Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS64267.roa
File: AS64267.roa (raw, json)
Hash identifier: aaTdAmijCTzzrgqyRPRuDN9V89M3Xk72cfEcF8XKuPU=
Subject key identifier: C9:95:E0:6A:C1:B1:4B:E5:8B:90:59:DE:CC:26:57:D6:9D:AE:8E:C4
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 7C22737500EAE1BBC5512D9A3829A8243597E608
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS64267.roa
Signing time: Wed 16 Jul 2025 00:00:23 +0000
ROA not before: Tue 15 Jul 2025 23:55:23 +0000
ROA not after: Wed 15 Jul 2026 00:00:23 +0000
asID: 64267
IP address blocks: 148.135.255.0/24 maxlen: 24
162.141.71.0/24 maxlen: 24
162.141.83.0/24 maxlen: 24
162.141.123.0/24 maxlen: 24
167.148.117.0/24 maxlen: 24
167.148.125.0/24 maxlen: 24
167.148.126.0/24 maxlen: 24
167.148.159.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7c:22:73:75:00:ea:e1:bb:c5:51:2d:9a:38:29:a8:24:35:97:e6:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Jul 15 23:55:23 2025 GMT
Not After : Jul 15 00:00:23 2026 GMT
Subject: CN=C995E06AC1B14BE58B9059DECC2657D69DAE8EC4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:b0:ac:87:92:8a:30:4b:fa:ba:db:42:15:c4:
10:42:02:2e:aa:89:fe:dc:dc:3c:85:e4:ff:a9:b7:
2b:06:2f:0e:cb:cf:2e:19:1b:e1:a0:f7:36:3a:74:
72:2b:ae:31:37:94:d1:32:59:32:6f:68:ff:06:d1:
30:20:6f:0e:9c:05:4c:a1:ae:9d:15:63:38:ce:36:
03:11:8d:2c:4b:34:c0:8a:38:21:9f:f2:86:b8:db:
b1:c4:e0:56:00:b1:6d:22:83:9c:26:e2:62:51:ae:
bb:50:83:f5:ae:b0:af:bf:0d:de:b2:18:d0:55:15:
7f:06:7a:0c:2f:7a:dd:2b:7e:e0:6f:6f:2b:45:e6:
c2:02:de:01:4d:93:a8:98:2e:91:8e:31:ff:b4:f0:
d7:65:15:e2:f1:e7:20:12:57:e5:b1:b9:0e:04:7c:
53:e7:af:9b:0e:7b:ad:21:94:c5:ef:19:6e:af:1e:
77:3f:38:05:d0:05:d3:9d:fe:18:4f:95:01:a7:1c:
50:ba:30:6e:13:18:81:d8:a4:dd:26:5a:c6:5f:a9:
37:76:23:06:9a:fa:1e:46:a7:7f:9c:6c:02:7e:c2:
6d:ef:45:1f:34:31:a5:98:8c:81:07:11:2c:de:72:
95:55:f0:1b:9a:fd:b0:17:23:cb:8b:98:b1:b0:6c:
12:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:95:E0:6A:C1:B1:4B:E5:8B:90:59:DE:CC:26:57:D6:9D:AE:8E:C4
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS64267.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
148.135.255.0/24
162.141.71.0/24
162.141.83.0/24
162.141.123.0/24
167.148.117.0/24
167.148.125.0-167.148.126.255
