Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/AS62390.roa
File: AS62390.roa (raw, json)
Hash identifier: 73oz/PmhfZrBs5PkJeqppqRvN5eWG+lIqQdDloOkn+4=
Subject key identifier: 2C:AC:E9:0E:7F:5C:57:89:57:0D:9E:63:50:A5:39:E4:48:39:FC:C8
Certificate issuer: /CN=88c14ec02adbf083138eddd47871176ddeb93d9d
Certificate serial: 6A0F2E07619B9A9576FE497097C6A630A679706F
Authority key identifier: 88:C1:4E:C0:2A:DB:F0:83:13:8E:DD:D4:78:71:17:6D:DE:B9:3D:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/AS62390.roa
Signing time: Mon 15 Sep 2025 15:06:33 +0000
ROA not before: Mon 15 Sep 2025 15:01:33 +0000
ROA not after: Mon 14 Sep 2026 15:06:33 +0000
asID: 62390
IP address blocks: 143.20.176.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.crl
rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.mft
rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 22 Oct 2025 19:12:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6a:0f:2e:07:61:9b:9a:95:76:fe:49:70:97:c6:a6:30:a6:79:70:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88c14ec02adbf083138eddd47871176ddeb93d9d
Validity
Not Before: Sep 15 15:01:33 2025 GMT
Not After : Sep 14 15:06:33 2026 GMT
Subject: CN=2CACE90E7F5C5789570D9E6350A539E44839FCC8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:25:76:51:96:33:9a:b6:85:66:b6:35:de:95:
7b:d4:ed:39:91:b3:e1:4d:31:a1:6e:f0:f9:47:f3:
63:3d:8f:dd:6d:fc:fb:b7:2d:0a:9c:ee:4c:a0:88:
ab:13:75:b3:cb:0c:4f:cc:93:89:f2:59:e1:4e:68:
ca:bc:d0:7c:17:36:2c:d8:0d:b6:3b:f4:29:70:78:
c1:38:3a:94:82:ff:0f:9e:98:df:6d:82:9e:ee:76:
a5:e7:f0:0e:87:af:4c:c7:89:d1:99:4c:07:dc:10:
d9:9a:e4:99:ee:a6:6f:3d:47:af:df:b5:7f:a6:5b:
73:68:21:20:26:e7:45:ff:d3:80:9e:25:2d:d2:99:
5e:70:90:a6:49:81:b2:ca:cf:bd:c1:44:20:fd:15:
4a:f2:ac:33:1a:c3:35:36:18:c0:23:0d:c3:49:2c:
53:29:09:78:fd:88:7a:11:ec:c9:ff:b6:24:cf:97:
fe:96:76:b8:8d:6a:6f:e2:ae:5e:1b:6d:a9:4f:77:
d0:53:e6:bb:af:8d:09:4b:03:85:5e:d3:30:e1:56:
2c:5d:d4:5a:5d:c9:e9:ec:2a:b6:6a:2a:2f:6b:db:
4d:e1:c2:f6:3e:bc:1e:de:48:fb:14:7c:bc:5a:79:
92:48:40:32:36:f3:d6:cb:fd:62:eb:0f:0b:09:e6:
41:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:AC:E9:0E:7F:5C:57:89:57:0D:9E:63:50:A5:39:E4:48:39:FC:C8
X509v3 Authority Key Identifier:
keyid:88:C1:4E:C0:2A:DB:F0:83:13:8E:DD:D4:78:71:17:6D:DE:B9:3D:9D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/AS62390.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.20.176.0/24
Signature Algorithm: sha256WithRSAEncryption
