Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS64267.roa
File: AS64267.roa (raw, json)
Hash identifier: aWJJuAC9M+ReUZhw2+ibJUDbULaXQEXbx5ItPrVbvH0=
Subject key identifier: 58:B3:7A:8F:0D:34:BF:16:BF:57:BA:51:89:22:A6:F7:D6:F3:F9:75
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 22F2EA63FDCF795DEC9EBBFF3D6D67829F205912
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS64267.roa
Signing time: Tue 19 Aug 2025 17:12:58 +0000
ROA not before: Tue 19 Aug 2025 17:07:58 +0000
ROA not after: Tue 18 Aug 2026 17:12:58 +0000
asID: 64267
IP address blocks: 82.21.153.0/24 maxlen: 24
82.23.160.0/24 maxlen: 24
82.23.161.0/24 maxlen: 24
82.24.58.0/24 maxlen: 24
82.24.59.0/24 maxlen: 24
82.24.76.0/24 maxlen: 24
82.26.194.0/24 maxlen: 24
82.29.98.0/24 maxlen: 24
82.29.126.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 14:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
22:f2:ea:63:fd:cf:79:5d:ec:9e:bb:ff:3d:6d:67:82:9f:20:59:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Aug 19 17:07:58 2025 GMT
Not After : Aug 18 17:12:58 2026 GMT
Subject: CN=58B37A8F0D34BF16BF57BA518922A6F7D6F3F975
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:4b:a3:9a:ad:ec:fe:2c:58:34:f7:98:cb:bb:
35:73:1f:77:99:22:4f:9d:6c:c2:55:a1:db:2a:a8:
1a:25:49:c4:e7:cb:02:6f:54:c2:27:2a:a4:54:f3:
2d:fd:f9:34:3c:84:6d:12:55:1a:d2:ff:03:d9:1b:
ac:9e:89:a5:b6:ea:0d:76:f4:ae:70:14:e4:b2:b8:
36:a0:15:98:b5:47:1b:9e:d1:23:64:6e:07:36:12:
92:12:dc:4b:6d:f2:cc:3c:b5:71:ed:90:ce:bd:eb:
f4:a5:f6:05:85:56:52:4c:65:0c:bf:c7:c2:d8:b5:
14:97:7a:94:54:4d:2a:08:7b:f0:c6:01:de:66:19:
7f:0b:93:82:d9:1c:14:21:a0:e0:76:93:26:f5:ff:
5f:de:cb:05:30:83:0c:5b:1f:0b:f4:45:5c:7c:34:
40:4e:fc:5e:e9:65:63:51:a3:93:76:4b:7e:2c:2d:
ce:8d:90:8c:a4:5d:73:08:53:f6:7e:d2:34:f6:1c:
5d:04:85:29:a4:db:91:c0:ce:97:d2:7b:de:1b:7f:
21:4b:94:e2:fb:5d:2b:f9:a3:3b:bb:41:82:b0:ec:
72:0b:7c:31:b7:fc:22:88:1e:c2:a6:c6:78:cb:79:
4b:81:99:93:21:2e:2f:20:01:ef:6e:f0:ea:e4:b9:
ea:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:B3:7A:8F:0D:34:BF:16:BF:57:BA:51:89:22:A6:F7:D6:F3:F9:75
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS64267.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.153.0/24
82.23.160.0/23
82.24.58.0/23
82.24.76.0/24
