Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS64267.roa
File: AS64267.roa (raw, json)
Hash identifier: 1ogdno9qxMfB3aFrErju9JBJ0zT8lVtUm4x5c0BNs7w=
Subject key identifier: 16:B9:2D:2A:B5:EB:DE:4C:FC:1C:5D:8A:23:24:03:5D:C6:AE:1E:87
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 0BA847F3D924AE84E88C121A5280B57AF51194AD
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS64267.roa
Signing time: Sat 25 Oct 2025 00:00:47 +0000
ROA not before: Fri 24 Oct 2025 23:55:47 +0000
ROA not after: Sat 24 Oct 2026 00:00:47 +0000
asID: 64267
IP address blocks: 2.57.17.0/24 maxlen: 24
89.19.49.0/24 maxlen: 24
141.98.89.0/24 maxlen: 24
179.61.145.0/24 maxlen: 24
179.61.207.0/24 maxlen: 24
179.61.209.0/24 maxlen: 24
181.41.210.0/24 maxlen: 24
181.41.212.0/24 maxlen: 24
181.41.217.0/24 maxlen: 24
181.41.219.0/24 maxlen: 24
181.214.7.0/24 maxlen: 24
181.214.76.0/24 maxlen: 24
181.214.179.0/24 maxlen: 24
181.214.209.0/24 maxlen: 24
181.214.211.0/24 maxlen: 24
181.214.229.0/24 maxlen: 24
181.215.40.0/24 maxlen: 24
181.215.238.0/24 maxlen: 24
181.215.250.0/24 maxlen: 24
185.137.93.0/24 maxlen: 24
185.137.95.0/24 maxlen: 24
185.139.0.0/24 maxlen: 24
185.158.149.0/24 maxlen: 24
191.96.249.0/24 maxlen: 24
191.101.66.0/24 maxlen: 24
191.101.67.0/24 maxlen: 24
191.101.83.0/24 maxlen: 24
191.101.89.0/24 maxlen: 24
191.101.125.0/24 maxlen: 24
191.101.137.0/24 maxlen: 24
191.101.218.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 06:14:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0b:a8:47:f3:d9:24:ae:84:e8:8c:12:1a:52:80:b5:7a:f5:11:94:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Oct 24 23:55:47 2025 GMT
Not After : Oct 24 00:00:47 2026 GMT
Subject: CN=16B92D2AB5EBDE4CFC1C5D8A2324035DC6AE1E87
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:02:22:4e:19:75:34:66:43:d2:32:6b:b4:dd:
40:31:14:43:23:5f:47:81:42:1b:64:18:56:aa:39:
86:29:fa:f9:22:e3:01:21:37:f5:bc:66:ea:e4:88:
10:42:1a:6e:4f:12:77:76:c5:3d:78:af:a1:83:8f:
db:23:16:ae:74:80:88:a5:92:33:cc:e3:67:95:8b:
74:45:b9:6b:68:7f:44:a6:0b:cf:3e:2c:e1:b7:a7:
3f:aa:3f:b9:53:5a:bc:fa:6e:55:e7:d4:60:69:33:
c6:12:98:e8:93:ad:8c:a5:78:a3:9d:6d:3f:53:b7:
93:02:08:e3:d4:f2:fe:f1:7b:fa:6d:c4:91:4d:65:
dd:7b:62:62:68:e5:39:de:e0:d3:17:6b:87:50:85:
7c:da:7f:de:f8:82:3d:fd:6d:a7:d2:13:58:93:c7:
cc:52:5b:92:05:43:5c:0a:8f:ac:38:31:e2:84:c7:
18:62:36:44:26:29:4e:bd:fa:c5:31:7a:33:f1:d5:
cf:cf:74:ee:90:12:3a:75:35:01:46:31:32:45:b0:
5e:a5:4a:40:e6:65:20:21:65:51:6b:58:f7:0b:41:
52:e1:8f:6e:8b:6a:1d:7c:21:54:3a:49:78:d1:51:
63:b4:99:d1:97:78:0e:2d:9a:28:a2:ea:4a:e9:dd:
e2:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:B9:2D:2A:B5:EB:DE:4C:FC:1C:5D:8A:23:24:03:5D:C6:AE:1E:87
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS64267.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.57.17.0/24
89.19.49.0/24
141.98.89.0/24
