Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS64267.roa
File: AS64267.roa (raw, json)
Hash identifier: ny7xnVEA3Fp04BurMGuGckcsMRnGE30bEePqxuSaPxY=
Subject key identifier: 15:8B:B8:7C:C1:15:6C:78:8D:09:0E:D4:FF:79:DA:6A:C4:6D:03:33
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 270B38604B92B8AB4322299B75BB3BD98176BA8F
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS64267.roa
Signing time: Fri 10 Oct 2025 12:26:54 +0000
ROA not before: Fri 10 Oct 2025 12:21:54 +0000
ROA not after: Fri 09 Oct 2026 12:26:54 +0000
asID: 64267
IP address blocks: 2.57.17.0/24 maxlen: 24
89.19.46.0/24 maxlen: 24
89.19.49.0/24 maxlen: 24
141.98.89.0/24 maxlen: 24
179.61.145.0/24 maxlen: 24
179.61.207.0/24 maxlen: 24
179.61.209.0/24 maxlen: 24
181.41.210.0/24 maxlen: 24
181.41.212.0/24 maxlen: 24
181.41.217.0/24 maxlen: 24
181.41.219.0/24 maxlen: 24
181.214.7.0/24 maxlen: 24
181.214.76.0/24 maxlen: 24
181.214.179.0/24 maxlen: 24
181.214.209.0/24 maxlen: 24
181.214.211.0/24 maxlen: 24
181.214.229.0/24 maxlen: 24
181.215.40.0/24 maxlen: 24
181.215.238.0/24 maxlen: 24
181.215.250.0/24 maxlen: 24
185.137.93.0/24 maxlen: 24
185.137.95.0/24 maxlen: 24
185.139.0.0/24 maxlen: 24
185.158.149.0/24 maxlen: 24
191.96.249.0/24 maxlen: 24
191.101.66.0/24 maxlen: 24
191.101.67.0/24 maxlen: 24
191.101.83.0/24 maxlen: 24
191.101.89.0/24 maxlen: 24
191.101.125.0/24 maxlen: 24
191.101.137.0/24 maxlen: 24
191.101.218.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 15:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
27:0b:38:60:4b:92:b8:ab:43:22:29:9b:75:bb:3b:d9:81:76:ba:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Oct 10 12:21:54 2025 GMT
Not After : Oct 9 12:26:54 2026 GMT
Subject: CN=158BB87CC1156C788D090ED4FF79DA6AC46D0333
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:b8:65:cf:f8:11:ab:4c:f7:22:8d:11:af:f0:
1d:66:93:a2:e9:cf:c3:80:3a:52:30:74:cc:e9:27:
c3:8d:45:20:75:14:23:b0:0e:35:fa:eb:b3:1e:a3:
e7:a8:c0:c2:26:57:7f:bb:07:86:cf:8e:53:34:c8:
3e:c9:fe:d7:f3:6d:9d:28:da:5c:58:d1:66:b2:55:
a2:e4:2f:5f:b2:0f:e3:0f:be:87:77:0d:8d:fa:22:
1c:ce:7a:43:45:af:25:8d:4d:bd:1e:4f:eb:0e:2f:
1b:e4:b8:85:a7:2e:37:6e:e2:0c:06:fe:ef:0e:4b:
ac:82:db:90:a9:48:ce:d1:68:e7:50:1c:0f:34:0a:
e7:43:0c:fa:d3:50:ae:48:99:5c:c5:d7:7f:f5:df:
22:4f:7f:c9:fe:bc:1c:c6:74:1a:8e:85:48:ef:d5:
d4:e1:d4:0f:44:60:8e:84:15:f9:59:86:b2:8e:5a:
94:af:45:36:46:8c:bb:e6:7d:8c:53:92:a9:5f:46:
a2:f6:b3:8f:ae:1f:10:3a:96:b5:78:5f:f0:e6:35:
61:e4:91:6d:01:b0:7c:26:7d:0e:f6:c5:57:16:f9:
b3:02:07:31:e6:b8:ef:f2:68:90:bc:58:98:2a:30:
1c:95:71:db:71:f0:e2:60:a6:40:e4:ff:f7:d2:ca:
8c:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:8B:B8:7C:C1:15:6C:78:8D:09:0E:D4:FF:79:DA:6A:C4:6D:03:33
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS64267.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.57.17.0/24
89.19.46.0/24
89.19.49.0/24
