Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS64267.roa
File: AS64267.roa (raw, json)
Hash identifier: UMxahEpc7ZEpDUcpkSuki/urly8PHCkr2YKsEf8jzIw=
Subject key identifier: EA:CA:6B:4B:42:CE:DC:04:27:19:6E:1D:05:70:4B:8F:C8:C5:14:B0
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 016C4BFD5DE7974A1906E2FAA95A8BB955C56995
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS64267.roa
Signing time: Tue 26 Mar 2024 00:01:57 +0000
ROA not before: Mon 25 Mar 2024 23:56:57 +0000
ROA not after: Tue 25 Mar 2025 00:01:57 +0000
asID: 64267
IP address blocks: 2.57.17.0/24 maxlen: 24
45.139.180.0/24 maxlen: 24
89.19.46.0/24 maxlen: 24
92.242.186.0/24 maxlen: 24
141.98.89.0/24 maxlen: 24
179.61.152.0/24 maxlen: 24
179.61.207.0/24 maxlen: 24
179.61.209.0/24 maxlen: 24
181.41.201.0/24 maxlen: 24
181.41.210.0/24 maxlen: 24
181.41.212.0/24 maxlen: 24
181.41.217.0/24 maxlen: 24
181.41.219.0/24 maxlen: 24
181.214.7.0/24 maxlen: 24
181.214.76.0/24 maxlen: 24
181.214.179.0/24 maxlen: 24
181.214.211.0/24 maxlen: 24
181.214.212.0/24 maxlen: 24
181.214.229.0/24 maxlen: 24
181.215.36.0/24 maxlen: 24
181.215.40.0/24 maxlen: 24
181.215.200.0/24 maxlen: 24
181.215.238.0/24 maxlen: 24
191.96.8.0/24 maxlen: 24
191.96.10.0/24 maxlen: 24
191.96.26.0/24 maxlen: 24
191.96.28.0/24 maxlen: 24
191.96.99.0/24 maxlen: 24
191.96.137.0/24 maxlen: 24
191.96.169.0/24 maxlen: 24
191.96.249.0/24 maxlen: 24
191.101.83.0/24 maxlen: 24
191.101.89.0/24 maxlen: 24
191.101.136.0/24 maxlen: 24
191.101.137.0/24 maxlen: 24
191.101.144.0/24 maxlen: 24
191.101.145.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 10 May 2024 20:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:6c:4b:fd:5d:e7:97:4a:19:06:e2:fa:a9:5a:8b:b9:55:c5:69:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Mar 25 23:56:57 2024 GMT
Not After : Mar 25 00:01:57 2025 GMT
Subject: CN=EACA6B4B42CEDC0427196E1D05704B8FC8C514B0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:e6:47:ac:c8:16:d8:ef:32:ad:bc:1a:f4:5f:
0e:8d:0b:92:83:c6:91:1d:e8:40:80:eb:45:38:a9:
75:f5:ae:b5:46:d4:96:74:7f:0e:04:a5:ea:74:67:
af:dd:81:55:27:aa:c9:f1:a3:3e:d5:0c:96:05:38:
65:48:72:61:5d:6f:1b:6f:d3:ff:6e:2c:0f:fa:5d:
45:f5:93:81:89:2f:db:2c:91:47:0c:f2:f1:62:27:
0e:e9:f2:a5:e8:d2:10:1e:5e:43:80:9f:c9:5a:4b:
b3:3a:73:52:8a:c8:c9:6c:c5:ef:d2:f5:88:99:90:
38:b9:4d:5a:c1:03:82:f9:08:5d:f0:fe:1e:d9:1b:
aa:97:16:21:a7:83:22:0f:b1:ee:89:04:94:d6:dc:
1d:a5:3c:93:0a:b5:c8:11:7b:3b:2f:b9:b7:ea:7d:
3a:a6:c6:31:eb:f4:80:23:bf:e7:98:0c:b9:37:d5:
39:6c:8d:50:a8:f1:7b:30:17:62:02:be:34:9e:68:
a7:87:94:d9:11:bf:fb:17:dd:82:a9:4b:3f:d7:dd:
07:9c:ef:1d:52:33:30:e7:04:4d:9c:f5:87:d5:22:
76:17:d5:4d:47:42:a1:2b:85:da:8c:80:6e:61:5e:
4f:5b:e0:b1:ac:ed:2f:5a:5e:72:86:70:73:8b:5d:
f4:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:CA:6B:4B:42:CE:DC:04:27:19:6E:1D:05:70:4B:8F:C8:C5:14:B0
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS64267.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.57.17.0/24
45.139.180.0/24
