Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS58212.roa
File: AS58212.roa (raw, json)
Hash identifier: GKTcIiGN0Fnh8IPYwniV9+2xNfAtCVXmn6D5v+MIzOI=
Subject key identifier: EE:D7:8D:C8:21:2A:C2:36:47:F3:A5:04:E0:2E:21:C6:46:A2:4E:C8
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 6FB3C8546DECC82191B95287E0141BD44D4C494D
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS58212.roa
Signing time: Wed 30 Jul 2025 16:30:04 +0000
ROA not before: Wed 30 Jul 2025 16:25:04 +0000
ROA not after: Wed 29 Jul 2026 16:30:04 +0000
asID: 58212
IP address blocks: 143.14.93.0/24 maxlen: 24
146.103.22.0/24 maxlen: 24
146.103.48.0/24 maxlen: 24
147.79.30.0/24 maxlen: 24
167.148.173.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 03:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6f:b3:c8:54:6d:ec:c8:21:91:b9:52:87:e0:14:1b:d4:4d:4c:49:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Jul 30 16:25:04 2025 GMT
Not After : Jul 29 16:30:04 2026 GMT
Subject: CN=EED78DC8212AC23647F3A504E02E21C646A24EC8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:0b:e1:44:64:f6:fe:72:d8:62:ed:2a:9d:2f:
a5:82:92:ed:8c:85:31:ad:6b:06:8c:c0:aa:42:5f:
f4:67:bd:f9:45:bd:78:fb:24:ed:94:e7:bc:8d:1f:
b1:ad:0e:42:f4:00:71:d0:92:db:1c:a5:ad:a9:dc:
9d:c5:2c:f5:f0:b6:61:ac:cd:94:b6:a0:7a:bf:01:
d5:cc:ce:64:18:0a:9b:04:ed:5a:3b:01:3b:3d:d9:
b7:ec:5f:b9:9f:37:45:4c:e4:bd:1e:83:0c:9c:3b:
a1:8e:1c:5c:59:08:9b:31:57:a7:9a:a7:7e:b0:e5:
f5:85:a5:37:c6:71:c7:cf:aa:e1:70:66:0c:e2:87:
df:9e:c1:0c:64:29:80:b5:12:7e:b7:93:49:4b:a9:
a7:76:4a:ef:fd:57:49:ce:54:cd:d9:b7:1f:5a:17:
c7:f8:2f:c2:63:b1:b8:0c:0f:30:e1:bf:2f:3a:a8:
61:fb:a3:eb:68:8d:09:69:ad:f1:66:53:15:37:cb:
56:45:1e:25:ec:9a:96:5f:34:86:98:c4:fe:86:2c:
86:16:05:17:aa:14:e7:b7:01:76:e3:94:7d:91:4a:
91:a2:3d:b9:fa:72:76:0c:e5:1f:1c:00:e0:b1:34:
94:cd:d9:19:d5:e6:f0:72:a5:df:0a:2f:70:a0:6d:
ff:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:D7:8D:C8:21:2A:C2:36:47:F3:A5:04:E0:2E:21:C6:46:A2:4E:C8
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS58212.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.14.93.0/24
146.103.22.0/24
146.103.48.0/24
147.79.30.0/24
167.148.173.0/24
Signature Algorithm: sha256WithRSAEncryption
5d:82:28:c4:1b:65:2e:8e:86:4b:42:98:d7:ce:71:db:b9:03:
62:8e:c9:08:ed:80:72:60:58:3f:e5:2b:7f:7f:ad:10:0a:4b:
f6:3e:bb:f6:14:b3:a3:39:f1:3c:33:de:ac:de:c8:17:4f:48:
a8:2a:d2:64:26:8c:98:08:af:bf:f6:2e:67:cd:2a:b0:ed:62:
8a:67:9f:ef:d9:cb:7b:54:c1:7b:f4:3e:c3:27:32:40:5f:d9:
1c:d3:53:56:0d:ae:88:e2:3c:27:44:80:53:6c:ff:2a:b8:2f:
88:a1:26:50:6c:92:a2:f9:e2:45:67:f0:69:11:10:39:fe:d2:
4e:3e:27:18:19:4f:0a:c7:dc:a0:15:31:15:69:52:f4:36:b6:
67:62:04:cf:be:ca:b9:41:67:8f:2a:2a:37:74:9f:4e:c6:80:
a2:f6:68:8b:51:08:14:0e:18:2d:ec:1e:b5:3e:a6:14:fa:89:
ba:58:50:72:2a:e6:bb:e1:00:1c:ec:25:23:84:59:e1:b8:0c:
73:b9:7e:a0:c3:10:f0:ee:c4:a0:c6:4b:6e:c9:92:97:b5:64:
da:58:7a:fa:1e:52:9a:1b:2c:05:71:30:3b:d2:16:29:45:5d:
76:8a:8e:8e:c9:3e:1d:c0:a3:90:90:9a:e4:27:14:6f:37:56:
90:11:6f:13
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgIUb7PIVG3syCGRuVKH4BQb1E1MSU0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTA3MzAxNjI1MDRaFw0yNjA3MjkxNjMwMDRaMDMxMTAvBgNV
BAMTKEVFRDc4REM4MjEyQUMyMzY0N0YzQTUwNEUwMkUyMUM2NDZBMjRFQzgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDpC+FEZPb+cthi7SqdL6WCku2M
hTGtawaMwKpCX/RnvflFvXj7JO2U57yNH7GtDkL0AHHQktscpa2p3J3FLPXwtmGs
zZS2oHq/AdXMzmQYCpsE7Vo7ATs92bfsX7mfN0VM5L0egwycO6GOHFxZCJsxV6ea
p36w5fWFpTfGccfPquFwZgzih9+ewQxkKYC1En63k0lLqad2Su/9V0nOVM3Ztx9a
F8f4L8JjsbgMDzDhvy86qGH7o+tojQlprfFmUxU3y1ZFHiXsmpZfNIaYxP6GLIYW
BReqFOe3AXbjlH2RSpGiPbn6cnYM5R8cAOCxNJTN2RnV5vBypd8KL3Cgbf8NAgMB
AAGjggIhMIICHTAdBgNVHQ4EFgQU7teNyCEqwjZH86UE4C4hxkaiTsgwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTNTgyMTIucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwNwYIKwYBBQUHAQcBAf8EKDAmMCQEAgABMB4DBACPDl0D
BACSZxYDBACSZzADBACTTx4DBACnlK0wDQYJKoZIhvcNAQELBQADggEBAF2CKMQb
ZS6OhktCmNfOcdu5A2KOyQjtgHJgWD/lK39/rRAKS/Y+u/YUs6M58Twz3qzeyBdP
SKgq0mQmjJgIr7/2LmfNKrDtYopnn+/Zy3tUwXv0PsMnMkBf2RzTU1YNrojiPCdE
gFNs/yq4L4ihJlBskqL54kVn8GkREDn+0k4+JxgZTwrH3KAVMRVpUvQ2tmdiBM++
yrlBZ48qKjd0n07GgKL2aItRCBQOGC3sHrU+phT6ibpYUHIq5rvhABzsJSOEWeG4
DHO5fqDDEPDuxKDGS27Jkpe1ZNpYevoeUpobLAVxMDvSFilFXXaKjo7JPh3Ao5CQ
muQnFG83VpARbxM=
-----END CERTIFICATE-----
Generated at Mon Aug 4 07:42:44 2025 by rpki-client