Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS58212.roa
File: AS58212.roa (raw, json)
Hash identifier: nQy05NzUfqx5s4Chyy31q2QIaBzFwpoB/wD+5sAxik4=
Subject key identifier: 24:B7:82:76:D6:77:4C:E0:00:9F:9E:D8:CC:37:71:11:28:61:F0:96
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 4977780B4BA20B7C7485C752EAA69BA5815F017A
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS58212.roa
Signing time: Fri 30 Jan 2026 12:20:35 +0000
ROA not before: Fri 30 Jan 2026 12:15:35 +0000
ROA not after: Fri 29 Jan 2027 12:20:35 +0000
asID: 58212
IP address blocks: 143.14.11.0/24 maxlen: 24
143.14.126.0/24 maxlen: 24
143.14.156.0/24 maxlen: 24
143.14.171.0/24 maxlen: 24
143.14.202.0/24 maxlen: 24
143.14.216.0/24 maxlen: 24
167.148.173.0/24 maxlen: 24
167.148.187.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 12:54:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
49:77:78:0b:4b:a2:0b:7c:74:85:c7:52:ea:a6:9b:a5:81:5f:01:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Jan 30 12:15:35 2026 GMT
Not After : Jan 29 12:20:35 2027 GMT
Subject: CN=24B78276D6774CE0009F9ED8CC3771112861F096
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:bf:cc:85:4a:bd:36:25:16:65:c8:23:20:61:
13:a4:2e:1d:af:c3:1a:d2:e1:12:00:0d:f5:46:f5:
ae:55:25:e0:4c:a6:ac:c7:11:53:33:af:6e:f8:83:
ed:97:32:ec:43:9c:56:e7:80:f9:0e:00:49:7e:6d:
e8:be:09:8c:c7:20:d5:3f:56:6b:c7:fa:37:84:f0:
8b:b6:88:46:a4:25:85:3b:f2:04:10:bb:a8:e2:37:
79:d4:b4:11:f9:65:3e:6b:17:af:84:d0:d2:a1:be:
49:ca:99:bc:74:5f:c8:43:b2:b8:62:d2:c8:e3:c7:
44:e6:86:8f:17:e4:d1:0e:29:cc:e1:c6:e2:de:ed:
36:2a:4b:b7:4d:2a:cb:72:4b:03:34:2e:f9:7a:5a:
35:34:bc:d3:3a:dd:80:ce:1b:c4:3d:4e:58:be:95:
ba:9c:a2:87:dd:8e:b6:a9:bc:02:19:99:88:5d:60:
bd:c6:5f:c9:36:86:93:50:b1:7f:f7:c3:a0:fc:2e:
20:85:51:02:c7:e4:d5:22:02:97:24:3d:33:c5:7c:
31:c8:8c:fd:8c:97:63:f9:b0:f3:5a:43:9e:aa:89:
19:bf:d7:e0:d0:02:03:fe:81:64:a9:2e:2b:83:10:
95:b7:50:c8:f6:29:78:78:75:d8:c3:6c:58:2b:d0:
92:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:B7:82:76:D6:77:4C:E0:00:9F:9E:D8:CC:37:71:11:28:61:F0:96
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS58212.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.14.11.0/24
143.14.126.0/24
143.14.156.0/24
143.14.171.0/24
143.14.202.0/24
143.14.216.0/24
167.148.173.0/24
167.148.187.0/24
Signature Algorithm: sha256WithRSAEncryption
9a:23:7d:06:de:8c:3e:a1:d3:bb:71:47:db:bd:85:1b:c1:02:
75:80:65:86:47:87:0c:6f:dd:6b:f0:bd:89:cb:f2:66:57:0d:
92:26:1c:44:78:a6:61:17:56:2b:85:3c:08:15:c2:2d:14:36:
51:f2:cc:d2:cb:1d:24:b8:4d:29:19:be:ef:5d:ff:82:d5:72:
fe:04:05:49:6e:72:32:0b:83:7e:86:ba:72:7e:9a:59:03:24:
b2:01:bd:ce:13:3f:2c:a5:71:23:80:e5:db:ca:f2:e6:ab:bd:
63:d2:8b:87:1e:f9:ff:be:d7:2a:d1:4a:47:9e:c0:d4:70:f5:
b3:90:5b:3d:9f:b5:81:c5:4e:b4:76:08:bc:32:f1:63:e4:fd:
b3:65:7c:63:88:7f:78:21:a3:59:63:07:ab:8f:ca:43:46:a5:
fe:30:6e:1e:f7:72:82:11:56:17:35:43:6d:63:40:b5:44:50:
1f:d1:40:3f:a5:97:33:d2:45:50:bd:ee:19:c8:51:ef:5c:66:
a8:60:17:f4:79:e6:3b:aa:f6:62:19:b0:37:be:57:f8:f9:76:
7c:1d:50:2c:62:54:a3:55:54:1e:b4:3b:f5:1d:cc:e6:ba:ef:
09:3c:7a:90:e8:c8:16:1f:9c:dd:05:32:86:29:a5:36:09:65:
09:1a:f9:ed
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgIUSXd4C0uiC3x0hcdS6qabpYFfAXowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNjAxMzAxMjE1MzVaFw0yNzAxMjkxMjIwMzVaMDMxMTAvBgNV
BAMTKDI0Qjc4Mjc2RDY3NzRDRTAwMDlGOUVEOENDMzc3MTExMjg2MUYwOTYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCav8yFSr02JRZlyCMgYROkLh2v
wxrS4RIADfVG9a5VJeBMpqzHEVMzr274g+2XMuxDnFbngPkOAEl+bei+CYzHINU/
VmvH+jeE8Iu2iEakJYU78gQQu6jiN3nUtBH5ZT5rF6+E0NKhvknKmbx0X8hDsrhi
0sjjx0Tmho8X5NEOKczhxuLe7TYqS7dNKstySwM0Lvl6WjU0vNM63YDOG8Q9Tli+
lbqcoofdjrapvAIZmYhdYL3GX8k2hpNQsX/3w6D8LiCFUQLH5NUiApckPTPFfDHI
jP2Ml2P5sPNaQ56qiRm/1+DQAgP+gWSpLiuDEJW3UMj2KXh4ddjDbFgr0JLPAgMB
AAGjggIzMIICLzAdBgNVHQ4EFgQUJLeCdtZ3TOAAn57YzDdxEShh8JYwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTNTgyMTIucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwSQYIKwYBBQUHAQcBAf8EOjA4MDYEAgABMDADBACPDgsD
BACPDn4DBACPDpwDBACPDqsDBACPDsoDBACPDtgDBACnlK0DBACnlLswDQYJKoZI
hvcNAQELBQADggEBAJojfQbejD6h07txR9u9hRvBAnWAZYZHhwxv3WvwvYnL8mZX
DZImHER4pmEXViuFPAgVwi0UNlHyzNLLHSS4TSkZvu9d/4LVcv4EBUlucjILg36G
unJ+mlkDJLIBvc4TPyylcSOA5dvK8uarvWPSi4ce+f++1yrRSkeewNRw9bOQWz2f
tYHFTrR2CLwy8WPk/bNlfGOIf3gho1ljB6uPykNGpf4wbh73coIRVhc1Q21jQLVE
UB/RQD+llzPSRVC97hnIUe9cZqhgF/R55juq9mIZsDe+V/j5dnwdUCxiVKNVVB60
O/UdzOa67wk8epDoyBYfnN0FMoYppTYJZQka+e0=
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:53:36 2026 by rpki-client