Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/AS64267.roa
File: AS64267.roa (raw, json)
Hash identifier: ZsgB5FdFehxgS+DFvlENbCD6NUq13OAYHVPELgm5D+Q=
Subject key identifier: 36:7A:08:91:59:F5:31:69:CF:9F:B9:86:B2:C9:C6:07:D7:25:9E:46
Certificate issuer: /CN=88c14ec02adbf083138eddd47871176ddeb93d9d
Certificate serial: 2A28923C9474B9199AE28CD7091D7661C85264F3
Authority key identifier: 88:C1:4E:C0:2A:DB:F0:83:13:8E:DD:D4:78:71:17:6D:DE:B9:3D:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/AS64267.roa
Signing time: Tue 26 May 2026 16:00:26 +0000
ROA not before: Tue 26 May 2026 15:55:26 +0000
ROA not after: Tue 25 May 2027 16:00:26 +0000
asID: 64267
IP address blocks: 143.20.148.0/24 maxlen: 24
143.20.153.0/24 maxlen: 24
143.20.198.0/24 maxlen: 24
143.20.215.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.crl
rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.mft
rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 04 Jun 2026 13:19:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2a:28:92:3c:94:74:b9:19:9a:e2:8c:d7:09:1d:76:61:c8:52:64:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88c14ec02adbf083138eddd47871176ddeb93d9d
Validity
Not Before: May 26 15:55:26 2026 GMT
Not After : May 25 16:00:26 2027 GMT
Subject: CN=367A089159F53169CF9FB986B2C9C607D7259E46
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:5e:5a:65:a3:59:41:41:b6:23:a0:7d:6a:2d:
7e:c2:b9:aa:ee:16:70:c1:4e:c0:98:93:b4:9a:e9:
8c:a3:a3:70:20:31:52:d3:b1:50:82:4d:53:ab:83:
10:b0:cf:af:be:f6:96:81:84:a8:5e:0c:24:cd:42:
76:e7:cb:99:ca:c4:5e:ec:f2:c2:b3:c4:d8:05:71:
54:05:c9:0f:bc:e2:b7:0d:77:fd:57:11:8d:b0:67:
58:42:86:ca:1b:50:af:02:93:23:f7:3f:da:c6:46:
89:6e:03:84:c7:b6:78:9e:62:66:9a:91:fe:d3:4c:
cc:82:58:bd:91:d0:a0:cc:a4:26:e9:1d:32:cb:7b:
67:70:a5:24:b6:69:00:37:cb:e5:73:50:8c:85:45:
d7:b9:b4:43:2d:2b:b7:86:7b:77:37:49:7d:41:44:
9e:ad:88:0e:76:b8:48:3c:0d:58:60:75:f2:72:20:
fc:b9:39:5d:6c:88:7d:3d:16:d6:df:6d:c2:4c:28:
56:0c:23:30:9d:6f:46:e1:d6:d5:cf:8a:13:78:4e:
a4:dc:83:62:70:73:68:83:b5:0d:fd:aa:82:65:10:
9f:f6:9b:45:86:9d:3e:5f:65:36:6e:41:96:7c:0d:
67:61:38:1e:95:b3:cf:cf:8b:8f:90:cf:0b:70:35:
30:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:7A:08:91:59:F5:31:69:CF:9F:B9:86:B2:C9:C6:07:D7:25:9E:46
X509v3 Authority Key Identifier:
keyid:88:C1:4E:C0:2A:DB:F0:83:13:8E:DD:D4:78:71:17:6D:DE:B9:3D:9D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/AS64267.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.20.148.0/24
143.20.153.0/24
143.20.198.0/24
143.20.215.0/24
Signature Algorithm: sha256WithRSAEncryption
