Route Origin Authorization
$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/AS150623.roa
File: AS150623.roa (raw, json)
Hash identifier: si8vx8SNzmkYlbzzXndojEHw40EPdG7e5yLTYjIjlH4=
Subject key identifier: 2C:32:EB:81:2E:1E:8C:6E:18:89:B2:A0:EF:4A:E1:7F:94:86:B4:11
Certificate issuer: /CN=d14b6fcf2b2c69be085e9f959872dcbe8ea54177
Certificate serial: 3EDF7128EC5A570786AC99AEB57E97D3BB3361F3
Authority key identifier: D1:4B:6F:CF:2B:2C:69:BE:08:5E:9F:95:98:72:DC:BE:8E:A5:41:77
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
Subject info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/AS150623.roa
Signing time: Thu 28 Aug 2025 19:28:32 +0000
ROA not before: Thu 28 Aug 2025 19:23:32 +0000
ROA not after: Thu 27 Aug 2026 19:28:32 +0000
asID: 150623
IP address blocks: 81.31.208.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl
rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.mft
rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 09 Oct 2025 13:21:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3e:df:71:28:ec:5a:57:07:86:ac:99:ae:b5:7e:97:d3:bb:33:61:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d14b6fcf2b2c69be085e9f959872dcbe8ea54177
Validity
Not Before: Aug 28 19:23:32 2025 GMT
Not After : Aug 27 19:28:32 2026 GMT
Subject: CN=2C32EB812E1E8C6E1889B2A0EF4AE17F9486B411
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:d7:19:38:c1:78:fa:6d:0f:9c:d6:7e:4f:aa:
26:f6:d9:69:3b:7b:6b:ae:74:12:aa:f6:15:70:7f:
f6:8d:9c:a6:5e:4d:09:2d:fa:ad:a6:fc:4e:79:52:
de:ff:61:94:ec:ec:65:19:9c:ce:01:2c:fb:8d:74:
0c:01:df:62:18:2b:92:9e:12:9d:56:0a:41:7a:dc:
c9:ec:df:73:2a:89:4a:c3:71:49:fc:90:b7:35:b4:
dc:1f:a8:7c:51:06:50:92:26:4f:65:ab:13:f1:e8:
15:9a:08:6d:ce:a0:a0:56:f5:6e:95:9c:3a:52:89:
73:ad:82:3f:b6:e4:8b:f0:06:89:42:7d:f4:6d:ce:
06:7a:36:94:a5:bc:9e:09:18:da:39:3f:ec:fb:65:
18:7b:97:49:9c:12:26:94:8e:f4:2e:ce:bc:ee:47:
85:c1:6b:c8:32:b2:1f:ef:7e:e4:ec:a2:83:1b:80:
d3:c8:7b:91:e4:91:cf:0d:5b:0f:15:18:ca:e2:05:
1f:18:55:09:48:0b:ed:7a:13:df:d0:9b:b1:e0:40:
10:4b:9b:dc:66:75:09:02:dd:eb:fa:fc:06:53:de:
49:21:dc:6c:86:43:60:e4:e2:30:4d:7c:97:95:5c:
47:f5:73:9f:28:e3:d6:24:d7:d4:60:89:a2:a6:18:
09:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:32:EB:81:2E:1E:8C:6E:18:89:B2:A0:EF:4A:E1:7F:94:86:B4:11
X509v3 Authority Key Identifier:
keyid:D1:4B:6F:CF:2B:2C:69:BE:08:5E:9F:95:98:72:DC:BE:8E:A5:41:77
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/AS150623.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.31.208.0/24
