Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS8075.roa
File: AS8075.roa (raw, json)
Hash identifier: ed5Ub5Nz9eZmsFV74t8u1WoHprK/bXkwcYnP+55Fbuw=
Subject key identifier: FF:C2:28:F8:F0:9A:E4:C0:9E:ED:E9:1C:4A:87:16:49:01:D6:24:C3
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 522EDC2114FA2E799B5FA094DC73EEBF9F231CBC
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS8075.roa
Signing time: Wed 13 Aug 2025 02:57:14 +0000
ROA not before: Wed 13 Aug 2025 02:52:14 +0000
ROA not after: Wed 12 Aug 2026 02:57:14 +0000
asID: 8075
IP address blocks: 143.14.227.0/24 maxlen: 24
147.79.26.0/24 maxlen: 24
155.117.144.0/22 maxlen: 22
155.117.223.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
52:2e:dc:21:14:fa:2e:79:9b:5f:a0:94:dc:73:ee:bf:9f:23:1c:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Aug 13 02:52:14 2025 GMT
Not After : Aug 12 02:57:14 2026 GMT
Subject: CN=FFC228F8F09AE4C09EEDE91C4A87164901D624C3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:09:f8:d4:13:29:af:f5:16:49:95:98:73:e9:
7d:f6:66:f0:b5:13:dc:19:0d:2a:66:ec:e0:8a:e5:
dd:5d:b1:af:f2:82:2d:f3:87:19:77:a9:69:7f:07:
c9:ba:19:9e:40:22:9c:9c:35:13:c3:f9:69:d4:0b:
b3:51:71:fc:7f:a6:c7:d7:78:39:65:f8:25:bc:13:
2b:0a:dd:46:54:da:4c:5c:1f:f4:02:be:4f:39:06:
a8:cb:67:37:5f:bc:44:48:d0:98:5e:2a:f2:bd:1b:
ac:6d:ad:31:4b:db:a9:ec:3f:27:6e:a0:a4:75:e1:
a3:be:74:5a:8c:87:ec:f1:e2:3a:51:55:16:0b:83:
1d:4d:b0:7f:e0:e5:ca:6b:8f:a0:67:dc:d7:07:45:
81:81:0c:e7:d1:bd:58:3c:9a:aa:f9:f4:09:d9:16:
6f:e9:c7:c8:7c:0e:99:23:c3:15:a7:ef:e0:75:6e:
2b:f1:48:96:9b:19:23:dd:97:57:41:74:97:c2:61:
b1:88:0e:32:5c:1d:a2:a8:c4:33:90:72:2a:0b:39:
8d:a0:df:15:52:db:0b:1a:60:a9:09:7b:ed:da:6c:
0b:62:f2:e9:9e:80:e9:1e:e4:96:69:63:9b:76:82:
d9:2d:82:25:62:7d:a7:20:06:8c:1d:d1:9d:2a:c3:
9a:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:C2:28:F8:F0:9A:E4:C0:9E:ED:E9:1C:4A:87:16:49:01:D6:24:C3
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS8075.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.14.227.0/24
147.79.26.0/24
155.117.144.0/22
155.117.223.0/24
Signature Algorithm: sha256WithRSAEncryption
98:8d:cd:f5:ce:ee:45:bb:86:38:81:c6:ee:6e:59:6b:75:a6:
f6:0a:71:0a:3b:6b:c6:c8:15:f4:52:db:bb:96:2a:4d:bf:53:
da:90:dd:e5:60:b6:d0:d8:52:23:f6:ef:83:16:65:9c:db:34:
d4:2f:f7:b3:d2:c5:2b:6b:da:d3:85:01:11:3a:76:b3:cb:72:
15:dd:bf:4e:c6:79:44:17:cf:31:62:5f:56:7e:a6:55:52:09:
3e:59:13:f3:7d:f9:5b:4a:e3:23:bf:6c:ed:f2:50:f6:18:fc:
e1:ff:13:0e:36:da:a9:d3:13:c7:31:66:c6:eb:4d:4e:4c:a0:
eb:7c:1d:6b:bd:f0:da:2a:4f:01:7e:12:c0:1f:a6:34:98:46:
80:23:f3:b4:d9:80:07:3d:51:d4:46:d5:f8:84:83:37:4f:9c:
75:44:2d:d7:3e:c6:a7:8f:f7:8c:c0:af:fa:60:57:92:fa:e1:
de:0c:aa:10:d1:7e:5c:c5:1e:29:6d:34:29:8b:88:95:6d:a6:
47:0d:a9:5a:68:83:44:51:6d:28:a7:54:dd:64:d2:bd:95:c4:
29:a2:e9:17:e2:67:1f:3f:8b:be:b8:74:60:53:00:32:77:8b:
81:8c:87:23:e6:cc:5a:b9:8b:87:ea:c2:c1:0d:41:b4:61:50:
cf:c6:de:5b
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgIUUi7cIRT6LnmbX6CU3HPuv58jHLwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTA4MTMwMjUyMTRaFw0yNjA4MTIwMjU3MTRaMDMxMTAvBgNV
BAMTKEZGQzIyOEY4RjA5QUU0QzA5RUVERTkxQzRBODcxNjQ5MDFENjI0QzMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCbCfjUEymv9RZJlZhz6X32ZvC1
E9wZDSpm7OCK5d1dsa/ygi3zhxl3qWl/B8m6GZ5AIpycNRPD+WnUC7NRcfx/psfX
eDll+CW8EysK3UZU2kxcH/QCvk85BqjLZzdfvERI0JheKvK9G6xtrTFL26nsPydu
oKR14aO+dFqMh+zx4jpRVRYLgx1NsH/g5cprj6Bn3NcHRYGBDOfRvVg8mqr59AnZ
Fm/px8h8DpkjwxWn7+B1bivxSJabGSPdl1dBdJfCYbGIDjJcHaKoxDOQcioLOY2g
3xVS2wsaYKkJe+3abAti8umegOke5JZpY5t2gtktgiVifacgBowd0Z0qw5rvAgMB
AAGjggIaMIICFjAdBgNVHQ4EFgQU/8Io+PCa5MCe7ekcSocWSQHWJMMwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTODA3NS5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAxBggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEAI8O4wME
AJNPGgMEApt1kAMEAJt13zANBgkqhkiG9w0BAQsFAAOCAQEAmI3N9c7uRbuGOIHG
7m5Za3Wm9gpxCjtrxsgV9FLbu5YqTb9T2pDd5WC20NhSI/bvgxZlnNs01C/3s9LF
K2va04UBETp2s8tyFd2/TsZ5RBfPMWJfVn6mVVIJPlkT8335W0rjI79s7fJQ9hj8
4f8TDjbaqdMTxzFmxutNTkyg63wda73w2ipPAX4SwB+mNJhGgCPztNmABz1R1EbV
+ISDN0+cdUQt1z7Gp4/3jMCv+mBXkvrh3gyqENF+XMUeKW00KYuIlW2mRw2pWmiD
RFFtKKdU3WTSvZXEKaLpF+JnHz+Lvrh0YFMAMneLgYyHI+bMWrmLh+rCwQ1BtGFQ
z8beWw==
-----END CERTIFICATE-----
Generated at Sat Aug 23 14:41:35 2025 by rpki-client