Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS64267.roa
File: AS64267.roa (raw, json)
Hash identifier: 0cCOa0eILSte2FAijy7Uwkvmz5vbVyUUfcO5WTof5BY=
Subject key identifier: FF:7C:71:D8:95:1E:18:57:FF:55:F5:C8:DB:80:8B:0A:38:1C:E1:ED
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 791A4D94CCB7AC331ADAB3B88C391FE99D4C3CB6
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS64267.roa
Signing time: Mon 20 Jan 2025 13:56:17 +0000
ROA not before: Mon 20 Jan 2025 13:51:17 +0000
ROA not after: Mon 19 Jan 2026 13:56:17 +0000
asID: 64267
IP address blocks: 82.23.160.0/24 maxlen: 24
82.23.161.0/24 maxlen: 24
82.24.58.0/24 maxlen: 24
82.24.59.0/24 maxlen: 24
82.29.52.0/24 maxlen: 24
82.29.95.0/24 maxlen: 24
82.29.98.0/24 maxlen: 24
82.29.125.0/24 maxlen: 24
82.29.126.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
79:1a:4d:94:cc:b7:ac:33:1a:da:b3:b8:8c:39:1f:e9:9d:4c:3c:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Jan 20 13:51:17 2025 GMT
Not After : Jan 19 13:56:17 2026 GMT
Subject: CN=FF7C71D8951E1857FF55F5C8DB808B0A381CE1ED
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:65:2a:86:e2:f2:7c:8c:5e:f4:af:03:0f:c9:
ff:a2:ef:4f:44:56:76:cb:69:ef:1e:55:6e:29:8b:
5c:6b:2d:54:ba:04:0a:3d:18:17:c6:85:15:11:b7:
9a:55:eb:96:bb:80:19:89:23:43:ec:f2:d1:d1:fb:
04:8b:2c:a6:40:de:15:19:a1:05:b6:51:6c:79:04:
fc:80:86:34:eb:7f:8a:ad:14:dd:6f:91:e9:03:9d:
48:a0:7e:d6:ec:ed:43:65:d2:56:d0:18:d8:0f:76:
2c:37:8b:44:0c:a1:8b:53:da:e1:9e:41:d5:25:10:
69:96:64:44:c0:b1:1d:cf:9f:f6:70:d5:14:37:06:
53:74:3b:85:84:9a:19:14:50:ce:21:48:5b:8c:8b:
08:cd:cd:46:3d:cb:7c:fb:13:e6:b6:95:8d:4e:9a:
90:a1:b3:61:05:56:fa:9d:ae:d3:4e:65:f0:3c:be:
62:ea:d0:62:7f:4c:6f:c2:b4:19:51:2e:67:8e:22:
3b:e7:e9:89:68:b3:d5:30:a4:0f:bb:03:a8:c2:28:
1c:a7:f6:bb:ff:1a:cc:c8:ad:a0:d8:1a:b5:96:68:
df:a3:b0:7e:01:9f:30:67:19:85:52:36:f1:6c:86:
7e:3c:8c:18:d1:42:de:10:2f:ea:39:7d:8e:70:34:
92:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:7C:71:D8:95:1E:18:57:FF:55:F5:C8:DB:80:8B:0A:38:1C:E1:ED
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS64267.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.23.160.0/23
82.24.58.0/23
82.29.52.0/24
82.29.95.0/24
82.29.98.0/24
82.29.125.0-82.29.126.255
