Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS58212.roa
File: AS58212.roa (raw, json)
Hash identifier: WGAPQpvHBnM1e+FcFe/WSOL2A2MhzMCofVNo4l99nKE=
Subject key identifier: 0B:A3:2E:BA:0B:71:0E:57:95:88:95:03:BC:12:5D:93:77:C2:7C:65
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 198C0D8DCE0FC36EEEFB40545173E96B836EEC9A
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS58212.roa
Signing time: Sun 31 Aug 2025 21:37:59 +0000
ROA not before: Sun 31 Aug 2025 21:32:59 +0000
ROA not after: Sun 30 Aug 2026 21:37:59 +0000
asID: 58212
IP address blocks: 143.14.11.0/24 maxlen: 24
143.14.93.0/24 maxlen: 24
143.14.126.0/24 maxlen: 24
143.14.136.0/24 maxlen: 24
143.14.156.0/24 maxlen: 24
143.14.171.0/24 maxlen: 24
143.14.202.0/24 maxlen: 24
143.14.216.0/24 maxlen: 24
146.103.22.0/24 maxlen: 24
146.103.48.0/24 maxlen: 24
147.79.30.0/24 maxlen: 24
167.148.173.0/24 maxlen: 24
167.148.187.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 06 Sep 2025 10:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
19:8c:0d:8d:ce:0f:c3:6e:ee:fb:40:54:51:73:e9:6b:83:6e:ec:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Aug 31 21:32:59 2025 GMT
Not After : Aug 30 21:37:59 2026 GMT
Subject: CN=0BA32EBA0B710E5795889503BC125D9377C27C65
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:f5:cf:5b:0f:63:ec:a6:b7:f9:d8:fa:97:d4:
a9:c5:0a:17:a9:e6:05:93:61:08:2a:7e:8d:3b:20:
9e:ec:f8:78:34:f4:8a:30:21:c7:5b:68:9d:d0:91:
8c:67:59:88:51:b0:16:80:62:26:b1:f6:30:a0:05:
87:b2:9f:2f:96:2e:69:79:be:0d:ec:50:f8:e1:0a:
a6:5d:b3:62:05:50:97:c7:53:3b:91:f5:91:4a:e5:
cb:d5:b7:b3:db:c8:ac:44:59:49:30:0f:31:64:68:
5c:82:17:c8:82:24:0a:6f:8a:5a:40:08:73:91:c9:
ed:a9:de:04:c7:af:9d:6e:05:b2:bd:17:6a:a0:dc:
12:fe:5b:12:26:74:d7:47:a4:b4:46:9d:49:d5:45:
14:af:e9:37:32:9b:00:ed:ea:8e:bc:90:84:d5:91:
06:9c:55:01:59:38:c9:72:32:89:78:d3:bc:33:a1:
37:d2:f4:2f:82:f1:c5:20:ce:67:ae:f4:d6:e5:79:
0d:9c:46:32:cf:04:b1:1c:37:d1:d1:a5:59:74:d8:
1b:aa:23:e0:72:82:d8:ec:ef:6a:e7:58:4f:12:27:
32:35:40:e0:e1:3b:4f:32:4f:1d:b8:d5:f5:81:d3:
d3:22:e1:de:8d:e0:7a:3e:4d:35:e7:69:61:5d:fb:
89:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:A3:2E:BA:0B:71:0E:57:95:88:95:03:BC:12:5D:93:77:C2:7C:65
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS58212.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.14.11.0/24
143.14.93.0/24
143.14.126.0/24
143.14.136.0/24
