Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/AS64267.roa
File: AS64267.roa (raw, json)
Hash identifier: Y/A1U4AKlhoc18kaW1kax3CmOxOLiXgaDZTrG9sfKSM=
Subject key identifier: 72:71:4A:4E:37:D6:2A:36:44:31:D7:31:5F:E5:80:9B:7D:FD:25:4D
Certificate issuer: /CN=88c14ec02adbf083138eddd47871176ddeb93d9d
Certificate serial: 407BFBDAF3DC28F567454B35DECEB08120ABD758
Authority key identifier: 88:C1:4E:C0:2A:DB:F0:83:13:8E:DD:D4:78:71:17:6D:DE:B9:3D:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/AS64267.roa
Signing time: Fri 26 Sep 2025 00:05:02 +0000
ROA not before: Fri 26 Sep 2025 00:00:02 +0000
ROA not after: Fri 25 Sep 2026 00:05:02 +0000
asID: 64267
IP address blocks: 143.20.144.0/24 maxlen: 24
143.20.146.0/24 maxlen: 24
143.20.148.0/24 maxlen: 24
143.20.151.0/24 maxlen: 24
143.20.153.0/24 maxlen: 24
143.20.154.0/24 maxlen: 24
143.20.165.0/24 maxlen: 24
143.20.170.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.crl
rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.mft
rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 01:18:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
40:7b:fb:da:f3:dc:28:f5:67:45:4b:35:de:ce:b0:81:20:ab:d7:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88c14ec02adbf083138eddd47871176ddeb93d9d
Validity
Not Before: Sep 26 00:00:02 2025 GMT
Not After : Sep 25 00:05:02 2026 GMT
Subject: CN=72714A4E37D62A364431D7315FE5809B7DFD254D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:ea:e2:5e:99:b9:49:96:01:de:9e:c4:b3:70:
fb:ae:00:e1:cf:a7:10:a6:f2:0f:a8:6a:8d:77:00:
5c:58:6e:38:4f:9c:ef:a6:39:89:58:57:ee:77:64:
ae:42:20:b9:52:e7:e0:5d:9b:cc:0e:de:9f:23:c8:
db:80:76:ad:4c:0c:34:b8:9d:8b:66:97:03:07:b0:
3b:1f:40:8a:72:b9:af:8d:f9:b7:bf:0e:1c:be:a1:
0a:99:83:43:12:f1:a2:1f:8d:11:e8:e0:d5:03:da:
d1:7d:9c:3c:d4:a1:6c:62:7b:5d:5f:a8:75:34:e2:
bd:39:26:44:3a:cd:20:23:8c:58:79:5d:e0:3e:ab:
71:a1:cd:1d:e7:7c:19:40:25:91:fb:17:ca:84:82:
cc:2e:30:72:8d:60:09:d1:49:09:1d:22:2c:ea:0e:
33:b2:f9:17:20:78:76:ff:30:c6:cf:77:3e:3a:cc:
39:1f:3f:7e:4f:80:e3:29:28:7e:de:a6:3d:50:a1:
2e:17:13:16:73:62:6d:3b:1d:55:4f:d6:7b:d3:70:
1d:e5:56:6e:b4:d7:fa:56:28:4e:f9:7a:4f:82:f8:
cc:2d:62:96:72:a7:d7:24:76:f1:c9:25:5a:43:59:
d9:a2:5b:58:2c:03:32:5d:a6:31:da:db:0e:ba:8a:
f1:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:71:4A:4E:37:D6:2A:36:44:31:D7:31:5F:E5:80:9B:7D:FD:25:4D
X509v3 Authority Key Identifier:
keyid:88:C1:4E:C0:2A:DB:F0:83:13:8E:DD:D4:78:71:17:6D:DE:B9:3D:9D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/AS64267.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.20.144.0/24
143.20.146.0/24
143.20.148.0/24
143.20.151.0/24
143.20.153.0-143.20.154.255
