Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS64267.roa
File: AS64267.roa (raw, json)
Hash identifier: KacfeQd/su/SAmK/CNaozq8Q8povOrcsp09p2lQVugk=
Subject key identifier: 06:8F:D8:DC:3D:2E:A5:92:29:26:D3:D8:30:0A:A5:EC:A8:E5:A1:AF
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 698B70E64ECAA8B4B156A5D95B11D5ACAABB6019
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS64267.roa
Signing time: Mon 10 Mar 2025 14:26:54 +0000
ROA not before: Mon 10 Mar 2025 14:21:54 +0000
ROA not after: Mon 09 Mar 2026 14:26:54 +0000
asID: 64267
IP address blocks: 2.57.17.0/24 maxlen: 24
45.139.180.0/24 maxlen: 24
89.19.46.0/24 maxlen: 24
89.19.49.0/24 maxlen: 24
141.98.89.0/24 maxlen: 24
179.61.145.0/24 maxlen: 24
179.61.207.0/24 maxlen: 24
179.61.209.0/24 maxlen: 24
181.41.210.0/24 maxlen: 24
181.41.212.0/24 maxlen: 24
181.41.217.0/24 maxlen: 24
181.41.219.0/24 maxlen: 24
181.214.7.0/24 maxlen: 24
181.214.76.0/24 maxlen: 24
181.214.179.0/24 maxlen: 24
181.214.209.0/24 maxlen: 24
181.214.211.0/24 maxlen: 24
181.214.229.0/24 maxlen: 24
181.215.40.0/24 maxlen: 24
181.215.238.0/24 maxlen: 24
185.137.93.0/24 maxlen: 24
185.137.95.0/24 maxlen: 24
185.139.0.0/24 maxlen: 24
185.158.149.0/24 maxlen: 24
191.96.249.0/24 maxlen: 24
191.101.66.0/24 maxlen: 24
191.101.67.0/24 maxlen: 24
191.101.83.0/24 maxlen: 24
191.101.89.0/24 maxlen: 24
191.101.125.0/24 maxlen: 24
191.101.137.0/24 maxlen: 24
193.7.202.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
69:8b:70:e6:4e:ca:a8:b4:b1:56:a5:d9:5b:11:d5:ac:aa:bb:60:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Mar 10 14:21:54 2025 GMT
Not After : Mar 9 14:26:54 2026 GMT
Subject: CN=068FD8DC3D2EA5922926D3D8300AA5ECA8E5A1AF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:6c:22:ff:d1:c1:d5:1e:a4:59:1f:19:58:09:
a2:2c:c4:32:94:9b:5d:e2:b0:bf:67:93:90:4a:10:
fa:e4:af:28:97:6e:6b:98:12:8b:ac:a1:cf:ed:03:
dd:71:23:f7:c1:9d:83:d3:34:2e:d3:03:67:6e:60:
20:d0:b7:65:7a:ee:49:db:2c:52:12:1d:95:e1:fc:
a4:14:f4:c9:86:25:fc:ab:60:67:8f:dc:5b:40:e0:
ab:77:79:5d:bb:17:39:29:57:7f:7f:0d:28:9a:ce:
3a:cb:44:b2:b0:83:96:13:09:f9:e8:34:cc:8a:4a:
f1:a5:c8:1f:70:1e:22:c0:10:4d:90:e6:31:ba:e2:
8f:da:b3:22:82:2f:09:1a:ee:a0:1d:a1:82:0c:f3:
32:d5:50:4a:1c:d1:a6:e3:6a:1e:e1:e4:94:73:18:
8b:3e:64:d1:ea:0b:72:76:22:19:aa:b4:ef:fc:ff:
94:b8:a3:db:e6:36:95:46:0a:4b:31:d7:20:58:f4:
e6:55:87:c8:81:67:ea:33:90:a0:f2:0e:fb:7a:93:
e7:55:13:de:d9:65:41:83:ad:da:a4:76:2e:57:65:
94:80:78:d4:db:20:7e:98:d4:c2:2b:bc:4a:18:42:
24:7e:6f:21:9f:65:d9:75:0b:74:7d:a6:d8:71:93:
ee:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:8F:D8:DC:3D:2E:A5:92:29:26:D3:D8:30:0A:A5:EC:A8:E5:A1:AF
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS64267.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.57.17.0/24
45.139.180.0/24
89.19.46.0/24
89.19.49.0/24
141.98.89.0/24
