Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS64267.roa
File: AS64267.roa (raw, json)
Hash identifier: YPhRtgk7vqeFQJd9mr9x2cxMgiPpDFfNTF8oPvz199g=
Subject key identifier: 66:D4:F7:69:64:02:87:37:62:7A:C9:E3:16:38:D5:D9:ED:61:95:D7
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 361B27FCB5437DDA2792C3CD45B40A273CB9A4D4
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS64267.roa
Signing time: Mon 21 Jul 2025 00:00:47 +0000
ROA not before: Sun 20 Jul 2025 23:55:47 +0000
ROA not after: Mon 20 Jul 2026 00:00:47 +0000
asID: 64267
IP address blocks: 2.57.17.0/24 maxlen: 24
89.19.46.0/24 maxlen: 24
89.19.49.0/24 maxlen: 24
141.98.89.0/24 maxlen: 24
179.61.145.0/24 maxlen: 24
179.61.207.0/24 maxlen: 24
179.61.209.0/24 maxlen: 24
181.41.210.0/24 maxlen: 24
181.41.212.0/24 maxlen: 24
181.41.217.0/24 maxlen: 24
181.41.219.0/24 maxlen: 24
181.214.7.0/24 maxlen: 24
181.214.76.0/24 maxlen: 24
181.214.179.0/24 maxlen: 24
181.214.209.0/24 maxlen: 24
181.214.211.0/24 maxlen: 24
181.214.229.0/24 maxlen: 24
181.215.40.0/24 maxlen: 24
181.215.238.0/24 maxlen: 24
185.137.93.0/24 maxlen: 24
185.137.95.0/24 maxlen: 24
185.139.0.0/24 maxlen: 24
185.158.149.0/24 maxlen: 24
191.96.249.0/24 maxlen: 24
191.101.66.0/24 maxlen: 24
191.101.67.0/24 maxlen: 24
191.101.83.0/24 maxlen: 24
191.101.89.0/24 maxlen: 24
191.101.125.0/24 maxlen: 24
191.101.137.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Jul 2025 22:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
36:1b:27:fc:b5:43:7d:da:27:92:c3:cd:45:b4:0a:27:3c:b9:a4:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Jul 20 23:55:47 2025 GMT
Not After : Jul 20 00:00:47 2026 GMT
Subject: CN=66D4F76964028737627AC9E31638D5D9ED6195D7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:50:5d:43:ef:47:a5:8f:64:d0:51:8d:4a:e3:
43:e2:3f:27:03:8d:d0:ec:7a:85:a8:e0:5d:84:20:
cb:6d:e9:06:ae:32:be:97:35:ce:f7:6b:8e:bf:49:
13:42:61:69:d9:91:30:39:76:d8:a2:6f:49:04:21:
66:ee:99:2f:20:be:23:ba:6d:1d:8a:3f:bf:2a:64:
39:ff:e8:dd:86:33:9a:b9:0f:26:ee:d7:c1:18:00:
93:18:fd:35:9b:0a:eb:6c:23:4d:db:ef:0f:1f:a0:
51:d5:9c:85:39:67:cc:5d:a4:a4:d3:50:61:bb:f4:
93:71:27:b8:d8:17:89:5c:24:65:2e:4d:0c:b4:24:
95:00:bb:90:f1:5b:36:d4:ab:f6:4c:1b:da:a2:0e:
f8:45:bb:cb:79:b9:b3:8d:68:57:27:8d:39:d0:bb:
7a:5b:51:57:77:a0:ca:df:4a:e0:22:1d:a0:2b:7f:
b8:8f:f9:d8:c3:ea:cf:48:2d:71:28:c4:31:f4:43:
39:ed:09:fe:eb:0f:42:97:b2:5f:30:a9:10:d6:42:
a2:54:b7:7c:ca:9f:7d:e9:e6:6b:df:7c:52:b3:93:
5a:77:d2:c1:a9:87:d8:0c:d1:c9:4e:ab:21:97:fa:
e0:47:76:20:97:9b:17:04:31:18:b2:70:fc:4d:c8:
d3:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:D4:F7:69:64:02:87:37:62:7A:C9:E3:16:38:D5:D9:ED:61:95:D7
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS64267.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.57.17.0/24
89.19.46.0/24
89.19.49.0/24