Signature Algorithm: sha256WithRSAEncryption
8c:7f:a2:bf:4d:b0:8c:1c:9c:20:e8:3a:24:c8:d4:51:33:49:
81:4f:e2:58:ec:5e:98:8b:b4:e4:58:dd:e2:b5:e3:13:ef:26:
c3:f4:61:a8:05:c6:11:95:0e:10:e6:1c:22:b8:d9:09:d7:a9:
0a:ae:4b:f6:16:c7:99:4b:ca:7c:2e:fe:d5:f7:96:74:22:56:
71:f7:38:93:00:45:11:e5:90:13:67:cd:8a:cd:4b:d3:1e:5a:
6a:68:7b:fd:54:da:d9:dd:60:25:68:65:02:fd:c9:3a:40:e3:
64:9d:5e:d9:b1:9f:56:d8:cb:7b:8b:cc:de:24:ad:33:bd:4e:
44:74:fe:07:ca:61:13:f8:84:03:ba:eb:5f:13:21:15:29:81:
be:33:bc:a0:4c:b5:51:a9:41:cd:69:95:03:a0:47:25:fe:72:
e2:14:41:8c:80:3c:18:b6:11:95:ba:ed:34:b7:32:bf:01:d7:
09:bd:7e:ca:9f:91:12:0b:70:22:12:78:ee:b9:8a:f1:76:1a:
27:7f:c7:27:f7:43:86:65:b3:4e:1d:9b:c6:ac:1f:43:16:70:
24:3e:32:1d:99:fc:15:55:88:c0:6e:c7:88:67:43:11:1b:83:
88:f9:09:f4:2f:a4:c4:7a:9a:87:88:cf:71:a1:2d:ad:19:50:
69:79:d8:dc
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgIUeRpNlMy3rDMa2rO4jDkf6Z1MPLYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTAxMjAxMzUxMTdaFw0yNjAxMTkxMzU2MTdaMDMxMTAvBgNV
BAMTKEZGN0M3MUQ4OTUxRTE4NTdGRjU1RjVDOERCODA4QjBBMzgxQ0UxRUQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDQZSqG4vJ8jF70rwMPyf+i709E
VnbLae8eVW4pi1xrLVS6BAo9GBfGhRURt5pV65a7gBmJI0Ps8tHR+wSLLKZA3hUZ
oQW2UWx5BPyAhjTrf4qtFN1vkekDnUigftbs7UNl0lbQGNgPdiw3i0QMoYtT2uGe
QdUlEGmWZETAsR3Pn/Zw1RQ3BlN0O4WEmhkUUM4hSFuMiwjNzUY9y3z7E+a2lY1O
mpChs2EFVvqdrtNOZfA8vmLq0GJ/TG/CtBlRLmeOIjvn6Ylos9UwpA+7A6jCKByn
9rv/GszIraDYGrWWaN+jsH4BnzBnGYVSNvFshn48jBjRQt4QL+o5fY5wNJITAgMB
AAGjggIvMIICKzAdBgNVHQ4EFgQU/3xx2JUeGFf/VfXI24CLCjgc4e0wHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTNjQyNjcucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwRQYIKwYBBQUHAQcBAf8ENjA0MDIEAgABMCwDBAFSF6AD
BAFSGDoDBABSHTQDBABSHV8DBABSHWIwDAMEAFIdfQMEAFIdfjANBgkqhkiG9w0B
AQsFAAOCAQEAjH+iv02wjBycIOg6JMjUUTNJgU/iWOxemIu05Fjd4rXjE+8mw/Rh
qAXGEZUOEOYcIrjZCdepCq5L9hbHmUvKfC7+1feWdCJWcfc4kwBFEeWQE2fNis1L
0x5aamh7/VTa2d1gJWhlAv3JOkDjZJ1e2bGfVtjLe4vM3iStM71ORHT+B8phE/iE
A7rrXxMhFSmBvjO8oEy1UalBzWmVA6BHJf5y4hRBjIA8GLYRlbrtNLcyvwHXCb1+
yp+REgtwIhJ47rmK8XYaJ3/HJ/dDhmWzTh2bxqwfQxZwJD4yHZn8FVWIwG7HiGdD
ERuDiPkJ9C+kxHqah4jPcaEtrRlQaXnY3A==
-----END CERTIFICATE-----
Generated at Sun Feb 2 09:52:26 2025 by rpki-client