Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS64267.roa
File: AS64267.roa (raw, json)
Hash identifier: dthRyjJqQbEx29d4rG5R5CKbSSt1gQ30bPxaIZO0+zk=
Subject key identifier: BB:AF:0E:E3:0E:53:63:C7:67:90:73:90:D2:13:16:9B:80:53:A6:E8
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 78D4BF1DC4738A92F5BEE1B92D38179FBDDBF40A
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS64267.roa
Signing time: Fri 03 Oct 2025 07:16:46 +0000
ROA not before: Fri 03 Oct 2025 07:11:46 +0000
ROA not after: Fri 02 Oct 2026 07:16:46 +0000
asID: 64267
IP address blocks: 82.21.153.0/24 maxlen: 24
82.23.160.0/24 maxlen: 24
82.23.161.0/24 maxlen: 24
82.24.58.0/24 maxlen: 24
82.24.59.0/24 maxlen: 24
82.24.76.0/24 maxlen: 24
82.26.194.0/24 maxlen: 24
82.27.106.0/24 maxlen: 24
82.29.98.0/24 maxlen: 24
82.29.126.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 13:42:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
78:d4:bf:1d:c4:73:8a:92:f5:be:e1:b9:2d:38:17:9f:bd:db:f4:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Oct 3 07:11:46 2025 GMT
Not After : Oct 2 07:16:46 2026 GMT
Subject: CN=BBAF0EE30E5363C767907390D213169B8053A6E8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:1d:cc:55:7a:cf:65:13:d8:d2:11:98:0c:4b:
07:15:0d:92:a5:f6:25:5e:58:a4:5d:9c:36:d1:f7:
0a:fd:c4:09:96:13:ce:b9:d9:d2:71:62:c5:50:42:
7e:9c:27:d6:b9:f3:4e:b2:b5:57:3c:c4:c2:2d:4d:
b6:2e:f1:75:b5:71:87:ff:3b:8d:43:1f:91:2f:06:
57:a9:fb:3e:79:a5:5f:fa:25:24:1f:9c:64:a4:37:
fd:33:2a:68:97:fd:72:b1:f0:72:9c:96:40:5c:4a:
b2:f3:ce:dc:cb:9d:d2:1b:90:60:a9:3c:a4:36:2e:
26:21:2f:9c:24:f3:30:4c:7c:0b:a0:a7:46:f8:f2:
13:b6:74:7d:9e:23:57:74:ff:94:b8:e9:6e:c4:e9:
a5:cd:1f:dc:43:0f:58:9a:e5:6a:41:80:36:2f:9d:
1f:20:6c:2f:07:33:63:45:25:51:b4:4b:4a:48:ef:
00:6a:c8:3f:2d:8c:14:78:7b:2d:3a:12:a2:a7:50:
99:f1:e3:68:39:70:d3:f1:62:94:3a:c1:a8:8c:31:
f8:07:ed:2f:a6:a5:ee:73:43:06:7e:93:6c:af:8a:
bf:a5:4c:46:81:b4:1f:c0:6a:53:81:0f:4e:b5:19:
03:f4:ad:fc:f6:0b:b1:40:69:f9:1e:89:f7:1a:f3:
7d:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:AF:0E:E3:0E:53:63:C7:67:90:73:90:D2:13:16:9B:80:53:A6:E8
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS64267.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.153.0/24
82.23.160.0/23
82.24.58.0/23
82.24.76.0/24
