Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS216059.roa
File: AS216059.roa (raw, json)
Hash identifier: ilwq1IeOSqzL/pR68Ml3gB3DI5L7i6s4Z034i1xmL1k=
Subject key identifier: D5:C9:0A:5A:E3:BB:42:97:E3:33:F2:33:15:E5:AA:2E:0E:CA:FB:7D
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 3B578A01DE6DC34811FD78C74451B10EB95D7F64
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS216059.roa
Signing time: Sat 09 Aug 2025 00:00:08 +0000
ROA not before: Fri 08 Aug 2025 23:55:08 +0000
ROA not after: Sat 08 Aug 2026 00:00:08 +0000
asID: 216059
IP address blocks: 146.103.28.0/24 maxlen: 24
155.117.108.0/24 maxlen: 24
155.117.210.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 12:50:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3b:57:8a:01:de:6d:c3:48:11:fd:78:c7:44:51:b1:0e:b9:5d:7f:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Aug 8 23:55:08 2025 GMT
Not After : Aug 8 00:00:08 2026 GMT
Subject: CN=D5C90A5AE3BB4297E333F23315E5AA2E0ECAFB7D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:6e:a8:96:25:59:22:b6:f1:e0:09:d0:43:15:
81:14:72:da:a9:81:84:89:9f:f4:51:de:46:4c:eb:
b5:f7:b3:34:ef:75:bf:a2:b1:0d:66:8e:51:d3:c5:
6a:be:64:7a:d0:d7:22:f4:b9:76:d1:9a:16:ca:58:
e4:06:d7:c0:52:c0:03:ba:3d:98:3d:2d:3f:e3:06:
ce:1d:b2:e5:43:ef:1a:15:81:17:4b:4f:a0:b7:c6:
c1:b1:f9:83:68:f3:b2:4d:8e:71:d2:ed:e5:82:f1:
a4:b8:e3:dc:b9:80:4a:6d:fd:03:96:e8:d0:6e:3c:
60:04:c1:81:f7:80:23:16:6a:64:7b:27:7d:a9:41:
46:f1:d2:3b:71:45:65:73:fe:0f:e9:c8:75:e4:e3:
9f:0f:94:9a:2a:9d:6b:dd:b2:58:ab:7a:9f:48:41:
91:76:91:af:5a:b1:96:f7:25:e9:b4:0f:b9:70:9e:
9a:e0:3d:38:33:e2:b7:6a:ee:7b:ce:16:bf:a2:d2:
0d:58:3b:79:c2:57:c8:8e:9e:72:2b:68:ca:70:dc:
5a:d2:dd:17:97:fb:78:0d:7f:8f:0c:85:15:52:71:
1d:13:77:e2:8b:6b:e5:1d:ce:27:5b:d3:b2:7a:fd:
7a:09:70:98:4e:63:b2:6d:1a:6a:3a:cd:b0:cb:a4:
ae:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:C9:0A:5A:E3:BB:42:97:E3:33:F2:33:15:E5:AA:2E:0E:CA:FB:7D
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS216059.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.103.28.0/24
155.117.108.0/24
155.117.210.0/24
Signature Algorithm: sha256WithRSAEncryption
1c:46:30:a7:0b:a2:b4:0f:10:63:82:1e:e1:14:c6:06:e3:9d:
ef:79:c4:fe:e7:c9:98:62:6f:b3:45:f9:0e:0a:26:29:29:86:
ad:e3:c1:42:c8:a0:93:3a:f6:4c:22:bb:82:45:41:13:f7:c0:
81:fd:0e:a1:5f:af:c9:f7:06:ed:0d:9c:f2:87:f7:a3:5a:0a:
7b:10:e5:26:8b:fc:fd:84:b9:ff:04:e7:32:1f:d4:dd:2f:95:
54:8a:64:5c:86:c8:0e:b3:b1:5a:49:31:aa:fb:72:25:94:be:
83:2c:62:74:4f:22:71:41:02:44:49:44:10:87:88:77:f4:68:
91:2d:9d:b0:7b:22:7d:a0:61:16:aa:7b:0b:36:1b:6e:bd:00:
53:fb:eb:66:0c:12:48:91:23:ac:47:51:2d:84:f8:b5:25:8c:
2b:d2:ed:88:90:ba:2c:83:a7:cc:a9:36:4e:34:1e:6c:77:22:
83:1a:b7:ea:f3:44:8d:5d:ec:66:03:43:17:c4:f8:95:d4:c5:
e0:05:0d:6f:0c:a7:0c:47:10:33:57:20:23:fc:63:9e:77:cc:
5a:60:d9:64:ed:19:42:84:96:f2:70:59:e7:ab:81:5d:0a:2e:
c6:d6:e6:85:ed:4f:f7:a3:a0:b4:e5:81:11:6c:41:ae:30:b9:
5f:6c:c1:f1
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgIUO1eKAd5tw0gR/XjHRFGxDrldf2QwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTA4MDgyMzU1MDhaFw0yNjA4MDgwMDAwMDhaMDMxMTAvBgNV
BAMTKEQ1QzkwQTVBRTNCQjQyOTdFMzMzRjIzMzE1RTVBQTJFMEVDQUZCN0QwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCWbqiWJVkitvHgCdBDFYEUctqp
gYSJn/RR3kZM67X3szTvdb+isQ1mjlHTxWq+ZHrQ1yL0uXbRmhbKWOQG18BSwAO6
PZg9LT/jBs4dsuVD7xoVgRdLT6C3xsGx+YNo87JNjnHS7eWC8aS449y5gEpt/QOW
6NBuPGAEwYH3gCMWamR7J32pQUbx0jtxRWVz/g/pyHXk458PlJoqnWvdslirep9I
QZF2ka9asZb3Jem0D7lwnprgPTgz4rdq7nvOFr+i0g1YO3nCV8iOnnIraMpw3FrS
3ReX+3gNf48MhRVScR0Td+KLa+Udzidb07J6/XoJcJhOY7JtGmo6zbDLpK49AgMB
AAGjggIWMIICEjAdBgNVHQ4EFgQU1ckKWuO7QpfjM/IzFeWqLg7K+30wHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMjE2MDU5LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAkmcc
AwQAm3VsAwQAm3XSMA0GCSqGSIb3DQEBCwUAA4IBAQAcRjCnC6K0DxBjgh7hFMYG
453vecT+58mYYm+zRfkOCiYpKYat48FCyKCTOvZMIruCRUET98CB/Q6hX6/J9wbt
DZzyh/ejWgp7EOUmi/z9hLn/BOcyH9TdL5VUimRchsgOs7FaSTGq+3IllL6DLGJ0
TyJxQQJESUQQh4h39GiRLZ2weyJ9oGEWqnsLNhtuvQBT++tmDBJIkSOsR1EthPi1
JYwr0u2IkLosg6fMqTZONB5sdyKDGrfq80SNXexmA0MXxPiV1MXgBQ1vDKcMRxAz
VyAj/GOed8xaYNlk7RlChJbycFnnq4FdCi7G1uaF7U/3o6C05YERbEGuMLlfbMHx
-----END CERTIFICATE-----
Generated at Sat Aug 23 16:48:50 2025 by rpki-client