Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/AS64267.roa
File: AS64267.roa (raw, json)
Hash identifier: r/+0HFdvbO88hERyoyOWu8nJZHujmFeucKpFUHPd0YM=
Subject key identifier: C5:1D:63:20:17:31:B0:88:2B:81:D0:36:BC:61:40:5E:2E:32:7F:B8
Certificate issuer: /CN=88c14ec02adbf083138eddd47871176ddeb93d9d
Certificate serial: 28A899C288ED6C50CEC43FA2D9FBA29264CEA5BC
Authority key identifier: 88:C1:4E:C0:2A:DB:F0:83:13:8E:DD:D4:78:71:17:6D:DE:B9:3D:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/AS64267.roa
Signing time: Thu 26 Jun 2025 14:01:36 +0000
ROA not before: Thu 26 Jun 2025 13:56:36 +0000
ROA not after: Thu 25 Jun 2026 14:01:36 +0000
asID: 64267
IP address blocks: 143.20.144.0/24 maxlen: 24
143.20.146.0/24 maxlen: 24
143.20.148.0/24 maxlen: 24
143.20.151.0/24 maxlen: 24
143.20.153.0/24 maxlen: 24
143.20.154.0/24 maxlen: 24
143.20.160.0/24 maxlen: 24
143.20.165.0/24 maxlen: 24
143.20.170.0/24 maxlen: 24
143.20.174.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.crl
rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.mft
rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 15:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
28:a8:99:c2:88:ed:6c:50:ce:c4:3f:a2:d9:fb:a2:92:64:ce:a5:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88c14ec02adbf083138eddd47871176ddeb93d9d
Validity
Not Before: Jun 26 13:56:36 2025 GMT
Not After : Jun 25 14:01:36 2026 GMT
Subject: CN=C51D63201731B0882B81D036BC61405E2E327FB8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:72:6c:73:b7:34:26:89:b2:6b:80:c8:c9:34:
b4:1e:3c:46:4c:f0:9e:8a:95:e9:84:d5:ef:10:42:
09:6e:ac:d8:7b:c8:e2:5e:17:86:dd:16:17:a3:af:
51:8b:18:78:ab:56:4c:72:9b:74:d7:21:ee:b9:de:
65:95:d9:23:82:d5:f3:65:af:e2:6a:2f:24:b3:1d:
09:2d:0c:12:9d:52:2f:d5:2d:c8:4f:53:2f:c8:59:
fd:24:e5:87:d4:91:29:02:a9:d7:6e:3d:15:cc:b4:
7d:b4:52:c1:fb:f1:78:74:8f:8d:37:de:86:bc:2e:
88:77:0a:02:70:d6:82:69:b6:c0:a1:38:67:44:f6:
0c:a0:84:6a:96:3a:20:e4:99:be:61:ee:d5:20:57:
ac:1d:4f:89:63:ef:7b:67:d7:31:c4:6f:76:3b:3b:
6f:37:eb:11:7c:f7:25:0b:1a:25:71:5c:f0:ea:16:
90:fd:de:05:6b:ff:e2:a8:6c:11:18:33:c8:34:06:
f5:8e:2b:29:90:d6:fe:35:57:1a:bb:96:ff:09:da:
9d:cc:0b:f2:03:65:58:3f:8f:52:23:e7:3b:31:bd:
56:23:9b:6a:f5:b4:a5:c3:4b:2d:e7:47:cb:fe:17:
3d:bb:fa:6c:bd:bb:cf:13:11:4f:fb:05:eb:17:26:
62:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:1D:63:20:17:31:B0:88:2B:81:D0:36:BC:61:40:5E:2E:32:7F:B8
X509v3 Authority Key Identifier:
keyid:88:C1:4E:C0:2A:DB:F0:83:13:8E:DD:D4:78:71:17:6D:DE:B9:3D:9D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/AS64267.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.20.144.0/24
143.20.146.0/24
143.20.148.0/24
143.20.151.0/24
143.20.153.0-143.20.154.255