82.26.194.0/24
82.27.106.0/24
82.29.98.0/24
82.29.126.0/24
Signature Algorithm: sha256WithRSAEncryption
8d:49:f6:96:c4:fc:54:d8:1a:93:a8:59:bb:5f:b5:eb:3b:5a:
93:76:b5:97:4e:db:37:2b:90:72:8f:e3:b8:60:88:b1:35:93:
b3:24:00:f0:e8:51:2e:e3:f1:bc:8d:47:ea:88:a4:d8:54:42:
9d:7d:c0:fd:3c:aa:fd:6e:5d:8c:4a:69:e6:fe:98:53:5c:9a:
b4:53:ec:7b:59:9d:1b:89:e7:f9:18:da:4a:3f:45:a7:ab:da:
90:47:d0:67:a9:e3:f5:7a:2a:10:c3:1f:ca:bf:04:7c:cf:28:
cb:c5:79:45:06:e5:77:8b:c1:b9:47:34:d9:43:21:bd:b9:59:
04:07:82:32:40:3f:df:61:86:33:57:13:96:23:28:7f:1c:20:
0e:62:39:00:d3:7e:2a:d4:b7:73:71:08:bc:ae:a7:31:7a:c3:
47:34:6a:d6:a9:24:05:2b:cd:dd:05:f1:0a:af:38:5d:ce:85:
45:c6:b9:2f:bb:0e:0f:28:7e:b3:06:15:14:6e:dd:e7:07:a9:
09:8d:b2:2d:b9:f9:75:13:9e:c3:61:02:e5:bb:bb:25:bd:2e:
4f:7f:36:86:4f:d8:71:8c:ef:e6:92:f6:db:f7:19:0d:6b:e7:
02:f2:01:81:e4:a2:2b:df:0e:21:c9:79:17:3d:a5:39:2d:c6:
fe:77:47:c7
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgIUeNS/HcRzipL1vuG5LTgXn73b9AowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTEwMDMwNzExNDZaFw0yNjEwMDIwNzE2NDZaMDMxMTAvBgNV
BAMTKEJCQUYwRUUzMEU1MzYzQzc2NzkwNzM5MEQyMTMxNjlCODA1M0E2RTgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCZHcxVes9lE9jSEZgMSwcVDZKl
9iVeWKRdnDbR9wr9xAmWE8652dJxYsVQQn6cJ9a5806ytVc8xMItTbYu8XW1cYf/
O41DH5EvBlep+z55pV/6JSQfnGSkN/0zKmiX/XKx8HKclkBcSrLzztzLndIbkGCp
PKQ2LiYhL5wk8zBMfAugp0b48hO2dH2eI1d0/5S46W7E6aXNH9xDD1ia5WpBgDYv
nR8gbC8HM2NFJVG0S0pI7wBqyD8tjBR4ey06EqKnUJnx42g5cNPxYpQ6waiMMfgH
7S+mpe5zQwZ+k2yvir+lTEaBtB/AalOBD061GQP0rfz2C7FAafkeifca831VAgMB
AAGjggIzMIICLzAdBgNVHQ4EFgQUu68O4w5TY8dnkHOQ0hMWm4BTpugwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTNjQyNjcucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwSQYIKwYBBQUHAQcBAf8EOjA4MDYEAgABMDADBABSFZkD
BAFSF6ADBAFSGDoDBABSGEwDBABSGsIDBABSG2oDBABSHWIDBABSHX4wDQYJKoZI
hvcNAQELBQADggEBAI1J9pbE/FTYGpOoWbtftes7WpN2tZdO2zcrkHKP47hgiLE1
k7MkAPDoUS7j8byNR+qIpNhUQp19wP08qv1uXYxKaeb+mFNcmrRT7HtZnRuJ5/kY
2ko/Raer2pBH0Gep4/V6KhDDH8q/BHzPKMvFeUUG5XeLwblHNNlDIb25WQQHgjJA
P99hhjNXE5YjKH8cIA5iOQDTfirUt3NxCLyupzF6w0c0atapJAUrzd0F8QqvOF3O
hUXGuS+7Dg8ofrMGFRRu3ecHqQmNsi25+XUTnsNhAuW7uyW9Lk9/NoZP2HGM7+aS
9tv3GQ1r5wLyAYHkoivfDiHJeRc9pTktxv53R8c=
-----END CERTIFICATE-----
Generated at Mon Oct 20 20:27:38 2025 by rpki-client