Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS812.roa
File: AS812.roa (raw, json)
Hash identifier: D+pOrAzMIneNl7k+jW7ObP4XhaHKGqzWZKd83k/UGLU=
Subject key identifier: 32:6E:87:BB:18:DB:2A:3F:8A:28:26:03:5E:6C:B5:70:D8:D5:EE:A9
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 728D1E581EB74AB11A350EE4EAD86E0CE1CF0821
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS812.roa
Signing time: Wed 30 Apr 2025 18:43:59 +0000
ROA not before: Wed 30 Apr 2025 18:38:59 +0000
ROA not after: Wed 29 Apr 2026 18:43:59 +0000
asID: 812
IP address blocks: 143.14.40.0/21 maxlen: 24
143.14.232.0/21 maxlen: 24
155.117.64.0/21 maxlen: 24
155.117.80.0/21 maxlen: 24
155.117.112.0/21 maxlen: 24
155.117.120.0/21 maxlen: 24
155.117.216.0/24 maxlen: 24
155.117.247.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 10 May 2025 16:09:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
72:8d:1e:58:1e:b7:4a:b1:1a:35:0e:e4:ea:d8:6e:0c:e1:cf:08:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Apr 30 18:38:59 2025 GMT
Not After : Apr 29 18:43:59 2026 GMT
Subject: CN=326E87BB18DB2A3F8A2826035E6CB570D8D5EEA9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:7c:d3:80:53:bc:d1:3b:ec:82:ff:17:3b:5a:
73:ba:d2:2e:fc:f6:0d:2b:69:cb:e9:1d:7c:a5:1c:
db:6b:4f:69:cb:b6:08:eb:1b:e5:6c:fe:9e:94:63:
c2:b7:5e:5f:2c:22:68:32:6a:2b:0e:29:cd:c0:9f:
83:a9:90:97:d4:e7:72:7c:c8:24:ed:56:2a:c2:ea:
18:c0:db:1b:90:f2:8a:60:f0:93:c5:8e:ef:64:04:
e3:c4:1d:17:d4:5a:88:18:96:e2:67:5f:6f:fb:df:
9b:ff:05:a2:74:01:9b:b4:9f:38:18:9b:67:45:74:
c5:9a:65:be:f7:b2:ff:dd:b9:11:7f:28:1a:95:51:
b7:6d:4b:3c:74:c7:bd:8b:71:84:42:bf:d3:ea:0a:
24:dc:1a:e3:a1:13:98:af:fe:ba:51:a3:67:fd:8d:
16:d9:de:37:85:cd:04:92:09:bf:7a:89:0c:93:40:
20:36:fd:76:29:40:49:ec:40:59:9b:b4:5e:fe:97:
ba:eb:1e:72:ea:19:07:bb:6f:fc:b4:98:75:97:fc:
e3:d7:07:0d:bd:b9:07:01:69:69:75:4d:6e:cf:92:
d6:63:42:38:b6:8f:0d:31:b6:12:9d:42:e4:38:19:
9e:40:ae:08:4b:39:7a:34:88:4f:cf:52:96:e5:a4:
34:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:6E:87:BB:18:DB:2A:3F:8A:28:26:03:5E:6C:B5:70:D8:D5:EE:A9
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS812.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.14.40.0/21
143.14.232.0/21
155.117.64.0/21
155.117.80.0/21
155.117.112.0/20
155.117.216.0/24
