Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS12027.roa
File: AS12027.roa (raw, json)
Hash identifier: FRwIKozyLTR1Bgy+Lcup9YSOjnH4CopPUUYRD6MwkHw=
Subject key identifier: 84:A2:D9:5D:98:DF:E4:8E:B5:CE:97:79:C0:CA:C4:E2:C9:5C:6C:88
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 61B878535954F2681EED924921B59F108ACD41E9
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS12027.roa
Signing time: Fri 07 Nov 2025 11:48:43 +0000
ROA not before: Fri 07 Nov 2025 11:43:43 +0000
ROA not after: Fri 06 Nov 2026 11:48:43 +0000
asID: 12027
IP address blocks: 143.14.208.0/23 maxlen: 24
146.103.27.0/24 maxlen: 24
155.117.201.0/24 maxlen: 24
167.148.33.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 17:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
61:b8:78:53:59:54:f2:68:1e:ed:92:49:21:b5:9f:10:8a:cd:41:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Nov 7 11:43:43 2025 GMT
Not After : Nov 6 11:48:43 2026 GMT
Subject: CN=84A2D95D98DFE48EB5CE9779C0CAC4E2C95C6C88
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:2e:ab:48:aa:6c:df:b9:cd:77:c2:db:81:27:
43:ae:ff:38:ea:46:7f:29:5e:c2:21:d7:d3:35:ed:
f5:81:76:d4:19:7c:96:74:87:8b:b4:cb:a8:e5:53:
a1:94:54:da:f4:22:06:1e:f7:81:44:40:d5:f0:b9:
26:0c:b9:5d:c2:16:1e:7b:a7:41:d8:af:d5:a0:4d:
cb:ad:e5:b5:46:c4:ae:d3:3d:d0:41:b3:44:ff:8b:
95:26:55:2d:5e:91:34:86:6c:91:18:7a:18:6e:42:
6a:3c:41:fe:6b:b4:9c:05:ca:29:d2:ce:4d:90:cc:
6e:21:a6:c7:1c:3a:8e:86:d5:80:4e:19:66:9f:43:
16:d8:1a:7f:d1:4a:99:13:55:9e:8e:49:3d:a0:80:
c4:78:80:60:27:af:80:07:68:4f:b3:dd:dc:0e:72:
6e:67:4e:c8:ca:93:d6:08:e9:b9:52:6f:80:89:ef:
e3:5c:ef:35:e1:cb:e7:cc:9d:c0:c6:12:30:ec:51:
59:ab:ba:df:05:c1:ab:56:4c:8f:db:0a:c6:79:72:
32:2d:c4:4f:8b:5c:f3:dd:9b:0e:8d:13:8f:cb:5f:
a5:89:75:66:6d:96:4f:fa:d0:be:99:1e:58:e8:71:
e1:19:fb:32:e7:8c:5d:6d:8c:1e:c3:53:3b:02:70:
bc:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:A2:D9:5D:98:DF:E4:8E:B5:CE:97:79:C0:CA:C4:E2:C9:5C:6C:88
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS12027.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.14.208.0/23
146.103.27.0/24
155.117.201.0/24
167.148.33.0/24
Signature Algorithm: sha256WithRSAEncryption
24:2d:1a:fc:24:15:59:61:a4:ea:bc:4f:22:03:16:3d:21:fe:
14:30:6c:0a:25:67:5f:b6:38:a2:5a:7e:ca:0e:59:76:5a:79:
ef:02:6c:33:e0:09:2c:b0:49:69:2e:66:35:62:0d:d6:4b:1a:
3f:e8:79:be:c7:3f:31:61:19:71:82:9a:3b:a0:3f:51:29:48:
7b:b0:6e:58:6b:a9:da:7c:e3:6f:d7:6d:a9:d1:a2:54:21:5e:
04:30:b9:e3:01:42:6d:16:0c:6f:a6:8a:96:7b:12:0d:dc:02:
57:fe:4f:50:c6:a4:df:c6:79:37:21:4e:27:62:53:69:20:22:
13:b6:3b:e3:2a:56:dc:59:01:d7:23:0c:76:68:5b:19:7c:f7:
b1:92:08:90:8c:5f:30:b4:b8:3f:51:ed:fe:45:4e:ba:52:bf:
d6:a0:b4:94:8a:b1:20:8c:25:9b:8e:19:65:0e:80:f7:51:5e:
18:fd:ba:28:15:24:f0:ab:6a:44:40:d1:c9:aa:a3:56:21:f2:
f0:22:f8:45:64:be:ca:7a:9e:8f:b4:1c:45:4e:aa:7f:fb:5f:
e5:fc:da:2a:42:f0:c0:2b:e1:97:2f:46:d4:ea:bf:90:0b:b6:
17:83:44:4e:82:51:30:ed:d0:1a:0c:69:37:22:a4:a8:a0:2e:
4e:2e:31:8e
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgIUYbh4U1lU8mge7ZJJIbWfEIrNQekwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTExMDcxMTQzNDNaFw0yNjExMDYxMTQ4NDNaMDMxMTAvBgNV
BAMTKDg0QTJEOTVEOThERkU0OEVCNUNFOTc3OUMwQ0FDNEUyQzk1QzZDODgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCzLqtIqmzfuc13wtuBJ0Ou/zjq
Rn8pXsIh19M17fWBdtQZfJZ0h4u0y6jlU6GUVNr0IgYe94FEQNXwuSYMuV3CFh57
p0HYr9WgTcut5bVGxK7TPdBBs0T/i5UmVS1ekTSGbJEYehhuQmo8Qf5rtJwFyinS
zk2QzG4hpsccOo6G1YBOGWafQxbYGn/RSpkTVZ6OST2ggMR4gGAnr4AHaE+z3dwO
cm5nTsjKk9YI6blSb4CJ7+Nc7zXhy+fMncDGEjDsUVmrut8FwatWTI/bCsZ5cjIt
xE+LXPPdmw6NE4/LX6WJdWZtlk/60L6ZHljoceEZ+zLnjF1tjB7DUzsCcLxVAgMB
AAGjggIbMIICFzAdBgNVHQ4EFgQUhKLZXZjf5I61zpd5wMrE4slcbIgwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMTIwMjcucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwMQYIKwYBBQUHAQcBAf8EIjAgMB4EAgABMBgDBAGPDtAD
BACSZxsDBACbdckDBACnlCEwDQYJKoZIhvcNAQELBQADggEBACQtGvwkFVlhpOq8
TyIDFj0h/hQwbAolZ1+2OKJafsoOWXZaee8CbDPgCSywSWkuZjViDdZLGj/oeb7H
PzFhGXGCmjugP1EpSHuwblhrqdp842/XbanRolQhXgQwueMBQm0WDG+mipZ7Eg3c
Alf+T1DGpN/GeTchTidiU2kgIhO2O+MqVtxZAdcjDHZoWxl897GSCJCMXzC0uD9R
7f5FTrpSv9agtJSKsSCMJZuOGWUOgPdRXhj9uigVJPCrakRA0cmqo1Yh8vAi+EVk
vsp6no+0HEVOqn/7X+X82ipC8MAr4ZcvRtTqv5ALtheDRE6CUTDt0BoMaTcipKig
Lk4uMY4=
-----END CERTIFICATE-----
Generated at Tue Nov 11 20:54:41 2025 by rpki-client