Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS812.roa
File: AS812.roa (raw, json)
Hash identifier: uMO5cTnTD376PEJVWndD5C8jmM0kryXUupJzyz6ciKQ=
Subject key identifier: 26:56:0D:96:43:A6:E5:EC:B8:34:B6:9C:AA:92:BF:F7:06:E5:27:5B
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 1CA12F9A9A9EF72AF608B4F11D3A4AF8AC77B30F
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS812.roa
Signing time: Thu 26 Jun 2025 00:00:32 +0000
ROA not before: Wed 25 Jun 2025 23:55:32 +0000
ROA not after: Thu 25 Jun 2026 00:00:32 +0000
asID: 812
IP address blocks: 143.14.232.0/21 maxlen: 24
162.141.22.0/23 maxlen: 24
162.141.24.0/22 maxlen: 24
162.141.28.0/22 maxlen: 24
162.141.32.0/22 maxlen: 24
162.141.40.0/22 maxlen: 24
162.141.56.0/22 maxlen: 24
162.141.60.0/22 maxlen: 24
162.141.72.0/22 maxlen: 24
162.141.144.0/21 maxlen: 24
162.141.156.0/23 maxlen: 24
162.141.168.0/21 maxlen: 24
162.141.184.0/21 maxlen: 24
167.148.16.0/21 maxlen: 24
167.148.24.0/22 maxlen: 24
167.148.36.0/22 maxlen: 24
167.148.48.0/21 maxlen: 24
167.148.56.0/22 maxlen: 24
167.148.60.0/22 maxlen: 24
167.148.64.0/22 maxlen: 24
167.148.76.0/22 maxlen: 24
167.148.88.0/21 maxlen: 24
167.148.108.0/22 maxlen: 24
167.148.120.0/22 maxlen: 24
167.148.168.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 15:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1c:a1:2f:9a:9a:9e:f7:2a:f6:08:b4:f1:1d:3a:4a:f8:ac:77:b3:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Jun 25 23:55:32 2025 GMT
Not After : Jun 25 00:00:32 2026 GMT
Subject: CN=26560D9643A6E5ECB834B69CAA92BFF706E5275B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:0b:53:ea:81:7f:5f:a1:79:f9:48:7a:02:78:
c8:8f:28:b7:62:73:13:02:c5:33:44:e0:f4:e9:16:
23:de:33:68:3c:48:a1:4d:1c:7c:63:96:40:4d:32:
d4:2e:c3:19:e6:69:9d:36:b7:ac:b1:c8:60:7e:ee:
48:8c:2d:47:c0:a0:d4:4e:43:24:67:05:64:16:b3:
d0:e1:69:8f:ac:8c:28:37:41:68:20:7e:36:07:0a:
5c:31:10:bd:7f:3d:91:c9:05:97:9f:47:9c:58:c1:
9d:c9:13:f9:96:b9:4c:f3:e1:a6:5f:d5:9b:3c:27:
c4:ec:64:47:15:6f:40:b7:77:7f:a1:2d:03:82:32:
6b:f9:13:c1:13:02:4d:40:32:60:9a:b7:88:dd:b2:
a4:0c:b4:bd:e6:da:76:7a:4c:75:e0:6c:33:4d:80:
48:03:6f:d8:e4:97:6b:09:35:4e:1d:6d:17:14:68:
06:32:32:f6:15:6a:39:be:e9:69:1b:b8:81:b0:38:
c4:98:49:1f:4b:0f:f4:b5:8a:9f:31:5d:4e:9b:2c:
6c:55:3a:96:97:4c:06:75:e7:b2:71:df:d5:85:d6:
65:a8:0f:23:a3:3c:e3:95:45:ed:6f:23:34:90:5e:
5e:bb:f0:ec:51:f0:ff:87:1f:69:5f:68:52:a6:78:
be:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:56:0D:96:43:A6:E5:EC:B8:34:B6:9C:AA:92:BF:F7:06:E5:27:5B
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS812.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.14.232.0/21
162.141.22.0-162.141.35.255
162.141.40.0/22