143.14.156.0/24
143.14.171.0/24
143.14.202.0/24
143.14.216.0/24
146.103.22.0/24
146.103.48.0/24
147.79.30.0/24
167.148.173.0/24
167.148.187.0/24
Signature Algorithm: sha256WithRSAEncryption
54:42:d4:01:07:66:4a:5f:4b:61:99:1b:55:75:df:4d:3b:b6:
16:fd:cc:7b:e2:e3:c6:63:77:7d:27:56:50:28:9d:1d:7e:29:
51:a8:d6:a7:72:3b:fd:aa:a1:23:65:41:c3:a2:96:ae:9f:b8:
50:67:06:aa:2d:bb:50:98:fe:54:24:ff:f9:79:23:25:f2:d0:
5d:4a:64:d5:d1:d5:85:be:c1:1f:39:9d:0f:69:ce:70:03:81:
b7:39:12:cb:64:72:78:31:57:5d:19:e4:50:c9:a3:b7:23:e1:
95:1f:32:d2:23:5a:98:fb:50:81:6a:a2:3a:4f:77:4d:05:d7:
7c:4b:ff:e9:e0:a2:5e:7a:1e:87:2c:39:66:17:52:cf:5b:d5:
44:68:80:cf:03:24:f9:07:9e:e5:da:85:85:98:28:ea:f6:59:
fd:be:03:a7:3c:b1:2e:6e:f1:f1:b5:c8:89:20:97:a1:09:56:
10:25:05:75:22:54:65:fc:cd:b7:4a:1e:35:68:df:18:58:31:
60:45:6e:7a:3e:0d:a8:91:c6:6b:3f:18:9b:b6:73:cf:bd:77:
d7:b3:e4:16:c3:e0:ad:12:73:1c:ac:ca:66:a5:0a:48:1d:3e:
0a:d8:78:2a:ca:4c:75:29:14:70:bd:38:24:fc:22:76:11:fb:
7e:1c:97:2d
-----BEGIN CERTIFICATE-----
MIIFRzCCBC+gAwIBAgIUGYwNjc4Pw27u+0BUUXPpa4Nu7JowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTA4MzEyMTMyNTlaFw0yNjA4MzAyMTM3NTlaMDMxMTAvBgNV
BAMTKDBCQTMyRUJBMEI3MTBFNTc5NTg4OTUwM0JDMTI1RDkzNzdDMjdDNjUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCj9c9bD2Psprf52PqX1KnFChep
5gWTYQgqfo07IJ7s+Hg09IowIcdbaJ3QkYxnWYhRsBaAYiax9jCgBYeyny+WLml5
vg3sUPjhCqZds2IFUJfHUzuR9ZFK5cvVt7PbyKxEWUkwDzFkaFyCF8iCJApvilpA
CHORye2p3gTHr51uBbK9F2qg3BL+WxImdNdHpLRGnUnVRRSv6TcymwDt6o68kITV
kQacVQFZOMlyMol407wzoTfS9C+C8cUgzmeu9NbleQ2cRjLPBLEcN9HRpVl02Buq
I+Bygtjs72rnWE8SJzI1QODhO08yTx241fWB09Mi4d6N4Ho+TTXnaWFd+4l/AgMB
AAGjggJRMIICTTAdBgNVHQ4EFgQUC6MuugtxDleViJUDvBJdk3fCfGUwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTNTgyMTIucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwZwYIKwYBBQUHAQcBAf8EWDBWMFQEAgABME4DBACPDgsD
BACPDl0DBACPDn4DBACPDogDBACPDpwDBACPDqsDBACPDsoDBACPDtgDBACSZxYD
BACSZzADBACTTx4DBACnlK0DBACnlLswDQYJKoZIhvcNAQELBQADggEBAFRC1AEH
ZkpfS2GZG1V13007thb9zHvi48Zjd30nVlAonR1+KVGo1qdyO/2qoSNlQcOilq6f
uFBnBqotu1CY/lQk//l5IyXy0F1KZNXR1YW+wR85nQ9pznADgbc5EstkcngxV10Z
5FDJo7cj4ZUfMtIjWpj7UIFqojpPd00F13xL/+ngol56HocsOWYXUs9b1URogM8D
JPkHnuXahYWYKOr2Wf2+A6c8sS5u8fG1yIkgl6EJVhAlBXUiVGX8zbdKHjVo3xhY
MWBFbno+DaiRxms/GJu2c8+9d9ez5BbD4K0ScxysymalCkgdPgrYeCrKTHUpFHC9
OCT8InYR+34cly0=
-----END CERTIFICATE-----
Generated at Fri Sep 5 19:45:05 2025 by rpki-client