Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS812.roa
File: AS812.roa (raw, json)
Hash identifier: MDj3rxWDpOsJgOsRfewZM4Rk3j/Z4vWCpVnkr9OrHC4=
Subject key identifier: 68:7F:1B:A7:82:85:78:83:B5:38:08:D1:E2:67:95:25:49:F2:37:B9
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 28BB358D0A7F806466959664FF6F7E42F88C7348
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS812.roa
Signing time: Mon 01 Sep 2025 06:06:33 +0000
ROA not before: Mon 01 Sep 2025 06:01:33 +0000
ROA not after: Mon 31 Aug 2026 06:06:33 +0000
asID: 812
IP address blocks: 143.14.232.0/21 maxlen: 24
162.141.22.0/23 maxlen: 24
162.141.24.0/22 maxlen: 24
162.141.28.0/22 maxlen: 24
162.141.32.0/22 maxlen: 24
162.141.40.0/22 maxlen: 24
162.141.56.0/22 maxlen: 24
162.141.60.0/22 maxlen: 24
162.141.72.0/22 maxlen: 24
162.141.144.0/21 maxlen: 24
162.141.156.0/23 maxlen: 24
162.141.168.0/21 maxlen: 24
162.141.184.0/21 maxlen: 24
167.148.16.0/21 maxlen: 24
167.148.24.0/22 maxlen: 24
167.148.48.0/21 maxlen: 24
167.148.56.0/22 maxlen: 24
167.148.60.0/22 maxlen: 24
167.148.64.0/22 maxlen: 24
167.148.76.0/22 maxlen: 24
167.148.88.0/21 maxlen: 24
167.148.108.0/22 maxlen: 24
167.148.120.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 06 Sep 2025 10:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
28:bb:35:8d:0a:7f:80:64:66:95:96:64:ff:6f:7e:42:f8:8c:73:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Sep 1 06:01:33 2025 GMT
Not After : Aug 31 06:06:33 2026 GMT
Subject: CN=687F1BA782857883B53808D1E267952549F237B9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:c2:2c:fe:ce:ab:18:70:fe:52:25:c0:6e:10:
7c:02:28:f1:af:9b:b8:a4:11:4b:60:39:cc:c2:a0:
11:f6:15:99:22:32:88:d6:3e:2b:5f:74:bd:81:8f:
a0:7b:5c:e7:35:18:e5:37:77:87:e3:b7:d5:d1:75:
b8:0a:f0:39:f8:d6:83:61:f3:59:43:62:60:17:73:
3a:ac:30:dc:dc:a5:7a:79:e5:88:0f:e5:a8:e6:93:
16:fb:61:e4:76:20:48:f8:f8:c1:f3:9d:bb:a8:fa:
f4:0f:9d:ec:f8:b3:db:49:16:65:34:a7:39:6d:60:
e2:9c:e2:c3:18:48:0b:63:e4:e2:2e:54:23:d2:80:
05:80:84:2c:01:5b:b0:6a:20:39:b5:13:aa:7f:30:
71:64:12:66:3e:86:40:39:0c:ca:d7:df:66:56:ca:
87:7d:25:17:aa:e9:93:1f:7e:3b:7b:2d:e5:26:95:
31:68:e9:2e:c9:1e:01:1f:e7:a7:e7:64:16:db:f7:
d3:f3:61:81:5a:02:f1:99:d0:45:06:da:65:35:16:
3e:50:d1:d5:dd:07:7e:4c:0a:74:87:22:1f:61:72:
0c:49:2c:c5:20:a6:7f:f9:be:83:13:a4:ff:e0:64:
b0:d3:94:d8:51:46:52:73:43:68:7d:42:5b:2b:d8:
54:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:7F:1B:A7:82:85:78:83:B5:38:08:D1:E2:67:95:25:49:F2:37:B9
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS812.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.14.232.0/21
162.141.22.0-162.141.35.255
