Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS58212.roa
File: AS58212.roa (raw, json)
Hash identifier: 13t6oDUJ1oBlm5TK4+AeWDHNhvx0/61yMwoBOFyIJtU=
Subject key identifier: BB:67:29:7E:BE:16:F9:9B:7C:30:18:21:B8:C9:70:DE:74:91:E7:5D
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 56E94DEB5116613BF52B221616B46B1D14AC955C
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS58212.roa
Signing time: Sat 13 Jun 2026 08:04:50 +0000
ROA not before: Sat 13 Jun 2026 07:59:50 +0000
ROA not after: Sat 12 Jun 2027 08:04:50 +0000
asID: 58212
IP address blocks: 143.14.156.0/24 maxlen: 24
143.14.171.0/24 maxlen: 24
143.14.202.0/24 maxlen: 24
143.14.216.0/24 maxlen: 24
162.141.179.0/24 maxlen: 24
162.141.183.0/24 maxlen: 24
167.148.173.0/24 maxlen: 24
167.148.187.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
56:e9:4d:eb:51:16:61:3b:f5:2b:22:16:16:b4:6b:1d:14:ac:95:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Jun 13 07:59:50 2026 GMT
Not After : Jun 12 08:04:50 2027 GMT
Subject: CN=BB67297EBE16F99B7C301821B8C970DE7491E75D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:88:dd:0b:84:c6:30:34:39:7a:b1:b4:c5:04:
5f:e7:7b:91:41:fe:c0:c3:dc:00:46:0f:f2:1f:4b:
b8:2c:a1:af:e6:5d:1f:c5:20:70:c0:ea:a7:45:a0:
2e:b6:a1:fc:3e:6b:a4:1e:db:f3:0e:8e:42:0a:14:
f1:b7:74:f9:b2:27:62:8f:71:b6:ac:d5:bc:27:5c:
fb:e0:a8:7a:b5:1a:63:a4:a5:9e:53:fe:0e:83:7d:
24:7d:db:d6:2d:65:a0:9d:92:6e:b8:06:ab:79:7c:
03:55:e3:3d:d5:8c:66:c6:7e:ff:80:de:59:bf:d6:
34:be:ca:1f:6b:62:e8:30:fc:0a:bf:c1:ed:60:62:
8a:d8:39:c3:f6:8c:7c:4c:9b:b6:6f:2f:e1:93:34:
45:01:c6:a5:f7:1c:47:94:ba:ba:e0:07:ce:73:0a:
e1:f4:cc:31:35:e9:3b:9c:9e:5f:c1:5a:79:83:b8:
ee:77:e2:b4:11:e4:bd:a1:f4:f9:f0:b5:f9:e1:b6:
1b:e2:d6:87:33:2c:6a:ba:56:b1:3a:0b:8a:51:9b:
9a:ad:08:f1:44:84:b4:3d:01:9a:00:a4:d2:73:ea:
71:f5:02:38:36:13:d8:3a:43:da:6d:61:84:74:f5:
c0:a8:31:a9:17:a8:6f:b8:71:ef:6c:1f:f0:8c:8f:
e3:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:67:29:7E:BE:16:F9:9B:7C:30:18:21:B8:C9:70:DE:74:91:E7:5D
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS58212.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.14.156.0/24
143.14.171.0/24
143.14.202.0/24
143.14.216.0/24
162.141.179.0/24
162.141.183.0/24
167.148.173.0/24
