Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS139057.roa
File: AS139057.roa (raw, json)
Hash identifier: 073NTNeZ7O1BgZ1BqEzRSXo0UfbowX+24eJM96UmYNg=
Subject key identifier: B6:8D:B7:D1:9B:6B:A4:E4:DA:CC:72:53:F9:82:E4:4D:E8:C6:37:E5
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 48E21135056E717024A49A1D37115A241F22B1A8
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS139057.roa
Signing time: Mon 21 Apr 2025 08:26:40 +0000
ROA not before: Mon 21 Apr 2025 08:21:40 +0000
ROA not after: Mon 20 Apr 2026 08:26:40 +0000
asID: 139057
IP address blocks: 82.27.176.0/24 maxlen: 24
82.27.177.0/24 maxlen: 24
82.27.178.0/24 maxlen: 24
82.27.179.0/24 maxlen: 24
82.27.180.0/24 maxlen: 24
82.27.181.0/24 maxlen: 24
82.27.182.0/24 maxlen: 24
82.27.183.0/24 maxlen: 24
82.27.188.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 29 Apr 2025 08:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
48:e2:11:35:05:6e:71:70:24:a4:9a:1d:37:11:5a:24:1f:22:b1:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Apr 21 08:21:40 2025 GMT
Not After : Apr 20 08:26:40 2026 GMT
Subject: CN=B68DB7D19B6BA4E4DACC7253F982E44DE8C637E5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:0a:77:c4:9d:6c:99:01:7f:54:70:87:a1:5c:
cf:dc:29:c7:9a:df:59:3d:c7:fa:55:92:40:03:aa:
c3:3e:ac:92:ab:b8:5f:0f:07:f4:31:62:89:e5:1e:
4e:9b:7e:4d:2b:c6:b6:24:ca:ac:05:9a:81:a8:ac:
3c:f6:7d:97:9a:12:70:05:96:3f:22:9d:f5:5b:db:
78:c7:d7:c2:38:b4:00:6e:0a:ee:7b:dc:96:f8:46:
4e:95:a2:09:0a:e6:40:cf:19:c8:d6:8a:34:be:bf:
1e:50:a2:38:df:76:2f:86:d5:f8:87:8c:2c:e8:e1:
1b:71:53:2f:f0:3b:65:64:1a:23:d6:96:28:cf:aa:
73:78:8d:74:b6:9c:a3:9e:9b:76:ba:3b:dc:62:fd:
50:3e:85:e0:5c:43:f4:16:dd:a9:92:c4:26:20:ae:
d0:3d:69:41:c2:7e:01:4b:e5:56:ff:dc:e7:17:52:
90:f2:c0:3f:4a:0e:ad:77:c3:e4:a2:f2:3c:20:f0:
c1:3a:63:05:74:f8:10:b3:41:fb:9e:e7:f4:7e:f6:
5b:c2:04:bb:ff:9c:e8:19:06:d5:11:31:8a:0d:ee:
89:5d:15:71:58:34:7d:89:56:de:37:93:07:bb:4a:
e0:5d:a8:b0:05:23:20:4d:ca:9e:9c:9a:c9:76:78:
da:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:8D:B7:D1:9B:6B:A4:E4:DA:CC:72:53:F9:82:E4:4D:E8:C6:37:E5
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS139057.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.27.176.0/21
82.27.188.0/24
Signature Algorithm: sha256WithRSAEncryption
a9:de:04:cf:b2:d6:97:8c:2c:5e:67:3c:a8:d4:9f:ba:06:f1:
c4:8f:d5:db:5d:9b:ff:f4:a7:bd:25:ff:55:7c:04:38:36:6f:
d7:93:2b:4b:33:ba:88:14:5a:1b:b2:9c:d2:40:83:d6:fe:92:
06:85:d0:66:0f:e5:2c:96:de:ea:e8:d7:a5:0c:bb:ad:88:a2:
eb:3a:61:af:f7:33:7f:b6:0a:56:66:56:02:b5:88:65:19:7e:
06:32:9c:bc:81:e5:1b:29:e8:b7:f3:49:4a:f1:4c:da:06:a4:
75:08:05:a8:19:41:0f:51:9f:96:3e:a1:a4:68:ff:d8:e6:dc:
86:25:ee:4a:79:84:86:9e:b3:64:ca:8a:57:6f:da:f3:8e:bd:
f1:fb:c4:4e:2f:20:c5:d6:46:a8:f7:05:f7:c8:63:41:b5:97:
a8:09:13:1c:0c:6f:b8:ac:c8:4d:42:a7:2e:03:99:1e:91:df:
2d:07:06:c1:e5:77:b4:73:8f:33:7c:17:39:3d:8b:ae:ad:70:
a4:30:f4:28:20:c7:8a:53:77:c7:8b:03:eb:91:b9:d1:22:c7:
22:d9:c8:19:00:2e:e6:2e:13:d5:8f:5e:5b:82:3e:b4:5c:f6:
ba:d7:3d:9f:11:70:bf:d0:ac:2e:76:ea:30:fd:a4:fe:6e:87:
b7:b3:18:74
-----BEGIN CERTIFICATE-----
MIIFBjCCA+6gAwIBAgIUSOIRNQVucXAkpJodNxFaJB8isagwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTA0MjEwODIxNDBaFw0yNjA0MjAwODI2NDBaMDMxMTAvBgNV
BAMTKEI2OERCN0QxOUI2QkE0RTREQUNDNzI1M0Y5ODJFNDRERThDNjM3RTUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCuCnfEnWyZAX9UcIehXM/cKcea
31k9x/pVkkADqsM+rJKruF8PB/QxYonlHk6bfk0rxrYkyqwFmoGorDz2fZeaEnAF
lj8infVb23jH18I4tABuCu573Jb4Rk6VogkK5kDPGcjWijS+vx5Qojjfdi+G1fiH
jCzo4RtxUy/wO2VkGiPWlijPqnN4jXS2nKOem3a6O9xi/VA+heBcQ/QW3amSxCYg
rtA9aUHCfgFL5Vb/3OcXUpDywD9KDq13w+Si8jwg8ME6YwV0+BCzQfue5/R+9lvC
BLv/nOgZBtURMYoN7oldFXFYNH2JVt43kwe7SuBdqLAFIyBNyp6cmsl2eNptAgMB
AAGjggIQMIICDDAdBgNVHQ4EFgQUto230ZtrpOTazHJT+YLkTejGN+UwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMTM5MDU3LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDUhuw
AwQAUhu8MA0GCSqGSIb3DQEBCwUAA4IBAQCp3gTPstaXjCxeZzyo1J+6BvHEj9Xb
XZv/9Ke9Jf9VfAQ4Nm/XkytLM7qIFFobspzSQIPW/pIGhdBmD+Uslt7q6NelDLut
iKLrOmGv9zN/tgpWZlYCtYhlGX4GMpy8geUbKei380lK8UzaBqR1CAWoGUEPUZ+W
PqGkaP/Y5tyGJe5KeYSGnrNkyopXb9rzjr3x+8ROLyDF1kao9wX3yGNBtZeoCRMc
DG+4rMhNQqcuA5kekd8tBwbB5Xe0c48zfBc5PYuurXCkMPQoIMeKU3fHiwPrkbnR
Isci2cgZAC7mLhPVj15bgj60XPa61z2fEXC/0Kwuduow/aT+boe3sxh0
-----END CERTIFICATE-----
Generated at Mon Apr 28 13:15:21 2025 by rpki-client