Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/96e4ac86-1803-494d-8a7b-c051a6310752/0/AS64457.roa
File:                     AS64457.roa (raw, json)
Hash identifier:          N+z+sL57wTyxBFv8usb/+ERSbAqJatxusKxFVfa5ZDI=
Subject key identifier:   C6:55:D3:79:D1:63:5B:25:ED:BA:C7:EB:53:78:8F:FA:B3:95:63:2C
Certificate issuer:       /CN=0e20ccf5083a63b9f5887e3ea39d04e2d62b3da5
Certificate serial:       6C32114217A1185AFA1096013CAE03DD0E70DA75
Authority key identifier: 0E:20:CC:F5:08:3A:63:B9:F5:88:7E:3E:A3:9D:04:E2:D6:2B:3D:A5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DiDM9Qg6Y7n1iH4-o50E4tYrPaU.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/96e4ac86-1803-494d-8a7b-c051a6310752/0/AS64457.roa
Signing time:             Tue 30 Jun 2026 18:44:29 +0000
ROA not before:           Tue 30 Jun 2026 18:39:29 +0000
ROA not after:            Tue 29 Jun 2027 18:44:29 +0000
asID:                     64457
IP address blocks:        51.241.7.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/96e4ac86-1803-494d-8a7b-c051a6310752/0/0E20CCF5083A63B9F5887E3EA39D04E2D62B3DA5.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/96e4ac86-1803-494d-8a7b-c051a6310752/0/0E20CCF5083A63B9F5887E3EA39D04E2D62B3DA5.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/DiDM9Qg6Y7n1iH4-o50E4tYrPaU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 19 Jul 2026 20:00:14 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6c:32:11:42:17:a1:18:5a:fa:10:96:01:3c:ae:03:dd:0e:70:da:75
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0e20ccf5083a63b9f5887e3ea39d04e2d62b3da5
        Validity
            Not Before: Jun 30 18:39:29 2026 GMT
            Not After : Jun 29 18:44:29 2027 GMT
        Subject: CN=C655D379D1635B25EDBAC7EB53788FFAB395632C
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:17:81:69:48:f4:e0:d8:36:8b:2a:a1:9d:77:
                    10:c4:dc:3b:5b:06:1a:f9:00:af:03:12:c7:69:45:
                    27:6c:84:b2:16:6a:9c:6a:c0:3d:89:69:e1:61:d1:
                    7e:04:63:db:ec:cc:37:5a:57:b4:99:90:1c:38:7a:
                    a2:50:e6:51:a2:29:a8:1d:e9:34:3d:f7:9c:7a:db:
                    90:c3:6f:bc:00:eb:21:2c:b3:9c:96:7e:8b:d0:fc:
                    a7:0b:93:28:ea:8c:ac:d2:20:2a:8b:5c:75:6e:c4:
                    6d:a0:19:2f:8b:3e:80:d3:5b:ed:45:a7:23:5f:69:
                    99:d6:bf:ea:39:e3:8b:e9:be:a0:8b:5b:79:3d:9f:
                    ff:14:55:e2:18:ea:ad:0c:2b:2c:87:45:e7:76:c4:
                    24:b4:24:0d:02:89:f0:c2:30:ff:19:b3:90:3d:c0:
                    57:71:dc:92:f9:dd:dd:d3:37:78:c9:c3:86:00:28:
                    47:26:de:92:f3:16:9e:52:f6:7a:a3:56:2d:f6:b1:
                    70:7b:1e:35:92:9f:b6:40:15:f8:4e:63:9b:81:9b:
                    e3:f7:77:13:a1:2b:6c:ed:a4:ad:56:34:00:b9:2a:
                    38:cb:b7:6b:27:54:1a:54:7c:c4:90:14:05:21:1c:
                    b3:53:a0:03:84:26:6e:73:af:63:7f:93:ec:08:e4:
                    09:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C6:55:D3:79:D1:63:5B:25:ED:BA:C7:EB:53:78:8F:FA:B3:95:63:2C
            X509v3 Authority Key Identifier:
                keyid:0E:20:CC:F5:08:3A:63:B9:F5:88:7E:3E:A3:9D:04:E2:D6:2B:3D:A5

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/96e4ac86-1803-494d-8a7b-c051a6310752/0/0E20CCF5083A63B9F5887E3EA39D04E2D62B3DA5.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DiDM9Qg6Y7n1iH4-o50E4tYrPaU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/96e4ac86-1803-494d-8a7b-c051a6310752/0/AS64457.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  51.241.7.0/24

    Signature Algorithm: sha256WithRSAEncryption
         88:38:4b:88:e0:91:5c:6d:a6:b1:d7:eb:a8:ff:84:12:38:e5:
         8c:43:94:56:e7:36:da:2a:8b:aa:93:fb:b5:8a:8f:33:0d:a0:
         d2:01:0b:cd:17:64:cd:03:cf:f8:a6:dc:1f:fa:b8:5f:18:ee:
         5c:6d:f2:d5:1e:bc:89:ae:98:25:f5:1b:6b:61:c8:fe:4c:1c:
         3b:84:37:d3:0a:e2:54:c2:35:bc:c5:14:4f:d4:e8:e6:e0:08:
         99:a7:ba:b4:a4:4d:6b:f9:1c:b2:e7:5a:a8:4a:dd:db:99:b0:
         1a:7c:57:e4:f3:15:e3:06:35:01:c5:10:b3:cd:64:01:ed:45:
         a5:1c:b3:b5:d4:1f:78:ed:2b:ca:45:59:7d:72:50:c9:f2:fa:
         6e:96:c0:0b:72:0a:c5:9b:1a:57:9b:31:6f:8f:cb:3c:c5:a1:
         39:fe:bd:a4:a0:f9:20:13:5f:6b:cf:be:63:ae:bb:1d:ec:f0:
         d8:15:06:f0:a4:59:9e:ad:ec:00:cf:12:8c:db:93:cb:d0:56:
         3f:42:0e:0e:e5:43:4b:a9:16:2e:64:bb:26:fc:ac:bf:ca:55:
         2e:90:06:79:8c:1b:55:2d:04:2f:fe:cb:49:2f:22:03:c3:87:
         db:89:f1:81:9c:3d:b2:78:f6:bd:a5:ab:12:98:38:7b:14:0f:
         c8:92:79:1a
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgIUbDIRQhehGFr6EJYBPK4D3Q5w2nUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMGUyMGNjZjUwODNhNjNiOWY1ODg3ZTNlYTM5ZDA0ZTJk
NjJiM2RhNTAeFw0yNjA2MzAxODM5MjlaFw0yNzA2MjkxODQ0MjlaMDMxMTAvBgNV
BAMTKEM2NTVEMzc5RDE2MzVCMjVFREJBQzdFQjUzNzg4RkZBQjM5NTYzMkMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCZF4FpSPTg2DaLKqGddxDE3Dtb
Bhr5AK8DEsdpRSdshLIWapxqwD2JaeFh0X4EY9vszDdaV7SZkBw4eqJQ5lGiKagd
6TQ995x625DDb7wA6yEss5yWfovQ/KcLkyjqjKzSICqLXHVuxG2gGS+LPoDTW+1F
pyNfaZnWv+o544vpvqCLW3k9n/8UVeIY6q0MKyyHRed2xCS0JA0CifDCMP8Zs5A9
wFdx3JL53d3TN3jJw4YAKEcm3pLzFp5S9nqjVi32sXB7HjWSn7ZAFfhOY5uBm+P3
dxOhK2ztpK1WNAC5KjjLt2snVBpUfMSQFAUhHLNToAOEJm5zr2N/k+wI5Al1AgMB
AAGjggIJMIICBTAdBgNVHQ4EFgQUxlXTedFjWyXtusfrU3iP+rOVYywwHwYDVR0j
BBgwFoAUDiDM9Qg6Y7n1iH4+o50E4tYrPaUwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOTZlNGFjODYtMTgwMy00OTRkLThhN2ItYzA1MWE2MzEw
NzUyLzAvMEUyMENDRjUwODNBNjNCOUY1ODg3RTNFQTM5RDA0RTJENjJCM0RBNS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0RpRE05UWc2WTduMWlINC1vNTBFNHRZ
clBhVS5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5Lzk2ZTRhYzg2LTE4MDMt
NDk0ZC04YTdiLWMwNTFhNjMxMDc1Mi8wL0FTNjQ0NTcucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAAz8Qcw
DQYJKoZIhvcNAQELBQADggEBAIg4S4jgkVxtprHX66j/hBI45YxDlFbnNtoqi6qT
+7WKjzMNoNIBC80XZM0Dz/im3B/6uF8Y7lxt8tUevImumCX1G2thyP5MHDuEN9MK
4lTCNbzFFE/U6ObgCJmnurSkTWv5HLLnWqhK3duZsBp8V+TzFeMGNQHFELPNZAHt
RaUcs7XUH3jtK8pFWX1yUMny+m6WwAtyCsWbGlebMW+PyzzFoTn+vaSg+SATX2vP
vmOuux3s8NgVBvCkWZ6t7ADPEozbk8vQVj9CDg7lQ0upFi5kuyb8rL/KVS6QBnmM
G1UtBC/+y0kvIgPDh9uJ8YGcPbJ49r2lqxKYOHsUD8iSeRo=
-----END CERTIFICATE-----
Generated at Sun Jul 19 03:15:12 2026 by rpki-client