Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS812.roa
File: AS812.roa (raw, json)
Hash identifier: 2lBZqeR92eJrUIECF1+HBPE4gvWNNgsOl/r9MGAMI+4=
Subject key identifier: AD:04:8E:BC:6D:B0:96:C0:E5:08:B2:09:8F:40:A7:EF:E6:DF:94:20
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 29D57E8534BAB9190EEB17E362489E6097677E68
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS812.roa
Signing time: Wed 04 Jun 2025 07:00:15 +0000
ROA not before: Wed 04 Jun 2025 06:55:15 +0000
ROA not after: Wed 03 Jun 2026 07:00:15 +0000
asID: 812
IP address blocks: 143.14.232.0/21 maxlen: 24
155.117.64.0/21 maxlen: 24
162.141.24.0/22 maxlen: 24
162.141.28.0/22 maxlen: 24
162.141.32.0/22 maxlen: 24
162.141.40.0/22 maxlen: 24
162.141.56.0/22 maxlen: 24
162.141.60.0/22 maxlen: 24
162.141.72.0/22 maxlen: 24
162.141.144.0/21 maxlen: 24
162.141.168.0/21 maxlen: 24
162.141.184.0/21 maxlen: 24
167.148.16.0/21 maxlen: 24
167.148.24.0/22 maxlen: 24
167.148.36.0/22 maxlen: 24
167.148.48.0/21 maxlen: 24
167.148.56.0/22 maxlen: 24
167.148.64.0/22 maxlen: 24
167.148.76.0/22 maxlen: 24
167.148.88.0/21 maxlen: 24
167.148.108.0/22 maxlen: 24
167.148.120.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 07 Jun 2025 06:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
29:d5:7e:85:34:ba:b9:19:0e:eb:17:e3:62:48:9e:60:97:67:7e:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Jun 4 06:55:15 2025 GMT
Not After : Jun 3 07:00:15 2026 GMT
Subject: CN=AD048EBC6DB096C0E508B2098F40A7EFE6DF9420
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:b7:47:63:37:18:4f:05:d2:7b:b5:b3:8f:6a:
b1:e2:18:af:e0:22:60:8a:d7:d2:43:6a:fb:c4:82:
de:f0:54:a9:40:fc:6e:e9:aa:e0:7c:e3:3b:b8:3c:
0b:f7:8f:51:c9:57:87:65:f7:c1:ed:38:39:c5:d9:
a8:c5:30:b9:a9:81:6b:08:2b:d5:04:f9:7f:c9:08:
dd:b7:0a:c4:43:72:99:bc:3d:d0:e1:6a:25:62:d9:
42:38:0a:59:67:dc:d1:42:10:49:57:53:d5:10:0b:
23:8b:1e:c6:fc:79:e9:df:af:07:24:ca:56:ef:33:
67:15:32:58:b5:b5:70:19:aa:33:42:a3:80:20:58:
71:23:c7:db:c7:f0:44:aa:45:97:06:eb:6e:f1:15:
28:e3:eb:d1:04:ab:51:53:7b:91:88:f2:a9:8b:69:
27:c6:df:ff:7f:23:96:14:8a:df:36:78:c2:48:a3:
ca:50:07:0c:0c:3a:0c:f0:30:61:5f:82:f7:2e:ad:
ac:9b:10:b0:d4:d8:21:3e:46:76:f9:ce:2d:4b:31:
69:9d:52:2c:ef:9e:55:c8:e0:72:e9:63:52:35:65:
48:32:1b:bc:56:e0:e6:e2:9a:a7:1d:1c:46:bb:61:
0c:94:b9:3d:86:99:c1:45:d1:c0:70:9f:7c:3c:b0:
d6:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:04:8E:BC:6D:B0:96:C0:E5:08:B2:09:8F:40:A7:EF:E6:DF:94:20
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS812.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.14.232.0/21
155.117.64.0/21
162.141.24.0-162.141.35.255
162.141.40.0/22
162.141.56.0/21
