Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS812.roa
File: AS812.roa (raw, json)
Hash identifier: SneoVPuLxJ9/x8gHreAyGFDic7gyAPOGFU7Km6O041c=
Subject key identifier: 3D:7D:54:22:01:7A:60:E6:EF:87:03:94:00:4E:45:E0:C5:F4:F7:C3
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 360C1453B7813F7D7F92FE558F6B76D8D2DD3314
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS812.roa
Signing time: Tue 17 Jun 2025 21:10:24 +0000
ROA not before: Tue 17 Jun 2025 21:05:24 +0000
ROA not after: Tue 16 Jun 2026 21:10:24 +0000
asID: 812
IP address blocks: 82.21.60.0/24 maxlen: 24
82.21.61.0/24 maxlen: 24
82.21.138.0/24 maxlen: 24
82.22.158.0/24 maxlen: 24
82.22.190.0/24 maxlen: 24
82.23.92.0/24 maxlen: 24
82.23.93.0/24 maxlen: 24
82.23.94.0/24 maxlen: 24
82.23.95.0/24 maxlen: 24
82.23.96.0/24 maxlen: 24
82.23.97.0/24 maxlen: 24
82.23.98.0/24 maxlen: 24
82.23.99.0/24 maxlen: 24
82.23.100.0/24 maxlen: 24
82.23.101.0/24 maxlen: 24
82.23.102.0/24 maxlen: 24
82.23.103.0/24 maxlen: 24
82.23.104.0/24 maxlen: 24
82.23.105.0/24 maxlen: 24
82.23.106.0/24 maxlen: 24
82.23.107.0/24 maxlen: 24
82.23.108.0/24 maxlen: 24
82.23.109.0/24 maxlen: 24
82.23.110.0/24 maxlen: 24
82.23.111.0/24 maxlen: 24
82.23.112.0/24 maxlen: 24
82.23.113.0/24 maxlen: 24
82.23.114.0/24 maxlen: 24
82.23.115.0/24 maxlen: 24
82.23.116.0/24 maxlen: 24
82.23.117.0/24 maxlen: 24
82.23.118.0/24 maxlen: 24
82.23.124.0/24 maxlen: 24
82.23.125.0/24 maxlen: 24
82.23.127.0/24 maxlen: 24
82.23.140.0/23 maxlen: 24
82.23.162.0/23 maxlen: 24
82.23.174.0/24 maxlen: 24
82.24.0.0/22 maxlen: 24
82.24.31.0/24 maxlen: 24
82.26.174.0/24 maxlen: 24
82.29.115.0/24 maxlen: 24
82.29.122.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 11:27:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
36:0c:14:53:b7:81:3f:7d:7f:92:fe:55:8f:6b:76:d8:d2:dd:33:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Jun 17 21:05:24 2025 GMT
Not After : Jun 16 21:10:24 2026 GMT
Subject: CN=3D7D5422017A60E6EF870394004E45E0C5F4F7C3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:93:6f:6c:f8:f0:1a:a4:6e:c3:50:cb:e9:6a:
3b:48:36:8b:a2:39:1e:2d:3c:8d:4a:b6:9b:9f:4b:
9e:03:81:46:46:db:50:79:4a:2b:23:7a:21:f3:bf:
8f:21:0c:01:0e:f6:a6:c6:19:95:fc:d7:10:43:99:
b3:65:83:d2:7c:05:0a:c8:23:a1:26:38:23:a3:34:
07:ec:3c:00:3f:03:c4:82:8f:26:6a:58:2f:27:ab:
11:2d:9d:4e:d6:37:fc:ff:ce:23:a9:f1:86:20:35:
24:93:2b:84:ac:38:c6:8a:d9:df:a6:d4:41:f8:10:
2c:ea:57:f8:e6:68:84:d3:1c:11:1d:17:2d:59:97:
86:50:96:fb:ec:4a:cc:44:8e:2d:a4:ed:f9:e1:db:
68:1d:a4:5f:74:15:48:09:7e:3d:6d:f3:68:9d:62:
a1:03:1b:21:67:19:ed:ed:e7:be:db:2a:16:0e:d6:
08:b6:20:12:43:4a:14:63:91:bf:6a:98:0e:6c:99:
94:1e:eb:d1:27:3b:37:65:3a:c7:68:a6:d7:5b:2f:
2f:c7:08:12:a7:92:67:96:51:a9:22:bb:c0:9f:9a:
e2:31:fe:e5:f2:e3:28:44:7e:b9:89:1d:2f:f6:9e:
80:60:1b:8a:09:57:8e:5e:e8:ae:2c:7c:42:1b:ce:
83:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:7D:54:22:01:7A:60:E6:EF:87:03:94:00:4E:45:E0:C5:F4:F7:C3
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS812.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.60.0/23
82.21.138.0/24
82.22.158.0/24
82.22.190.0/24
82.23.92.0-82.23.118.255
82.23.124.0/23
82.23.127.0/24
82.23.140.0/23
82.23.162.0/23
82.23.174.0/24
82.24.0.0/22
82.24.31.0/24
82.26.174.0/24
82.29.115.0/24
82.29.122.0/24
Signature Algorithm: sha256WithRSAEncryption
68:ec:24:70:9d:0f:29:23:59:ad:87:e4:30:a7:6b:45:40:83:
0c:c2:b8:6c:a7:d4:f6:ca:04:03:d8:b0:92:eb:ea:08:c7:4b:
04:a1:4b:12:05:bf:e7:17:d7:6d:05:16:79:9c:b2:2c:76:c2:
f1:35:10:46:59:1c:e5:14:07:16:24:fb:19:d9:0d:28:1a:83:
a3:ec:0d:db:3e:70:5f:0b:e5:0b:83:94:ad:38:ee:cf:0d:69:
2e:e1:46:e2:7d:5b:f7:ac:0f:17:cc:81:ee:f9:71:75:7d:b0:
29:78:cd:76:6d:1b:ef:12:19:5d:db:d8:35:5a:79:29:bf:5a:
41:44:02:7e:69:85:dd:84:41:97:29:9c:58:d5:db:cd:77:13:
84:1a:ff:74:8c:34:d9:fa:e7:0f:bd:38:d7:f6:50:c8:cd:79:
3f:d5:d5:b6:70:12:d3:f4:80:97:b0:6e:c9:2a:4f:77:04:08:
f4:de:81:06:2f:2f:7c:8e:02:22:11:64:ff:e7:f7:10:5d:cd:
57:36:bc:f7:dd:57:8d:b5:4d:61:bd:e7:aa:87:be:5d:ce:8c:
dc:0e:d4:03:bb:73:7e:6d:f7:69:8b:57:29:90:aa:b6:c1:41:
d9:87:3e:0e:58:dd:68:8b:71:f4:7c:7a:79:58:ba:29:1a:8c:
d3:43:4e:75
-----BEGIN CERTIFICATE-----
MIIFWTCCBEGgAwIBAgIUNgwUU7eBP31/kv5Vj2t22NLdMxQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTA2MTcyMTA1MjRaFw0yNjA2MTYyMTEwMjRaMDMxMTAvBgNV
BAMTKDNEN0Q1NDIyMDE3QTYwRTZFRjg3MDM5NDAwNEU0NUUwQzVGNEY3QzMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDkk29s+PAapG7DUMvpajtINoui
OR4tPI1KtpufS54DgUZG21B5SisjeiHzv48hDAEO9qbGGZX81xBDmbNlg9J8BQrI
I6EmOCOjNAfsPAA/A8SCjyZqWC8nqxEtnU7WN/z/ziOp8YYgNSSTK4SsOMaK2d+m
1EH4ECzqV/jmaITTHBEdFy1Zl4ZQlvvsSsxEji2k7fnh22gdpF90FUgJfj1t82id
YqEDGyFnGe3t577bKhYO1gi2IBJDShRjkb9qmA5smZQe69EnOzdlOsdoptdbLy/H
CBKnkmeWUakiu8CfmuIx/uXy4yhEfrmJHS/2noBgG4oJV45e6K4sfEIbzoNDAgMB
AAGjggJjMIICXzAdBgNVHQ4EFgQUPX1UIgF6YObvhwOUAE5F4MX098MwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIweAYIKwYBBQUHAQsEbDBqMGgGCCsGAQUFBzALhlxyc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTODEyLnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHsGCCsGAQUFBwEHAQH/BGwwajBoBAIAATBiAwQBUhU8AwQA
UhWKAwQAUhaeAwQAUha+MAwDBAJSF1wDBABSF3YDBAFSF3wDBABSF38DBAFSF4wD
BAFSF6IDBABSF64DBAJSGAADBABSGB8DBABSGq4DBABSHXMDBABSHXowDQYJKoZI
hvcNAQELBQADggEBAGjsJHCdDykjWa2H5DCna0VAgwzCuGyn1PbKBAPYsJLr6gjH
SwShSxIFv+cX120FFnmcsix2wvE1EEZZHOUUBxYk+xnZDSgag6PsDds+cF8L5QuD
lK047s8NaS7hRuJ9W/esDxfMge75cXV9sCl4zXZtG+8SGV3b2DVaeSm/WkFEAn5p
hd2EQZcpnFjV2813E4Qa/3SMNNn65w+9ONf2UMjNeT/V1bZwEtP0gJewbskqT3cE
CPTegQYvL3yOAiIRZP/n9xBdzVc2vPfdV421TWG956qHvl3OjNwO1AO7c35t92mL
VymQqrbBQdmHPg5Y3WiLcfR8enlYuikajNNDTnU=
-----END CERTIFICATE-----
Generated at Sat Jun 28 23:49:00 2025 by rpki-client