Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS812.roa
File: AS812.roa (raw, json)
Hash identifier: 6m+68s0et3JkE0d0/qHsQcqqUydW9KFcauQk/CunL58=
Subject key identifier: 2F:A4:60:4E:D0:06:92:DD:B2:64:5E:5C:31:A4:6C:03:69:1A:05:4D
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 4B34B46F160F711ECF8E4627173A9B70811246EC
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS812.roa
Signing time: Sun 26 Oct 2025 00:10:13 +0000
ROA not before: Sun 26 Oct 2025 00:05:13 +0000
ROA not after: Sun 25 Oct 2026 00:10:13 +0000
asID: 812
IP address blocks: 143.14.232.0/21 maxlen: 24
162.141.22.0/23 maxlen: 24
162.141.24.0/22 maxlen: 24
162.141.28.0/22 maxlen: 24
162.141.32.0/22 maxlen: 24
162.141.40.0/22 maxlen: 24
162.141.56.0/22 maxlen: 24
162.141.60.0/22 maxlen: 24
162.141.72.0/22 maxlen: 24
162.141.144.0/21 maxlen: 24
162.141.156.0/23 maxlen: 24
162.141.168.0/21 maxlen: 24
162.141.184.0/21 maxlen: 24
167.148.16.0/21 maxlen: 24
167.148.24.0/22 maxlen: 24
167.148.48.0/21 maxlen: 24
167.148.56.0/22 maxlen: 24
167.148.60.0/22 maxlen: 24
167.148.64.0/22 maxlen: 24
167.148.76.0/22 maxlen: 24
167.148.88.0/21 maxlen: 24
167.148.108.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 18:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4b:34:b4:6f:16:0f:71:1e:cf:8e:46:27:17:3a:9b:70:81:12:46:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Oct 26 00:05:13 2025 GMT
Not After : Oct 25 00:10:13 2026 GMT
Subject: CN=2FA4604ED00692DDB2645E5C31A46C03691A054D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:23:8a:3b:07:94:fd:cf:59:f7:4f:66:c8:1b:
aa:68:81:17:18:9e:a9:13:28:fc:a5:c1:c9:8e:20:
f2:ff:bb:11:b4:45:2f:12:45:f2:03:5e:81:55:cb:
d6:d4:db:3d:ca:1c:40:a6:77:0e:85:b3:61:48:97:
2d:f5:65:5e:2e:5c:27:7e:31:24:f8:7b:ed:f0:02:
71:1f:43:c4:05:51:db:49:99:51:11:3f:ee:1d:88:
cb:85:2f:e1:79:59:d6:04:ca:cd:82:c5:50:01:4b:
b7:8f:a9:e8:5c:98:ac:87:d8:9e:79:2c:fa:39:cd:
25:7e:45:9e:a3:db:09:e8:f6:ec:1f:ea:bc:48:9d:
28:f7:82:5a:aa:df:22:93:31:3d:ce:fd:fc:34:2b:
cb:df:8b:4b:9c:6a:8f:9c:c7:16:f8:cf:d8:26:e7:
30:69:c2:42:d6:70:0a:91:3d:1b:06:e9:2c:e8:c9:
74:56:d6:56:c0:b0:77:e4:d1:34:59:86:5f:0d:ce:
d2:ed:fd:cf:16:4f:53:e7:23:d0:61:39:a7:ae:52:
04:e2:7e:15:fe:ad:99:10:17:99:91:50:1a:a5:1a:
5b:bc:63:59:6d:fd:f8:df:ee:ab:57:68:eb:5f:9f:
db:f6:a9:29:c5:aa:0f:94:71:13:ce:8d:d3:f2:73:
25:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:A4:60:4E:D0:06:92:DD:B2:64:5E:5C:31:A4:6C:03:69:1A:05:4D
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS812.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.14.232.0/21
162.141.22.0-162.141.35.255
162.141.40.0/22
