Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS64267.roa
File: AS64267.roa (raw, json)
Hash identifier: ZkyrsPBZB40PTcJ7JKNtYSqk2r2IJ9KkPjxXrORSiuM=
Subject key identifier: F3:AC:21:B6:14:23:6F:1E:08:FF:B6:B3:26:E2:61:D9:9E:18:16:17
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 7E73753F9C9701633AEF2655544B8C6A216E1DF5
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS64267.roa
Signing time: Fri 25 Oct 2024 00:02:04 +0000
ROA not before: Thu 24 Oct 2024 23:57:04 +0000
ROA not after: Fri 24 Oct 2025 00:02:04 +0000
asID: 64267
IP address blocks: 2.57.17.0/24 maxlen: 24
45.139.180.0/24 maxlen: 24
89.19.46.0/24 maxlen: 24
89.19.49.0/24 maxlen: 24
141.98.89.0/24 maxlen: 24
179.61.145.0/24 maxlen: 24
179.61.155.0/24 maxlen: 24
179.61.190.0/24 maxlen: 24
179.61.207.0/24 maxlen: 24
179.61.209.0/24 maxlen: 24
181.41.201.0/24 maxlen: 24
181.41.210.0/24 maxlen: 24
181.41.212.0/24 maxlen: 24
181.41.217.0/24 maxlen: 24
181.41.219.0/24 maxlen: 24
181.214.7.0/24 maxlen: 24
181.214.76.0/24 maxlen: 24
181.214.179.0/24 maxlen: 24
181.214.209.0/24 maxlen: 24
181.214.211.0/24 maxlen: 24
181.214.229.0/24 maxlen: 24
181.215.40.0/24 maxlen: 24
181.215.200.0/24 maxlen: 24
181.215.238.0/24 maxlen: 24
185.137.93.0/24 maxlen: 24
185.137.95.0/24 maxlen: 24
185.139.0.0/24 maxlen: 24
185.158.149.0/24 maxlen: 24
191.96.249.0/24 maxlen: 24
191.101.66.0/24 maxlen: 24
191.101.67.0/24 maxlen: 24
191.101.83.0/24 maxlen: 24
191.101.89.0/24 maxlen: 24
191.101.125.0/24 maxlen: 24
191.101.137.0/24 maxlen: 24
193.7.202.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7e:73:75:3f:9c:97:01:63:3a:ef:26:55:54:4b:8c:6a:21:6e:1d:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Oct 24 23:57:04 2024 GMT
Not After : Oct 24 00:02:04 2025 GMT
Subject: CN=F3AC21B614236F1E08FFB6B326E261D99E181617
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:80:ae:86:e5:3c:fe:4e:9e:a0:f1:a2:82:c0:
ee:0d:c7:d2:7c:bc:0c:16:4d:d1:8c:5c:01:b2:8c:
ef:c6:ae:91:a5:9a:00:bb:fc:0a:e3:0d:a9:c2:0a:
73:9e:03:f4:51:b7:c6:b2:7a:cf:05:c5:2f:e8:cc:
b0:26:cf:09:4a:ea:e2:29:c5:7f:7b:e2:8e:40:ff:
78:6e:9e:b0:6b:e1:b5:1b:80:15:26:8e:c3:77:12:
de:31:79:e4:26:86:68:a5:b1:0b:b1:d8:9f:29:bc:
f6:f5:78:53:37:ff:91:a6:e8:6b:6e:9b:df:f0:60:
a8:5d:52:b3:5a:eb:52:49:13:4a:ce:49:00:fc:79:
ab:1e:67:3a:fb:18:c7:f5:f9:b2:64:f0:c9:37:e2:
fe:c7:48:a7:ea:7a:14:3f:1b:91:13:91:fd:0e:0c:
4a:48:68:84:a5:89:35:e7:c6:7a:01:c6:9e:49:44:
d9:30:95:8e:84:87:d0:4e:77:de:f8:e5:72:fb:ff:
43:98:0c:23:63:6a:d8:2c:05:22:e2:58:98:5c:cd:
1a:be:1e:26:48:5a:34:58:e0:a0:d3:c5:34:f3:8a:
10:2f:58:7c:b2:b4:6a:bc:dc:0b:cd:f1:e2:c0:2f:
e4:47:da:38:dc:c7:86:e4:d0:8d:9f:ce:a9:e4:3c:
95:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:AC:21:B6:14:23:6F:1E:08:FF:B6:B3:26:E2:61:D9:9E:18:16:17
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS64267.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.57.17.0/24
45.139.180.0/24
89.19.46.0/24
89.19.49.0/24
141.98.89.0/24