143.20.165.0/24
143.20.170.0/24
Signature Algorithm: sha256WithRSAEncryption
c4:fa:b0:a5:37:d1:bd:7f:de:34:e0:d8:41:9f:9c:e4:cb:4e:
d2:8e:6e:71:ea:46:18:89:ca:70:e3:ad:6a:c9:5f:52:96:7f:
eb:1f:1a:70:df:8d:7b:af:00:dc:58:dd:c8:7a:af:a9:ed:6e:
22:03:bd:55:1a:cd:e6:87:ed:ba:ea:ea:4e:0b:ea:18:fe:f7:
83:d5:65:40:25:71:17:9c:b0:43:1d:ed:a8:86:72:58:b0:fe:
37:95:a7:f1:98:41:d9:fb:98:c9:83:7e:15:ac:81:a9:80:8a:
6a:d4:ef:04:b1:cd:8e:9f:4f:43:57:de:47:b4:36:8f:e2:8b:
69:cb:88:0d:37:02:eb:b0:af:cd:9d:05:8a:10:a7:d2:6a:43:
da:d1:04:5a:5a:1b:02:8e:ad:bf:89:b5:84:d3:a9:01:34:bb:
48:8a:51:26:73:58:eb:0e:49:4f:cd:3d:6c:9a:cb:2f:37:4c:
94:1d:53:72:df:7d:0a:c1:f4:91:38:ee:5e:58:c8:5b:66:ff:
73:91:fa:b4:ae:8d:a8:2b:28:70:67:51:2e:f9:61:20:7f:39:
67:63:83:ce:5d:ca:20:7c:41:9e:87:6e:27:e5:27:4f:a2:44:
8f:38:4b:7a:e6:df:16:d4:45:46:82:d1:7f:11:ba:74:c1:6c:
32:19:6d:bb
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgIUQHv72vPcKPVnRUs13s6wgSCr11gwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODhjMTRlYzAyYWRiZjA4MzEzOGVkZGQ0Nzg3MTE3NmRk
ZWI5M2Q5ZDAeFw0yNTA5MjYwMDAwMDJaFw0yNjA5MjUwMDA1MDJaMDMxMTAvBgNV
BAMTKDcyNzE0QTRFMzdENjJBMzY0NDMxRDczMTVGRTU4MDlCN0RGRDI1NEQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCu6uJemblJlgHensSzcPuuAOHP
pxCm8g+oao13AFxYbjhPnO+mOYlYV+53ZK5CILlS5+Bdm8wO3p8jyNuAdq1MDDS4
nYtmlwMHsDsfQIpyua+N+be/Dhy+oQqZg0MS8aIfjRHo4NUD2tF9nDzUoWxie11f
qHU04r05JkQ6zSAjjFh5XeA+q3GhzR3nfBlAJZH7F8qEgswuMHKNYAnRSQkdIizq
DjOy+RcgeHb/MMbPdz46zDkfP35PgOMpKH7epj1QoS4XExZzYm07HVVP1nvTcB3l
Vm601/pWKE75ek+C+MwtYpZyp9ckdvHJJVpDWdmiW1gsAzJdpjHa2w66ivFdAgMB
AAGjggI1MIICMTAdBgNVHQ4EFgQUcnFKTjfWKjZEMdcxX+WAm339JU0wHwYDVR0j
BBgwFoAUiMFOwCrb8IMTjt3UeHEXbd65PZ0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQwOWQ3YjItZWU2NC00OWYxLWFkODEtOGU0YTEwN2Q2
MmUwLzAvODhDMTRFQzAyQURCRjA4MzEzOEVEREQ0Nzg3MTE3NkRERUI5M0Q5RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2lNRk93Q3JiOElNVGp0M1VlSEVYYmQ2
NVBaMC5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0MDlkN2IyLWVlNjQt
NDlmMS1hZDgxLThlNGExMDdkNjJlMC8wL0FTNjQyNjcucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwSwYIKwYBBQUHAQcBAf8EPDA6MDgEAgABMDIDBACPFJAD
BACPFJIDBACPFJQDBACPFJcwDAMEAI8UmQMEAI8UmgMEAI8UpQMEAI8UqjANBgkq
hkiG9w0BAQsFAAOCAQEAxPqwpTfRvX/eNODYQZ+c5MtO0o5ucepGGInKcOOtaslf
UpZ/6x8acN+Ne68A3FjdyHqvqe1uIgO9VRrN5oftuurqTgvqGP73g9VlQCVxF5yw
Qx3tqIZyWLD+N5Wn8ZhB2fuYyYN+FayBqYCKatTvBLHNjp9PQ1feR7Q2j+KLacuI
DTcC67CvzZ0FihCn0mpD2tEEWlobAo6tv4m1hNOpATS7SIpRJnNY6w5JT809bJrL
LzdMlB1Tct99CsH0kTjuXljIW2b/c5H6tK6NqCsocGdRLvlhIH85Z2ODzl3KIHxB
noduJ+UnT6JEjzhLeubfFtRFRoLRfxG6dMFsMhltuw==
-----END CERTIFICATE-----
Generated at Sun Oct 19 15:02:44 2025 by rpki-client