82.26.194.0/24
82.29.98.0/24
82.29.126.0/24
Signature Algorithm: sha256WithRSAEncryption
7b:2b:62:60:dd:b5:e6:6f:08:be:2d:6e:7b:da:45:a0:b3:54:
bc:ef:69:e8:49:db:ef:bb:01:8d:d7:4f:a3:2f:98:c9:73:58:
65:83:54:87:16:45:36:d1:7d:89:80:7e:fd:87:4c:65:29:c9:
fa:82:34:6a:f0:96:8b:6d:22:e5:0f:a1:05:3e:a7:2e:ce:5a:
2a:73:38:32:c0:5b:94:88:4a:2f:ef:01:bf:60:5e:61:04:24:
6d:87:3e:09:eb:01:07:d0:bd:73:1d:5f:18:bd:8e:b6:65:4f:
9a:2d:f3:0c:7e:a5:f4:93:d8:4a:aa:3f:b3:d4:a8:6f:db:b8:
09:e2:d5:24:fe:43:dc:bd:84:f5:dc:ab:17:32:3c:3c:b5:7a:
1e:27:14:70:2f:bd:b3:f6:2a:a7:73:ba:48:96:c2:d2:2a:e1:
f8:f1:03:8c:7b:4c:90:bf:b1:29:c4:e6:60:d2:cd:88:23:8d:
62:a1:28:7d:e0:9b:63:88:83:98:ef:41:8f:2b:b0:5b:ce:33:
f6:26:77:3f:97:48:17:55:b8:b6:ad:ea:d3:4f:d0:56:5b:2b:
b8:06:a2:6b:9b:b8:c4:6c:b4:b0:27:4a:da:2b:bc:2a:a9:de:
13:ab:d6:62:5a:1c:be:7f:aa:a5:53:f7:83:90:9a:68:de:b6:
7a:c6:28:83
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgIUIvLqY/3PeV3snrv/PW1ngp8gWRIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTA4MTkxNzA3NThaFw0yNjA4MTgxNzEyNThaMDMxMTAvBgNV
BAMTKDU4QjM3QThGMEQzNEJGMTZCRjU3QkE1MTg5MjJBNkY3RDZGM0Y5NzUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCYS6Oarez+LFg095jLuzVzH3eZ
Ik+dbMJVodsqqBolScTnywJvVMInKqRU8y39+TQ8hG0SVRrS/wPZG6yeiaW26g12
9K5wFOSyuDagFZi1Rxue0SNkbgc2EpIS3Ett8sw8tXHtkM696/Sl9gWFVlJMZQy/
x8LYtRSXepRUTSoIe/DGAd5mGX8Lk4LZHBQhoOB2kyb1/1/eywUwgwxbHwv0RVx8
NEBO/F7pZWNRo5N2S34sLc6NkIykXXMIU/Z+0jT2HF0EhSmk25HAzpfSe94bfyFL
lOL7XSv5ozu7QYKw7HILfDG3/CKIHsKmxnjLeUuBmZMhLi8gAe9u8OrkuerxAgMB
AAGjggItMIICKTAdBgNVHQ4EFgQUWLN6jw00vxa/V7pRiSKm99bz+XUwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTNjQyNjcucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwQwYIKwYBBQUHAQcBAf8ENDAyMDAEAgABMCoDBABSFZkD
BAFSF6ADBAFSGDoDBABSGEwDBABSGsIDBABSHWIDBABSHX4wDQYJKoZIhvcNAQEL
BQADggEBAHsrYmDdteZvCL4tbnvaRaCzVLzvaehJ2++7AY3XT6MvmMlzWGWDVIcW
RTbRfYmAfv2HTGUpyfqCNGrwlottIuUPoQU+py7OWipzODLAW5SISi/vAb9gXmEE
JG2HPgnrAQfQvXMdXxi9jrZlT5ot8wx+pfST2EqqP7PUqG/buAni1ST+Q9y9hPXc
qxcyPDy1eh4nFHAvvbP2KqdzukiWwtIq4fjxA4x7TJC/sSnE5mDSzYgjjWKhKH3g
m2OIg5jvQY8rsFvOM/Ymdz+XSBdVuLat6tNP0FZbK7gGomubuMRstLAnStorvCqp
3hOr1mJaHL5/qqVT94OQmmjetnrGKIM=
-----END CERTIFICATE-----
Generated at Sat Aug 23 22:43:31 2025 by rpki-client