179.61.145.0/24
179.61.207.0/24
179.61.209.0/24
181.41.210.0/24
181.41.212.0/24
181.41.217.0/24
181.41.219.0/24
181.214.7.0/24
181.214.76.0/24
181.214.179.0/24
181.214.209.0/24
181.214.211.0/24
181.214.229.0/24
181.215.40.0/24
181.215.238.0/24
181.215.250.0/24
185.137.93.0/24
185.137.95.0/24
185.139.0.0/24
185.158.149.0/24
191.96.249.0/24
191.101.66.0/23
191.101.83.0/24
191.101.89.0/24
191.101.125.0/24
191.101.137.0/24
191.101.218.0/24
Signature Algorithm: sha256WithRSAEncryption
29:14:5c:08:18:6b:4b:82:d2:7b:bb:a5:9a:f3:9a:94:7e:de:
1c:13:2a:4c:58:41:8d:3a:b5:46:9b:0c:c6:4c:de:a4:6d:3e:
bf:ca:b0:34:47:1e:b7:88:51:f5:80:bf:26:69:23:13:6d:53:
3a:9e:58:9c:27:5c:5b:27:e0:82:8e:2e:c0:94:2f:8c:c0:7c:
fb:7f:2b:04:1f:12:44:03:f9:05:f6:48:77:37:55:ed:27:47:
96:99:85:08:c4:ed:d6:44:c3:2c:9b:6d:fb:b6:a6:06:4d:c7:
eb:9f:2e:ee:d9:2d:93:cc:a8:24:8c:ec:8c:82:b7:6e:62:1a:
fd:c5:a5:2d:da:d8:3b:35:97:4a:26:9e:5d:4e:ca:95:0c:1c:
65:6e:1f:33:fd:06:4b:c2:d9:18:e1:e5:4f:7b:5a:2f:44:fd:
c5:91:9e:5e:9a:d4:02:8e:5c:cb:2e:7c:78:66:b0:d0:23:f8:
f0:e5:ad:07:3f:24:29:c1:b1:87:77:db:44:b4:b7:21:9f:72:
f8:40:ab:18:37:7c:44:1d:f3:32:b2:52:7f:ad:b8:ce:96:57:
e5:52:4f:13:fa:41:04:09:f0:79:a3:bf:1f:91:e9:97:12:ec:
6a:a7:ac:02:7a:8b:8a:88:f8:10:ea:2b:db:10:9e:28:25:be:
0d:5d:fb:c4
-----BEGIN CERTIFICATE-----
MIIFsjCCBJqgAwIBAgIUC6hH89kkroTojBIaUoC1evURlK0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNTEwMjQyMzU1NDdaFw0yNjEwMjQwMDAwNDdaMDMxMTAvBgNV
BAMTKDE2QjkyRDJBQjVFQkRFNENGQzFDNUQ4QTIzMjQwMzVEQzZBRTFFODcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC/AiJOGXU0ZkPSMmu03UAxFEMj
X0eBQhtkGFaqOYYp+vki4wEhN/W8ZurkiBBCGm5PEnd2xT14r6GDj9sjFq50gIil
kjPM42eVi3RFuWtof0SmC88+LOG3pz+qP7lTWrz6blXn1GBpM8YSmOiTrYyleKOd
bT9Tt5MCCOPU8v7xe/ptxJFNZd17YmJo5Tne4NMXa4dQhXzaf974gj39bafSE1iT
x8xSW5IFQ1wKj6w4MeKExxhiNkQmKU69+sUxejPx1c/PdO6QEjp1NQFGMTJFsF6l
SkDmZSAhZVFrWPcLQVLhj26Lah18IVQ6SXjRUWO0mdGXeA4tmiii6krp3eJ7AgMB
AAGjggK8MIICuDAdBgNVHQ4EFgQUFrktKrXr3kz8HF2KIyQDXcauHocwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTNjQyNjcucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwgdEGCCsGAQUFBwEHAQH/BIHBMIG+MIG7BAIAATCBtAME
AAI5EQMEAFkTMQMEAI1iWQMEALM9kQMEALM9zwMEALM90QMEALUp0gMEALUp1AME
ALUp2QMEALUp2wMEALXWBwMEALXWTAMEALXWswMEALXW0QMEALXW0wMEALXW5QME
ALXXKAMEALXX7gMEALXX+gMEALmJXQMEALmJXwMEALmLAAMEALmelQMEAL9g+QME
Ab9lQgMEAL9lUwMEAL9lWQMEAL9lfQMEAL9liQMEAL9l2jANBgkqhkiG9w0BAQsF
AAOCAQEAKRRcCBhrS4LSe7ulmvOalH7eHBMqTFhBjTq1RpsMxkzepG0+v8qwNEce
t4hR9YC/JmkjE21TOp5YnCdcWyfggo4uwJQvjMB8+38rBB8SRAP5BfZIdzdV7SdH
lpmFCMTt1kTDLJtt+7amBk3H658u7tktk8yoJIzsjIK3bmIa/cWlLdrYOzWXSiae
XU7KlQwcZW4fM/0GS8LZGOHlT3taL0T9xZGeXprUAo5cyy58eGaw0CP48OWtBz8k
KcGxh3fbRLS3IZ9y+ECrGDd8RB3zMrJSf624zpZX5VJPE/pBBAnweaO/H5HplxLs
aqesAnqLioj4EOor2xCeKCW+DV37xA==
-----END CERTIFICATE-----
Generated at Tue Nov 4 12:56:23 2025 by rpki-client