Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS137517.roa
File: AS137517.roa (raw, json)
Hash identifier: FVA1EdxNFt04++r52F9gwyakSnXI0tQI5ifKYHn9AOY=
Subject key identifier: A7:F2:ED:CC:C6:77:EA:F4:8F:4D:83:44:11:0D:2F:53:14:E0:A9:66
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 31D9E683FF1C8912D2CB1D3DBF34EDC51E4E5758
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS137517.roa
Signing time: Tue 30 Sep 2025 00:05:41 +0000
ROA not before: Tue 30 Sep 2025 00:00:41 +0000
ROA not after: Tue 29 Sep 2026 00:05:41 +0000
asID: 137517
IP address blocks: 82.21.65.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 15:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
31:d9:e6:83:ff:1c:89:12:d2:cb:1d:3d:bf:34:ed:c5:1e:4e:57:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Sep 30 00:00:41 2025 GMT
Not After : Sep 29 00:05:41 2026 GMT
Subject: CN=A7F2EDCCC677EAF48F4D8344110D2F5314E0A966
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:a2:6d:a5:e9:98:11:29:b6:b2:f1:90:e9:58:
a1:f8:60:47:77:c9:7f:b1:e3:5d:95:7c:b8:cd:83:
f1:b2:cb:e0:6e:2c:5e:56:60:07:be:8d:63:18:26:
2d:a8:30:ad:bd:8c:e3:e7:5f:1b:94:60:cc:ec:b0:
4a:44:fe:a6:f5:b9:6a:83:5c:f0:87:44:38:27:5b:
c5:d8:90:35:99:ab:b3:2d:e1:f3:8d:be:ae:72:7e:
ac:fc:38:a0:3f:5b:8f:df:68:4d:58:b9:0e:34:c1:
3b:c1:14:1d:0e:01:78:64:ac:21:c4:c9:4a:23:b0:
cc:83:3f:c2:a7:d4:d6:47:b6:a8:a1:45:23:d2:d0:
f6:87:0f:8a:a1:2b:3c:d7:1a:34:82:ac:fd:11:9e:
00:01:c3:e0:54:68:39:c4:bd:b3:15:83:eb:94:58:
10:bb:f9:9f:6c:5b:f2:ea:cd:e7:72:4d:da:25:50:
24:6b:0d:d2:f9:5b:b2:7a:89:5e:b9:e9:c3:db:46:
7b:f0:54:87:78:c9:b5:0b:74:cf:25:5f:ed:e3:f1:
41:da:ad:78:39:4f:13:79:4e:ad:bc:8a:9a:9d:03:
07:24:dd:c4:e4:d9:8e:c4:a6:84:68:78:91:c8:4a:
19:4c:7d:6e:7c:98:1a:1e:6a:15:bb:88:b0:96:75:
25:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:F2:ED:CC:C6:77:EA:F4:8F:4D:83:44:11:0D:2F:53:14:E0:A9:66
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS137517.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.65.0/24
Signature Algorithm: sha256WithRSAEncryption
55:da:46:60:20:a7:bf:c4:20:79:5d:31:10:7c:69:c0:79:be:
4c:a9:a9:87:2f:1c:7e:9d:c5:88:02:43:ea:40:5a:b5:c3:c4:
a1:a5:44:36:47:85:44:29:c8:33:f1:ba:18:3f:36:b4:6d:21:
3d:fa:98:04:a9:f5:cf:d9:6c:5d:9e:1e:19:0d:f8:af:b7:1e:
ea:3a:e8:0d:36:72:5c:d1:df:6e:35:ea:d2:af:f4:24:6d:f9:
e8:bb:83:04:99:11:54:c9:86:c2:e3:c5:58:f7:9b:95:af:4d:
4e:21:c4:50:7a:e0:b5:ce:4b:61:2d:73:d5:66:c1:36:c1:c8:
4c:b3:9c:07:0a:62:bb:b7:b0:88:0e:78:44:8d:be:7e:cc:49:
d9:4c:8e:3f:5e:32:39:1c:91:9b:2d:57:31:2d:98:73:37:d0:
8e:f9:71:26:f5:26:49:06:9a:18:46:06:3d:ac:08:f4:7f:e8:
fe:b7:24:ab:3a:08:5b:e7:77:c2:7a:48:96:db:07:a9:1f:8d:
5d:c1:83:5b:56:f3:5c:b0:57:e3:90:7f:ae:4c:2f:40:e3:be:
4c:8a:97:56:d0:00:90:8b:4a:ae:39:83:1f:f6:7e:99:41:3f:
d3:b8:c8:25:2f:32:5f:f8:c5:ab:79:40:e8:e8:e4:d5:af:83:
87:ac:e9:1d
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIUMdnmg/8ciRLSyx09vzTtxR5OV1gwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTA5MzAwMDAwNDFaFw0yNjA5MjkwMDA1NDFaMDMxMTAvBgNV
BAMTKEE3RjJFRENDQzY3N0VBRjQ4RjREODM0NDExMEQyRjUzMTRFMEE5NjYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCEom2l6ZgRKbay8ZDpWKH4YEd3
yX+x412VfLjNg/Gyy+BuLF5WYAe+jWMYJi2oMK29jOPnXxuUYMzssEpE/qb1uWqD
XPCHRDgnW8XYkDWZq7Mt4fONvq5yfqz8OKA/W4/faE1YuQ40wTvBFB0OAXhkrCHE
yUojsMyDP8Kn1NZHtqihRSPS0PaHD4qhKzzXGjSCrP0RngABw+BUaDnEvbMVg+uU
WBC7+Z9sW/LqzedyTdolUCRrDdL5W7J6iV656cPbRnvwVId4ybULdM8lX+3j8UHa
rXg5TxN5Tq28ipqdAwck3cTk2Y7EpoRoeJHIShlMfW58mBoeahW7iLCWdSV/AgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQUp/LtzMZ36vSPTYNEEQ0vUxTgqWYwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMTM3NTE3LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUhVB
MA0GCSqGSIb3DQEBCwUAA4IBAQBV2kZgIKe/xCB5XTEQfGnAeb5MqamHLxx+ncWI
AkPqQFq1w8ShpUQ2R4VEKcgz8boYPza0bSE9+pgEqfXP2Wxdnh4ZDfivtx7qOugN
NnJc0d9uNerSr/Qkbfnou4MEmRFUyYbC48VY95uVr01OIcRQeuC1zkthLXPVZsE2
wchMs5wHCmK7t7CIDnhEjb5+zEnZTI4/XjI5HJGbLVcxLZhzN9CO+XEm9SZJBpoY
RgY9rAj0f+j+tySrOghb53fCekiW2wepH41dwYNbVvNcsFfjkH+uTC9A475MipdW
0ACQi0quOYMf9n6ZQT/TuMglLzJf+MWreUDo6OTVr4OHrOkd
-----END CERTIFICATE-----
Generated at Sun Oct 19 22:50:45 2025 by rpki-client