Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS137517.roa
File: AS137517.roa (raw, json)
Hash identifier: gQUjbT2OHvFI+W1g4TJuCv+lCwCYGZ/d4I5oUDkPr2s=
Subject key identifier: 3C:3B:75:FC:C4:90:44:2D:44:22:A6:D6:AD:31:88:14:B2:18:6F:F5
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 0FAD193E52C459AA93758B54798B341AF3F113B0
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS137517.roa
Signing time: Mon 23 Jun 2025 09:07:26 +0000
ROA not before: Mon 23 Jun 2025 09:02:26 +0000
ROA not after: Mon 22 Jun 2026 09:07:26 +0000
asID: 137517
IP address blocks: 82.21.65.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 11:27:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0f:ad:19:3e:52:c4:59:aa:93:75:8b:54:79:8b:34:1a:f3:f1:13:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Jun 23 09:02:26 2025 GMT
Not After : Jun 22 09:07:26 2026 GMT
Subject: CN=3C3B75FCC490442D4422A6D6AD318814B2186FF5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:38:09:40:86:cf:5f:59:65:c5:57:12:a8:1e:
54:eb:5f:f8:af:15:ae:3b:79:ce:cd:cf:7a:cb:fa:
6f:62:aa:68:df:71:ab:1c:75:c3:c4:eb:96:bd:f1:
c1:bb:c3:f1:ad:af:f1:b6:28:c3:da:c7:a5:8d:c7:
1e:61:12:31:14:13:68:09:07:12:e9:8b:68:4c:9d:
70:30:92:fe:e6:6a:3e:91:0e:73:ce:90:dd:47:e5:
12:19:40:0b:59:ee:3d:fc:a2:55:00:3c:73:6f:f8:
8e:8c:cf:66:de:d0:97:99:f7:8b:e0:f9:67:b1:b4:
e3:74:12:61:d8:2b:5e:84:04:b1:1f:b2:b9:88:53:
7f:98:c3:97:aa:a4:10:96:dd:80:46:b2:11:18:a3:
63:c9:8a:28:aa:5b:8e:e7:5e:92:b0:e7:c2:21:a8:
ef:7f:c8:6b:d3:41:37:8a:c2:cc:39:6d:5a:0c:5a:
03:bd:6e:5c:ed:b5:94:4c:c9:de:43:6d:b2:76:c7:
ae:3d:91:7b:13:03:12:aa:5e:e4:c3:e1:a9:d6:83:
66:f8:20:7a:cf:a9:b2:78:ad:ad:66:2e:e9:f2:71:
e0:da:a1:d2:43:1d:23:41:33:9f:fc:98:ad:44:fc:
c4:ab:d9:e4:4f:f7:69:38:6a:c0:ad:01:31:ec:17:
e9:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:3B:75:FC:C4:90:44:2D:44:22:A6:D6:AD:31:88:14:B2:18:6F:F5
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS137517.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.65.0/24
Signature Algorithm: sha256WithRSAEncryption
49:94:96:b5:30:de:fa:0e:dc:d4:3e:d0:67:3a:6a:73:bc:5f:
93:07:f1:56:c9:dd:83:30:3b:56:46:b9:d1:4e:b4:46:3b:08:
20:0a:91:a0:2f:8d:42:c2:df:b4:f5:4b:6d:b9:02:78:1e:84:
70:8f:0e:72:08:cb:21:9f:ea:70:25:bc:16:15:13:91:f8:fb:
81:f4:b4:25:ac:df:32:86:6b:e3:70:88:7d:28:b5:40:23:0e:
d4:62:6e:f4:43:15:5f:d5:40:31:60:ae:10:9f:c1:19:2b:ed:
e2:c6:39:53:dc:69:c9:23:e0:b2:7f:f8:b1:ea:ee:f4:40:d8:
bb:6f:bc:ba:10:73:6a:5b:b2:08:9e:c4:7c:21:21:bd:71:05:
ba:d4:25:44:82:38:f4:0d:cd:ee:6b:f1:ea:bd:9a:14:c0:74:
e7:46:a4:9d:83:2a:a8:ad:e3:53:a7:31:5d:39:89:48:d8:ef:
ee:a0:b0:ec:6d:ee:12:17:2a:3d:30:67:61:52:90:20:e1:e2:
48:6e:3d:ab:49:f3:4b:6c:67:ab:35:7c:fa:9c:ce:c5:90:e1:
85:1d:e0:bb:08:25:dc:82:3f:83:cd:30:7c:36:9a:cd:b1:ff:
56:32:a2:a4:ec:73:67:a2:49:36:d9:0c:e5:de:d7:f9:46:a2:
c0:74:db:5b
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIUD60ZPlLEWaqTdYtUeYs0GvPxE7AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTA2MjMwOTAyMjZaFw0yNjA2MjIwOTA3MjZaMDMxMTAvBgNV
BAMTKDNDM0I3NUZDQzQ5MDQ0MkQ0NDIyQTZENkFEMzE4ODE0QjIxODZGRjUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDhOAlAhs9fWWXFVxKoHlTrX/iv
Fa47ec7Nz3rL+m9iqmjfcascdcPE65a98cG7w/Gtr/G2KMPax6WNxx5hEjEUE2gJ
BxLpi2hMnXAwkv7maj6RDnPOkN1H5RIZQAtZ7j38olUAPHNv+I6Mz2be0JeZ94vg
+WextON0EmHYK16EBLEfsrmIU3+Yw5eqpBCW3YBGshEYo2PJiiiqW47nXpKw58Ih
qO9/yGvTQTeKwsw5bVoMWgO9blzttZRMyd5DbbJ2x649kXsTAxKqXuTD4anWg2b4
IHrPqbJ4ra1mLunyceDaodJDHSNBM5/8mK1E/MSr2eRP92k4asCtATHsF+mBAgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQUPDt1/MSQRC1EIqbWrTGIFLIYb/UwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMTM3NTE3LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUhVB
MA0GCSqGSIb3DQEBCwUAA4IBAQBJlJa1MN76DtzUPtBnOmpzvF+TB/FWyd2DMDtW
RrnRTrRGOwggCpGgL41Cwt+09UttuQJ4HoRwjw5yCMshn+pwJbwWFROR+PuB9LQl
rN8yhmvjcIh9KLVAIw7UYm70QxVf1UAxYK4Qn8EZK+3ixjlT3GnJI+Cyf/ix6u70
QNi7b7y6EHNqW7IInsR8ISG9cQW61CVEgjj0Dc3ua/HqvZoUwHTnRqSdgyqoreNT
pzFdOYlI2O/uoLDsbe4SFyo9MGdhUpAg4eJIbj2rSfNLbGerNXz6nM7FkOGFHeC7
CCXcgj+DzTB8NprNsf9WMqKk7HNnokk22Qzl3tf5RqLAdNtb
-----END CERTIFICATE-----
Generated at Sat Jun 28 23:49:56 2025 by rpki-client