179.61.145.0/24
179.61.155.0/24
179.61.190.0/24
179.61.207.0/24
179.61.209.0/24
181.41.201.0/24
181.41.210.0/24
181.41.212.0/24
181.41.217.0/24
181.41.219.0/24
181.214.7.0/24
181.214.76.0/24
181.214.179.0/24
181.214.209.0/24
181.214.211.0/24
181.214.229.0/24
181.215.40.0/24
181.215.200.0/24
181.215.238.0/24
185.137.93.0/24
185.137.95.0/24
185.139.0.0/24
185.158.149.0/24
191.96.249.0/24
191.101.66.0/23
191.101.83.0/24
191.101.89.0/24
191.101.125.0/24
191.101.137.0/24
193.7.202.0/24
Signature Algorithm: sha256WithRSAEncryption
14:b8:07:30:99:5b:e2:ae:96:e6:fd:e5:10:72:55:60:fa:08:
bf:9a:2d:47:ae:19:54:fc:65:8a:9d:8d:e1:28:fc:21:5f:f3:
70:72:1f:39:99:d0:65:c7:54:df:da:a0:f2:e9:de:7b:74:b9:
31:01:a4:e1:be:e2:d7:d1:07:87:06:49:08:ce:f4:27:5a:3e:
b2:e2:ee:d5:a5:56:16:53:ac:c4:4e:76:ed:af:14:5d:55:8c:
74:a4:c0:1e:56:45:3d:15:90:c8:89:f1:91:43:bb:a4:a7:ff:
d7:5a:6e:cf:0b:2b:93:bf:45:0c:a6:ce:cb:6d:46:1b:11:1f:
54:b2:62:ea:b8:04:3b:59:97:bb:f3:3e:cc:e8:0d:d9:f9:39:
4c:31:93:77:ee:1c:4b:69:10:b6:cd:17:a8:eb:7d:9b:45:86:
fa:78:86:fd:43:74:9d:41:b9:cc:c8:4a:c4:0d:59:b9:0f:e4:
48:f4:66:0c:c3:63:d8:b7:2a:78:8c:28:eb:bc:51:e7:48:31:
fe:69:be:fa:7e:37:97:be:7a:da:bd:0f:9a:8d:90:ab:b2:51:
ed:ee:e9:72:ac:11:9b:9e:32:39:ab:4d:8d:66:14:b3:f7:23:
e4:f0:34:d8:d9:38:a5:e1:57:80:cb:f9:80:39:ea:22:ad:1c:
5f:62:82:9e
-----BEGIN CERTIFICATE-----
MIIF0DCCBLigAwIBAgIUfnN1P5yXAWM67yZVVEuMaiFuHfUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNDEwMjQyMzU3MDRaFw0yNTEwMjQwMDAyMDRaMDMxMTAvBgNV
BAMTKEYzQUMyMUI2MTQyMzZGMUUwOEZGQjZCMzI2RTI2MUQ5OUUxODE2MTcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDTgK6G5Tz+Tp6g8aKCwO4Nx9J8
vAwWTdGMXAGyjO/GrpGlmgC7/ArjDanCCnOeA/RRt8ayes8FxS/ozLAmzwlK6uIp
xX974o5A/3hunrBr4bUbgBUmjsN3Et4xeeQmhmilsQux2J8pvPb1eFM3/5Gm6Gtu
m9/wYKhdUrNa61JJE0rOSQD8easeZzr7GMf1+bJk8Mk34v7HSKfqehQ/G5ETkf0O
DEpIaISliTXnxnoBxp5JRNkwlY6Eh9BOd9745XL7/0OYDCNjatgsBSLiWJhczRq+
HiZIWjRY4KDTxTTzihAvWHyytGq83AvN8eLAL+RH2jjcx4bk0I2fzqnkPJVNAgMB
AAGjggLaMIIC1jAdBgNVHQ4EFgQU86whthQjbx4I/7azJuJh2Z4YFhcwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTNjQyNjcucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwge8GCCsGAQUFBwEHAQH/BIHfMIHcMIHZBAIAATCB0gME
AAI5EQMEAC2LtAMEAFkTLgMEAFkTMQMEAI1iWQMEALM9kQMEALM9mwMEALM9vgME
ALM9zwMEALM90QMEALUpyQMEALUp0gMEALUp1AMEALUp2QMEALUp2wMEALXWBwME
ALXWTAMEALXWswMEALXW0QMEALXW0wMEALXW5QMEALXXKAMEALXXyAMEALXX7gME
ALmJXQMEALmJXwMEALmLAAMEALmelQMEAL9g+QMEAb9lQgMEAL9lUwMEAL9lWQME
AL9lfQMEAL9liQMEAMEHyjANBgkqhkiG9w0BAQsFAAOCAQEAFLgHMJlb4q6W5v3l
EHJVYPoIv5otR64ZVPxlip2N4Sj8IV/zcHIfOZnQZcdU39qg8unee3S5MQGk4b7i
19EHhwZJCM70J1o+suLu1aVWFlOsxE527a8UXVWMdKTAHlZFPRWQyInxkUO7pKf/
11puzwsrk79FDKbOy21GGxEfVLJi6rgEO1mXu/M+zOgN2fk5TDGTd+4cS2kQts0X
qOt9m0WG+niG/UN0nUG5zMhKxA1ZuQ/kSPRmDMNj2LcqeIwo67xR50gx/mm++n43
l7562r0Pmo2Qq7JR7e7pcqwRm54yOatNjWYUs/cj5PA02Nk4peFXgMv5gDnqIq0c
X2KCng==
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:44:49 2024 by rpki-client on console-fra.rpki-client.org