162.141.40.0/22
162.141.56.0/21
162.141.72.0/22
162.141.144.0/21
162.141.156.0/23
162.141.168.0/21
162.141.184.0/21
167.148.16.0-167.148.27.255
167.148.48.0-167.148.67.255
167.148.76.0/22
167.148.88.0/21
167.148.108.0/22
167.148.120.0/22
Signature Algorithm: sha256WithRSAEncryption
68:42:6e:20:e4:53:29:8b:e3:a9:67:5f:51:2a:6a:22:97:86:
52:d1:bf:92:08:31:36:9d:4c:2a:dc:b4:52:65:de:e0:b6:f1:
93:dd:09:cb:3f:b5:66:ee:f0:88:6b:37:44:d4:46:44:59:71:
61:2e:8e:d5:1c:21:51:57:22:e5:a9:7e:d3:9c:5e:f5:c4:e5:
00:b1:e5:00:bf:4a:b3:94:1b:9b:c3:2c:9e:58:ac:59:67:ee:
66:4b:92:02:60:e9:a9:d9:07:57:a5:c9:6f:82:58:87:f8:8a:
5f:a2:e6:77:f7:cb:a0:55:06:fd:e6:8c:b7:e8:d1:88:df:7a:
75:55:5b:cf:c7:15:1c:2f:18:44:55:d4:ab:33:76:5d:ea:54:
bb:13:06:25:ac:b8:2f:05:fa:2c:c4:4c:a1:72:47:7e:36:c7:
b5:72:99:d7:20:7c:a7:ff:7f:78:70:91:40:fa:cc:48:2b:54:
72:a1:94:50:76:ae:e7:c5:82:9a:e6:27:90:90:96:fc:89:d3:
cb:05:58:4b:a1:d9:16:27:63:1b:9e:e4:84:da:cb:9f:bd:15:
d4:b4:8e:f1:18:af:45:7e:5b:8e:19:ac:55:90:f1:77:56:80:
fa:a5:87:33:15:be:3e:11:4e:6a:07:c7:f4:a6:1f:2e:9a:9b:
89:4f:a6:3a
-----BEGIN CERTIFICATE-----
MIIFajCCBFKgAwIBAgIUKLs1jQp/gGRmlZZk/29+QviMc0gwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTA5MDEwNjAxMzNaFw0yNjA4MzEwNjA2MzNaMDMxMTAvBgNV
BAMTKDY4N0YxQkE3ODI4NTc4ODNCNTM4MDhEMUUyNjc5NTI1NDlGMjM3QjkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDRwiz+zqsYcP5SJcBuEHwCKPGv
m7ikEUtgOczCoBH2FZkiMojWPitfdL2Bj6B7XOc1GOU3d4fjt9XRdbgK8Dn41oNh
81lDYmAXczqsMNzcpXp55YgP5ajmkxb7YeR2IEj4+MHznbuo+vQPnez4s9tJFmU0
pzltYOKc4sMYSAtj5OIuVCPSgAWAhCwBW7BqIDm1E6p/MHFkEmY+hkA5DMrX32ZW
yod9JReq6ZMffjt7LeUmlTFo6S7JHgEf56fnZBbb99PzYYFaAvGZ0EUG2mU1Fj5Q
0dXdB35MCnSHIh9hcgxJLMUgpn/5voMTpP/gZLDTlNhRRlJzQ2h9Qlsr2FRzAgMB
AAGjggJ0MIICcDAdBgNVHQ4EFgQUaH8bp4KFeIO1OAjR4meVJUnyN7kwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIweAYIKwYBBQUHAQsEbDBqMGgGCCsGAQUFBzALhlxyc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTODEyLnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGLBggrBgEFBQcBBwEB/wR8MHoweAQCAAEwcgMEA48O6DAM
AwQBoo0WAwQCoo0gAwQCoo0oAwQDoo04AwQCoo1IAwQDoo2QAwQBoo2cAwQDoo2o
AwQDoo24MAwDBASnlBADBAKnlBgwDAMEBKeUMAMEAqeUQAMEAqeUTAMEA6eUWAME
AqeUbAMEAqeUeDANBgkqhkiG9w0BAQsFAAOCAQEAaEJuIORTKYvjqWdfUSpqIpeG
UtG/kggxNp1MKty0UmXe4Lbxk90Jyz+1Zu7wiGs3RNRGRFlxYS6O1RwhUVci5al+
05xe9cTlALHlAL9Ks5Qbm8MsnlisWWfuZkuSAmDpqdkHV6XJb4JYh/iKX6Lmd/fL
oFUG/eaMt+jRiN96dVVbz8cVHC8YRFXUqzN2XepUuxMGJay4LwX6LMRMoXJHfjbH
tXKZ1yB8p/9/eHCRQPrMSCtUcqGUUHau58WCmuYnkJCW/InTywVYS6HZFidjG57k
hNrLn70V1LSO8RivRX5bjhmsVZDxd1aA+qWHMxW+PhFOagfH9KYfLpqbiU+mOg==
-----END CERTIFICATE-----
Generated at Fri Sep 5 19:44:31 2025 by rpki-client