162.141.72.0/22
162.141.144.0/21
162.141.168.0/21
162.141.184.0/21
167.148.16.0-167.148.27.255
167.148.36.0/22
167.148.48.0-167.148.59.255
167.148.64.0/22
167.148.76.0/22
167.148.88.0/21
167.148.108.0/22
167.148.120.0/22
Signature Algorithm: sha256WithRSAEncryption
8e:ae:b0:42:b5:b3:fd:8f:9d:f4:37:d9:7f:ba:50:87:b6:ab:
f9:d6:ad:03:bb:0d:43:e1:3b:73:43:2c:31:04:14:d9:fb:40:
b9:81:34:c8:97:19:2c:c5:a3:16:55:35:57:4e:7a:94:42:f1:
cf:3a:c4:51:4c:9d:15:01:ce:86:7d:75:77:a0:83:49:8b:b8:
ee:a7:7b:58:7b:0e:aa:28:ae:ea:96:be:9a:8a:1a:ff:a3:65:
8a:cd:8c:01:08:81:9a:0c:fa:ab:a7:82:3a:49:9e:f2:e8:b3:
1f:d9:5f:8c:74:6c:3e:13:e3:09:9d:00:5b:72:69:d6:f6:bc:
e0:b4:10:a9:e2:ac:9c:b4:4f:d4:d2:dd:9e:77:fe:fd:e7:82:
99:b5:0d:e8:b8:6e:a8:3f:a6:d2:90:90:3f:80:d9:a2:e7:86:
ba:88:5b:e7:78:03:f1:94:f0:51:de:93:f4:d5:69:b2:ac:55:
d9:ca:fa:82:06:fd:32:b0:ee:36:1e:e3:a6:57:f8:1d:e0:bb:
58:30:93:1d:aa:30:19:bc:3d:e9:0b:29:aa:71:eb:6b:e6:b8:
08:9d:4b:f9:84:00:79:ab:5f:ec:2c:81:f5:b8:90:14:6a:43:
56:db:10:e8:6a:58:18:e5:32:d4:f6:ed:0c:a9:d6:cc:88:4a:
ae:08:09:db
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgIUKdV+hTS6uRkO6xfjYkieYJdnfmgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTA2MDQwNjU1MTVaFw0yNjA2MDMwNzAwMTVaMDMxMTAvBgNV
BAMTKEFEMDQ4RUJDNkRCMDk2QzBFNTA4QjIwOThGNDBBN0VGRTZERjk0MjAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDEt0djNxhPBdJ7tbOParHiGK/g
ImCK19JDavvEgt7wVKlA/G7pquB84zu4PAv3j1HJV4dl98HtODnF2ajFMLmpgWsI
K9UE+X/JCN23CsRDcpm8PdDhaiVi2UI4Clln3NFCEElXU9UQCyOLHsb8eenfrwck
ylbvM2cVMli1tXAZqjNCo4AgWHEjx9vH8ESqRZcG627xFSjj69EEq1FTe5GI8qmL
aSfG3/9/I5YUit82eMJIo8pQBwwMOgzwMGFfgvcuraybELDU2CE+Rnb5zi1LMWmd
UizvnlXI4HLpY1I1ZUgyG7xW4ObimqcdHEa7YQyUuT2GmcFF0cBwn3w8sNbvAgMB
AAGjggKDMIICfzAdBgNVHQ4EFgQUrQSOvG2wlsDlCLIJj0Cn7+bflCAwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIweAYIKwYBBQUHAQsEbDBqMGgGCCsGAQUFBzALhlxyc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTODEyLnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGaBggrBgEFBQcBBwEB/wSBijCBhzCBhAQCAAEwfgMEA48O
6AMEA5t1QDAMAwQDoo0YAwQCoo0gAwQCoo0oAwQDoo04AwQCoo1IAwQDoo2QAwQD
oo2oAwQDoo24MAwDBASnlBADBAKnlBgDBAKnlCQwDAMEBKeUMAMEAqeUOAMEAqeU
QAMEAqeUTAMEA6eUWAMEAqeUbAMEAqeUeDANBgkqhkiG9w0BAQsFAAOCAQEAjq6w
QrWz/Y+d9DfZf7pQh7ar+datA7sNQ+E7c0MsMQQU2ftAuYE0yJcZLMWjFlU1V056
lELxzzrEUUydFQHOhn11d6CDSYu47qd7WHsOqiiu6pa+mooa/6Nlis2MAQiBmgz6
q6eCOkme8uizH9lfjHRsPhPjCZ0AW3Jp1va84LQQqeKsnLRP1NLdnnf+/eeCmbUN
6LhuqD+m0pCQP4DZoueGuohb53gD8ZTwUd6T9NVpsqxV2cr6ggb9MrDuNh7jplf4
HeC7WDCTHaowGbw96QspqnHra+a4CJ1L+YQAeatf7CyB9biQFGpDVtsQ6GpYGOUy
1PbtDKnWzIhKrggJ2w==
-----END CERTIFICATE-----
Generated at Fri Jun 6 13:12:12 2025 by rpki-client