c9:20:1e:94:e2:17:30:1e:8c:0a:cf:e6:3c:f2:54:90:ab:ce:
84:59:77:73:32:b5:12:a9:24:6e:91:ca:e4:08:57:a1:f2:ce:
c0:35:37:cd:56:3f:c6:8e:50:3d:d6:8b:10:5c:9f:1a:fc:0b:
46:a4:ff:af:ba:1f:64:b4:f6:7d:75:c5:76:64:97:64:85:fa:
25:04:d4:f1:a9:b3:3e:35:fa:7e:e6:f0:da:cc:1b:1f:85:dc:
0b:73:e7:8a:62:66:e0:27:56:30:f9:3e:77:e3:47:c4:9f:dd:
7f:11:49:0d:b6:6d:24:ab:be:af:37:1b:5c:7c:41:bb:e1:77:
b3:c6:c8:0e:07:a9:44:11:92:4f:e6:fe:4f:82:8f:c6:dc:35:
28:c3:12:6f:fd:72:61:fa:13:94:28:3e:6b:d5:ad:06:7b:c0:
89:20:fd:45:ba:62:45:75:c2:24:7e:58:d3:6b:d8:ff:07:e7:
3d:12:d3:73:ad:5d:c6:80:37:c8:79:7a:ad:ac:47:90:9b:3e:
a1:91:cf:ac:c5:64:6c:13:6c:2d:c5:ea:d3:e6:52:e6:4e:47:
3b:37:28:cc:97:17:f9:84:ee:7f:0a:1c:98:c7:c0:8b:1d:8e:
7e:2e:a7:d4:2c:ce:29:66:3f:61:0c:91:08:60:3b:be:47:d5:
28:06:65:79
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgIUag8uB2GbmpV2/klwl8amMKZ5cG8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODhjMTRlYzAyYWRiZjA4MzEzOGVkZGQ0Nzg3MTE3NmRk
ZWI5M2Q5ZDAeFw0yNTA5MTUxNTAxMzNaFw0yNjA5MTQxNTA2MzNaMDMxMTAvBgNV
BAMTKDJDQUNFOTBFN0Y1QzU3ODk1NzBEOUU2MzUwQTUzOUU0NDgzOUZDQzgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDTJXZRljOatoVmtjXelXvU7TmR
s+FNMaFu8PlH82M9j91t/Pu3LQqc7kygiKsTdbPLDE/Mk4nyWeFOaMq80HwXNizY
DbY79ClweME4OpSC/w+emN9tgp7udqXn8A6Hr0zHidGZTAfcENma5Jnupm89R6/f
tX+mW3NoISAm50X/04CeJS3SmV5wkKZJgbLKz73BRCD9FUryrDMawzU2GMAjDcNJ
LFMpCXj9iHoR7Mn/tiTPl/6WdriNam/irl4bbalPd9BT5ruvjQlLA4Ve0zDhVixd
1FpdyensKrZqKi9r203hwvY+vB7eSPsUfLxaeZJIQDI289bL/WLrDwsJ5kGjAgMB
AAGjggIJMIICBTAdBgNVHQ4EFgQULKzpDn9cV4lXDZ5jUKU55Eg5/MgwHwYDVR0j
BBgwFoAUiMFOwCrb8IMTjt3UeHEXbd65PZ0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQwOWQ3YjItZWU2NC00OWYxLWFkODEtOGU0YTEwN2Q2
MmUwLzAvODhDMTRFQzAyQURCRjA4MzEzOEVEREQ0Nzg3MTE3NkRERUI5M0Q5RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2lNRk93Q3JiOElNVGp0M1VlSEVYYmQ2
NVBaMC5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0MDlkN2IyLWVlNjQt
NDlmMS1hZDgxLThlNGExMDdkNjJlMC8wL0FTNjIzOTAucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACPFLAw
DQYJKoZIhvcNAQELBQADggEBAMkgHpTiFzAejArP5jzyVJCrzoRZd3MytRKpJG6R
yuQIV6HyzsA1N81WP8aOUD3WixBcnxr8C0ak/6+6H2S09n11xXZkl2SF+iUE1PGp
sz41+n7m8NrMGx+F3Atz54piZuAnVjD5PnfjR8Sf3X8RSQ22bSSrvq83G1x8Qbvh
d7PGyA4HqUQRkk/m/k+Cj8bcNSjDEm/9cmH6E5QoPmvVrQZ7wIkg/UW6YkV1wiR+
WNNr2P8H5z0S03OtXcaAN8h5eq2sR5CbPqGRz6zFZGwTbC3F6tPmUuZORzs3KMyX
F/mE7n8KHJjHwIsdjn4up9QszilmP2EMkQhgO75H1SgGZXk=
-----END CERTIFICATE-----
Generated at Wed Oct 22 03:04:43 2025 by rpki-client