Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS64267.roa
File: AS64267.roa (raw, json)
Hash identifier: 5Qjzt5NKHIX8O8FFGG/Rpd4Zpyna8g5Wu5BTw1d5eZE=
Subject key identifier: 87:3F:E7:AE:F0:F2:79:26:B5:63:13:A1:FB:81:CE:37:01:6A:02:03
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 7F1D9181ACBF9D02393E8F77E482B22BBAE58B30
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS64267.roa
Signing time: Thu 31 Jul 2025 00:01:58 +0000
ROA not before: Wed 30 Jul 2025 23:56:58 +0000
ROA not after: Thu 30 Jul 2026 00:01:58 +0000
asID: 64267
IP address blocks: 148.135.255.0/24 maxlen: 24
162.141.71.0/24 maxlen: 24
162.141.83.0/24 maxlen: 24
162.141.123.0/24 maxlen: 24
167.148.117.0/24 maxlen: 24
167.148.125.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 03:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7f:1d:91:81:ac:bf:9d:02:39:3e:8f:77:e4:82:b2:2b:ba:e5:8b:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Jul 30 23:56:58 2025 GMT
Not After : Jul 30 00:01:58 2026 GMT
Subject: CN=873FE7AEF0F27926B56313A1FB81CE37016A0203
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:b8:d7:69:1e:82:d3:94:6e:a4:25:7e:c2:cf:
88:86:5a:4f:00:be:87:f9:ac:38:81:89:02:d5:e8:
53:00:7d:a9:ff:4d:5f:35:6b:41:5f:88:1a:f6:0f:
3d:ae:37:8b:a1:e5:35:92:d2:bc:25:31:33:3a:49:
28:45:87:54:4d:09:0f:f5:91:3b:62:d3:9b:c7:0d:
4b:aa:54:79:c6:7b:1c:1c:ca:39:bf:82:54:6a:ff:
3a:58:e9:0d:8a:02:a0:bb:41:1f:31:06:58:06:69:
48:2e:34:8c:c1:72:df:61:50:3c:4c:e6:0a:db:fe:
ca:79:c3:2b:6a:2d:83:b7:db:f7:db:cf:6c:f9:87:
4f:d1:86:71:b0:4e:ca:d8:27:1a:32:bf:7d:1b:ab:
6d:c7:f3:b1:58:71:9a:c2:62:a4:56:10:18:59:99:
fc:c5:e4:29:2b:6e:c3:f7:2c:3b:76:94:ab:96:16:
c6:0a:2c:45:75:47:87:a9:37:c1:5a:e6:9f:d5:66:
c3:c8:6b:36:cc:de:95:73:cc:72:26:30:6c:ac:e2:
da:2e:56:9e:d5:ad:0d:d6:3d:de:41:ce:13:17:5f:
6f:e7:b2:63:b8:9b:fe:dc:55:75:0d:e9:5b:6b:05:
cf:33:63:bd:0f:09:cb:ba:e3:82:10:db:1c:a7:7c:
e9:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:3F:E7:AE:F0:F2:79:26:B5:63:13:A1:FB:81:CE:37:01:6A:02:03
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS64267.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
148.135.255.0/24
162.141.71.0/24
162.141.83.0/24
162.141.123.0/24
167.148.117.0/24
167.148.125.0/24
Signature Algorithm: sha256WithRSAEncryption
51:ef:65:20:d9:1e:4a:12:37:ff:f3:50:f2:1c:de:ab:5d:eb:
c9:52:73:b8:6b:c1:e5:5f:5d:21:49:1d:9c:33:96:59:e7:33:
3e:a7:0e:64:69:5f:bc:7e:4d:f7:fc:86:a9:12:85:54:5f:6f:
b9:09:b6:d0:f2:57:da:1b:91:f8:f1:48:a8:a8:1e:7e:62:53:
ad:a7:4e:8c:be:04:e6:ae:8d:8b:45:50:2a:11:33:28:bd:91:
5d:fc:1f:09:66:62:be:6e:c1:d2:5c:94:00:06:3f:40:fa:b8:
af:53:f7:bb:b4:08:11:cd:4d:26:5a:ac:ad:cb:93:d5:cd:ff:
ae:08:cf:f8:ac:96:a3:c1:e5:59:f6:83:6b:e8:c2:f2:84:f8:
eb:cc:f6:d5:a2:c5:92:d6:27:ba:00:75:3b:3a:a1:66:57:73:
03:c3:32:de:63:1c:33:19:3e:e9:ec:ae:2e:52:db:4f:ec:f1:
68:cf:2a:eb:1e:16:26:1c:2b:51:ac:4d:f4:5c:6c:95:bb:20:
1d:1c:cb:36:bd:96:b4:79:23:e1:cc:38:02:24:ac:27:89:e5:
a0:2e:fa:71:7f:f1:a8:ed:c5:ed:b6:59:28:5f:c6:71:42:d7:
bc:75:d9:c8:54:dc:70:ab:20:79:11:ba:fe:28:c6:99:ae:d8:
52:13:4b:8a
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgIUfx2Rgay/nQI5Po935IKyK7rlizAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTA3MzAyMzU2NThaFw0yNjA3MzAwMDAxNThaMDMxMTAvBgNV
BAMTKDg3M0ZFN0FFRjBGMjc5MjZCNTYzMTNBMUZCODFDRTM3MDE2QTAyMDMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCyuNdpHoLTlG6kJX7Cz4iGWk8A
vof5rDiBiQLV6FMAfan/TV81a0FfiBr2Dz2uN4uh5TWS0rwlMTM6SShFh1RNCQ/1
kTti05vHDUuqVHnGexwcyjm/glRq/zpY6Q2KAqC7QR8xBlgGaUguNIzBct9hUDxM
5grb/sp5wytqLYO32/fbz2z5h0/RhnGwTsrYJxoyv30bq23H87FYcZrCYqRWEBhZ
mfzF5CkrbsP3LDt2lKuWFsYKLEV1R4epN8Fa5p/VZsPIazbM3pVzzHImMGys4tou
Vp7VrQ3WPd5BzhMXX2/nsmO4m/7cVXUN6VtrBc8zY70PCcu644IQ2xynfOkTAgMB
AAGjggInMIICIzAdBgNVHQ4EFgQUhz/nrvDyeSa1YxOh+4HONwFqAgMwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTNjQyNjcucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwPQYIKwYBBQUHAQcBAf8ELjAsMCoEAgABMCQDBACUh/8D
BACijUcDBACijVMDBACijXsDBACnlHUDBACnlH0wDQYJKoZIhvcNAQELBQADggEB
AFHvZSDZHkoSN//zUPIc3qtd68lSc7hrweVfXSFJHZwzllnnMz6nDmRpX7x+Tff8
hqkShVRfb7kJttDyV9obkfjxSKioHn5iU62nToy+BOaujYtFUCoRMyi9kV38Hwlm
Yr5uwdJclAAGP0D6uK9T97u0CBHNTSZarK3Lk9XN/64Iz/islqPB5Vn2g2vowvKE
+OvM9tWixZLWJ7oAdTs6oWZXcwPDMt5jHDMZPunsri5S20/s8WjPKuseFiYcK1Gs
TfRcbJW7IB0cyza9lrR5I+HMOAIkrCeJ5aAu+nF/8ajtxe22WShfxnFC17x12chU
3HCrIHkRuv4oxpmu2FITS4o=
-----END CERTIFICATE-----
Generated at Mon Aug 4 07:42:01 2025 by rpki-client