141.98.89.0/24
179.61.145.0/24
179.61.207.0/24
179.61.209.0/24
181.41.210.0/24
181.41.212.0/24
181.41.217.0/24
181.41.219.0/24
181.214.7.0/24
181.214.76.0/24
181.214.179.0/24
181.214.209.0/24
181.214.211.0/24
181.214.229.0/24
181.215.40.0/24
181.215.238.0/24
181.215.250.0/24
185.137.93.0/24
185.137.95.0/24
185.139.0.0/24
185.158.149.0/24
191.96.249.0/24
191.101.66.0/23
191.101.83.0/24
191.101.89.0/24
191.101.125.0/24
191.101.137.0/24
191.101.218.0/24
Signature Algorithm: sha256WithRSAEncryption
b4:7c:dd:f9:f8:96:fe:e8:6c:85:ae:cb:ba:0e:14:30:a0:7d:
2b:ed:56:62:93:5d:5a:bb:42:3b:05:6b:b9:56:86:a1:8d:c5:
45:d0:80:29:9e:ff:dc:03:d2:1c:0a:9a:4a:f9:2a:f8:eb:6a:
cf:99:89:2b:49:fa:61:7b:75:1b:55:4c:6f:65:57:fc:36:db:
9c:cc:bd:22:0d:8e:85:f5:96:42:d0:d4:0e:d2:9e:92:39:ba:
83:34:31:36:84:49:e2:83:5b:63:af:4d:1c:43:76:7a:81:b1:
fc:ad:c4:fd:9d:7c:22:54:99:d7:96:3b:da:45:fc:1f:e3:12:
7a:6b:a2:f2:77:f4:bb:d9:11:bc:5d:f1:86:84:e1:75:85:69:
d0:6a:57:8e:89:e4:7f:eb:5a:cd:ab:17:69:78:3b:35:a8:76:
57:9f:d7:2e:76:85:61:a3:04:a4:da:35:a7:5a:1a:af:98:e1:
54:55:e7:dd:9f:43:f0:e5:58:c8:73:53:52:05:f1:83:26:37:
31:ce:ba:24:27:e2:4b:1d:4e:63:bb:77:ca:5b:f4:92:4f:77:
7a:fa:bb:68:4b:ac:30:79:18:89:5c:93:29:71:d4:ef:55:3b:
96:b9:2c:49:4b:9c:31:54:a0:56:48:c5:04:48:44:52:2b:19:
de:ef:5c:b8
-----BEGIN CERTIFICATE-----
MIIFuDCCBKCgAwIBAgIUJws4YEuSuKtDIimbdbs72YF2uo8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNTEwMTAxMjIxNTRaFw0yNjEwMDkxMjI2NTRaMDMxMTAvBgNV
BAMTKDE1OEJCODdDQzExNTZDNzg4RDA5MEVENEZGNzlEQTZBQzQ2RDAzMzMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCUuGXP+BGrTPcijRGv8B1mk6Lp
z8OAOlIwdMzpJ8ONRSB1FCOwDjX667Meo+eowMImV3+7B4bPjlM0yD7J/tfzbZ0o
2lxY0WayVaLkL1+yD+MPvod3DY36IhzOekNFryWNTb0eT+sOLxvkuIWnLjdu4gwG
/u8OS6yC25CpSM7RaOdQHA80CudDDPrTUK5ImVzF13/13yJPf8n+vBzGdBqOhUjv
1dTh1A9EYI6EFflZhrKOWpSvRTZGjLvmfYxTkqlfRqL2s4+uHxA6lrV4X/DmNWHk
kW0BsHwmfQ72xVcW+bMCBzHmuO/yaJC8WJgqMByVcdtx8OJgpkDk//fSyoxXAgMB
AAGjggLCMIICvjAdBgNVHQ4EFgQUFYu4fMEVbHiNCQ7U/3naasRtAzMwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTNjQyNjcucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwgdcGCCsGAQUFBwEHAQH/BIHHMIHEMIHBBAIAATCBugME
AAI5EQMEAFkTLgMEAFkTMQMEAI1iWQMEALM9kQMEALM9zwMEALM90QMEALUp0gME
ALUp1AMEALUp2QMEALUp2wMEALXWBwMEALXWTAMEALXWswMEALXW0QMEALXW0wME
ALXW5QMEALXXKAMEALXX7gMEALXX+gMEALmJXQMEALmJXwMEALmLAAMEALmelQME
AL9g+QMEAb9lQgMEAL9lUwMEAL9lWQMEAL9lfQMEAL9liQMEAL9l2jANBgkqhkiG
9w0BAQsFAAOCAQEAtHzd+fiW/uhsha7Lug4UMKB9K+1WYpNdWrtCOwVruVaGoY3F
RdCAKZ7/3APSHAqaSvkq+Otqz5mJK0n6YXt1G1VMb2VX/DbbnMy9Ig2OhfWWQtDU
DtKekjm6gzQxNoRJ4oNbY69NHEN2eoGx/K3E/Z18IlSZ15Y72kX8H+MSemui8nf0
u9kRvF3xhoThdYVp0GpXjonkf+tazasXaXg7Nah2V5/XLnaFYaMEpNo1p1oar5jh
VFXn3Z9D8OVYyHNTUgXxgyY3Mc66JCfiSx1OY7t3ylv0kk93evq7aEusMHkYiVyT
KXHU71U7lrksSUucMVSgVkjFBEhEUisZ3u9cuA==
-----END CERTIFICATE-----
Generated at Sun Oct 19 23:11:21 2025 by rpki-client