179.61.145.0/24
179.61.207.0/24
179.61.209.0/24
181.41.210.0/24
181.41.212.0/24
181.41.217.0/24
181.41.219.0/24
181.214.7.0/24
181.214.76.0/24
181.214.179.0/24
181.214.209.0/24
181.214.211.0/24
181.214.229.0/24
181.215.40.0/24
181.215.238.0/24
185.137.93.0/24
185.137.95.0/24
185.139.0.0/24
185.158.149.0/24
191.96.249.0/24
191.101.66.0/23
191.101.83.0/24
191.101.89.0/24
191.101.125.0/24
191.101.137.0/24
193.7.202.0/24
Signature Algorithm: sha256WithRSAEncryption
50:83:1a:46:c8:49:b4:66:05:ab:94:15:01:bf:5b:88:f3:1b:
09:0f:05:98:22:df:81:3f:8c:8a:b7:fe:18:e4:fb:d0:ee:76:
e3:26:6f:d6:36:16:c0:6f:a8:4d:1d:52:39:1a:19:5e:f5:d8:
ba:8f:eb:c7:ec:f5:74:70:07:82:24:cc:8b:91:73:47:36:ed:
57:cb:14:3d:5a:d0:17:db:11:0f:8e:12:e4:05:0c:68:4c:ef:
64:5b:18:3f:dc:3b:61:a2:fc:ed:37:23:7f:98:4c:36:d4:4b:
f8:43:2d:b0:02:e9:69:86:45:fb:aa:38:b8:0d:c6:cc:56:36:
84:74:00:eb:07:5f:e4:c4:ee:a5:49:e0:38:d5:2c:df:16:2d:
ce:ba:60:86:10:36:4b:b1:38:d2:f0:61:e7:8e:67:a1:75:30:
97:4d:ff:a1:f9:08:60:33:6e:4f:f3:5a:88:0e:28:b0:d3:f9:
1f:4d:fd:93:61:5c:43:81:42:a9:a5:18:3d:3c:27:56:0a:37:
ce:bf:7f:6b:c9:40:c3:07:74:13:b6:6b:19:2c:f4:23:65:fc:
52:f8:50:b6:ee:82:62:ef:91:1a:7a:a7:e1:42:38:94:a8:6c:
8a:61:bd:22:05:a8:48:98:e5:26:54:ce:43:ea:6a:bc:de:a4:
62:7f:71:4b
-----BEGIN CERTIFICATE-----
MIIFuDCCBKCgAwIBAgIUaYtw5k7KqLSxVqXZWxHVrKq7YBkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNTAzMTAxNDIxNTRaFw0yNjAzMDkxNDI2NTRaMDMxMTAvBgNV
BAMTKDA2OEZEOERDM0QyRUE1OTIyOTI2RDNEODMwMEFBNUVDQThFNUExQUYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCkbCL/0cHVHqRZHxlYCaIsxDKU
m13isL9nk5BKEPrkryiXbmuYEousoc/tA91xI/fBnYPTNC7TA2duYCDQt2V67knb
LFISHZXh/KQU9MmGJfyrYGeP3FtA4Kt3eV27FzkpV39/DSiazjrLRLKwg5YTCfno
NMyKSvGlyB9wHiLAEE2Q5jG64o/asyKCLwka7qAdoYIM8zLVUEoc0abjah7h5JRz
GIs+ZNHqC3J2IhmqtO/8/5S4o9vmNpVGCksx1yBY9OZVh8iBZ+ozkKDyDvt6k+dV
E97ZZUGDrdqkdi5XZZSAeNTbIH6Y1MIrvEoYQiR+byGfZdl1C3R9pthxk+43AgMB
AAGjggLCMIICvjAdBgNVHQ4EFgQUBo/Y3D0upZIpJtPYMAql7Kjloa8wHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTNjQyNjcucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwgdcGCCsGAQUFBwEHAQH/BIHHMIHEMIHBBAIAATCBugME
AAI5EQMEAC2LtAMEAFkTLgMEAFkTMQMEAI1iWQMEALM9kQMEALM9zwMEALM90QME
ALUp0gMEALUp1AMEALUp2QMEALUp2wMEALXWBwMEALXWTAMEALXWswMEALXW0QME
ALXW0wMEALXW5QMEALXXKAMEALXX7gMEALmJXQMEALmJXwMEALmLAAMEALmelQME
AL9g+QMEAb9lQgMEAL9lUwMEAL9lWQMEAL9lfQMEAL9liQMEAMEHyjANBgkqhkiG
9w0BAQsFAAOCAQEAUIMaRshJtGYFq5QVAb9biPMbCQ8FmCLfgT+Mirf+GOT70O52
4yZv1jYWwG+oTR1SORoZXvXYuo/rx+z1dHAHgiTMi5FzRzbtV8sUPVrQF9sRD44S
5AUMaEzvZFsYP9w7YaL87Tcjf5hMNtRL+EMtsALpaYZF+6o4uA3GzFY2hHQA6wdf
5MTupUngONUs3xYtzrpghhA2S7E40vBh545noXUwl03/ofkIYDNuT/NaiA4osNP5
H039k2FcQ4FCqaUYPTwnVgo3zr9/a8lAwwd0E7ZrGSz0I2X8UvhQtu6CYu+RGnqn
4UI4lKhsimG9IgWoSJjlJlTOQ+pqvN6kYn9xSw==
-----END CERTIFICATE-----
Generated at Sat Apr 5 04:30:09 2025 by rpki-client