141.98.89.0/24
179.61.145.0/24
179.61.207.0/24
179.61.209.0/24
181.41.210.0/24
181.41.212.0/24
181.41.217.0/24
181.41.219.0/24
181.214.7.0/24
181.214.76.0/24
181.214.179.0/24
181.214.209.0/24
181.214.211.0/24
181.214.229.0/24
181.215.40.0/24
181.215.238.0/24
185.137.93.0/24
185.137.95.0/24
185.139.0.0/24
185.158.149.0/24
191.96.249.0/24
191.101.66.0/23
191.101.83.0/24
191.101.89.0/24
191.101.125.0/24
191.101.137.0/24
Signature Algorithm: sha256WithRSAEncryption
2d:a3:4c:64:49:14:af:15:24:6d:dd:5d:df:1f:50:7c:f1:78:
cd:c8:b4:16:92:fa:21:1a:51:6f:ed:c5:04:fa:48:03:ad:fe:
07:a1:e2:3e:33:81:1c:49:2b:69:20:3b:34:3a:7b:12:4e:75:
9b:18:68:22:df:f7:92:85:01:51:f4:19:90:c8:1c:4d:31:e7:
f1:2d:ea:b5:bc:64:e9:d1:e7:2b:97:2e:9f:85:ff:33:75:cc:
ae:ab:76:0d:32:f0:16:45:fa:50:32:6a:d2:e6:3b:24:18:ac:
ea:ae:c3:57:0e:ca:b5:fd:0b:25:90:e9:2b:15:84:5b:24:1f:
4d:a6:29:8c:9b:f4:8e:6e:30:e3:7b:07:e0:23:e7:93:63:99:
41:04:bf:2b:b0:66:02:b5:cb:ad:2e:9d:7c:e7:94:b7:8d:ad:
63:d1:5f:49:98:94:13:c4:a9:fb:a8:94:d7:03:40:b6:7d:eb:
5d:19:9d:4a:0d:54:20:1e:45:de:22:2d:c8:40:37:30:a7:11:
b4:fd:2c:46:d0:28:21:fb:f6:bd:a5:ea:0b:bf:90:03:19:61:
43:bf:ed:51:7c:2c:89:e0:43:ea:aa:cb:5e:24:ab:8f:45:ef:
e5:72:d2:18:67:fa:0e:77:01:34:11:c1:85:4c:c1:37:a3:71:
58:92:05:b9
-----BEGIN CERTIFICATE-----
MIIFrDCCBJSgAwIBAgIUNhsn/LVDfdonksPNRbQKJzy5pNQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNTA3MjAyMzU1NDdaFw0yNjA3MjAwMDAwNDdaMDMxMTAvBgNV
BAMTKDY2RDRGNzY5NjQwMjg3Mzc2MjdBQzlFMzE2MzhENUQ5RUQ2MTk1RDcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCpUF1D70elj2TQUY1K40PiPycD
jdDseoWo4F2EIMtt6QauMr6XNc73a46/SRNCYWnZkTA5dtiib0kEIWbumS8gviO6
bR2KP78qZDn/6N2GM5q5Dybu18EYAJMY/TWbCutsI03b7w8foFHVnIU5Z8xdpKTT
UGG79JNxJ7jYF4lcJGUuTQy0JJUAu5DxWzbUq/ZMG9qiDvhFu8t5ubONaFcnjTnQ
u3pbUVd3oMrfSuAiHaArf7iP+djD6s9ILXEoxDH0QzntCf7rD0KXsl8wqRDWQqJU
t3zKn33p5mvffFKzk1p30sGph9gM0clOqyGX+uBHdiCXmxcEMRiycPxNyNNDAgMB
AAGjggK2MIICsjAdBgNVHQ4EFgQUZtT3aWQChzdiesnjFjjV2e1hldcwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTNjQyNjcucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwgcsGCCsGAQUFBwEHAQH/BIG7MIG4MIG1BAIAATCBrgME
AAI5EQMEAFkTLgMEAFkTMQMEAI1iWQMEALM9kQMEALM9zwMEALM90QMEALUp0gME
ALUp1AMEALUp2QMEALUp2wMEALXWBwMEALXWTAMEALXWswMEALXW0QMEALXW0wME
ALXW5QMEALXXKAMEALXX7gMEALmJXQMEALmJXwMEALmLAAMEALmelQMEAL9g+QME
Ab9lQgMEAL9lUwMEAL9lWQMEAL9lfQMEAL9liTANBgkqhkiG9w0BAQsFAAOCAQEA
LaNMZEkUrxUkbd1d3x9QfPF4zci0FpL6IRpRb+3FBPpIA63+B6HiPjOBHEkraSA7
NDp7Ek51mxhoIt/3koUBUfQZkMgcTTHn8S3qtbxk6dHnK5cun4X/M3XMrqt2DTLw
FkX6UDJq0uY7JBis6q7DVw7Ktf0LJZDpKxWEWyQfTaYpjJv0jm4w43sH4CPnk2OZ
QQS/K7BmArXLrS6dfOeUt42tY9FfSZiUE8Sp+6iU1wNAtn3rXRmdSg1UIB5F3iIt
yEA3MKcRtP0sRtAoIfv2vaXqC7+QAxlhQ7/tUXwsieBD6qrLXiSrj0Xv5XLSGGf6
DncBNBHBhUzBN6NxWJIFuQ==
-----END CERTIFICATE-----
Generated at Mon Jul 21 07:26:09 2025 by rpki-client