Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS64267.roa
File: AS64267.roa (raw, json)
Hash identifier: puWKOBmdI1l8RuqyzaOlIIRiVqbwWqJe4jEtGB6gJJc=
Subject key identifier: BC:31:99:66:40:DD:88:75:E1:B6:FD:20:CA:64:12:17:48:6C:E6:4A
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 0852BD66E5C5CB916862CE406159A8E97762E44A
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS64267.roa
Signing time: Mon 27 Oct 2025 05:49:46 +0000
ROA not before: Mon 27 Oct 2025 05:44:46 +0000
ROA not after: Mon 26 Oct 2026 05:49:46 +0000
asID: 64267
IP address blocks: 91.124.36.0/24 maxlen: 24
92.112.5.0/24 maxlen: 24
92.112.141.0/24 maxlen: 24
92.113.11.0/24 maxlen: 24
92.113.215.0/24 maxlen: 24
95.135.183.0/24 maxlen: 24
178.92.246.0/24 maxlen: 24
178.93.30.0/24 maxlen: 24
178.94.149.0/24 maxlen: 24
178.95.225.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 03:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
08:52:bd:66:e5:c5:cb:91:68:62:ce:40:61:59:a8:e9:77:62:e4:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Oct 27 05:44:46 2025 GMT
Not After : Oct 26 05:49:46 2026 GMT
Subject: CN=BC31996640DD8875E1B6FD20CA641217486CE64A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:11:8f:77:1b:b7:84:ac:ae:de:c3:98:77:1d:
93:37:a5:00:7c:ff:6b:b9:a9:8f:79:19:de:0a:1b:
f2:b8:7b:1c:bb:42:a4:bb:fd:fc:54:e8:70:61:88:
4e:92:d2:83:3f:de:ec:25:78:4a:d6:ac:38:6d:e7:
fc:56:98:45:9a:d9:3f:14:1f:37:69:aa:bc:8d:fb:
1f:89:37:a0:c0:29:81:ce:d0:4a:92:00:03:64:e0:
16:19:4d:36:e6:1c:f8:dd:92:53:74:46:3c:14:0f:
58:7d:fc:7a:87:98:0c:79:59:51:b7:bd:eb:d3:38:
d7:e5:47:5b:42:91:64:57:21:a2:0a:80:4d:ec:96:
35:32:1b:e7:98:50:fc:7b:03:70:04:3e:78:75:71:
c9:89:37:6b:c2:07:7c:ad:1b:34:c8:74:7b:17:18:
42:68:f7:9a:91:b8:95:6e:7a:fe:df:19:c9:4b:b2:
2f:57:da:49:6e:19:8a:64:28:cf:25:a0:b3:69:80:
0e:2c:82:db:8d:26:20:b5:ee:b6:4d:c5:56:7d:84:
fc:c5:9c:34:2c:f8:ed:8d:0f:ff:d4:42:e3:52:7f:
d7:10:c3:95:04:e5:15:57:95:cd:f5:60:02:e3:a6:
f0:f6:60:a1:24:f3:5c:90:13:54:2e:3e:37:69:e7:
52:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:31:99:66:40:DD:88:75:E1:B6:FD:20:CA:64:12:17:48:6C:E6:4A
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS64267.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.124.36.0/24
92.112.5.0/24
92.112.141.0/24
92.113.11.0/24
92.113.215.0/24
95.135.183.0/24
