Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS812.roa
File: AS812.roa (raw, json)
Hash identifier: MfVSdkBmFBMEiuSXSnj5/UWLTdVQzopNJPYF4/xS3eE=
Subject key identifier: 76:74:3B:47:A2:88:D2:40:5C:BD:68:85:CC:39:D6:D3:C6:30:66:FC
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 02BFE37ECB7467DB35E94B47992A22421B4E143B
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS812.roa
Signing time: Wed 30 Apr 2025 18:44:03 +0000
ROA not before: Wed 30 Apr 2025 18:39:03 +0000
ROA not after: Wed 29 Apr 2026 18:44:03 +0000
asID: 812
IP address blocks: 82.21.60.0/24 maxlen: 24
82.21.61.0/24 maxlen: 24
82.22.158.0/24 maxlen: 24
82.23.92.0/24 maxlen: 24
82.23.93.0/24 maxlen: 24
82.23.94.0/24 maxlen: 24
82.23.95.0/24 maxlen: 24
82.23.96.0/24 maxlen: 24
82.23.97.0/24 maxlen: 24
82.23.98.0/24 maxlen: 24
82.23.99.0/24 maxlen: 24
82.23.100.0/24 maxlen: 24
82.23.101.0/24 maxlen: 24
82.23.102.0/24 maxlen: 24
82.23.103.0/24 maxlen: 24
82.23.104.0/24 maxlen: 24
82.23.105.0/24 maxlen: 24
82.23.106.0/24 maxlen: 24
82.23.107.0/24 maxlen: 24
82.23.108.0/24 maxlen: 24
82.23.109.0/24 maxlen: 24
82.23.110.0/24 maxlen: 24
82.23.111.0/24 maxlen: 24
82.23.112.0/24 maxlen: 24
82.23.113.0/24 maxlen: 24
82.23.114.0/24 maxlen: 24
82.23.115.0/24 maxlen: 24
82.23.116.0/24 maxlen: 24
82.23.117.0/24 maxlen: 24
82.23.118.0/24 maxlen: 24
82.23.124.0/24 maxlen: 24
82.23.125.0/24 maxlen: 24
82.23.127.0/24 maxlen: 24
82.23.140.0/23 maxlen: 24
82.23.162.0/23 maxlen: 24
82.23.174.0/24 maxlen: 24
82.24.0.0/22 maxlen: 24
82.29.115.0/24 maxlen: 24
82.29.122.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 07 May 2025 04:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
02:bf:e3:7e:cb:74:67:db:35:e9:4b:47:99:2a:22:42:1b:4e:14:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Apr 30 18:39:03 2025 GMT
Not After : Apr 29 18:44:03 2026 GMT
Subject: CN=76743B47A288D2405CBD6885CC39D6D3C63066FC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:3e:35:82:0e:35:39:d8:bb:4c:88:a2:3e:10:
76:b6:49:bb:19:f2:82:92:70:b3:f7:12:bf:1c:25:
b3:54:93:f6:df:f5:01:a4:d6:8b:a3:5c:c8:16:92:
ed:ab:23:31:f1:e2:b8:1e:00:24:44:ab:0d:65:20:
63:fb:ca:f6:d8:65:50:c4:cd:9f:e9:e5:8b:ac:3f:
03:6c:6d:88:d7:7f:81:7e:ea:d4:e9:40:49:f4:f5:
da:35:f2:38:68:91:e7:db:54:6b:ae:5a:5d:a7:d8:
ae:9c:d6:cf:3e:73:f3:b3:c3:dd:59:7a:2f:ea:0f:
59:a1:1d:c4:39:4c:a8:be:40:29:a3:1c:cd:a2:f4:
06:8b:3a:02:93:83:5a:ba:55:78:f4:55:64:47:7c:
c7:87:63:fd:e1:66:1b:14:fb:2e:18:3e:2f:0f:cb:
94:bb:e5:26:7f:d9:b9:d6:39:ab:28:e4:46:f3:8b:
c4:c0:22:bc:ab:40:7a:c6:72:18:72:01:e4:04:31:
b8:bf:df:b1:01:c8:e9:d7:79:d7:e8:f1:9d:14:c2:
48:32:4a:ca:02:58:29:bd:26:97:2d:6d:7b:1f:11:
fc:5f:41:b2:22:b3:16:91:a4:e4:8e:8a:d5:f4:e1:
0d:57:7a:78:06:a6:c6:a1:db:62:ca:9f:15:82:e0:
ff:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:74:3B:47:A2:88:D2:40:5C:BD:68:85:CC:39:D6:D3:C6:30:66:FC
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS812.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.60.0/23
82.22.158.0/24
82.23.92.0-82.23.118.255
82.23.124.0/23
82.23.127.0/24
82.23.140.0/23
82.23.162.0/23
82.23.174.0/24
82.24.0.0/22
82.29.115.0/24
82.29.122.0/24
Signature Algorithm: sha256WithRSAEncryption
59:13:25:5a:b9:35:64:ab:11:c1:2d:9f:9f:bb:91:21:9d:9e:
a2:2b:f8:48:6a:6d:bf:31:37:58:86:e6:8e:7a:f0:02:06:64:
7c:4b:bf:16:7b:47:4f:dd:4a:46:45:f4:1f:52:de:d0:50:71:
a4:90:55:db:1a:d3:4f:d2:c6:38:77:aa:56:83:6d:d5:5e:95:
3b:6d:f1:da:cb:98:6d:e0:46:6f:dc:b0:a4:1c:64:be:40:6d:
dc:c8:57:b3:52:8c:1a:d2:18:1b:06:94:48:62:40:01:ad:e1:
35:d8:d1:8d:cf:61:82:06:df:4a:db:16:6a:2d:d4:e8:46:d5:
8e:92:2b:c0:5c:0d:10:00:d8:8a:4b:e7:64:bc:d7:98:7d:4c:
9b:f0:08:3f:dd:98:ac:76:ad:71:5e:b6:6f:c6:0c:b0:17:bc:
4f:84:da:af:8f:6b:1f:f3:08:8e:60:fc:59:69:53:ee:f7:23:
45:fe:3a:a3:9f:9f:63:7b:6d:2d:ce:de:a3:1a:40:55:c5:d7:
ca:51:76:7c:57:4b:95:1c:cf:8b:db:38:d3:46:66:36:7f:a2:
12:98:e9:d9:53:c9:bd:8d:24:fe:d7:38:e6:fe:51:26:a2:71:
92:5d:e9:09:1d:53:2e:cd:d5:2a:d9:fb:c3:75:f0:3d:df:0d:
7a:0d:91:9f
-----BEGIN CERTIFICATE-----
MIIFQTCCBCmgAwIBAgIUAr/jfst0Z9s16UtHmSoiQhtOFDswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTA0MzAxODM5MDNaFw0yNjA0MjkxODQ0MDNaMDMxMTAvBgNV
BAMTKDc2NzQzQjQ3QTI4OEQyNDA1Q0JENjg4NUNDMzlENkQzQzYzMDY2RkMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDsPjWCDjU52LtMiKI+EHa2SbsZ
8oKScLP3Er8cJbNUk/bf9QGk1oujXMgWku2rIzHx4rgeACREqw1lIGP7yvbYZVDE
zZ/p5YusPwNsbYjXf4F+6tTpQEn09do18jhokefbVGuuWl2n2K6c1s8+c/Ozw91Z
ei/qD1mhHcQ5TKi+QCmjHM2i9AaLOgKTg1q6VXj0VWRHfMeHY/3hZhsU+y4YPi8P
y5S75SZ/2bnWOaso5Ebzi8TAIryrQHrGchhyAeQEMbi/37EByOnXedfo8Z0Uwkgy
SsoCWCm9JpctbXsfEfxfQbIisxaRpOSOitX04Q1XengGpsah22LKnxWC4P8fAgMB
AAGjggJLMIICRzAdBgNVHQ4EFgQUdnQ7R6KI0kBcvWiFzDnW08YwZvwwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIweAYIKwYBBQUHAQsEbDBqMGgGCCsGAQUFBzALhlxyc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTODEyLnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGMGCCsGAQUFBwEHAQH/BFQwUjBQBAIAATBKAwQBUhU8AwQA
UhaeMAwDBAJSF1wDBABSF3YDBAFSF3wDBABSF38DBAFSF4wDBAFSF6IDBABSF64D
BAJSGAADBABSHXMDBABSHXowDQYJKoZIhvcNAQELBQADggEBAFkTJVq5NWSrEcEt
n5+7kSGdnqIr+Ehqbb8xN1iG5o568AIGZHxLvxZ7R0/dSkZF9B9S3tBQcaSQVdsa
00/Sxjh3qlaDbdVelTtt8drLmG3gRm/csKQcZL5AbdzIV7NSjBrSGBsGlEhiQAGt
4TXY0Y3PYYIG30rbFmot1OhG1Y6SK8BcDRAA2IpL52S815h9TJvwCD/dmKx2rXFe
tm/GDLAXvE+E2q+Pax/zCI5g/FlpU+73I0X+OqOfn2N7bS3O3qMaQFXF18pRdnxX
S5Ucz4vbONNGZjZ/ohKY6dlTyb2NJP7XOOb+USaicZJd6QkdUy7N1SrZ+8N18D3f
DXoNkZ8=
-----END CERTIFICATE-----
Generated at Tue May 6 13:40:19 2025 by rpki-client