Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS64267.roa
File: AS64267.roa (raw, json)
Hash identifier: 0muRYHjkBB5uEJFxsR8LNaPHd4TU03X2BjDojyjELEs=
Subject key identifier: 61:1A:93:88:D5:11:77:B1:E4:C0:4D:56:F4:00:D8:EF:D6:68:F8:B9
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 5522FD9B515BB43536F55FA348B13936B60A9E92
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS64267.roa
Signing time: Fri 22 May 2026 06:37:56 +0000
ROA not before: Fri 22 May 2026 06:32:56 +0000
ROA not after: Fri 21 May 2027 06:37:56 +0000
asID: 64267
IP address blocks: 143.14.188.0/24 maxlen: 24
150.241.136.0/24 maxlen: 24
150.241.174.0/24 maxlen: 24
150.241.234.0/24 maxlen: 24
155.117.81.0/24 maxlen: 24
162.141.48.0/24 maxlen: 24
162.141.116.0/24 maxlen: 24
162.141.138.0/24 maxlen: 24
167.148.136.0/24 maxlen: 24
167.148.162.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 04 Jun 2026 15:08:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
55:22:fd:9b:51:5b:b4:35:36:f5:5f:a3:48:b1:39:36:b6:0a:9e:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: May 22 06:32:56 2026 GMT
Not After : May 21 06:37:56 2027 GMT
Subject: CN=611A9388D51177B1E4C04D56F400D8EFD668F8B9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:f7:cd:bf:bc:b9:4c:ab:e3:bf:36:82:27:6f:
3d:04:f6:0e:d7:9c:76:50:40:bc:69:c9:e9:5b:25:
55:b4:66:52:ee:4d:40:8a:fa:4a:ec:ff:df:00:ee:
f9:f1:3a:0e:48:01:56:9c:4e:15:76:43:3f:65:c7:
dd:84:ea:3e:aa:73:29:29:54:07:20:ce:ab:b0:ab:
07:a0:bd:cc:aa:c4:e0:7d:b3:eb:6f:a5:ae:e2:36:
23:ec:b4:47:2a:e3:4e:e4:cc:20:f1:bc:31:9f:e9:
54:ee:22:51:ab:4e:21:e4:02:a3:68:0d:21:73:99:
1f:29:21:aa:eb:f6:30:2a:74:36:e2:4c:de:e8:a0:
66:d1:9e:44:16:39:ae:55:ce:ef:07:77:58:ab:d6:
fb:97:db:c0:85:ba:3d:b7:a6:33:b4:25:01:32:7e:
e3:fe:6d:2e:6e:21:b2:e0:67:48:9e:6a:78:15:73:
a3:58:04:0d:f5:51:f2:dd:0f:ec:47:20:0e:bb:48:
1a:6c:60:f5:d6:0e:75:cb:ce:2c:9f:31:17:93:17:
6b:02:8f:45:45:37:8d:23:c9:4e:c3:69:02:28:63:
82:9f:7f:ee:44:c0:9d:ca:e8:99:6b:2d:a0:83:fd:
a4:c9:03:91:37:68:45:52:91:62:62:31:93:40:37:
ba:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:1A:93:88:D5:11:77:B1:E4:C0:4D:56:F4:00:D8:EF:D6:68:F8:B9
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS64267.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.14.188.0/24
150.241.136.0/24
150.241.174.0/24
150.241.234.0/24
155.117.81.0/24
