Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS64289.roa
File: AS64289.roa (raw, json)
Hash identifier: bJa2p7xyh2Ba9koWNBmaARjJ9WVtvb1itvepJcrsLAA=
Subject key identifier: 89:7C:AB:80:7D:67:8A:FE:00:2E:CB:5C:62:2F:07:1F:36:4F:64:70
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 0E97FB6AEF0EB765964221F34370D5ACB74BC7D6
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS64289.roa
Signing time: Mon 02 Jun 2025 22:02:20 +0000
ROA not before: Mon 02 Jun 2025 21:57:20 +0000
ROA not after: Mon 01 Jun 2026 22:02:20 +0000
asID: 64289
IP address blocks: 82.22.171.0/24 maxlen: 24
82.22.172.0/24 maxlen: 24
82.22.175.0/24 maxlen: 24
82.24.8.0/24 maxlen: 24
82.24.25.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 07 Jun 2025 15:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0e:97:fb:6a:ef:0e:b7:65:96:42:21:f3:43:70:d5:ac:b7:4b:c7:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Jun 2 21:57:20 2025 GMT
Not After : Jun 1 22:02:20 2026 GMT
Subject: CN=897CAB807D678AFE002ECB5C622F071F364F6470
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:c1:5a:46:2e:e3:50:54:75:a6:be:17:b1:38:
8b:8a:b2:97:e7:86:01:69:5d:f8:e0:d2:f9:df:58:
0c:e6:db:16:52:7c:79:c6:2d:5d:92:8e:c1:db:41:
c2:8f:54:fc:1b:46:c1:f1:ce:5f:18:5b:0a:67:71:
eb:40:22:31:44:e7:a9:59:8a:e8:18:f0:91:1c:98:
a7:f8:fe:fe:e1:f4:2f:f0:5a:1a:04:e6:19:29:57:
06:18:1f:07:f5:c9:a2:5e:c8:81:6c:43:06:b3:80:
c6:3f:35:1c:76:f7:31:a3:0a:7b:f8:32:64:e5:30:
dc:ab:dc:00:ab:de:cf:e6:7d:12:42:da:38:2a:9e:
cd:ac:fc:74:94:07:bf:1d:8b:b2:dd:d2:04:ce:d5:
d4:38:5e:28:9f:bd:80:86:c7:11:e8:bd:89:df:95:
aa:df:da:cd:36:f5:b4:4b:d3:be:0e:c1:37:6d:3f:
26:ad:25:0f:d1:7c:8e:17:60:2c:96:8c:9b:83:72:
fa:b0:ac:be:10:88:90:3b:08:0b:04:79:b8:43:c8:
a9:a5:7a:7b:44:a6:58:5f:5f:35:a7:07:cd:0c:43:
f0:a2:71:d5:95:bd:86:90:73:f7:42:1a:21:47:d9:
1f:f7:53:20:80:69:d9:eb:31:04:cc:8e:88:76:b6:
a6:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:7C:AB:80:7D:67:8A:FE:00:2E:CB:5C:62:2F:07:1F:36:4F:64:70
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS64289.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.22.171.0-82.22.172.255
82.22.175.0/24
82.24.8.0/24
82.24.25.0/24
Signature Algorithm: sha256WithRSAEncryption
44:16:13:11:58:ad:f6:25:dd:d7:ed:9e:b5:79:ba:60:36:dc:
d6:c4:46:62:c1:85:8e:e4:ad:dd:02:fe:f1:e1:58:e9:f1:47:
8f:e9:fd:9f:a6:de:f7:b6:ee:12:6c:d9:4a:27:72:ac:50:53:
21:6d:0f:40:19:f6:75:7a:b9:0e:e2:02:16:d7:78:dd:93:d8:
48:13:28:17:59:a8:58:e7:88:02:f4:86:83:ad:69:e7:0c:38:
3c:2d:29:8c:54:02:92:b3:70:5b:9c:e0:8f:07:c4:35:e1:2b:
fe:b4:2c:5e:98:b7:d2:03:fe:a6:16:12:62:7d:91:ee:ec:7a:
37:2f:57:b9:a5:53:37:0d:fa:00:93:42:67:20:0c:f2:f6:0a:
d3:26:e1:20:0b:7f:bf:6a:3a:70:c3:10:b7:bc:84:38:5c:25:
c1:1c:01:29:17:84:25:4d:6e:5d:9a:3c:31:80:c7:30:11:10:
1c:46:28:c3:00:d4:5f:4b:8c:11:0f:d1:af:d3:f3:f9:dc:ec:
d2:6c:a6:4b:a6:36:85:3b:b3:6d:05:b0:53:6b:ed:e6:8b:39:
e9:56:50:55:f2:72:69:4f:92:1c:0e:bb:07:03:e4:ec:ff:0d:
ce:ad:ac:41:5c:4c:97:53:eb:d1:ce:0c:0d:d8:a2:35:4b:ae:
0f:ed:aa:0f
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgIUDpf7au8Ot2WWQiHzQ3DVrLdLx9YwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTA2MDIyMTU3MjBaFw0yNjA2MDEyMjAyMjBaMDMxMTAvBgNV
BAMTKDg5N0NBQjgwN0Q2NzhBRkUwMDJFQ0I1QzYyMkYwNzFGMzY0RjY0NzAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQClwVpGLuNQVHWmvhexOIuKspfn
hgFpXfjg0vnfWAzm2xZSfHnGLV2SjsHbQcKPVPwbRsHxzl8YWwpncetAIjFE56lZ
iugY8JEcmKf4/v7h9C/wWhoE5hkpVwYYHwf1yaJeyIFsQwazgMY/NRx29zGjCnv4
MmTlMNyr3ACr3s/mfRJC2jgqns2s/HSUB78di7Ld0gTO1dQ4XiifvYCGxxHovYnf
larf2s029bRL074OwTdtPyatJQ/RfI4XYCyWjJuDcvqwrL4QiJA7CAsEebhDyKml
entEplhfXzWnB80MQ/CicdWVvYaQc/dCGiFH2R/3UyCAadnrMQTMjoh2tqafAgMB
AAGjggIjMIICHzAdBgNVHQ4EFgQUiXyrgH1niv4ALstcYi8HHzZPZHAwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTNjQyODkucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwOQYIKwYBBQUHAQcBAf8EKjAoMCYEAgABMCAwDAMEAFIW
qwMEAFIWrAMEAFIWrwMEAFIYCAMEAFIYGTANBgkqhkiG9w0BAQsFAAOCAQEARBYT
EVit9iXd1+2etXm6YDbc1sRGYsGFjuSt3QL+8eFY6fFHj+n9n6be97buEmzZSidy
rFBTIW0PQBn2dXq5DuICFtd43ZPYSBMoF1moWOeIAvSGg61p5ww4PC0pjFQCkrNw
W5zgjwfENeEr/rQsXpi30gP+phYSYn2R7ux6Ny9XuaVTNw36AJNCZyAM8vYK0ybh
IAt/v2o6cMMQt7yEOFwlwRwBKReEJU1uXZo8MYDHMBEQHEYowwDUX0uMEQ/Rr9Pz
+dzs0mymS6Y2hTuzbQWwU2vt5os56VZQVfJyaU+SHA67BwPk7P8Nzq2sQVxMl1Pr
0c4MDdiiNUuuD+2qDw==
-----END CERTIFICATE-----
Generated at Fri Jun 6 21:54:11 2025 by rpki-client