89.19.46.0/24
92.242.186.0/24
141.98.89.0/24
179.61.152.0/24
179.61.207.0/24
179.61.209.0/24
181.41.201.0/24
181.41.210.0/24
181.41.212.0/24
181.41.217.0/24
181.41.219.0/24
181.214.7.0/24
181.214.76.0/24
181.214.179.0/24
181.214.211.0-181.214.212.255
181.214.229.0/24
181.215.36.0/24
181.215.40.0/24
181.215.200.0/24
181.215.238.0/24
191.96.8.0/24
191.96.10.0/24
191.96.26.0/24
191.96.28.0/24
191.96.99.0/24
191.96.137.0/24
191.96.169.0/24
191.96.249.0/24
191.101.83.0/24
191.101.89.0/24
191.101.136.0/23
191.101.144.0/23
Signature Algorithm: sha256WithRSAEncryption
14:ca:7f:6a:62:e5:ea:a7:4a:f2:62:fa:b4:6c:3a:6f:fb:36:
68:3e:ab:c2:de:42:2a:8c:5b:26:df:98:fa:7f:db:56:2d:3a:
b4:36:18:83:c3:c4:47:3c:ca:83:0b:0a:11:aa:21:2f:32:07:
ae:3b:01:53:8b:98:5b:d7:f5:91:de:fd:c7:9c:b0:04:1d:e6:
b5:21:15:51:cb:b0:97:d8:c7:26:c5:60:12:9c:52:bb:b8:cd:
ea:19:48:8c:23:9f:0d:c7:51:2a:b1:2f:92:ba:e8:b7:8f:77:
68:07:d9:3d:14:58:7f:13:59:61:9d:95:e5:f8:9b:2d:d4:1a:
d5:b4:34:46:d9:27:fb:c3:88:c5:ec:d1:f2:d8:b4:28:f9:0d:
9f:fc:eb:43:25:d6:78:40:5f:87:36:7d:87:78:64:11:14:5a:
dd:7c:5b:d5:bd:9f:68:ec:57:21:2f:2e:c2:72:80:95:6f:4f:
00:f4:3d:3f:65:c6:93:f2:4f:71:fe:52:b1:10:28:b0:a7:44:
3f:e2:cb:8e:50:3d:51:32:21:07:70:3b:80:ff:91:8c:88:4b:
a8:7f:af:2c:71:d9:d1:b1:52:6b:e4:3b:ba:87:37:5b:01:eb:
51:8f:5d:21:f5:9d:a7:8b:41:8a:22:88:d1:e8:8f:b0:d1:4f:
68:d5:f8:d1
-----BEGIN CERTIFICATE-----
MIIF0jCCBLqgAwIBAgIUAWxL/V3nl0oZBuL6qVqLuVXFaZUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNDAzMjUyMzU2NTdaFw0yNTAzMjUwMDAxNTdaMDMxMTAvBgNV
BAMTKEVBQ0E2QjRCNDJDRURDMDQyNzE5NkUxRDA1NzA0QjhGQzhDNTE0QjAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCl5kesyBbY7zKtvBr0Xw6NC5KD
xpEd6ECA60U4qXX1rrVG1JZ0fw4Epep0Z6/dgVUnqsnxoz7VDJYFOGVIcmFdbxtv
0/9uLA/6XUX1k4GJL9sskUcM8vFiJw7p8qXo0hAeXkOAn8laS7M6c1KKyMlsxe/S
9YiZkDi5TVrBA4L5CF3w/h7ZG6qXFiGngyIPse6JBJTW3B2lPJMKtcgRezsvubfq
fTqmxjHr9IAjv+eYDLk31TlsjVCo8XswF2ICvjSeaKeHlNkRv/sX3YKpSz/X3Qec
7x1SMzDnBE2c9YfVInYX1U1HQqErhdqMgG5hXk9b4LGs7S9aXnKGcHOLXfSTAgMB
AAGjggLcMIIC2DAdBgNVHQ4EFgQU6sprS0LO3AQnGW4dBXBLj8jFFLAwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTNjQyNjcucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwgfEGCCsGAQUFBwEHAQH/BIHhMIHeMIHbBAIAATCB1AME
AAI5EQMEAC2LtAMEAFkTLgMEAFzyugMEAI1iWQMEALM9mAMEALM9zwMEALM90QME
ALUpyQMEALUp0gMEALUp1AMEALUp2QMEALUp2wMEALXWBwMEALXWTAMEALXWszAM
AwQAtdbTAwQAtdbUAwQAtdblAwQAtdckAwQAtdcoAwQAtdfIAwQAtdfuAwQAv2AI
AwQAv2AKAwQAv2AaAwQAv2AcAwQAv2BjAwQAv2CJAwQAv2CpAwQAv2D5AwQAv2VT
AwQAv2VZAwQBv2WIAwQBv2WQMA0GCSqGSIb3DQEBCwUAA4IBAQAUyn9qYuXqp0ry
Yvq0bDpv+zZoPqvC3kIqjFsm35j6f9tWLTq0NhiDw8RHPMqDCwoRqiEvMgeuOwFT
i5hb1/WR3v3HnLAEHea1IRVRy7CX2McmxWASnFK7uM3qGUiMI58Nx1EqsS+Suui3
j3doB9k9FFh/E1lhnZXl+Jst1BrVtDRG2Sf7w4jF7NHy2LQo+Q2f/OtDJdZ4QF+H
Nn2HeGQRFFrdfFvVvZ9o7FchLy7CcoCVb08A9D0/ZcaT8k9x/lKxECiwp0Q/4suO
UD1RMiEHcDuA/5GMiEuof68scdnRsVJr5Du6hzdbAetRj10h9Z2ni0GKIojR6I+w
0U9o1fjR
-----END CERTIFICATE-----
Generated at Fri May 10 02:42:24 2024 by rpki-client on console-fra.rpki-client.org