162.141.48.0/24
162.141.116.0/24
162.141.138.0/24
167.148.136.0/24
167.148.162.0/24
Signature Algorithm: sha256WithRSAEncryption
91:a9:73:5b:5d:40:e9:b6:d4:6f:51:1f:78:7e:46:4b:29:e2:
20:67:4e:65:db:d9:25:7c:e4:8d:1f:83:14:ed:0d:a7:d8:9e:
c0:49:aa:64:d1:3a:cb:25:fd:3e:a2:7a:0b:27:94:49:c0:06:
db:67:90:ee:52:45:51:e1:23:bd:86:f2:2c:01:42:15:1e:fc:
fc:67:9b:69:b2:83:e1:b7:d0:ac:a4:fa:cc:61:8a:be:ff:b2:
02:9d:66:81:91:0e:70:d4:94:22:a4:27:80:64:3e:17:be:15:
1d:81:35:da:76:1c:7f:c8:a2:30:40:b9:8b:21:84:cb:e7:0f:
ec:f7:f9:05:fc:15:65:ad:f3:48:03:55:ea:cc:2a:42:a6:50:
fa:0a:80:e3:e3:27:f2:00:0f:5f:76:24:c5:0f:ff:05:9d:98:
e0:7a:f9:2a:bc:d6:90:2c:16:1d:26:c5:4c:80:f7:e5:65:0a:
4e:96:06:1c:5c:a7:55:00:56:1a:e6:7f:c4:aa:a9:12:3b:72:
5f:d4:11:af:92:eb:23:40:7d:df:f8:13:40:4c:65:56:14:7f:
a0:9e:aa:1c:ef:63:1c:8f:ad:fd:1c:08:fc:cb:8f:63:e4:3c:
4a:86:e9:f1:5a:79:61:b7:8a:7b:b8:b6:04:52:ab:9d:66:a0:
75:7b:86:38
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUVSL9m1FbtDU29V+jSLE5NrYKnpIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNjA1MjIwNjMyNTZaFw0yNzA1MjEwNjM3NTZaMDMxMTAvBgNV
BAMTKDYxMUE5Mzg4RDUxMTc3QjFFNEMwNEQ1NkY0MDBEOEVGRDY2OEY4QjkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDY982/vLlMq+O/NoInbz0E9g7X
nHZQQLxpyelbJVW0ZlLuTUCK+krs/98A7vnxOg5IAVacThV2Qz9lx92E6j6qcykp
VAcgzquwqwegvcyqxOB9s+tvpa7iNiPstEcq407kzCDxvDGf6VTuIlGrTiHkAqNo
DSFzmR8pIarr9jAqdDbiTN7ooGbRnkQWOa5Vzu8Hd1ir1vuX28CFuj23pjO0JQEy
fuP+bS5uIbLgZ0ieangVc6NYBA31UfLdD+xHIA67SBpsYPXWDnXLziyfMReTF2sC
j0VFN40jyU7DaQIoY4Kff+5EwJ3K6JlrLaCD/aTJA5E3aEVSkWJiMZNAN7rDAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUYRqTiNURd7HkwE1W9ADY79Zo+LkwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTNjQyNjcucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwVQYIKwYBBQUHAQcBAf8ERjBEMEIEAgABMDwDBACPDrwD
BACW8YgDBACW8a4DBACW8eoDBACbdVEDBACijTADBACijXQDBACijYoDBACnlIgD
BACnlKIwDQYJKoZIhvcNAQELBQADggEBAJGpc1tdQOm21G9RH3h+Rksp4iBnTmXb
2SV85I0fgxTtDafYnsBJqmTROssl/T6iegsnlEnABttnkO5SRVHhI72G8iwBQhUe
/Pxnm2myg+G30Kyk+sxhir7/sgKdZoGRDnDUlCKkJ4BkPhe+FR2BNdp2HH/IojBA
uYshhMvnD+z3+QX8FWWt80gDVerMKkKmUPoKgOPjJ/IAD192JMUP/wWdmOB6+Sq8
1pAsFh0mxUyA9+VlCk6WBhxcp1UAVhrmf8SqqRI7cl/UEa+S6yNAfd/4E0BMZVYU
f6CeqhzvYxyPrf0cCPzLj2PkPEqG6fFaeWG3inu4tgRSq51moHV7hjg=
-----END CERTIFICATE-----
Generated at Wed Jun 3 23:21:26 2026 by rpki-client