178.92.246.0/24
178.93.30.0/24
178.94.149.0/24
178.95.225.0/24
Signature Algorithm: sha256WithRSAEncryption
1b:70:46:1e:55:b9:44:97:7e:a1:7f:f9:5e:9c:26:e2:d5:6f:
17:65:59:6b:5f:78:7d:8c:f5:d8:7e:2b:3c:42:f6:cf:6b:30:
c8:67:4e:43:03:ac:83:37:4e:6a:3c:6b:6f:42:7d:e6:bc:b2:
ad:bb:7d:38:d0:71:cf:f9:25:ca:3c:89:dc:02:aa:90:2a:02:
70:99:cc:ae:c6:0a:86:71:05:84:dd:86:bb:a1:6d:fc:39:16:
21:eb:d2:92:96:2b:3d:11:0a:8e:8b:c4:c3:85:35:4e:3a:53:
3c:7a:10:72:98:4c:d8:97:69:bc:b8:78:ab:84:bc:13:57:0d:
6c:85:bb:c1:0e:40:ea:6c:ae:d0:40:d2:0d:d0:cf:1d:67:5f:
d2:2d:3a:81:80:90:29:91:e8:a8:4d:6c:3b:07:ab:56:63:a8:
a7:b7:a7:f1:59:1a:db:c9:d5:ab:e5:4b:9a:3d:05:8b:91:28:
a7:9f:eb:9b:bf:82:ab:a0:a8:d3:4f:e2:32:3d:8e:24:48:fc:
5c:34:f5:82:3e:d7:72:63:81:12:7c:93:23:5c:ce:13:d7:e1:
b4:42:42:0d:c8:38:23:3f:36:d3:3d:73:9d:33:00:68:ca:8c:
b7:28:c9:1f:b6:3a:4c:f9:b2:90:89:a8:83:11:c5:9a:53:d9:
87:aa:c5:3b
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUCFK9ZuXFy5FoYs5AYVmo6Xdi5EowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNTEwMjcwNTQ0NDZaFw0yNjEwMjYwNTQ5NDZaMDMxMTAvBgNV
BAMTKEJDMzE5OTY2NDBERDg4NzVFMUI2RkQyMENBNjQxMjE3NDg2Q0U2NEEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCZEY93G7eErK7ew5h3HZM3pQB8
/2u5qY95Gd4KG/K4exy7QqS7/fxU6HBhiE6S0oM/3uwleErWrDht5/xWmEWa2T8U
HzdpqryN+x+JN6DAKYHO0EqSAANk4BYZTTbmHPjdklN0RjwUD1h9/HqHmAx5WVG3
vevTONflR1tCkWRXIaIKgE3sljUyG+eYUPx7A3AEPnh1ccmJN2vCB3ytGzTIdHsX
GEJo95qRuJVuev7fGclLsi9X2kluGYpkKM8loLNpgA4sgtuNJiC17rZNxVZ9hPzF
nDQs+O2ND//UQuNSf9cQw5UE5RVXlc31YALjpvD2YKEk81yQE1QuPjdp51J9AgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUvDGZZkDdiHXhtv0gymQSF0hs5kowHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTNjQyNjcucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwVQYIKwYBBQUHAQcBAf8ERjBEMEIEAgABMDwDBABbfCQD
BABccAUDBABccI0DBABccQsDBABccdcDBABfh7cDBACyXPYDBACyXR4DBACyXpUD
BACyX+EwDQYJKoZIhvcNAQELBQADggEBABtwRh5VuUSXfqF/+V6cJuLVbxdlWWtf
eH2M9dh+KzxC9s9rMMhnTkMDrIM3Tmo8a29Cfea8sq27fTjQcc/5Jco8idwCqpAq
AnCZzK7GCoZxBYTdhruhbfw5FiHr0pKWKz0RCo6LxMOFNU46Uzx6EHKYTNiXaby4
eKuEvBNXDWyFu8EOQOpsrtBA0g3Qzx1nX9ItOoGAkCmR6KhNbDsHq1ZjqKe3p/FZ
GtvJ1avlS5o9BYuRKKef65u/gqugqNNP4jI9jiRI/Fw09YI+13JjgRJ8kyNczhPX
4bRCQg3IOCM/NtM9c50zAGjKjLcoyR+2Okz5spCJqIMRxZpT2YeqxTs=
-----END CERTIFICATE-----
Generated at Wed Nov 5 09:36:39 2025 by rpki-client