Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS64267.roa
File: AS64267.roa (raw, json)
Hash identifier: VblsrSQhhooJMALd+ayxi85bgcilOfSy8GUFg6fHHXs=
Subject key identifier: 3B:0B:43:05:8C:FA:7A:83:92:F2:EE:82:31:42:DD:70:35:88:D3:33
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 61C6A1918BF1E18A7E4478254E34CF93E979EBDA
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS64267.roa
Signing time: Sat 31 May 2025 06:29:34 +0000
ROA not before: Sat 31 May 2025 06:24:34 +0000
ROA not after: Sat 30 May 2026 06:29:34 +0000
asID: 64267
IP address blocks: 148.135.255.0/24 maxlen: 24
162.141.123.0/24 maxlen: 24
167.148.126.0/24 maxlen: 24
167.148.159.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 07 Jun 2025 06:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
61:c6:a1:91:8b:f1:e1:8a:7e:44:78:25:4e:34:cf:93:e9:79:eb:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: May 31 06:24:34 2025 GMT
Not After : May 30 06:29:34 2026 GMT
Subject: CN=3B0B43058CFA7A8392F2EE823142DD703588D333
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:f9:17:7b:a9:9c:b5:6e:1e:63:e3:50:44:55:
76:a3:4f:a9:98:5a:1a:7b:a3:87:99:d2:59:10:8c:
5c:44:b1:db:ea:e5:89:75:fc:79:fb:3f:7a:1f:f2:
26:b2:40:f4:7b:92:98:9d:98:5e:7c:ee:64:cc:18:
a0:b7:76:2a:91:be:2e:f7:a0:7f:32:3a:06:a9:d0:
ec:c7:2c:20:77:f6:dd:24:d1:03:23:77:8a:3a:97:
b4:35:50:a8:db:1d:5d:1c:d2:2b:a7:0c:13:39:87:
f9:cf:0e:ed:d8:93:7b:00:6f:47:ac:56:5a:52:31:
fa:8f:ab:a3:b3:e9:6b:29:b7:a2:b9:11:6e:f1:ff:
a6:7a:19:50:ec:b6:ff:86:3a:30:e1:09:92:32:90:
db:0a:14:9a:f7:c9:04:d8:fd:ad:25:c9:8b:0f:b5:
b9:83:7d:6c:d2:97:33:3c:6d:25:ae:9a:56:92:ad:
d2:8c:14:65:f1:d2:6c:7c:34:9a:b1:4a:a5:59:cb:
68:45:13:c3:dd:b4:09:2b:0a:7e:0b:a8:42:83:02:
69:06:c2:c4:cd:cb:2c:25:3e:ac:ef:e5:5d:4c:32:
33:82:49:9e:20:01:93:70:5d:1d:a8:84:9c:89:3b:
96:2b:b4:d7:3c:f5:da:35:66:48:07:8d:04:22:44:
63:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:0B:43:05:8C:FA:7A:83:92:F2:EE:82:31:42:DD:70:35:88:D3:33
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS64267.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
148.135.255.0/24
162.141.123.0/24
167.148.126.0/24
167.148.159.0/24
Signature Algorithm: sha256WithRSAEncryption
7a:47:71:b7:18:59:6a:27:3a:a7:91:ba:e7:dc:86:e0:2e:be:
c8:b7:cf:57:c5:db:47:32:5b:24:8d:db:8e:e4:e8:85:de:0e:
80:b6:70:1e:f8:9d:89:d6:6b:b8:2b:b7:cc:3a:fa:87:3b:8a:
bd:84:7d:0c:a7:06:12:3b:69:bf:3e:39:c0:79:9c:96:ef:41:
bd:c3:91:c4:95:ac:ff:d4:5f:63:b7:2b:06:1d:ed:fe:e7:48:
05:14:57:50:5d:63:b9:be:1a:a5:cf:7a:bb:31:56:c2:6a:4e:
99:a7:d4:3e:ba:86:3c:89:dd:10:5a:68:35:fc:1c:f1:84:70:
85:56:2a:0b:9d:93:47:90:d2:0f:1b:b6:54:ad:b0:ff:89:52:
57:60:d9:84:ce:68:ea:73:5f:ac:c7:3f:5d:b1:31:a2:0a:71:
ae:63:3e:8c:43:43:de:d8:ae:21:66:5a:de:2d:96:40:b7:04:
aa:03:f8:b7:98:3f:64:8a:bb:12:bc:00:05:0f:9b:9c:ba:ed:
ae:88:f9:19:5b:26:b2:62:36:17:ca:a0:b1:fd:ff:a8:66:3a:
7e:2f:42:01:68:c6:93:fe:b0:6f:16:93:9c:b5:48:7b:fc:f0:
a2:1c:18:f8:a0:4e:9e:ea:06:1c:43:49:bd:ad:08:bc:b8:42:
85:f1:ef:4f
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgIUYcahkYvx4Yp+RHglTjTPk+l569owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTA1MzEwNjI0MzRaFw0yNjA1MzAwNjI5MzRaMDMxMTAvBgNV
BAMTKDNCMEI0MzA1OENGQTdBODM5MkYyRUU4MjMxNDJERDcwMzU4OEQzMzMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC3+Rd7qZy1bh5j41BEVXajT6mY
Whp7o4eZ0lkQjFxEsdvq5Yl1/Hn7P3of8iayQPR7kpidmF587mTMGKC3diqRvi73
oH8yOgap0OzHLCB39t0k0QMjd4o6l7Q1UKjbHV0c0iunDBM5h/nPDu3Yk3sAb0es
VlpSMfqPq6Oz6Wspt6K5EW7x/6Z6GVDstv+GOjDhCZIykNsKFJr3yQTY/a0lyYsP
tbmDfWzSlzM8bSWumlaSrdKMFGXx0mx8NJqxSqVZy2hFE8PdtAkrCn4LqEKDAmkG
wsTNyywlPqzv5V1MMjOCSZ4gAZNwXR2ohJyJO5YrtNc89do1ZkgHjQQiRGOFAgMB
AAGjggIbMIICFzAdBgNVHQ4EFgQUOwtDBYz6eoOS8u6CMULdcDWI0zMwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTNjQyNjcucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwMQYIKwYBBQUHAQcBAf8EIjAgMB4EAgABMBgDBACUh/8D
BACijXsDBACnlH4DBACnlJ8wDQYJKoZIhvcNAQELBQADggEBAHpHcbcYWWonOqeR
uufchuAuvsi3z1fF20cyWySN247k6IXeDoC2cB74nYnWa7grt8w6+oc7ir2EfQyn
BhI7ab8+OcB5nJbvQb3DkcSVrP/UX2O3KwYd7f7nSAUUV1BdY7m+GqXPersxVsJq
Tpmn1D66hjyJ3RBaaDX8HPGEcIVWKgudk0eQ0g8btlStsP+JUldg2YTOaOpzX6zH
P12xMaIKca5jPoxDQ97YriFmWt4tlkC3BKoD+LeYP2SKuxK8AAUPm5y67a6I+Rlb
JrJiNhfKoLH9/6hmOn4vQgFoxpP+sG8Wk5y1SHv88KIcGPigTp7qBhxDSb2tCLy4
QoXx708=
-----END CERTIFICATE-----
Generated at Fri Jun 6 16:28:44 2025 by rpki-client