Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS64289.roa
File: AS64289.roa (raw, json)
Hash identifier: cg8UJe0c1cEgfervtSWC6mRGeYVOfc0awaiWIW6PXVA=
Subject key identifier: E7:73:B3:D9:DB:58:91:17:24:AD:3B:E9:25:B8:31:45:94:B9:8B:DD
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 491862672F30DD440F724634CCE1D6B3610B2C9F
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS64289.roa
Signing time: Thu 12 Jun 2025 12:11:11 +0000
ROA not before: Thu 12 Jun 2025 12:06:11 +0000
ROA not after: Thu 11 Jun 2026 12:11:11 +0000
asID: 64289
IP address blocks: 82.21.43.0/24 maxlen: 24
82.22.171.0/24 maxlen: 24
82.22.175.0/24 maxlen: 24
82.24.8.0/24 maxlen: 24
82.24.25.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 11:27:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
49:18:62:67:2f:30:dd:44:0f:72:46:34:cc:e1:d6:b3:61:0b:2c:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Jun 12 12:06:11 2025 GMT
Not After : Jun 11 12:11:11 2026 GMT
Subject: CN=E773B3D9DB58911724AD3BE925B8314594B98BDD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:ba:92:4d:15:4c:19:ba:f0:e1:fc:78:29:48:
74:b4:dc:bb:b8:a4:07:f6:f2:6d:17:3c:f4:37:b6:
55:b3:fa:1c:f2:61:3e:8d:63:5c:4e:76:3a:60:d0:
00:2d:95:5f:c3:df:aa:3a:a3:b2:3f:1d:a4:78:57:
2f:72:ed:73:36:0d:7b:68:19:37:c9:11:f9:f9:e9:
bd:03:0d:2e:e8:d9:33:0b:30:5e:bc:16:76:e2:a5:
ad:70:de:1c:e9:fc:dd:8f:07:59:46:cd:78:33:cb:
55:9e:6b:4b:76:c2:ab:5c:64:22:06:c9:be:26:88:
8d:99:92:dd:bd:6b:09:5c:9f:32:c3:d9:2d:c5:8e:
15:a7:3b:49:01:a4:31:3f:3e:d1:4a:55:3c:cc:a0:
eb:67:21:fc:4c:18:70:48:80:b7:5b:f3:89:2f:b5:
40:2e:71:c2:22:ff:2b:a7:45:bb:12:70:33:9f:2f:
91:1e:cc:35:e9:56:0c:c1:b5:34:83:e0:d9:a9:0f:
59:a5:21:7a:f2:11:11:33:e0:46:e1:46:f0:2b:1e:
48:cb:bc:ef:e7:c7:4c:a1:09:f3:30:9f:bf:fb:d9:
76:33:c8:d4:31:ea:ac:69:26:13:3a:97:fc:ec:0f:
00:03:ce:0c:14:ca:b9:31:ba:62:90:87:0d:d1:09:
42:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:73:B3:D9:DB:58:91:17:24:AD:3B:E9:25:B8:31:45:94:B9:8B:DD
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS64289.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.43.0/24
82.22.171.0/24
82.22.175.0/24
82.24.8.0/24
82.24.25.0/24
Signature Algorithm: sha256WithRSAEncryption
11:1d:08:70:ff:cb:0e:7e:69:d4:0c:79:a2:8a:ea:90:8e:e6:
b2:80:e5:5b:ab:85:1d:d7:2e:9b:35:95:68:86:f3:a2:6f:9c:
0c:a8:7e:4c:3d:8b:3f:ad:99:15:4a:ae:07:d2:cc:89:77:c5:
05:45:65:93:d5:e5:f3:e0:ae:39:3f:fa:79:f7:ed:c4:1b:75:
91:e6:87:9c:57:d1:5d:b2:ce:a2:e4:c9:42:76:06:2f:3f:ab:
d1:e7:4d:bb:97:ca:29:44:f8:a4:fe:fb:af:75:30:d2:7a:6c:
dc:e7:03:75:7d:64:7c:7c:bf:87:20:7e:c3:91:77:48:e4:eb:
cd:d7:ea:13:67:19:09:c5:8a:ea:8d:64:af:cb:f9:c0:4c:7d:
3f:39:67:5d:f7:59:8d:c9:dc:39:27:03:95:3b:ba:37:a5:7a:
4b:89:63:d6:9f:30:c4:f3:e8:41:4a:52:cc:99:cf:f6:bf:09:
7b:81:01:4e:af:27:e2:b3:00:17:03:98:2c:4f:78:7c:c6:da:
e6:6e:c3:4e:80:7a:3f:03:8f:49:f5:80:a5:4b:a1:82:45:03:
72:15:f3:38:30:a0:6a:50:b7:2d:f3:60:43:08:72:47:e4:79:
95:c8:e8:d3:a2:6c:81:ff:0e:0a:09:f7:ac:eb:ca:85:7f:07:
f6:97:d7:78
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgIUSRhiZy8w3UQPckY0zOHWs2ELLJ8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTA2MTIxMjA2MTFaFw0yNjA2MTExMjExMTFaMDMxMTAvBgNV
BAMTKEU3NzNCM0Q5REI1ODkxMTcyNEFEM0JFOTI1QjgzMTQ1OTRCOThCREQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQChupJNFUwZuvDh/HgpSHS03Lu4
pAf28m0XPPQ3tlWz+hzyYT6NY1xOdjpg0AAtlV/D36o6o7I/HaR4Vy9y7XM2DXto
GTfJEfn56b0DDS7o2TMLMF68Fnbipa1w3hzp/N2PB1lGzXgzy1Wea0t2wqtcZCIG
yb4miI2Zkt29awlcnzLD2S3FjhWnO0kBpDE/PtFKVTzMoOtnIfxMGHBIgLdb84kv
tUAuccIi/yunRbsScDOfL5EezDXpVgzBtTSD4NmpD1mlIXryEREz4EbhRvArHkjL
vO/nx0yhCfMwn7/72XYzyNQx6qxpJhM6l/zsDwADzgwUyrkxumKQhw3RCUJrAgMB
AAGjggIhMIICHTAdBgNVHQ4EFgQU53Oz2dtYkRckrTvpJbgxRZS5i90wHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTNjQyODkucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwNwYIKwYBBQUHAQcBAf8EKDAmMCQEAgABMB4DBABSFSsD
BABSFqsDBABSFq8DBABSGAgDBABSGBkwDQYJKoZIhvcNAQELBQADggEBABEdCHD/
yw5+adQMeaKK6pCO5rKA5VurhR3XLps1lWiG86JvnAyofkw9iz+tmRVKrgfSzIl3
xQVFZZPV5fPgrjk/+nn37cQbdZHmh5xX0V2yzqLkyUJ2Bi8/q9HnTbuXyilE+KT+
+691MNJ6bNznA3V9ZHx8v4cgfsORd0jk683X6hNnGQnFiuqNZK/L+cBMfT85Z133
WY3J3DknA5U7ujelekuJY9afMMTz6EFKUsyZz/a/CXuBAU6vJ+KzABcDmCxPeHzG
2uZuw06Aej8Dj0n1gKVLoYJFA3IV8zgwoGpQty3zYEMIckfkeZXI6NOibIH/DgoJ
96zryoV/B/aX13g=
-----END CERTIFICATE-----
Generated at Sat Jun 28 23:49:55 2025 by rpki-client