Signature Algorithm: sha256WithRSAEncryption
36:35:32:d8:9d:1d:09:fc:ad:1c:7f:4e:22:49:75:9f:a2:e8:
92:41:a1:cc:91:b5:d0:91:55:71:9b:47:1c:fb:88:0a:08:df:
7b:21:4b:f6:15:18:32:21:a0:1f:16:1e:03:09:84:8e:50:32:
2d:c7:1c:e5:64:36:d5:1e:57:64:aa:83:4e:56:c3:81:d1:1a:
5b:b5:06:9d:02:6c:c4:3c:f7:e9:d7:20:fb:75:9a:6b:4b:d2:
1e:06:7a:6e:9d:eb:21:11:bc:be:d2:38:73:48:8b:69:fc:60:
62:b0:f0:15:bf:2d:ba:cf:88:3f:ab:e1:e3:26:a7:17:df:1a:
a0:4e:68:53:8d:51:e7:63:cd:cd:82:15:7e:3b:17:58:6f:4a:
fc:50:4f:19:3c:13:51:a6:cc:0d:b0:12:1e:3a:b9:1a:b3:42:
c3:3f:bb:20:48:dd:c2:64:b0:a1:93:0e:81:f0:88:d4:11:a8:
08:eb:56:6e:7e:72:2a:3e:4c:2c:11:00:59:c1:fd:a2:00:c6:
5d:f3:b1:90:4a:d4:b6:59:5d:4d:68:13:3c:72:7a:f5:ea:bb:
61:74:69:b4:23:e8:96:87:fa:34:a1:74:38:fc:72:b8:2b:ad:
12:fe:61:58:83:5b:1f:b4:b5:8c:dc:da:05:7d:db:9d:a0:a4:
44:de:a0:e9
-----BEGIN CERTIFICATE-----
MIIE5TCCA82gAwIBAgIUPt9xKOxaVweGrJmutX6X07szYfMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZDE0YjZmY2YyYjJjNjliZTA4NWU5Zjk1OTg3MmRjYmU4
ZWE1NDE3NzAeFw0yNTA4MjgxOTIzMzJaFw0yNjA4MjcxOTI4MzJaMDMxMTAvBgNV
BAMTKDJDMzJFQjgxMkUxRThDNkUxODg5QjJBMEVGNEFFMTdGOTQ4NkI0MTEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDM1xk4wXj6bQ+c1n5Pqib22Wk7
e2uudBKq9hVwf/aNnKZeTQkt+q2m/E55Ut7/YZTs7GUZnM4BLPuNdAwB32IYK5Ke
Ep1WCkF63Mns33MqiUrDcUn8kLc1tNwfqHxRBlCSJk9lqxPx6BWaCG3OoKBW9W6V
nDpSiXOtgj+25IvwBolCffRtzgZ6NpSlvJ4JGNo5P+z7ZRh7l0mcEiaUjvQuzrzu
R4XBa8gysh/vfuTsooMbgNPIe5Hkkc8NWw8VGMriBR8YVQlIC+16E9/Qm7HgQBBL
m9xmdQkC3ev6/AZT3kkh3GyGQ2Dk4jBNfJeVXEf1c58o49Yk19RgiaKmGAlVAgMB
AAGjggHvMIIB6zAdBgNVHQ4EFgQULDLrgS4ejG4YibKg70rhf5SGtBEwHwYDVR0j
BBgwFoAU0Utvzyssab4IXp+VmHLcvo6lQXcwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvNy9EMTRCNkZDRjJC
MkM2OUJFMDg1RTlGOTU5ODcyRENCRThFQTU0MTc3LmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMFV0dnp5c3NhYjRJWHAtVm1ITGN2bzZsUVhjLmNlcjBwBggrBgEF
BQcBCwRkMGIwYAYIKwYBBQUHMAuGVHJzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC83L0FT
MTUwNjIzLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEH
AQH/BBAwDjAMBAIAATAGAwQAUR/QMA0GCSqGSIb3DQEBCwUAA4IBAQA2NTLYnR0J
/K0cf04iSXWfouiSQaHMkbXQkVVxm0cc+4gKCN97IUv2FRgyIaAfFh4DCYSOUDIt
xxzlZDbVHldkqoNOVsOB0RpbtQadAmzEPPfp1yD7dZprS9IeBnpuneshEby+0jhz
SItp/GBisPAVvy26z4g/q+HjJqcX3xqgTmhTjVHnY83NghV+OxdYb0r8UE8ZPBNR
pswNsBIeOrkas0LDP7sgSN3CZLChkw6B8IjUEagI61ZufnIqPkwsEQBZwf2iAMZd
87GQStS2WV1NaBM8cnr16rthdGm0I+iWh/o0oXQ4/HK4K60S/mFYg1sftLWM3NoF
fdudoKRE3qDp
-----END CERTIFICATE-----
Generated at Wed Oct 8 17:25:21 2025 by rpki-client