Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS216059.roa
File: AS216059.roa (raw, json)
Hash identifier: uti1wsniQ2WZX4zLS3XYtx6PK5WF03a48YdFcy7602E=
Subject key identifier: AB:F0:DD:B3:39:57:41:9C:F9:85:81:63:10:81:7A:E3:B1:77:BD:A8
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 510F8ADB33BA0E0868DB58D8A9CD951C0835791E
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS216059.roa
Signing time: Mon 04 Aug 2025 00:02:55 +0000
ROA not before: Sun 03 Aug 2025 23:57:55 +0000
ROA not after: Mon 03 Aug 2026 00:02:55 +0000
asID: 216059
IP address blocks: 146.103.28.0/24 maxlen: 24
155.117.108.0/24 maxlen: 24
155.117.164.0/23 maxlen: 23
155.117.178.0/23 maxlen: 23
155.117.210.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 03:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
51:0f:8a:db:33:ba:0e:08:68:db:58:d8:a9:cd:95:1c:08:35:79:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Aug 3 23:57:55 2025 GMT
Not After : Aug 3 00:02:55 2026 GMT
Subject: CN=ABF0DDB33957419CF985816310817AE3B177BDA8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:b8:64:44:c7:16:b1:31:9c:5a:2c:1b:07:21:
b0:c2:02:04:07:b5:3f:ef:25:0b:b1:60:f8:88:98:
28:22:79:c4:65:8d:91:74:78:b5:5d:de:03:0b:59:
4e:42:5d:de:74:18:8e:f3:1d:41:ab:ab:6c:4e:84:
96:74:90:c7:ab:30:fe:79:57:dc:8f:1a:14:26:fa:
e9:e3:74:80:1b:e6:58:86:00:42:cc:e0:7a:43:6e:
47:e7:ea:2b:71:c5:5c:ca:a1:60:c1:6d:13:77:6b:
4b:74:2d:e2:3b:bb:c9:8b:a6:a9:52:4c:df:d4:56:
16:73:03:b9:5d:94:fb:a6:8e:48:09:ae:d4:ad:79:
ea:3d:ca:38:c0:9b:9a:d8:02:9a:19:c5:53:53:37:
20:c3:78:b5:a2:a3:3e:92:b7:7e:49:f7:aa:b4:08:
d5:bb:8e:8c:b7:59:33:6f:2a:7b:d1:44:b4:66:f8:
27:f5:90:e7:bb:54:97:2c:0c:13:48:1e:73:5e:31:
8e:f1:d8:b6:37:72:e7:34:39:f0:c1:0a:90:68:92:
2b:3f:03:f9:68:11:5a:41:f8:92:16:e1:3b:f0:4b:
b9:3c:22:78:da:72:6a:56:e1:8b:fa:ef:ff:45:4e:
a1:81:0c:57:42:a7:8c:50:cb:77:39:52:e2:aa:18:
53:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:F0:DD:B3:39:57:41:9C:F9:85:81:63:10:81:7A:E3:B1:77:BD:A8
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS216059.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.103.28.0/24
155.117.108.0/24
155.117.164.0/23
155.117.178.0/23
155.117.210.0/24
Signature Algorithm: sha256WithRSAEncryption
18:77:58:7b:df:33:e4:25:a6:a4:78:28:e7:69:c3:c4:55:8a:
e1:47:22:28:c7:3e:21:89:ac:d7:93:43:eb:00:40:42:86:fc:
cf:c8:c9:76:b7:43:af:68:84:95:b9:9e:87:06:43:98:7b:9c:
5b:4f:6d:61:e5:eb:2f:8e:7b:c7:46:94:32:4f:90:c4:1f:06:
00:94:ab:9f:0d:4a:3d:63:65:3d:fa:b3:e4:1e:af:5f:b1:0d:
0c:19:ef:26:7f:f5:db:8d:cd:83:39:29:9e:bc:ad:45:b6:91:
a9:88:8c:bf:84:fc:71:f8:fe:d5:3c:df:f7:4e:9b:65:57:b7:
67:fc:bb:ba:9a:b0:d1:13:e5:36:a3:d3:45:ba:6b:67:5f:19:
e7:56:85:08:b1:27:86:09:b9:94:b8:f3:9c:ad:cd:5e:c7:77:
3b:da:65:37:47:50:67:46:61:bc:f6:f8:a3:05:03:3b:ce:90:
66:48:ee:05:87:10:96:9b:19:e7:90:b4:3c:b8:a4:40:b7:5d:
30:a9:d0:53:61:c5:7c:cb:cf:b4:fd:cb:9d:d1:1f:8d:81:c1:
68:78:d8:ef:0a:9c:75:79:ae:26:36:65:23:ae:b3:c0:42:f6:
29:75:49:52:ec:24:fc:e6:22:c9:d4:95:19:bf:49:34:ae:22:
eb:54:01:0a
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgIUUQ+K2zO6Dgho21jYqc2VHAg1eR4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTA4MDMyMzU3NTVaFw0yNjA4MDMwMDAyNTVaMDMxMTAvBgNV
BAMTKEFCRjBEREIzMzk1NzQxOUNGOTg1ODE2MzEwODE3QUUzQjE3N0JEQTgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDEuGRExxaxMZxaLBsHIbDCAgQH
tT/vJQuxYPiImCgiecRljZF0eLVd3gMLWU5CXd50GI7zHUGrq2xOhJZ0kMerMP55
V9yPGhQm+unjdIAb5liGAELM4HpDbkfn6itxxVzKoWDBbRN3a0t0LeI7u8mLpqlS
TN/UVhZzA7ldlPumjkgJrtSteeo9yjjAm5rYApoZxVNTNyDDeLWioz6St35J96q0
CNW7joy3WTNvKnvRRLRm+Cf1kOe7VJcsDBNIHnNeMY7x2LY3cuc0OfDBCpBokis/
A/loEVpB+JIW4TvwS7k8InjacmpW4Yv67/9FTqGBDFdCp4xQy3c5UuKqGFNtAgMB
AAGjggIiMIICHjAdBgNVHQ4EFgQUq/DdszlXQZz5hYFjEIF647F3vagwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMjE2MDU5LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAkmcc
AwQAm3VsAwQBm3WkAwQBm3WyAwQAm3XSMA0GCSqGSIb3DQEBCwUAA4IBAQAYd1h7
3zPkJaakeCjnacPEVYrhRyIoxz4hiazXk0PrAEBChvzPyMl2t0OvaISVuZ6HBkOY
e5xbT21h5esvjnvHRpQyT5DEHwYAlKufDUo9Y2U9+rPkHq9fsQ0MGe8mf/Xbjc2D
OSmevK1FtpGpiIy/hPxx+P7VPN/3TptlV7dn/Lu6mrDRE+U2o9NFumtnXxnnVoUI
sSeGCbmUuPOcrc1ex3c72mU3R1BnRmG89vijBQM7zpBmSO4FhxCWmxnnkLQ8uKRA
t10wqdBTYcV8y8+0/cud0R+NgcFoeNjvCpx1ea4mNmUjrrPAQvYpdUlS7CT85iLJ
1JUZv0k0riLrVAEK
-----END CERTIFICATE-----
Generated at Mon Aug 4 07:40:32 2025 by rpki-client