162.141.56.0/21
162.141.72.0/22
162.141.144.0/21
162.141.156.0/23
162.141.168.0/21
162.141.184.0/21
167.148.16.0-167.148.27.255
167.148.48.0-167.148.67.255
167.148.76.0/22
167.148.88.0/21
167.148.108.0/22
Signature Algorithm: sha256WithRSAEncryption
79:3a:34:24:df:75:b7:b2:3b:a9:54:de:21:af:fd:9a:5e:be:
3f:2d:7d:5c:95:70:6a:57:30:54:6e:07:62:04:3e:61:aa:4f:
a7:fe:d0:13:1f:34:fe:8e:94:27:28:ab:a5:03:30:f6:ea:2e:
cf:1a:cb:37:6c:01:cd:db:e3:82:f8:6d:16:eb:2f:6a:d4:6c:
6f:74:11:fe:89:0e:d1:30:25:bc:6a:4c:89:65:8d:b4:04:1c:
0b:31:ea:83:ca:94:60:25:a3:b1:fc:72:12:d3:1e:2e:90:b5:
0f:4a:67:78:0f:4c:ec:bc:1f:a0:ef:f7:9c:84:e0:56:54:d7:
ff:4e:ea:82:2d:c4:92:b3:b9:6c:7e:cb:99:c4:c2:4c:f5:ba:
8a:a2:69:be:e4:d9:c9:65:7e:f9:e5:1a:78:3d:ab:ad:49:2d:
76:33:07:50:05:82:a6:7a:d4:4e:09:88:e8:98:5e:17:3a:db:
0a:d7:7f:e6:fc:ca:cb:78:fd:1e:2f:a7:49:e0:ca:e6:9a:67:
57:7f:77:00:74:2b:d9:33:ea:97:ce:b6:36:d0:03:84:96:be:
83:02:78:c1:0f:2a:0e:72:de:71:7d:58:ef:73:43:2e:2e:4c:
60:f8:0c:78:5c:f1:40:41:f6:93:f3:09:a0:f9:b7:95:7a:5d:
94:ce:48:dd
-----BEGIN CERTIFICATE-----
MIIFZDCCBEygAwIBAgIUSzS0bxYPcR7PjkYnFzqbcIESRuwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTEwMjYwMDA1MTNaFw0yNjEwMjUwMDEwMTNaMDMxMTAvBgNV
BAMTKDJGQTQ2MDRFRDAwNjkyRERCMjY0NUU1QzMxQTQ2QzAzNjkxQTA1NEQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDKI4o7B5T9z1n3T2bIG6pogRcY
nqkTKPylwcmOIPL/uxG0RS8SRfIDXoFVy9bU2z3KHECmdw6Fs2FIly31ZV4uXCd+
MST4e+3wAnEfQ8QFUdtJmVERP+4diMuFL+F5WdYEys2CxVABS7ePqehcmKyH2J55
LPo5zSV+RZ6j2wno9uwf6rxInSj3glqq3yKTMT3O/fw0K8vfi0ucao+cxxb4z9gm
5zBpwkLWcAqRPRsG6SzoyXRW1lbAsHfk0TRZhl8NztLt/c8WT1PnI9BhOaeuUgTi
fhX+rZkQF5mRUBqlGlu8Y1lt/fjf7qtXaOtfn9v2qSnFqg+UcRPOjdPycyVtAgMB
AAGjggJuMIICajAdBgNVHQ4EFgQUL6RgTtAGkt2yZF5cMaRsA2kaBU0wHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIweAYIKwYBBQUHAQsEbDBqMGgGCCsGAQUFBzALhlxyc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTODEyLnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGFBggrBgEFBQcBBwEB/wR2MHQwcgQCAAEwbAMEA48O6DAM
AwQBoo0WAwQCoo0gAwQCoo0oAwQDoo04AwQCoo1IAwQDoo2QAwQBoo2cAwQDoo2o
AwQDoo24MAwDBASnlBADBAKnlBgwDAMEBKeUMAMEAqeUQAMEAqeUTAMEA6eUWAME
AqeUbDANBgkqhkiG9w0BAQsFAAOCAQEAeTo0JN91t7I7qVTeIa/9ml6+Py19XJVw
alcwVG4HYgQ+YapPp/7QEx80/o6UJyirpQMw9uouzxrLN2wBzdvjgvhtFusvatRs
b3QR/okO0TAlvGpMiWWNtAQcCzHqg8qUYCWjsfxyEtMeLpC1D0pneA9M7LwfoO/3
nITgVlTX/07qgi3EkrO5bH7LmcTCTPW6iqJpvuTZyWV++eUaeD2rrUktdjMHUAWC
pnrUTgmI6JheFzrbCtd/5vzKy3j9Hi+nSeDK5ppnV393AHQr2TPql862NtADhJa+
gwJ4wQ8qDnLecX1Y73NDLi5MYPgMeFzxQEH2k/MJoPm3lXpdlM5I3Q==
-----END CERTIFICATE-----
Generated at Tue Nov 4 22:37:30 2025 by rpki-client