167.148.187.0/24
Signature Algorithm: sha256WithRSAEncryption
4c:cd:c7:76:9c:34:ab:67:97:18:81:93:ca:af:c1:b8:52:7c:
f9:70:ad:59:07:70:3e:6f:27:6a:9e:d8:94:93:7a:60:8a:6e:
6c:61:18:59:51:ca:20:94:32:3e:89:8e:68:91:29:e5:27:61:
83:8d:65:3c:26:f3:0b:97:fb:62:b4:be:e8:ce:df:c1:8b:3b:
6c:fb:4b:cf:a3:23:29:4d:47:de:dd:dc:f6:c3:46:fa:2d:bf:
be:07:6c:1d:a0:c1:4d:f1:41:00:4d:10:97:0d:8a:d0:ea:6d:
bf:72:c9:a9:34:6a:20:cf:92:0c:9a:33:e3:3c:0d:1e:8c:9c:
35:0c:be:b2:71:b8:d4:5c:5a:c1:e6:c6:de:97:be:77:7b:8a:
fc:f0:10:44:77:10:bc:ea:b6:5b:d4:bf:ec:8b:7b:20:65:34:
95:33:33:cf:6e:52:94:b4:0b:05:3e:c6:ff:b9:c2:2d:09:45:
03:83:0c:b8:8c:86:17:78:3c:79:ed:88:f0:e2:d3:21:2b:53:
13:90:dc:00:79:40:5a:24:ac:30:f3:d8:81:cb:89:1d:dd:b7:
0c:a4:b9:aa:6c:b9:54:33:f3:1c:26:43:84:b3:27:b4:28:87:
95:9a:08:19:ca:f1:fd:f9:bd:6d:fd:86:b3:b3:e0:35:39:d3:
b7:84:c7:ad
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgIUVulN61EWYTv1KyIWFrRrHRSslVwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNjA2MTMwNzU5NTBaFw0yNzA2MTIwODA0NTBaMDMxMTAvBgNV
BAMTKEJCNjcyOTdFQkUxNkY5OUI3QzMwMTgyMUI4Qzk3MERFNzQ5MUU3NUQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCfiN0LhMYwNDl6sbTFBF/ne5FB
/sDD3ABGD/IfS7gsoa/mXR/FIHDA6qdFoC62ofw+a6Qe2/MOjkIKFPG3dPmyJ2KP
cbas1bwnXPvgqHq1GmOkpZ5T/g6DfSR929YtZaCdkm64Bqt5fANV4z3VjGbGfv+A
3lm/1jS+yh9rYugw/Aq/we1gYorYOcP2jHxMm7ZvL+GTNEUBxqX3HEeUurrgB85z
CuH0zDE16Tucnl/BWnmDuO534rQR5L2h9Pnwtfnhthvi1oczLGq6VrE6C4pRm5qt
CPFEhLQ9AZoApNJz6nH1Ajg2E9g6Q9ptYYR09cCoMakXqG+4ce9sH/CMj+O3AgMB
AAGjggIzMIICLzAdBgNVHQ4EFgQUu2cpfr4W+Zt8MBghuMlw3nSR510wHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTNTgyMTIucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwSQYIKwYBBQUHAQcBAf8EOjA4MDYEAgABMDADBACPDpwD
BACPDqsDBACPDsoDBACPDtgDBACijbMDBACijbcDBACnlK0DBACnlLswDQYJKoZI
hvcNAQELBQADggEBAEzNx3acNKtnlxiBk8qvwbhSfPlwrVkHcD5vJ2qe2JSTemCK
bmxhGFlRyiCUMj6JjmiRKeUnYYONZTwm8wuX+2K0vujO38GLO2z7S8+jIylNR97d
3PbDRvotv74HbB2gwU3xQQBNEJcNitDqbb9yyak0aiDPkgyaM+M8DR6MnDUMvrJx
uNRcWsHmxt6Xvnd7ivzwEER3ELzqtlvUv+yLeyBlNJUzM89uUpS0CwU+xv+5wi0J
RQODDLiMhhd4PHntiPDi0yErUxOQ3AB5QFokrDDz2IHLiR3dtwykuapsuVQz8xwm
Q4SzJ7Qoh5WaCBnK8f35vW39hrOz4DU507eEx60=
-----END CERTIFICATE-----
Generated at Sat Jun 13 10:46:11 2026 by rpki-client