143.20.160.0/24
143.20.165.0/24
143.20.170.0/24
143.20.174.0/24
Signature Algorithm: sha256WithRSAEncryption
45:ec:b0:8f:62:d5:ae:57:a0:71:2d:fa:f1:5c:ed:9f:0d:20:
00:b5:36:bc:3d:af:12:45:58:b1:e8:40:02:1b:73:9c:ba:ad:
77:e2:f1:75:f4:65:80:dd:ee:bd:86:66:32:58:ad:4f:7b:e4:
4c:52:59:81:07:ce:af:30:13:10:2a:d2:75:56:26:c5:9b:22:
15:61:31:d9:19:4d:53:51:3b:14:6c:c4:40:a0:8b:c2:bd:c3:
d0:e9:c0:ad:42:5b:cb:2b:ab:84:9f:f5:c8:db:e9:e5:66:a9:
6a:cf:8c:30:99:63:39:f1:60:2c:a9:5c:ea:63:83:12:54:42:
e4:c1:7f:3a:02:4e:18:03:73:30:a9:33:e8:16:41:a1:bc:a7:
d0:b9:73:bc:05:12:d6:b9:15:1c:80:3a:cf:b8:30:81:6e:2d:
ef:fa:2c:c6:76:26:7f:7c:08:dd:b7:7c:4f:0f:25:cd:79:40:
49:ac:e4:43:26:20:61:80:84:d8:52:82:51:14:ee:4b:7e:25:
10:89:70:b3:cb:9f:67:5e:b8:c3:c9:94:c0:47:9e:9a:fb:aa:
f7:48:b2:99:e2:b2:8f:4e:e7:23:db:e9:4a:c8:10:3d:c4:59:
06:23:d7:83:7e:f2:70:32:61:8f:94:fe:c4:59:6e:0d:58:9f:
a8:f3:2c:01
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUKKiZwojtbFDOxD+i2fuikmTOpbwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODhjMTRlYzAyYWRiZjA4MzEzOGVkZGQ0Nzg3MTE3NmRk
ZWI5M2Q5ZDAeFw0yNTA2MjYxMzU2MzZaFw0yNjA2MjUxNDAxMzZaMDMxMTAvBgNV
BAMTKEM1MUQ2MzIwMTczMUIwODgyQjgxRDAzNkJDNjE0MDVFMkUzMjdGQjgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDCcmxztzQmibJrgMjJNLQePEZM
8J6KlemE1e8QQglurNh7yOJeF4bdFhejr1GLGHirVkxym3TXIe653mWV2SOC1fNl
r+JqLySzHQktDBKdUi/VLchPUy/IWf0k5YfUkSkCqdduPRXMtH20UsH78Xh0j403
3oa8Loh3CgJw1oJptsChOGdE9gyghGqWOiDkmb5h7tUgV6wdT4lj73tn1zHEb3Y7
O2836xF89yULGiVxXPDqFpD93gVr/+KobBEYM8g0BvWOKymQ1v41Vxq7lv8J2p3M
C/IDZVg/j1Ij5zsxvVYjm2r1tKXDSy3nR8v+Fz27+my9u88TEU/7BesXJmKJAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUxR1jIBcxsIgrgdA2vGFAXi4yf7gwHwYDVR0j
BBgwFoAUiMFOwCrb8IMTjt3UeHEXbd65PZ0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQwOWQ3YjItZWU2NC00OWYxLWFkODEtOGU0YTEwN2Q2
MmUwLzAvODhDMTRFQzAyQURCRjA4MzEzOEVEREQ0Nzg3MTE3NkRERUI5M0Q5RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2lNRk93Q3JiOElNVGp0M1VlSEVYYmQ2
NVBaMC5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0MDlkN2IyLWVlNjQt
NDlmMS1hZDgxLThlNGExMDdkNjJlMC8wL0FTNjQyNjcucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwVwYIKwYBBQUHAQcBAf8ESDBGMEQEAgABMD4DBACPFJAD
BACPFJIDBACPFJQDBACPFJcwDAMEAI8UmQMEAI8UmgMEAI8UoAMEAI8UpQMEAI8U
qgMEAI8UrjANBgkqhkiG9w0BAQsFAAOCAQEAReywj2LVrlegcS368Vztnw0gALU2
vD2vEkVYsehAAhtznLqtd+LxdfRlgN3uvYZmMlitT3vkTFJZgQfOrzATECrSdVYm
xZsiFWEx2RlNU1E7FGzEQKCLwr3D0OnArUJbyyurhJ/1yNvp5Wapas+MMJljOfFg
LKlc6mODElRC5MF/OgJOGANzMKkz6BZBobyn0LlzvAUS1rkVHIA6z7gwgW4t7/os
xnYmf3wI3bd8Tw8lzXlASazkQyYgYYCE2FKCURTuS34lEIlws8ufZ164w8mUwEee
mvuq90iymeKyj07nI9vpSsgQPcRZBiPXg37ycDJhj5T+xFluDVifqPMsAQ==
-----END CERTIFICATE-----
Generated at Sun Jun 29 00:02:46 2025 by rpki-client