Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS137517.roa
File:                     AS137517.roa (raw, json)
Hash identifier:          92hn0WKgM4zgtdqqnbqIFLvHj6GDTRTbMYFHm4MrZ7w=
Subject key identifier:   EC:97:BC:17:93:E4:36:08:F8:7F:03:32:7A:93:3A:F4:74:89:9E:33
Certificate issuer:       /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial:       1248FA07D373B5FE61998241A8BAAD50153CC89D
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS137517.roa
Signing time:             Thu 23 Apr 2026 00:05:17 +0000
ROA not before:           Thu 23 Apr 2026 00:00:17 +0000
ROA not after:            Thu 22 Apr 2027 00:05:17 +0000
asID:                     137517
IP address blocks:        178.83.159.0/24 maxlen: 24
                          178.83.173.0/24 maxlen: 24
                          178.83.229.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 13 May 2026 14:18:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            12:48:fa:07:d3:73:b5:fe:61:99:82:41:a8:ba:ad:50:15:3c:c8:9d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
        Validity
            Not Before: Apr 23 00:00:17 2026 GMT
            Not After : Apr 22 00:05:17 2027 GMT
        Subject: CN=EC97BC1793E43608F87F03327A933AF474899E33
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:88:6c:73:77:79:81:6f:54:ed:ae:2f:38:be:a7:
                    c3:94:c5:b0:90:61:64:12:79:5b:f4:06:d3:81:24:
                    be:e1:23:2f:4d:0f:ed:b6:ba:bd:97:15:b3:30:b1:
                    4e:18:1c:6d:a1:29:9b:fc:e9:28:0a:38:96:2d:9f:
                    a9:2f:ed:4c:1d:da:6f:f5:14:19:d7:0b:42:9d:c6:
                    3e:73:2b:cf:73:8c:ec:11:12:f9:7a:df:0e:f2:41:
                    f4:dc:50:d3:31:6a:3c:23:52:95:5a:b0:2d:f2:60:
                    49:cb:a1:88:45:b1:e9:75:11:14:9b:6d:39:9a:15:
                    49:3b:5e:7c:fa:b5:b9:fc:a3:34:ca:8c:0a:88:69:
                    6b:b0:c9:18:e7:a2:91:2f:5d:97:3a:36:16:34:60:
                    71:b5:3e:f3:7c:6f:7b:02:eb:cd:31:54:bc:3f:f1:
                    f3:d7:e7:c3:ce:35:e5:2d:b7:2d:f7:f1:1e:8e:f9:
                    e2:93:ad:30:4f:af:66:9d:d0:4d:0e:22:b6:52:ea:
                    cb:4d:12:8f:10:70:95:45:84:79:d5:86:db:b0:94:
                    14:33:4c:0c:33:2f:02:6d:f4:02:bf:f2:ec:93:f9:
                    45:c1:56:62:dc:5e:88:c1:0a:20:99:61:bb:0f:1d:
                    8e:2e:89:5b:88:10:ab:d8:32:e9:81:c9:67:a7:37:
                    de:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EC:97:BC:17:93:E4:36:08:F8:7F:03:32:7A:93:3A:F4:74:89:9E:33
            X509v3 Authority Key Identifier:
                keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS137517.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  178.83.159.0/24
                  178.83.173.0/24
                  178.83.229.0/24

    Signature Algorithm: sha256WithRSAEncryption
         10:d6:cd:25:7e:3f:65:64:bf:11:cf:83:19:47:4b:55:46:52:
         92:b6:3b:97:4c:f2:c4:2a:48:a8:fd:ca:ec:2b:4e:bb:99:74:
         53:01:f0:d2:cd:5c:ee:b6:aa:24:09:53:31:ea:f2:bf:6a:e3:
         7f:5a:49:5d:0f:85:b1:ab:ca:0c:52:ff:a6:eb:53:09:1f:10:
         88:36:7a:39:3a:e2:60:56:ab:08:c2:a2:61:54:35:39:6e:22:
         3e:d6:e9:f4:81:f2:ef:07:ee:47:1d:cf:2e:ba:d9:35:23:a3:
         aa:7d:c5:d2:a3:13:7b:dc:5f:9b:20:d9:9f:3e:2a:8f:fc:99:
         eb:1f:52:d8:cb:8e:ea:a2:78:47:d0:0b:fb:ef:21:8d:8c:55:
         c9:e0:e2:01:ec:82:09:7b:b6:40:1e:00:03:97:b5:f2:8b:03:
         b3:38:6c:82:57:e0:bc:21:71:95:19:e4:80:50:e8:fb:19:76:
         97:5c:cc:34:ee:73:f5:64:d8:0f:be:72:4b:76:54:a9:f6:40:
         ed:f5:b0:f7:94:a3:ca:e7:64:96:bb:2e:98:f5:97:4c:d6:04:
         e9:9f:08:1b:8f:de:1a:1a:bb:64:99:83:c8:ef:ff:f2:a9:a6:
         11:52:db:af:70:40:5a:f4:a8:72:c4:c4:75:4f:2b:7f:86:d9:
         33:48:38:62
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgIUEkj6B9Nztf5hmYJBqLqtUBU8yJ0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjA0MjMwMDAwMTdaFw0yNzA0MjIwMDA1MTdaMDMxMTAvBgNV
BAMTKEVDOTdCQzE3OTNFNDM2MDhGODdGMDMzMjdBOTMzQUY0NzQ4OTlFMzMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCIbHN3eYFvVO2uLzi+p8OUxbCQ
YWQSeVv0BtOBJL7hIy9ND+22ur2XFbMwsU4YHG2hKZv86SgKOJYtn6kv7Uwd2m/1
FBnXC0Kdxj5zK89zjOwREvl63w7yQfTcUNMxajwjUpVasC3yYEnLoYhFsel1ERSb
bTmaFUk7Xnz6tbn8ozTKjAqIaWuwyRjnopEvXZc6NhY0YHG1PvN8b3sC680xVLw/
8fPX58PONeUtty338R6O+eKTrTBPr2ad0E0OIrZS6stNEo8QcJVFhHnVhtuwlBQz
TAwzLwJt9AK/8uyT+UXBVmLcXojBCiCZYbsPHY4uiVuIEKvYMumByWenN96jAgMB
AAGjggIWMIICEjAdBgNVHQ4EFgQU7Je8F5PkNgj4fwMyepM69HSJnjMwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMTM3NTE3LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAslOf
AwQAslOtAwQAslPlMA0GCSqGSIb3DQEBCwUAA4IBAQAQ1s0lfj9lZL8Rz4MZR0tV
RlKStjuXTPLEKkio/crsK067mXRTAfDSzVzutqokCVMx6vK/auN/WkldD4Wxq8oM
Uv+m61MJHxCINno5OuJgVqsIwqJhVDU5biI+1un0gfLvB+5HHc8uutk1I6OqfcXS
oxN73F+bINmfPiqP/JnrH1LYy47qonhH0Av77yGNjFXJ4OIB7IIJe7ZAHgADl7Xy
iwOzOGyCV+C8IXGVGeSAUOj7GXaXXMw07nP1ZNgPvnJLdlSp9kDt9bD3lKPK52SW
uy6Y9ZdM1gTpnwgbj94aGrtkmYPI7//yqaYRUtuvcEBa9KhyxMR1Tyt/htkzSDhi
-----END CERTIFICATE-----