Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS64267.roa
File: AS64267.roa (raw, json)
Hash identifier: ac0L9YRJlC/Lrwcy4NTKRDqf+YpKrV5tbvbfeC2xJO8=
Subject key identifier: 89:3B:B3:19:4E:67:C5:B3:EA:C0:37:18:CE:49:0E:9B:02:B5:7F:80
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 538A90C196C3AD939A573380DF43177B88F35D59
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS64267.roa
Signing time: Wed 25 Jun 2025 00:02:10 +0000
ROA not before: Tue 24 Jun 2025 23:57:10 +0000
ROA not after: Wed 24 Jun 2026 00:02:10 +0000
asID: 64267
IP address blocks: 2.57.17.0/24 maxlen: 24
45.139.180.0/24 maxlen: 24
89.19.46.0/24 maxlen: 24
89.19.49.0/24 maxlen: 24
141.98.89.0/24 maxlen: 24
179.61.145.0/24 maxlen: 24
179.61.207.0/24 maxlen: 24
179.61.209.0/24 maxlen: 24
181.41.210.0/24 maxlen: 24
181.41.212.0/24 maxlen: 24
181.41.217.0/24 maxlen: 24
181.41.219.0/24 maxlen: 24
181.214.7.0/24 maxlen: 24
181.214.76.0/24 maxlen: 24
181.214.179.0/24 maxlen: 24
181.214.209.0/24 maxlen: 24
181.214.211.0/24 maxlen: 24
181.214.229.0/24 maxlen: 24
181.215.40.0/24 maxlen: 24
181.215.238.0/24 maxlen: 24
185.137.93.0/24 maxlen: 24
185.137.95.0/24 maxlen: 24
185.139.0.0/24 maxlen: 24
185.158.149.0/24 maxlen: 24
191.96.249.0/24 maxlen: 24
191.101.66.0/24 maxlen: 24
191.101.67.0/24 maxlen: 24
191.101.83.0/24 maxlen: 24
191.101.89.0/24 maxlen: 24
191.101.125.0/24 maxlen: 24
191.101.137.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 01:56:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
53:8a:90:c1:96:c3:ad:93:9a:57:33:80:df:43:17:7b:88:f3:5d:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Jun 24 23:57:10 2025 GMT
Not After : Jun 24 00:02:10 2026 GMT
Subject: CN=893BB3194E67C5B3EAC03718CE490E9B02B57F80
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:e2:f5:9a:71:ae:08:0d:0f:bb:7a:3f:c6:cf:
1c:c1:f8:33:3b:de:7b:6f:0a:c9:b9:d1:93:e3:78:
8e:6e:64:8d:39:44:dd:8b:9a:0b:f5:b0:54:4c:2e:
ad:5d:62:7f:50:b3:c3:77:2a:c9:4a:02:d4:07:b5:
84:e8:81:0e:70:01:ce:4b:97:b3:b5:5c:83:bc:19:
f6:c1:bc:f9:2f:d5:ea:78:ca:ac:68:7d:d1:4b:37:
ba:eb:dd:1b:96:7f:dd:89:89:9f:8e:b6:bd:7d:bb:
73:30:55:45:98:8b:70:65:4f:1f:12:b3:e0:3e:25:
71:54:55:40:ff:9c:a9:7b:88:1f:5a:e0:88:02:6a:
e7:43:49:6a:92:ab:ce:04:e6:d3:6c:3c:2f:30:90:
72:28:bb:8a:b3:bd:69:6b:4a:81:17:fa:85:93:d8:
d9:c2:f1:19:24:e8:48:fb:70:f9:f2:47:61:3a:5c:
9b:72:a7:20:81:93:47:ec:e2:d5:d1:09:6c:b0:1a:
62:7a:be:93:f0:19:5c:64:6f:9c:10:bb:01:00:b1:
ef:27:78:f2:b3:2e:b5:bd:39:24:01:88:34:12:65:
78:28:28:6e:aa:0a:ea:ca:e5:58:da:76:d7:84:e2:
c2:ca:ba:d5:5a:82:5b:08:96:81:06:01:5c:46:12:
0f:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:3B:B3:19:4E:67:C5:B3:EA:C0:37:18:CE:49:0E:9B:02:B5:7F:80
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS64267.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.57.17.0/24
45.139.180.0/24
89.19.46.0/24
