Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS137897.roa
File: AS137897.roa (raw, json)
Hash identifier: +cNgOsY1iCFOiz0CvIdScPxO1ezyv7fZX5btJokqHxI=
Subject key identifier: 20:71:82:FC:D2:BA:F4:06:CE:F1:2E:06:E7:1B:01:1B:EE:56:C2:44
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 34591F37EA83757A1C782CA164F0F4D2892584CA
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS137897.roa
Signing time: Thu 02 Apr 2026 10:20:27 +0000
ROA not before: Thu 02 Apr 2026 10:15:27 +0000
ROA not after: Thu 01 Apr 2027 10:20:27 +0000
asID: 137897
IP address blocks: 82.38.42.0/23 maxlen: 24
82.38.46.0/23 maxlen: 24
82.38.80.0/23 maxlen: 24
178.83.82.0/23 maxlen: 24
2a13:9500:7c::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 07:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
34:59:1f:37:ea:83:75:7a:1c:78:2c:a1:64:f0:f4:d2:89:25:84:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Apr 2 10:15:27 2026 GMT
Not After : Apr 1 10:20:27 2027 GMT
Subject: CN=207182FCD2BAF406CEF12E06E71B011BEE56C244
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:3d:c3:35:0a:8c:a0:b5:6d:fc:3d:17:8b:f5:
36:c9:8e:b0:61:f8:b5:aa:1d:3b:a7:fe:f3:dc:03:
53:ba:c8:6b:2a:5f:72:f7:40:f0:12:13:31:f7:d1:
0c:ae:e7:d4:b3:09:2c:87:34:58:69:23:ce:d4:68:
23:6b:c1:67:79:a6:fa:c5:f4:10:54:a5:ec:63:7f:
59:44:23:ee:f8:12:20:74:bb:20:e5:17:38:32:c7:
f1:d7:3f:80:92:dc:83:2f:15:6e:78:38:6f:ac:16:
12:f0:79:de:87:77:ee:f0:e1:97:d5:42:76:a8:07:
e8:04:5e:70:3b:9a:8d:82:88:3a:4a:ca:a5:8a:91:
14:c8:e7:95:44:69:cf:51:66:04:37:e3:e5:b2:53:
06:6e:77:5c:46:21:18:2e:21:bd:8e:41:0d:61:98:
97:aa:72:16:52:04:9f:80:dc:af:7d:e8:41:07:9e:
4e:3e:57:c8:8d:b2:ec:22:7c:40:56:1d:08:11:d9:
b4:c9:cc:bc:15:2b:77:25:2a:56:92:c7:3c:89:3a:
54:f1:a4:e3:a7:a9:97:64:0f:a3:df:9c:69:88:ce:
f2:3c:f7:31:b6:68:9c:1f:54:77:b0:11:47:19:2c:
ce:87:6a:00:43:78:c5:1e:ff:c4:96:b6:d6:b0:b8:
d1:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:71:82:FC:D2:BA:F4:06:CE:F1:2E:06:E7:1B:01:1B:EE:56:C2:44
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS137897.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.38.42.0/23
82.38.46.0/23
82.38.80.0/23
178.83.82.0/23
IPv6:
2a13:9500:7c::/48
Signature Algorithm: sha256WithRSAEncryption
a4:1b:5c:12:2c:1a:3c:89:f0:3f:b4:bb:ac:fe:09:da:5a:d3:
63:e1:e4:9e:6f:d8:48:1e:9a:fd:cd:ee:d3:f8:99:a1:61:fd:
93:da:c7:34:3f:e9:90:9d:ae:96:a1:9a:78:bf:39:06:8a:2f:
0a:37:3b:da:45:32:b2:96:1c:79:0d:93:4e:81:73:aa:1f:b2:
46:f3:7a:55:8b:96:02:a2:2e:e7:49:26:ec:49:20:44:a3:b2:
fc:c0:49:d8:c4:fe:b5:95:cc:c5:f5:0a:15:d2:81:87:78:43:
cb:57:ad:0e:8c:1e:b0:84:e9:9d:bc:fd:af:ef:b9:f3:32:9a:
d9:90:61:d6:d2:64:bc:90:5c:60:d0:f9:d8:c4:d6:48:60:b4:
b9:3e:f1:f5:e1:46:8b:0d:b8:8f:86:ce:70:1e:f3:2d:7f:be:
48:bd:a1:c5:2b:9e:33:41:70:66:57:7a:c3:4c:fc:3e:be:9e:
b1:4c:08:2e:85:4d:58:a9:17:20:70:f9:33:78:36:8c:33:9f:
a2:b0:c1:28:b5:5a:93:8b:4d:2a:fe:be:18:c3:db:b3:be:64:
88:77:91:16:9d:ce:89:02:11:4c:81:d2:0c:ac:dd:a5:c9:70:
f3:95:9b:fa:03:95:31:22:df:df:a8:64:60:af:dd:53:e5:15:
af:fd:44:97
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgIUNFkfN+qDdXoceCyhZPD00oklhMowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjA0MDIxMDE1MjdaFw0yNzA0MDExMDIwMjdaMDMxMTAvBgNV
BAMTKDIwNzE4MkZDRDJCQUY0MDZDRUYxMkUwNkU3MUIwMTFCRUU1NkMyNDQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCKPcM1CoygtW38PReL9TbJjrBh
+LWqHTun/vPcA1O6yGsqX3L3QPASEzH30Qyu59SzCSyHNFhpI87UaCNrwWd5pvrF
9BBUpexjf1lEI+74EiB0uyDlFzgyx/HXP4CS3IMvFW54OG+sFhLwed6Hd+7w4ZfV
QnaoB+gEXnA7mo2CiDpKyqWKkRTI55VEac9RZgQ34+WyUwZud1xGIRguIb2OQQ1h
mJeqchZSBJ+A3K996EEHnk4+V8iNsuwifEBWHQgR2bTJzLwVK3clKlaSxzyJOlTx
pOOnqZdkD6PfnGmIzvI89zG2aJwfVHewEUcZLM6HagBDeMUe/8SWttawuNHvAgMB
AAGjggItMIICKTAdBgNVHQ4EFgQUIHGC/NK69AbO8S4G5xsBG+5WwkQwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMTM3ODk3LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAeBAIAATAYAwQBUiYq
AwQBUiYuAwQBUiZQAwQBslNSMA8EAgACMAkDBwAqE5UAAHwwDQYJKoZIhvcNAQEL
BQADggEBAKQbXBIsGjyJ8D+0u6z+Cdpa02Ph5J5v2Egemv3N7tP4maFh/ZPaxzQ/
6ZCdrpahmni/OQaKLwo3O9pFMrKWHHkNk06Bc6ofskbzelWLlgKiLudJJuxJIESj
svzASdjE/rWVzMX1ChXSgYd4Q8tXrQ6MHrCE6Z28/a/vufMymtmQYdbSZLyQXGDQ
+djE1khgtLk+8fXhRosNuI+GznAe8y1/vki9ocUrnjNBcGZXesNM/D6+nrFMCC6F
TVipFyBw+TN4Nowzn6KwwSi1WpOLTSr+vhjD27O+ZIh3kRadzokCEUyB0gys3aXJ
cPOVm/oDlTEi39+oZGCv3VPlFa/9RJc=
-----END CERTIFICATE-----
Generated at Fri Apr 17 12:01:51 2026 by rpki-client