155.117.247.0/24
Signature Algorithm: sha256WithRSAEncryption
60:d7:b6:a8:bc:3a:05:25:6e:88:d6:b2:84:6f:b1:0d:e6:bb:
c4:11:13:db:34:a5:17:77:6e:b1:28:da:b0:ba:e2:00:33:3a:
71:ea:59:1a:bd:48:f9:61:49:54:93:26:71:c4:aa:71:d1:67:
47:e0:d1:eb:7d:75:bf:ff:01:5b:c6:8b:52:02:0a:8e:ea:cf:
3f:84:81:8c:ef:a0:d4:13:d7:09:a2:37:16:df:73:03:42:64:
eb:87:02:fc:d9:2a:9b:23:7d:fc:d5:28:84:f5:7b:e1:5c:09:
8b:5c:ca:11:70:21:30:d7:f7:3b:b1:a6:29:8d:5a:4b:a5:c6:
c1:b0:87:c6:58:64:82:55:d2:b2:eb:67:0a:93:ef:ca:7f:eb:
1a:96:4d:6d:cf:9e:7d:72:75:cb:d0:f6:68:68:f0:17:5e:f1:
1d:e9:25:97:0a:bb:e6:f2:63:53:60:67:0e:5a:08:f8:bc:1e:
b1:a5:11:8b:af:44:e4:b6:a2:9e:f9:a2:f7:5e:c2:0f:d6:2b:
e8:8d:fc:d7:ee:54:89:4e:3d:9b:d8:1b:f2:29:d3:5d:ad:6a:
88:4f:91:4b:0d:46:39:08:bf:61:ea:5e:8c:71:3c:06:b0:9c:
94:7e:92:1c:ee:72:62:a4:19:05:c6:2b:c4:00:dd:9f:e2:a8:
bf:a3:b5:57
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgIUco0eWB63SrEaNQ7k6thuDOHPCCEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTA0MzAxODM4NTlaFw0yNjA0MjkxODQzNTlaMDMxMTAvBgNV
BAMTKDMyNkU4N0JCMThEQjJBM0Y4QTI4MjYwMzVFNkNCNTcwRDhENUVFQTkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDFfNOAU7zRO+yC/xc7WnO60i78
9g0racvpHXylHNtrT2nLtgjrG+Vs/p6UY8K3Xl8sImgyaisOKc3An4OpkJfU53J8
yCTtVirC6hjA2xuQ8opg8JPFju9kBOPEHRfUWogYluJnX2/735v/BaJ0AZu0nzgY
m2dFdMWaZb73sv/duRF/KBqVUbdtSzx0x72LcYRCv9PqCiTcGuOhE5iv/rpRo2f9
jRbZ3jeFzQSSCb96iQyTQCA2/XYpQEnsQFmbtF7+l7rrHnLqGQe7b/y0mHWX/OPX
Bw29uQcBaWl1TW7PktZjQji2jw0xthKdQuQ4GZ5ArghLOXo0iE/PUpblpDSxAgMB
AAGjggIrMIICJzAdBgNVHQ4EFgQUMm6HuxjbKj+KKCYDXmy1cNjV7qkwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIweAYIKwYBBQUHAQsEbDBqMGgGCCsGAQUFBzALhlxyc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTODEyLnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQDjw4oAwQD
jw7oAwQDm3VAAwQDm3VQAwQEm3VwAwQAm3XYAwQAm3X3MA0GCSqGSIb3DQEBCwUA
A4IBAQBg17aovDoFJW6I1rKEb7EN5rvEERPbNKUXd26xKNqwuuIAMzpx6lkavUj5
YUlUkyZxxKpx0WdH4NHrfXW//wFbxotSAgqO6s8/hIGM76DUE9cJojcW33MDQmTr
hwL82SqbI3381SiE9XvhXAmLXMoRcCEw1/c7saYpjVpLpcbBsIfGWGSCVdKy62cK
k+/Kf+salk1tz559cnXL0PZoaPAXXvEd6SWXCrvm8mNTYGcOWgj4vB6xpRGLr0Tk
tqKe+aL3XsIP1ivojfzX7lSJTj2b2BvyKdNdrWqIT5FLDUY5CL9h6l6McTwGsJyU
fpIc7nJipBkFxivEAN2f4qi/o7VX
-----END CERTIFICATE-----
Generated at Sat May 10 08:13:22 2025 by rpki-client