2d:c9:0f:75:64:ef:00:44:33:93:14:c4:b3:61:1a:4f:48:3c:
d5:80:c4:11:48:5c:6b:0d:f0:4f:cf:4d:9b:cf:ec:d9:7d:11:
c1:3c:e4:4b:90:e7:54:64:31:6e:71:6d:f2:4e:b4:2a:be:16:
f2:9f:9c:c6:9d:b0:5a:22:ac:fe:89:c5:ea:5f:fb:75:c4:7d:
24:a8:33:fb:49:38:b1:6e:08:ca:a0:e5:f8:ae:7c:91:f8:ad:
95:14:06:32:26:98:9c:90:4f:f3:08:e4:2d:16:40:e0:93:3d:
61:30:9e:c6:08:57:74:65:0f:99:50:28:83:69:43:7f:08:ef:
18:c4:72:69:74:b9:a1:42:9f:d1:3d:3b:13:5a:0e:eb:29:d6:
5f:9f:79:94:82:a7:c8:da:58:31:62:a6:92:cd:9f:a8:76:60:
1e:96:aa:93:b1:f0:15:84:98:89:ad:95:62:04:d7:e0:ee:db:
c5:ca:a4:5e:d1:60:e5:19:1c:07:70:09:f8:04:50:cf:1b:47:
8d:36:12:42:76:ba:39:51:95:85:6b:0b:25:e8:67:0a:79:6c:
56:b3:ed:59:f1:83:75:65:4c:a9:a4:90:03:46:f9:ef:ec:0a:
d4:e0:75:db:a0:6d:da:85:36:d2:6f:a7:f4:1d:d1:1a:78:af:
fa:45:20:d8
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgIUKiiSPJR0uRma4ozXCR12YchSZPMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODhjMTRlYzAyYWRiZjA4MzEzOGVkZGQ0Nzg3MTE3NmRk
ZWI5M2Q5ZDAeFw0yNjA1MjYxNTU1MjZaFw0yNzA1MjUxNjAwMjZaMDMxMTAvBgNV
BAMTKDM2N0EwODkxNTlGNTMxNjlDRjlGQjk4NkIyQzlDNjA3RDcyNTlFNDYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDDXlplo1lBQbYjoH1qLX7Cuaru
FnDBTsCYk7Sa6Yyjo3AgMVLTsVCCTVOrgxCwz6++9paBhKheDCTNQnbny5nKxF7s
8sKzxNgFcVQFyQ+84rcNd/1XEY2wZ1hChsobUK8CkyP3P9rGRoluA4THtnieYmaa
kf7TTMyCWL2R0KDMpCbpHTLLe2dwpSS2aQA3y+VzUIyFRde5tEMtK7eGe3c3SX1B
RJ6tiA52uEg8DVhgdfJyIPy5OV1siH09FtbfbcJMKFYMIzCdb0bh1tXPihN4TqTc
g2Jwc2iDtQ39qoJlEJ/2m0WGnT5fZTZuQZZ8DWdhOB6Vs8/Pi4+QzwtwNTD3AgMB
AAGjggIbMIICFzAdBgNVHQ4EFgQUNnoIkVn1MWnPn7mGssnGB9clnkYwHwYDVR0j
BBgwFoAUiMFOwCrb8IMTjt3UeHEXbd65PZ0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQwOWQ3YjItZWU2NC00OWYxLWFkODEtOGU0YTEwN2Q2
MmUwLzAvODhDMTRFQzAyQURCRjA4MzEzOEVEREQ0Nzg3MTE3NkRERUI5M0Q5RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2lNRk93Q3JiOElNVGp0M1VlSEVYYmQ2
NVBaMC5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0MDlkN2IyLWVlNjQt
NDlmMS1hZDgxLThlNGExMDdkNjJlMC8wL0FTNjQyNjcucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwMQYIKwYBBQUHAQcBAf8EIjAgMB4EAgABMBgDBACPFJQD
BACPFJkDBACPFMYDBACPFNcwDQYJKoZIhvcNAQELBQADggEBAC3JD3Vk7wBEM5MU
xLNhGk9IPNWAxBFIXGsN8E/PTZvP7Nl9EcE85EuQ51RkMW5xbfJOtCq+FvKfnMad
sFoirP6Jxepf+3XEfSSoM/tJOLFuCMqg5fiufJH4rZUUBjImmJyQT/MI5C0WQOCT
PWEwnsYIV3RlD5lQKINpQ38I7xjEcml0uaFCn9E9OxNaDusp1l+feZSCp8jaWDFi
ppLNn6h2YB6WqpOx8BWEmImtlWIE1+Du28XKpF7RYOUZHAdwCfgEUM8bR402EkJ2
ujlRlYVrCyXoZwp5bFaz7Vnxg3VlTKmkkANG+e/sCtTgddugbdqFNtJvp/Qd0Rp4
r/pFINg=
-----END CERTIFICATE-----
Generated at Wed Jun 3 23:21:26 2026 by rpki-client