Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS137517.roa
File: AS137517.roa (raw, json)
Hash identifier: 3sdzVaanzpT4B+hNCxyREFRMrWrTGi1oo4R1nI4dDVY=
Subject key identifier: 70:D5:D1:D7:11:61:47:3E:8A:EB:FC:98:3A:17:73:DC:EE:4F:89:8E
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 35BAE144D9647972FE20D968553BAE0B4B09D758
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS137517.roa
Signing time: Mon 13 Oct 2025 08:06:31 +0000
ROA not before: Mon 13 Oct 2025 08:01:31 +0000
ROA not after: Mon 12 Oct 2026 08:06:31 +0000
asID: 137517
IP address blocks: 91.124.176.0/24 maxlen: 24
95.135.82.0/24 maxlen: 24
178.92.157.0/24 maxlen: 24
178.95.83.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Oct 2025 15:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
35:ba:e1:44:d9:64:79:72:fe:20:d9:68:55:3b:ae:0b:4b:09:d7:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Oct 13 08:01:31 2025 GMT
Not After : Oct 12 08:06:31 2026 GMT
Subject: CN=70D5D1D71161473E8AEBFC983A1773DCEE4F898E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:f7:8d:be:6c:8b:63:91:b9:cb:b2:96:fe:42:
52:d5:c2:e5:25:93:44:17:26:43:08:74:9c:4b:d2:
4f:4f:a4:99:b5:cc:3a:db:fa:bd:d0:13:44:bc:5a:
55:59:65:f8:51:97:13:f5:44:e3:93:ea:3c:11:05:
3c:2b:41:a3:d1:f0:88:8e:e0:1d:14:af:fb:28:e8:
3d:42:8e:a8:18:a4:f7:b6:76:f3:5a:c3:1f:a5:a6:
3c:1a:2f:5d:ce:68:90:0e:a6:c7:a2:50:bc:5a:1c:
90:f3:8f:f9:b1:b2:b0:d7:5e:c1:43:5e:fb:99:6e:
7b:bc:67:08:1d:cb:f2:91:7e:b1:3c:17:79:5f:a7:
6c:8f:45:ae:c8:64:56:e8:4a:12:98:8d:46:d7:98:
39:31:f5:7b:07:22:6d:4f:30:90:c4:0d:a9:62:23:
3c:ca:cf:60:69:61:05:f0:9e:7a:d1:6f:af:dc:cc:
98:a9:ee:b3:58:bf:83:3c:45:14:8e:8a:b7:33:34:
76:32:bb:0f:76:d1:33:63:c2:7b:91:47:05:20:d9:
c4:27:2f:e5:e4:fc:5d:e1:c0:cd:44:d1:03:88:00:
a4:e6:41:88:7b:e2:59:0c:0c:6b:3d:18:2b:ae:cf:
0c:4e:61:ae:64:5c:7b:44:da:ca:80:f9:bc:c4:ac:
04:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:D5:D1:D7:11:61:47:3E:8A:EB:FC:98:3A:17:73:DC:EE:4F:89:8E
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS137517.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.124.176.0/24
95.135.82.0/24
178.92.157.0/24
178.95.83.0/24
Signature Algorithm: sha256WithRSAEncryption
8a:4f:e5:49:2d:5a:04:de:5e:36:a2:00:fa:19:07:cb:03:b3:
48:90:bd:c8:33:e8:b6:e7:76:00:bf:d1:91:00:ee:62:09:18:
d6:de:96:8e:e3:0c:05:ad:03:d5:d0:fa:0b:57:26:79:6f:c9:
bc:57:f0:3f:18:75:1e:e1:d4:37:3b:84:9e:99:e1:f8:f3:6e:
64:5b:b7:c1:5a:b0:2d:46:a4:af:7a:42:a5:58:4c:12:1e:98:
8c:13:97:98:10:0a:da:b0:03:cf:e1:62:77:ff:38:fa:38:a2:
5e:54:76:33:4c:b8:b2:a7:ae:bd:1a:0f:76:82:df:4a:7c:57:
0e:22:9d:b7:bd:05:55:5b:8c:dd:74:54:78:25:bd:9d:73:04:
01:80:1b:94:19:64:38:c9:f8:1b:98:58:ca:c2:df:ce:c9:21:
a5:d3:9d:a3:dd:1e:17:48:4f:77:16:37:d2:60:a8:c3:c3:30:
90:59:ad:63:af:1f:1c:12:87:16:ba:26:1b:5b:91:78:cc:82:
14:e5:da:dc:3e:df:3b:a3:70:90:c8:1d:4a:6b:4f:91:56:fb:
62:ff:c1:6c:c7:67:0f:72:62:66:25:cc:aa:71:3e:8b:83:d7:
cd:f9:08:61:e2:fe:9a:50:35:bb:eb:ea:d6:d1:c2:a8:b5:d6:
5f:e7:e7:8d
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgIUNbrhRNlkeXL+INloVTuuC0sJ11gwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNTEwMTMwODAxMzFaFw0yNjEwMTIwODA2MzFaMDMxMTAvBgNV
BAMTKDcwRDVEMUQ3MTE2MTQ3M0U4QUVCRkM5ODNBMTc3M0RDRUU0Rjg5OEUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC4942+bItjkbnLspb+QlLVwuUl
k0QXJkMIdJxL0k9PpJm1zDrb+r3QE0S8WlVZZfhRlxP1ROOT6jwRBTwrQaPR8IiO
4B0Ur/so6D1CjqgYpPe2dvNawx+lpjwaL13OaJAOpseiULxaHJDzj/mxsrDXXsFD
XvuZbnu8Zwgdy/KRfrE8F3lfp2yPRa7IZFboShKYjUbXmDkx9XsHIm1PMJDEDali
IzzKz2BpYQXwnnrRb6/czJip7rNYv4M8RRSOirczNHYyuw920TNjwnuRRwUg2cQn
L+Xk/F3hwM1E0QOIAKTmQYh74lkMDGs9GCuuzwxOYa5kXHtE2sqA+bzErAQRAgMB
AAGjggIcMIICGDAdBgNVHQ4EFgQUcNXR1xFhRz6K6/yYOhdz3O5PiY4wHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTMTM3NTE3LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAW3yw
AwQAX4dSAwQAslydAwQAsl9TMA0GCSqGSIb3DQEBCwUAA4IBAQCKT+VJLVoE3l42
ogD6GQfLA7NIkL3IM+i253YAv9GRAO5iCRjW3paO4wwFrQPV0PoLVyZ5b8m8V/A/
GHUe4dQ3O4SemeH4825kW7fBWrAtRqSvekKlWEwSHpiME5eYEArasAPP4WJ3/zj6
OKJeVHYzTLiyp669Gg92gt9KfFcOIp23vQVVW4zddFR4Jb2dcwQBgBuUGWQ4yfgb
mFjKwt/OySGl052j3R4XSE93FjfSYKjDwzCQWa1jrx8cEocWuiYbW5F4zIIU5drc
Pt87o3CQyB1Ka0+RVvti/8Fsx2cPcmJmJcyqcT6Lg9fN+Qhh4v6aUDW76+rW0cKo
tdZf5+eN
-----END CERTIFICATE-----
Generated at Thu Oct 16 21:33:36 2025 by rpki-client