Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS64289.roa
File: AS64289.roa (raw, json)
Hash identifier: jbAARq+E5lW2j7K+g6Gnms51TwMRrtieQSzMiAmcokE=
Subject key identifier: 84:72:68:51:16:E1:B8:41:B5:CF:29:07:15:2D:89:1E:CB:98:D4:B4
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 47BDD50356C10582CAFDCE8DBC80DEF7AFBA56E8
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS64289.roa
Signing time: Sat 27 Sep 2025 00:02:03 +0000
ROA not before: Fri 26 Sep 2025 23:57:03 +0000
ROA not after: Sat 26 Sep 2026 00:02:03 +0000
asID: 64289
IP address blocks: 82.21.43.0/24 maxlen: 24
82.22.171.0/24 maxlen: 24
82.22.175.0/24 maxlen: 24
82.24.8.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 20:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
47:bd:d5:03:56:c1:05:82:ca:fd:ce:8d:bc:80:de:f7:af:ba:56:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Sep 26 23:57:03 2025 GMT
Not After : Sep 26 00:02:03 2026 GMT
Subject: CN=8472685116E1B841B5CF2907152D891ECB98D4B4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:43:7d:80:18:81:5b:07:df:75:9f:ae:bc:be:
3d:f1:08:20:e8:1f:fe:a7:91:26:62:b1:f6:f6:08:
01:37:81:f4:33:49:a5:89:a0:77:e9:48:86:b0:10:
e1:cc:34:c0:27:7d:72:57:4d:ba:30:62:44:3f:37:
2b:ec:a6:3c:c9:0e:02:35:fb:ae:1d:d0:40:de:cf:
a8:40:73:63:bb:83:14:06:7a:d0:65:a5:64:73:dd:
19:e1:20:89:bc:fe:67:7a:a9:0c:40:24:f0:37:9a:
b1:c8:92:ff:49:cb:db:9b:31:18:68:29:0e:9a:77:
02:23:ef:ef:0c:84:a3:b7:6e:9d:29:56:dd:b6:d9:
b7:60:d0:44:69:a9:90:9b:b1:97:23:0e:1f:9d:11:
3a:30:54:a9:be:35:4a:f5:80:3a:2a:1f:1b:a5:a5:
e1:97:22:56:b3:0c:3c:d0:89:bc:c6:1d:a1:78:ba:
67:11:8d:2f:dd:03:f6:95:76:0e:7a:16:60:16:b1:
67:60:12:73:45:93:fb:e2:69:a7:15:18:32:7c:e0:
41:38:2d:b0:08:0f:65:50:e1:d5:b4:c8:37:5e:13:
4e:f0:36:b8:2a:37:9c:58:2c:36:18:0e:f5:0c:39:
5c:12:d3:cb:ec:f8:d4:44:dd:35:90:70:1a:89:8d:
7b:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:72:68:51:16:E1:B8:41:B5:CF:29:07:15:2D:89:1E:CB:98:D4:B4
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS64289.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.43.0/24
82.22.171.0/24
82.22.175.0/24
82.24.8.0/24
Signature Algorithm: sha256WithRSAEncryption
48:b0:76:b6:21:16:b3:71:f4:4a:61:fc:19:78:ae:67:45:16:
97:ba:dd:57:c8:15:7e:9d:1f:7d:70:f1:00:23:8a:86:a7:10:
da:52:1b:1b:fa:ea:7c:b4:5e:eb:8c:8b:b6:a7:c6:e2:6f:d9:
a5:27:ce:53:c6:64:14:b3:26:d4:ce:af:5a:7e:f4:aa:62:e9:
f3:d9:d1:8b:2c:6c:28:5b:51:40:04:95:b6:0d:f7:30:fc:8e:
f2:a8:47:27:b2:4f:fe:c7:0d:17:69:0a:7b:a7:7d:c0:ce:93:
10:a0:08:4d:0e:ab:69:e0:b4:1a:e8:81:47:a9:56:53:c6:44:
70:c2:7d:04:85:e3:d9:7f:1c:18:65:c1:26:de:df:c0:4d:fa:
94:98:af:41:31:01:5f:fd:aa:10:44:94:c5:e4:3a:f0:31:fe:
e2:5a:f7:fc:aa:b8:8c:01:2e:dc:8f:32:e0:1f:5b:a1:2c:e7:
51:0d:1a:87:74:a4:f7:32:80:81:f8:96:e5:42:df:6b:52:5b:
52:14:96:f4:0d:5e:57:dd:5d:09:52:37:f5:da:32:4b:42:44:
14:07:d9:8d:bd:6a:26:49:55:73:04:e9:09:38:6b:f7:f6:dc:
bf:eb:93:23:2c:66:63:c7:2c:70:e7:35:67:13:1f:cd:db:46:
3f:45:40:32
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgIUR73VA1bBBYLK/c6NvIDe96+6VugwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTA5MjYyMzU3MDNaFw0yNjA5MjYwMDAyMDNaMDMxMTAvBgNV
BAMTKDg0NzI2ODUxMTZFMUI4NDFCNUNGMjkwNzE1MkQ4OTFFQ0I5OEQ0QjQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC3Q32AGIFbB991n668vj3xCCDo
H/6nkSZisfb2CAE3gfQzSaWJoHfpSIawEOHMNMAnfXJXTbowYkQ/NyvspjzJDgI1
+64d0EDez6hAc2O7gxQGetBlpWRz3RnhIIm8/md6qQxAJPA3mrHIkv9Jy9ubMRho
KQ6adwIj7+8MhKO3bp0pVt222bdg0ERpqZCbsZcjDh+dETowVKm+NUr1gDoqHxul
peGXIlazDDzQibzGHaF4umcRjS/dA/aVdg56FmAWsWdgEnNFk/viaacVGDJ84EE4
LbAID2VQ4dW0yDdeE07wNrgqN5xYLDYYDvUMOVwS08vs+NRE3TWQcBqJjXshAgMB
AAGjggIbMIICFzAdBgNVHQ4EFgQUhHJoURbhuEG1zykHFS2JHsuY1LQwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTNjQyODkucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwMQYIKwYBBQUHAQcBAf8EIjAgMB4EAgABMBgDBABSFSsD
BABSFqsDBABSFq8DBABSGAgwDQYJKoZIhvcNAQELBQADggEBAEiwdrYhFrNx9Eph
/Bl4rmdFFpe63VfIFX6dH31w8QAjioanENpSGxv66ny0XuuMi7anxuJv2aUnzlPG
ZBSzJtTOr1p+9Kpi6fPZ0YssbChbUUAElbYN9zD8jvKoRyeyT/7HDRdpCnunfcDO
kxCgCE0Oq2ngtBrogUepVlPGRHDCfQSF49l/HBhlwSbe38BN+pSYr0ExAV/9qhBE
lMXkOvAx/uJa9/yquIwBLtyPMuAfW6Es51ENGod0pPcygIH4luVC32tSW1IUlvQN
XlfdXQlSN/XaMktCRBQH2Y29aiZJVXME6Qk4a/f23L/rkyMsZmPHLHDnNWcTH83b
Rj9FQDI=
-----END CERTIFICATE-----
Generated at Mon Oct 20 06:42:41 2025 by rpki-client