Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS64267.roa
File: AS64267.roa (raw, json)
Hash identifier: G/L+WVLO37XiiXRFL2ediy9o10cqgX3soCfY4OQyqpU=
Subject key identifier: B5:AA:0F:16:71:E4:50:04:97:CF:E7:C5:30:7A:4F:8A:88:81:3E:B8
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 03A89AE90DFD23A670429F53A815AB6382DCCF8A
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS64267.roa
Signing time: Sun 31 Aug 2025 00:07:24 +0000
ROA not before: Sun 31 Aug 2025 00:02:24 +0000
ROA not after: Sun 30 Aug 2026 00:07:24 +0000
asID: 64267
IP address blocks: 162.141.71.0/24 maxlen: 24
162.141.83.0/24 maxlen: 24
167.148.117.0/24 maxlen: 24
167.148.125.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 08 Sep 2025 00:55:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
03:a8:9a:e9:0d:fd:23:a6:70:42:9f:53:a8:15:ab:63:82:dc:cf:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Aug 31 00:02:24 2025 GMT
Not After : Aug 30 00:07:24 2026 GMT
Subject: CN=B5AA0F1671E4500497CFE7C5307A4F8A88813EB8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:36:68:30:9f:51:1e:13:04:d0:63:21:c1:a7:
0a:d1:34:13:28:cd:51:bf:76:fc:5d:7e:5f:43:0c:
74:38:f8:71:e0:26:77:6f:b3:e3:7a:e1:8b:16:d6:
02:1e:10:fb:85:ca:9e:9a:89:9b:ee:6c:af:1d:32:
3a:ec:d1:a4:6b:79:14:7c:82:5c:e6:29:8e:df:6f:
93:40:60:0d:17:b9:0b:05:bb:71:c8:38:26:8b:c1:
0f:4b:4d:22:46:43:34:1f:25:df:76:3c:74:43:a2:
74:b9:fb:52:fa:5d:44:8f:6f:3c:ec:e0:89:8d:d7:
a6:70:da:17:03:29:0b:9a:4d:50:5c:6c:97:80:ef:
d2:82:ac:5a:57:b3:6a:2f:f4:e3:f8:c8:2c:24:50:
50:44:80:7e:6e:85:d7:a0:fa:a5:54:21:0b:3a:0c:
26:9b:b2:2d:1a:37:87:87:3b:d2:7a:10:2e:33:24:
6f:62:35:88:e7:f4:d4:7f:4b:35:4a:db:d9:1a:a4:
05:85:00:c3:1f:b0:f3:74:e5:30:72:64:6e:10:8c:
36:62:78:ce:b9:2d:19:51:2c:10:b8:62:ff:86:d4:
e2:b8:5a:80:45:02:26:48:b2:0a:c1:f2:74:e7:ca:
52:7e:e4:67:7a:92:4e:2d:59:b6:94:be:c9:72:1d:
66:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:AA:0F:16:71:E4:50:04:97:CF:E7:C5:30:7A:4F:8A:88:81:3E:B8
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS64267.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
162.141.71.0/24
162.141.83.0/24
167.148.117.0/24
167.148.125.0/24
Signature Algorithm: sha256WithRSAEncryption
81:ef:5a:a9:76:22:cf:0a:16:8d:f9:63:c9:7b:02:75:38:fd:
c9:cc:28:f7:9c:48:45:c5:87:cc:93:1f:b1:35:c7:c8:82:c4:
3c:52:89:8f:c6:d2:a0:9a:c1:c1:ba:ab:26:de:75:f3:37:c3:
8b:36:d5:01:88:2a:fe:6f:c0:ba:a6:e0:e7:fe:c6:97:ad:f0:
e8:b1:8d:f9:97:55:fa:3b:dc:3c:50:55:04:56:48:ec:9d:5a:
46:4f:99:e8:d7:48:b2:2a:32:44:62:7c:70:8d:7a:2e:5f:da:
33:9c:3b:4d:18:3a:37:17:3e:f7:9a:49:cb:53:2a:40:9d:25:
ea:bd:db:e7:92:24:e9:a4:94:11:61:e5:87:b6:1f:36:dc:45:
38:21:bb:96:ae:0c:ea:57:3a:da:db:af:90:1d:4d:5d:e8:16:
0b:7c:28:8f:51:d4:3c:9c:56:45:c4:0d:81:72:e9:5d:da:30:
c9:ff:cd:b7:a3:73:eb:66:c2:d0:f9:75:72:7e:c9:93:de:2c:
67:0f:ed:45:59:4d:16:a2:60:79:b6:57:83:f4:0a:7b:4a:55:
2a:76:0f:95:15:a5:ba:9b:16:bd:de:98:32:42:25:de:ef:3e:
cc:64:d9:b1:dd:cd:30:c9:3c:d7:0f:66:93:80:b4:40:f3:db:
33:e3:7f:1c
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgIUA6ia6Q39I6ZwQp9TqBWrY4Lcz4owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTA4MzEwMDAyMjRaFw0yNjA4MzAwMDA3MjRaMDMxMTAvBgNV
BAMTKEI1QUEwRjE2NzFFNDUwMDQ5N0NGRTdDNTMwN0E0RjhBODg4MTNFQjgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDRNmgwn1EeEwTQYyHBpwrRNBMo
zVG/dvxdfl9DDHQ4+HHgJndvs+N64YsW1gIeEPuFyp6aiZvubK8dMjrs0aRreRR8
glzmKY7fb5NAYA0XuQsFu3HIOCaLwQ9LTSJGQzQfJd92PHRDonS5+1L6XUSPbzzs
4ImN16Zw2hcDKQuaTVBcbJeA79KCrFpXs2ov9OP4yCwkUFBEgH5uhdeg+qVUIQs6
DCabsi0aN4eHO9J6EC4zJG9iNYjn9NR/SzVK29kapAWFAMMfsPN05TByZG4QjDZi
eM65LRlRLBC4Yv+G1OK4WoBFAiZIsgrB8nTnylJ+5Gd6kk4tWbaUvslyHWbbAgMB
AAGjggIbMIICFzAdBgNVHQ4EFgQUtaoPFnHkUASXz+fFMHpPioiBPrgwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTNjQyNjcucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwMQYIKwYBBQUHAQcBAf8EIjAgMB4EAgABMBgDBACijUcD
BACijVMDBACnlHUDBACnlH0wDQYJKoZIhvcNAQELBQADggEBAIHvWql2Is8KFo35
Y8l7AnU4/cnMKPecSEXFh8yTH7E1x8iCxDxSiY/G0qCawcG6qybedfM3w4s21QGI
Kv5vwLqm4Of+xpet8OixjfmXVfo73DxQVQRWSOydWkZPmejXSLIqMkRifHCNei5f
2jOcO00YOjcXPveaSctTKkCdJeq92+eSJOmklBFh5Ye2HzbcRTghu5auDOpXOtrb
r5AdTV3oFgt8KI9R1DycVkXEDYFy6V3aMMn/zbejc+tmwtD5dXJ+yZPeLGcP7UVZ
TRaiYHm2V4P0CntKVSp2D5UVpbqbFr3emDJCJd7vPsxk2bHdzTDJPNcPZpOAtEDz
2zPjfxw=
-----END CERTIFICATE-----
Generated at Sun Sep 7 12:33:34 2025 by rpki-client