Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS812.roa
File: AS812.roa (raw, json)
Hash identifier: 3s5dq+ToGowRZYuiSDbPhYcH4QAz4XV1o5fq4IR9PiU=
Subject key identifier: 7C:C1:62:C7:58:07:99:CB:06:FC:8B:BA:24:05:9E:B1:9F:9D:FC:36
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 6083410640C7D50E70AFFCA95076709BB795217C
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS812.roa
Signing time: Wed 11 Feb 2026 22:00:16 +0000
ROA not before: Wed 11 Feb 2026 21:55:16 +0000
ROA not after: Wed 10 Feb 2027 22:00:16 +0000
asID: 812
IP address blocks: 143.14.232.0/21 maxlen: 24
155.117.204.0/24 maxlen: 24
162.141.22.0/23 maxlen: 24
162.141.24.0/22 maxlen: 24
162.141.28.0/22 maxlen: 24
162.141.32.0/22 maxlen: 24
162.141.40.0/22 maxlen: 24
162.141.56.0/22 maxlen: 24
162.141.60.0/22 maxlen: 24
162.141.72.0/22 maxlen: 24
162.141.144.0/21 maxlen: 24
162.141.156.0/23 maxlen: 24
162.141.168.0/21 maxlen: 24
162.141.184.0/21 maxlen: 24
167.148.16.0/21 maxlen: 24
167.148.48.0/21 maxlen: 24
167.148.56.0/22 maxlen: 24
167.148.60.0/22 maxlen: 24
167.148.64.0/22 maxlen: 24
167.148.76.0/22 maxlen: 24
167.148.88.0/21 maxlen: 24
167.148.108.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
60:83:41:06:40:c7:d5:0e:70:af:fc:a9:50:76:70:9b:b7:95:21:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Feb 11 21:55:16 2026 GMT
Not After : Feb 10 22:00:16 2027 GMT
Subject: CN=7CC162C7580799CB06FC8BBA24059EB19F9DFC36
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:38:2c:39:84:60:69:36:21:df:7e:01:e9:51:
61:14:68:44:db:ca:69:19:32:a9:e7:b0:87:39:37:
f8:8a:de:cd:6f:87:e4:30:e8:0c:a2:98:1f:9e:e1:
45:d0:7b:48:a3:45:88:81:dd:2a:7e:9b:52:84:c5:
cc:55:b8:19:0f:c7:56:df:81:3e:57:29:26:4d:a4:
0a:1c:07:e6:ff:a0:22:80:02:be:8a:52:69:d1:29:
76:f4:04:32:dd:70:f2:c5:60:e6:b1:f6:6a:3c:b9:
0a:38:43:f5:dd:e4:c6:c4:b1:b3:b1:52:57:99:06:
0d:1e:6c:55:8f:06:67:b0:e0:78:95:34:b8:4b:66:
88:1f:4a:c4:31:57:89:7a:a7:0c:3d:d8:3f:be:6d:
7f:89:e2:06:39:57:ce:77:07:ca:0d:12:c0:f8:4c:
45:6c:c7:fe:16:c9:fc:4e:a2:89:8a:3b:40:1e:c0:
75:ca:82:07:4e:5f:3c:61:cf:05:df:f0:73:b6:8d:
04:42:15:be:a1:52:17:9e:6a:ca:5c:7f:4a:e0:03:
b6:0f:b7:09:60:86:cb:e0:e0:73:79:4d:09:16:28:
ed:04:6c:72:63:bf:8d:d7:42:aa:c8:3a:52:20:0c:
24:25:bc:27:4a:ac:35:80:8c:0e:54:31:fc:12:1a:
90:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:C1:62:C7:58:07:99:CB:06:FC:8B:BA:24:05:9E:B1:9F:9D:FC:36
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS812.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.14.232.0/21
155.117.204.0/24
162.141.22.0-162.141.35.255
162.141.40.0/22