89.19.49.0/24
141.98.89.0/24
179.61.145.0/24
179.61.207.0/24
179.61.209.0/24
181.41.210.0/24
181.41.212.0/24
181.41.217.0/24
181.41.219.0/24
181.214.7.0/24
181.214.76.0/24
181.214.179.0/24
181.214.209.0/24
181.214.211.0/24
181.214.229.0/24
181.215.40.0/24
181.215.238.0/24
185.137.93.0/24
185.137.95.0/24
185.139.0.0/24
185.158.149.0/24
191.96.249.0/24
191.101.66.0/23
191.101.83.0/24
191.101.89.0/24
191.101.125.0/24
191.101.137.0/24
Signature Algorithm: sha256WithRSAEncryption
7f:c0:91:48:06:f5:22:35:ab:ec:41:60:99:40:07:8e:51:c3:
a2:84:e0:40:6d:8c:5a:f2:88:42:1d:73:c6:b0:64:a4:e6:c5:
7d:72:83:2c:3a:00:aa:dc:f3:89:86:d2:07:af:52:26:c4:04:
84:3a:52:b8:83:b3:e6:fd:10:31:dd:d4:b8:a3:d7:a3:8e:68:
2a:f2:87:6d:43:eb:cf:a3:6c:49:fa:51:fb:09:de:24:fe:92:
db:05:9b:a7:e6:97:1a:a2:cb:e1:69:1c:e4:c7:0e:0f:b9:a9:
27:d2:67:75:e5:76:e2:5e:c3:ee:02:09:2f:78:2c:65:d3:07:
c5:d6:c2:ef:49:ae:63:23:3c:a2:01:e5:3e:87:4a:45:22:35:
cd:c5:97:2b:2a:62:ed:a8:94:ef:82:44:e9:b9:3f:4c:0c:a8:
b1:c9:f8:4d:8f:1f:db:fe:4e:32:37:b4:d6:f9:25:9e:7f:c5:
4a:59:63:ce:31:07:8d:75:1f:cd:5d:87:d7:75:14:47:fe:ed:
2b:d6:9c:f2:0c:5f:27:7d:dd:1c:a0:ee:e3:2d:1b:33:65:01:
ce:22:d4:cc:e8:67:6b:bf:ca:5e:80:aa:f8:0e:f4:93:8c:e9:
6a:20:1d:ba:7e:b3:03:3d:26:db:3a:7c:55:3d:ef:f8:72:29:
d2:0f:70:22
-----BEGIN CERTIFICATE-----
MIIFsjCCBJqgAwIBAgIUU4qQwZbDrZOaVzOA30MXe4jzXVkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNTA2MjQyMzU3MTBaFw0yNjA2MjQwMDAyMTBaMDMxMTAvBgNV
BAMTKDg5M0JCMzE5NEU2N0M1QjNFQUMwMzcxOENFNDkwRTlCMDJCNTdGODAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCp4vWaca4IDQ+7ej/GzxzB+DM7
3ntvCsm50ZPjeI5uZI05RN2Lmgv1sFRMLq1dYn9Qs8N3KslKAtQHtYTogQ5wAc5L
l7O1XIO8GfbBvPkv1ep4yqxofdFLN7rr3RuWf92JiZ+Otr19u3MwVUWYi3BlTx8S
s+A+JXFUVUD/nKl7iB9a4IgCaudDSWqSq84E5tNsPC8wkHIou4qzvWlrSoEX+oWT
2NnC8Rkk6Ej7cPnyR2E6XJtypyCBk0fs4tXRCWywGmJ6vpPwGVxkb5wQuwEAse8n
ePKzLrW9OSQBiDQSZXgoKG6qCurK5VjadteE4sLKutVaglsIloEGAVxGEg9fAgMB
AAGjggK8MIICuDAdBgNVHQ4EFgQUiTuzGU5nxbPqwDcYzkkOmwK1f4AwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTNjQyNjcucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwgdEGCCsGAQUFBwEHAQH/BIHBMIG+MIG7BAIAATCBtAME
AAI5EQMEAC2LtAMEAFkTLgMEAFkTMQMEAI1iWQMEALM9kQMEALM9zwMEALM90QME
ALUp0gMEALUp1AMEALUp2QMEALUp2wMEALXWBwMEALXWTAMEALXWswMEALXW0QME
ALXW0wMEALXW5QMEALXXKAMEALXX7gMEALmJXQMEALmJXwMEALmLAAMEALmelQME
AL9g+QMEAb9lQgMEAL9lUwMEAL9lWQMEAL9lfQMEAL9liTANBgkqhkiG9w0BAQsF
AAOCAQEAf8CRSAb1IjWr7EFgmUAHjlHDooTgQG2MWvKIQh1zxrBkpObFfXKDLDoA
qtzziYbSB69SJsQEhDpSuIOz5v0QMd3UuKPXo45oKvKHbUPrz6NsSfpR+wneJP6S
2wWbp+aXGqLL4Wkc5McOD7mpJ9JndeV24l7D7gIJL3gsZdMHxdbC70muYyM8ogHl
PodKRSI1zcWXKypi7aiU74JE6bk/TAyoscn4TY8f2/5OMje01vklnn/FSlljzjEH
jXUfzV2H13UUR/7tK9ac8gxfJ33dHKDu4y0bM2UBziLUzOhna7/KXoCq+A70k4zp
aiAdun6zAz0m2zp8VT3v+HIp0g9wIg==
-----END CERTIFICATE-----
Generated at Sat Jun 28 14:09:44 2025 by rpki-client