:6d:
44:1c:06:72:3d:97:94:0b:08:6e:9b:28:43:08:ea:bd:66:1a:
ec:10:b2:00:70:b7:d9:c5:1e:6b:ea:30:b8:37:b6:d0:f1:a4:
7a:d8:33:10:ad:63:6d:4a:4f:8c:ea:ee:1a:ab:2d:fc:14:63:
cf:c0:4a:42:20:09:c3:ed:f1:e1:0c:d5:6f:3e:25:54:8e:0e:
c1:4e:7c:e2:3d:d2:9b:22:f5:c2:e2:43:f1:58:ba:b9:a9:14:
c8:8f:db:4e:97:64:e5:11:0d:6c:68:42:86:2f:58:89:5e:68:
40:59:da:e1:95:26:0e:4c:51:41:6d:df:cb:1e:fc:6b:e7:5e:
00:db:d8:e1:2f:b6:08:e9:71:ea:0d:f8:a8:c7:fb:3e:2f:53:
57:ae:6d:91
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgIUAsuWTlFH8EcQ7nOmDrcHo9bOp6gwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjAzMDIxMzQxNDFaFw0yNzAzMDExMzQ2NDFaMDMxMTAvBgNV
BAMTKEQ0NUI0OTlBNTMzQTUyNTgwN0U1MkZCMzY5NDdGMjg5NTdFNERBODEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCIrJHOhSrC9a03vX8fH8JnBKaC
Y5Ok1/a27DskttS9L4H8c4QnOcyA65O/WFm8BIha0wVAQcTIDBBdPyes/UW5BTl1
pXbLHcPGju1cuErAsa8iAatKKTXGB8qVeIaFB7g10U9wO55C/3KcLHlThuVqx119
dZ38xU3jyujVGG2OgQ+ti/dN7EFeyIkCImm+oS//e5hQ9s650c5NLKb1wNxRwW0B
Ssu+/XAdv7/5LKSNF9y5w3LS9PrNPgMt+oog1JnxQC+hW0k9F1LCdIgsq+dqrmU6
VLmZOxr1rJxz+ww7xOBsdh+xOlq2hEZVVEQ/9Tz5SeHhAVEeXKsyC45n2gvtAgMB
AAGjggJDMIICPzAdBgNVHQ4EFgQU1FtJmlM6UlgH5S+zaUfyiVfk2oEwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMzcxNTMucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwWQYIKwYBBQUHAQcBAf8ESjBIMEYEAgABMEADBAFSFfQD
BABSFvUDBABSF+sDBABSGPUDBABSGfUwDAMEAFIa9QMEAFIa9jAMAwQAUhv1AwQA
Uhv2AwQBUh30MA0GCSqGSIb3DQEBCwUAA4IBAQBRXBW4xeRSVVqIhZJBrEh16NIz
3/QNE48c4eG6zLSCWIWLk8HdZV6DPT1SadnJKBQpflTE6KHmS+x9imfcV/6277s+
7HMyYbDDVijRdKO7YladXyI9/AbQcA59ivms4X++NVi4xHL8tnWhrm1EHAZyPZeU
CwhumyhDCOq9ZhrsELIAcLfZxR5r6jC4N7bQ8aR62DMQrWNtSk+M6u4aqy38FGPP
wEpCIAnD7fHhDNVvPiVUjg7BTnziPdKbIvXC4kPxWLq5qRTIj9tOl2TlEQ1saEKG
L1iJXmhAWdrhlSYOTFFBbd/LHvxr514A29jhL7YI6XHqDfiox/s+L1NXrm2R
-----END CERTIFICATE-----
Generated at Wed Mar 4 16:05:12 2026 by rpki-client