Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS62217.roa
File: AS62217.roa (raw, json)
Hash identifier: Jw+A8VqZYQNwEMFLRgwYF+jmzQIaY4RW3UcNT0bGTVU=
Subject key identifier: D6:05:49:26:21:51:44:B2:4C:E6:E3:54:27:E6:8A:E3:EF:50:D2:11
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 5A3B5CB63D8E59E85C52B7925C75CF5B99A2F582
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS62217.roa
Signing time: Wed 15 Oct 2025 08:42:34 +0000
ROA not before: Wed 15 Oct 2025 08:37:34 +0000
ROA not after: Wed 14 Oct 2026 08:42:34 +0000
asID: 62217
IP address blocks: 82.22.33.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5a:3b:5c:b6:3d:8e:59:e8:5c:52:b7:92:5c:75:cf:5b:99:a2:f5:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Oct 15 08:37:34 2025 GMT
Not After : Oct 14 08:42:34 2026 GMT
Subject: CN=D6054926215144B24CE6E35427E68AE3EF50D211
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:64:d8:30:65:8f:6a:c7:59:a6:3a:12:d1:3e:
49:55:0d:7d:4f:8f:92:06:df:df:da:66:48:70:b7:
ba:d9:d4:e9:07:8b:9d:cf:13:79:7c:8f:b7:96:f5:
e6:f7:14:22:1e:61:5a:bc:74:39:f2:8a:0f:22:0a:
16:9d:b8:95:34:03:7e:95:d0:38:e6:fc:b7:9b:f3:
9d:ad:03:75:d4:fd:16:a4:86:53:82:c8:29:a4:40:
e6:16:b7:01:c1:59:15:36:1c:db:59:0e:ef:81:07:
95:75:86:06:24:4c:2c:12:a4:f6:43:53:35:fa:fe:
ec:a0:05:31:7e:da:5c:49:af:c0:7c:9e:ca:f1:89:
a6:47:22:ee:46:cb:0f:c3:b4:51:c1:90:05:a6:c4:
62:52:be:73:b5:78:51:12:67:57:1a:b9:30:64:7d:
22:02:18:5a:f0:63:70:8d:b4:53:7e:15:a2:60:31:
3b:ca:38:01:fe:7c:82:7a:c4:84:9a:7c:bf:34:41:
c1:47:c1:3f:34:83:be:46:d0:d2:cc:bd:6a:19:2c:
c4:5d:0a:9d:23:4a:5d:61:e0:c6:a7:e2:fd:67:1f:
fc:b2:b1:45:d9:51:68:d7:ea:0c:31:21:b2:5a:bc:
75:fa:f9:43:d7:40:d9:86:8e:49:2b:c2:c7:90:90:
53:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:05:49:26:21:51:44:B2:4C:E6:E3:54:27:E6:8A:E3:EF:50:D2:11
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS62217.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.22.33.0/24
Signature Algorithm: sha256WithRSAEncryption
9a:14:b8:45:08:bc:19:7e:16:c1:bf:b0:4f:b1:78:87:ee:dd:
d2:4c:13:8d:2d:48:05:92:0d:3b:56:27:1e:b2:f4:07:d3:e7:
db:f8:83:30:a4:59:48:24:c9:7a:63:54:c1:26:ad:10:ca:5d:
c3:3b:94:70:ea:f4:ef:d1:1b:84:57:23:f4:d0:6a:50:03:67:
68:c6:d4:54:fd:73:76:79:5c:02:8d:d7:49:00:f5:ef:04:6e:
a1:fc:77:fc:5f:c8:20:8a:8a:0c:de:3e:9e:d6:c7:db:f8:3d:
7d:51:89:99:8b:c0:46:4d:3f:21:10:8b:bd:76:af:a1:13:7f:
20:83:28:e3:40:16:c5:d8:11:6e:13:9f:bf:b3:78:3a:2d:2c:
28:c0:05:5c:6a:8d:b5:fd:12:15:b8:40:fa:9a:4a:70:d3:51:
fa:d9:a1:1a:69:d6:d9:f0:59:be:af:df:37:21:33:ec:b5:11:
47:49:43:c8:33:ed:2d:61:fb:17:ee:4e:1a:b5:c2:9e:5a:72:
0d:ac:10:33:89:f4:d1:9f:50:80:52:b4:30:ec:4c:97:a8:77:
f2:a3:6d:e6:88:88:d9:92:c4:46:c8:b9:72:fd:11:79:50:7f:
91:fc:95:dd:a2:3d:d2:19:d9:ea:0b:82:13:1c:e1:ee:4c:60:
46:f9:e2:56
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgIUWjtctj2OWehcUreSXHXPW5mi9YIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTEwMTUwODM3MzRaFw0yNjEwMTQwODQyMzRaMDMxMTAvBgNV
BAMTKEQ2MDU0OTI2MjE1MTQ0QjI0Q0U2RTM1NDI3RTY4QUUzRUY1MEQyMTEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCmZNgwZY9qx1mmOhLRPklVDX1P
j5IG39/aZkhwt7rZ1OkHi53PE3l8j7eW9eb3FCIeYVq8dDnyig8iChaduJU0A36V
0Djm/Leb852tA3XU/RakhlOCyCmkQOYWtwHBWRU2HNtZDu+BB5V1hgYkTCwSpPZD
UzX6/uygBTF+2lxJr8B8nsrxiaZHIu5Gyw/DtFHBkAWmxGJSvnO1eFESZ1cauTBk
fSICGFrwY3CNtFN+FaJgMTvKOAH+fIJ6xISafL80QcFHwT80g75G0NLMvWoZLMRd
Cp0jSl1h4Man4v1nH/yysUXZUWjX6gwxIbJavHX6+UPXQNmGjkkrwseQkFPvAgMB
AAGjggIJMIICBTAdBgNVHQ4EFgQU1gVJJiFRRLJM5uNUJ+aK4+9Q0hEwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTNjIyMTcucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABSFiEw
DQYJKoZIhvcNAQELBQADggEBAJoUuEUIvBl+FsG/sE+xeIfu3dJME40tSAWSDTtW
Jx6y9AfT59v4gzCkWUgkyXpjVMEmrRDKXcM7lHDq9O/RG4RXI/TQalADZ2jG1FT9
c3Z5XAKN10kA9e8EbqH8d/xfyCCKigzePp7Wx9v4PX1RiZmLwEZNPyEQi712r6ET
fyCDKONAFsXYEW4Tn7+zeDotLCjABVxqjbX9EhW4QPqaSnDTUfrZoRpp1tnwWb6v
3zchM+y1EUdJQ8gz7S1h+xfuThq1wp5acg2sEDOJ9NGfUIBStDDsTJeod/KjbeaI
iNmSxEbIuXL9EXlQf5H8ld2iPdIZ2eoLghMc4e5MYEb54lY=
-----END CERTIFICATE-----
Generated at Sun Oct 19 19:27:30 2025 by rpki-client