162.141.56.0/21
162.141.72.0/22
162.141.144.0/21
162.141.156.0/23
162.141.168.0/21
162.141.184.0/21
167.148.16.0-167.148.27.255
167.148.36.0/22
167.148.48.0-167.148.67.255
167.148.76.0/22
167.148.88.0/21
167.148.108.0/22
167.148.120.0/22
167.148.168.0/22
Signature Algorithm: sha256WithRSAEncryption
68:f2:5c:5d:53:69:05:90:fb:64:e8:9a:6b:e9:26:0f:6d:86:
a7:50:42:18:53:d1:c5:29:3f:d8:84:25:bc:bc:e9:52:15:e6:
f9:99:15:e0:a9:c2:41:b4:e0:0f:6f:f2:d8:f1:a2:a4:9d:b0:
9d:96:09:60:f2:fe:91:b7:a1:df:c1:d3:ef:41:4a:15:dd:f5:
bc:b3:a5:a2:86:a1:10:72:2b:07:5e:ca:94:32:f9:c0:a1:21:
cb:38:de:f2:02:26:2f:59:ea:e2:f7:44:c1:2e:76:a0:5c:53:
c8:ef:80:3e:d2:47:38:a7:7f:bd:60:9c:00:2f:9a:58:68:c9:
d9:f0:dc:8f:61:41:cc:32:88:86:6f:9b:2b:88:23:91:92:ad:
44:dd:0b:45:cc:c7:f8:69:34:3b:c9:da:c2:49:28:a5:bc:41:
44:14:29:aa:9a:93:02:98:5e:2b:f5:2b:51:8e:1c:87:35:6f:
32:25:ee:d4:f6:5b:9a:a8:36:a2:8b:c0:7d:71:41:a1:ae:d6:
16:eb:48:f3:f6:23:a6:f6:33:61:1c:4b:8b:97:f5:2a:6d:25:
ed:5b:aa:36:ee:0e:f2:97:12:de:4b:f5:b1:6f:7e:34:e8:2a:
6a:ec:da:2c:7d:5c:99:6c:96:36:78:ac:2a:f0:4d:42:98:74:
64:fe:10:71
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgIUHKEvmpqe9yr2CLTxHTpK+Kx3sw8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTA2MjUyMzU1MzJaFw0yNjA2MjUwMDAwMzJaMDMxMTAvBgNV
BAMTKDI2NTYwRDk2NDNBNkU1RUNCODM0QjY5Q0FBOTJCRkY3MDZFNTI3NUIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC8C1PqgX9foXn5SHoCeMiPKLdi
cxMCxTNE4PTpFiPeM2g8SKFNHHxjlkBNMtQuwxnmaZ02t6yxyGB+7kiMLUfAoNRO
QyRnBWQWs9DhaY+sjCg3QWggfjYHClwxEL1/PZHJBZefR5xYwZ3JE/mWuUzz4aZf
1Zs8J8TsZEcVb0C3d3+hLQOCMmv5E8ETAk1AMmCat4jdsqQMtL3m2nZ6THXgbDNN
gEgDb9jkl2sJNU4dbRcUaAYyMvYVajm+6WkbuIGwOMSYSR9LD/S1ip8xXU6bLGxV
OpaXTAZ157Jx39WF1mWoDyOjPOOVRe1vIzSQXl678OxR8P+HH2lfaFKmeL77AgMB
AAGjggKDMIICfzAdBgNVHQ4EFgQUJlYNlkOm5ey4NLacqpK/9wblJ1swHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIweAYIKwYBBQUHAQsEbDBqMGgGCCsGAQUFBzALhlxyc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTODEyLnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGaBggrBgEFBQcBBwEB/wSBijCBhzCBhAQCAAEwfgMEA48O
6DAMAwQBoo0WAwQCoo0gAwQCoo0oAwQDoo04AwQCoo1IAwQDoo2QAwQBoo2cAwQD
oo2oAwQDoo24MAwDBASnlBADBAKnlBgDBAKnlCQwDAMEBKeUMAMEAqeUQAMEAqeU
TAMEA6eUWAMEAqeUbAMEAqeUeAMEAqeUqDANBgkqhkiG9w0BAQsFAAOCAQEAaPJc
XVNpBZD7ZOiaa+kmD22Gp1BCGFPRxSk/2IQlvLzpUhXm+ZkV4KnCQbTgD2/y2PGi
pJ2wnZYJYPL+kbeh38HT70FKFd31vLOlooahEHIrB17KlDL5wKEhyzje8gImL1nq
4vdEwS52oFxTyO+APtJHOKd/vWCcAC+aWGjJ2fDcj2FBzDKIhm+bK4gjkZKtRN0L
RczH+Gk0O8nawkkopbxBRBQpqpqTApheK/UrUY4chzVvMiXu1PZbmqg2oovAfXFB
oa7WFutI8/YjpvYzYRxLi5f1Km0l7VuqNu4O8pcS3kv1sW9+NOgqauzaLH1cmWyW
NnisKvBNQph0ZP4QcQ==
-----END CERTIFICATE-----
Generated at Sun Jun 29 00:14:19 2025 by rpki-client