167.148.159.0/24
Signature Algorithm: sha256WithRSAEncryption
b9:0e:96:71:2b:b0:d3:81:92:d2:06:46:ed:6a:1d:ad:95:42:
7d:22:5f:16:1c:a4:aa:34:99:51:9d:9b:49:d4:66:ad:bd:df:
cd:a6:67:1c:ff:e7:51:5f:90:91:bf:4e:f4:c8:17:c1:a9:7b:
c1:40:ca:87:f1:c7:3a:ed:0c:a0:4e:86:bb:8a:31:a5:f4:45:
f8:9e:9a:5c:ca:96:fd:c7:d3:1f:68:8c:81:c6:ea:82:ee:c5:
03:71:59:68:34:68:b4:58:ed:91:f5:ae:20:ff:1d:2f:5a:f2:
29:db:50:8c:b8:5f:4d:91:47:f8:93:d9:c3:ac:12:a3:c1:8f:
12:76:5a:de:7b:49:c6:96:6e:c1:d7:a0:77:b0:2c:f3:64:4e:
11:ed:f1:36:2d:cb:f5:a8:7e:cc:67:0c:23:5c:27:3b:ac:aa:
35:be:1f:9e:70:2a:08:47:ca:21:b4:da:3e:11:3a:a6:a0:87:
6c:eb:68:fc:c7:de:dd:8d:b3:ad:f7:4e:c5:37:59:bc:9a:4c:
c7:ac:69:23:ef:1b:59:b0:d1:5a:1d:a0:f3:fa:4c:f1:2f:8a:
a7:3f:b4:00:97:a7:a8:ab:64:c1:55:5e:bf:fd:30:51:e4:bd:
6f:e3:e2:c8:fd:fc:5a:b5:1c:28:39:44:66:69:b8:66:b9:3b:
29:9e:6e:9f
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgIUfCJzdQDq4bvFUS2aOCmoJDWX5ggwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTA3MTUyMzU1MjNaFw0yNjA3MTUwMDAwMjNaMDMxMTAvBgNV
BAMTKEM5OTVFMDZBQzFCMTRCRTU4QjkwNTlERUNDMjY1N0Q2OURBRThFQzQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDpsKyHkoowS/q620IVxBBCAi6q
if7c3DyF5P+ptysGLw7Lzy4ZG+Gg9zY6dHIrrjE3lNEyWTJvaP8G0TAgbw6cBUyh
rp0VYzjONgMRjSxLNMCKOCGf8oa427HE4FYAsW0ig5wm4mJRrrtQg/WusK+/Dd6y
GNBVFX8Gegwvet0rfuBvbytF5sIC3gFNk6iYLpGOMf+08NdlFeLx5yASV+WxuQ4E
fFPnr5sOe60hlMXvGW6vHnc/OAXQBdOd/hhPlQGnHFC6MG4TGIHYpN0mWsZfqTd2
Iwaa+h5Gp3+cbAJ+wm3vRR80MaWYjIEHESzecpVV8Bua/bAXI8uLmLGwbBK9AgMB
AAGjggI1MIICMTAdBgNVHQ4EFgQUyZXgasGxS+WLkFnezCZX1p2ujsQwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTNjQyNjcucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwSwYIKwYBBQUHAQcBAf8EPDA6MDgEAgABMDIDBACUh/8D
BACijUcDBACijVMDBACijXsDBACnlHUwDAMEAKeUfQMEAKeUfgMEAKeUnzANBgkq
hkiG9w0BAQsFAAOCAQEAuQ6WcSuw04GS0gZG7WodrZVCfSJfFhykqjSZUZ2bSdRm
rb3fzaZnHP/nUV+Qkb9O9MgXwal7wUDKh/HHOu0MoE6Gu4oxpfRF+J6aXMqW/cfT
H2iMgcbqgu7FA3FZaDRotFjtkfWuIP8dL1ryKdtQjLhfTZFH+JPZw6wSo8GPEnZa
3ntJxpZuwdegd7As82ROEe3xNi3L9ah+zGcMI1wnO6yqNb4fnnAqCEfKIbTaPhE6
pqCHbOto/Mfe3Y2zrfdOxTdZvJpMx6xpI+8bWbDRWh2g8/pM8S+Kpz+0AJenqKtk
wVVev/0wUeS9b+PiyP38WrUcKDlEZmm4Zrk7KZ5unw==
-----END CERTIFICATE-----
Generated at Tue Jul 22 18:58:49 2025 by rpki-client