162.141.56.0/21
162.141.72.0/22
162.141.144.0/21
162.141.156.0/23
162.141.168.0/21
162.141.184.0/21
167.148.16.0/21
167.148.48.0-167.148.67.255
167.148.76.0/22
167.148.88.0/21
167.148.108.0/22
Signature Algorithm: sha256WithRSAEncryption
06:b9:23:22:d2:e5:44:b0:bd:3f:ee:3e:ed:3b:4a:a6:30:79:
4d:86:62:dc:9b:3c:5f:c0:42:57:e2:10:bb:f9:c0:c1:ee:49:
09:4f:4a:93:bf:10:f3:5e:39:c2:ac:9e:d4:0a:79:cb:3b:0e:
66:c0:44:ad:ba:c7:26:af:b1:f2:4e:09:fd:62:dc:5a:06:34:
1b:6e:96:52:65:ac:a0:44:f8:b0:28:81:ed:46:9c:41:93:6a:
b4:8a:94:99:66:4f:3b:47:2d:54:40:a0:d7:da:9b:6f:15:1b:
a3:d9:19:b1:09:d7:a2:59:00:a6:35:40:93:32:3c:48:6e:96:
17:17:b2:3f:1a:6b:4b:46:61:fc:14:a5:f0:4c:cd:8b:b6:0b:
5d:d4:2a:a5:ec:5e:75:b6:a0:b8:1e:e4:6b:5b:e4:a4:5a:8e:
d0:42:14:a2:91:5a:80:29:e6:17:83:89:bb:27:14:e7:38:f8:
e0:63:b4:92:e8:d2:9f:2c:f3:ad:a6:af:91:e3:93:cd:47:94:
66:b1:c5:c9:ec:c6:68:63:44:b3:20:aa:a7:ce:d4:72:7f:38:
14:0a:96:1d:15:a3:cd:74:d0:0c:fb:f6:a0:eb:77:b7:e0:0c:
15:47:4e:cd:91:22:d5:b4:e4:08:15:0f:2f:b6:01:76:76:08:
33:68:ec:6b
-----BEGIN CERTIFICATE-----
MIIFYjCCBEqgAwIBAgIUYINBBkDH1Q5wr/ypUHZwm7eVIXwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNjAyMTEyMTU1MTZaFw0yNzAyMTAyMjAwMTZaMDMxMTAvBgNV
BAMTKDdDQzE2MkM3NTgwNzk5Q0IwNkZDOEJCQTI0MDU5RUIxOUY5REZDMzYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDOOCw5hGBpNiHffgHpUWEUaETb
ymkZMqnnsIc5N/iK3s1vh+Qw6AyimB+e4UXQe0ijRYiB3Sp+m1KExcxVuBkPx1bf
gT5XKSZNpAocB+b/oCKAAr6KUmnRKXb0BDLdcPLFYOax9mo8uQo4Q/Xd5MbEsbOx
UleZBg0ebFWPBmew4HiVNLhLZogfSsQxV4l6pww92D++bX+J4gY5V853B8oNEsD4
TEVsx/4WyfxOoomKO0AewHXKggdOXzxhzwXf8HO2jQRCFb6hUheeaspcf0rgA7YP
twlghsvg4HN5TQkWKO0EbHJjv43XQqrIOlIgDCQlvCdKrDWAjA5UMfwSGpDXAgMB
AAGjggJsMIICaDAdBgNVHQ4EFgQUfMFix1gHmcsG/Iu6JAWesZ+d/DYwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIweAYIKwYBBQUHAQsEbDBqMGgGCCsGAQUFBzALhlxyc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTODEyLnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGDBggrBgEFBQcBBwEB/wR0MHIwcAQCAAEwagMEA48O6AME
AJt1zDAMAwQBoo0WAwQCoo0gAwQCoo0oAwQDoo04AwQCoo1IAwQDoo2QAwQBoo2c
AwQDoo2oAwQDoo24AwQDp5QQMAwDBASnlDADBAKnlEADBAKnlEwDBAOnlFgDBAKn
lGwwDQYJKoZIhvcNAQELBQADggEBAAa5IyLS5USwvT/uPu07SqYweU2GYtybPF/A
QlfiELv5wMHuSQlPSpO/EPNeOcKsntQKecs7DmbARK26xyavsfJOCf1i3FoGNBtu
llJlrKBE+LAoge1GnEGTarSKlJlmTztHLVRAoNfam28VG6PZGbEJ16JZAKY1QJMy
PEhulhcXsj8aa0tGYfwUpfBMzYu2C13UKqXsXnW2oLge5Gtb5KRajtBCFKKRWoAp
5heDibsnFOc4+OBjtJLo0p8s862mr5Hjk81HlGaxxcnsxmhjRLMgqqfO1HJ/OBQK
lh0Vo8100Az79qDrd7fgDBVHTs2RItW05AgVDy+2AXZ2CDNo7Gs=
-----END CERTIFICATE-----
Generated at Mon Mar 2 06:29:31 2026 by rpki-client