Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS212238.roa
File: AS212238.roa (raw, json)
Hash identifier: piHFBGH1bzyEnShZpAmfV5h6BcvqSfhLqSqhDmAJRME=
Subject key identifier: 14:9A:49:90:29:96:D4:FA:EB:E6:04:4B:59:20:F7:FC:A1:A8:66:63
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 4F7790698F9FF82C7185AFFCFBC4C570407A6B54
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS212238.roa
Signing time: Sun 29 Jun 2025 00:02:14 +0000
ROA not before: Sat 28 Jun 2025 23:57:14 +0000
ROA not after: Sun 28 Jun 2026 00:02:14 +0000
asID: 212238
IP address blocks: 96.62.96.0/23 maxlen: 23
96.62.111.0/24 maxlen: 24
96.62.127.0/24 maxlen: 24
96.62.214.0/24 maxlen: 24
140.233.178.0/23 maxlen: 24
140.233.188.0/23 maxlen: 24
143.14.0.0/23 maxlen: 23
143.14.2.0/23 maxlen: 23
143.14.80.0/24 maxlen: 24
143.14.89.0/24 maxlen: 24
143.14.145.0/24 maxlen: 24
143.14.168.0/22 maxlen: 22
143.14.226.0/23 maxlen: 23
143.14.230.0/23 maxlen: 23
143.14.249.0/24 maxlen: 24
146.103.35.0/24 maxlen: 24
146.103.45.0/24 maxlen: 24
146.103.51.0/24 maxlen: 24
147.79.31.0/24 maxlen: 24
148.135.183.0/24 maxlen: 24
148.135.195.0/24 maxlen: 24
150.241.200.0/23 maxlen: 23
150.241.242.0/24 maxlen: 24
150.241.243.0/24 maxlen: 24
150.241.251.0/24 maxlen: 24
155.117.61.0/24 maxlen: 24
155.117.111.0/24 maxlen: 24
155.117.122.0/24 maxlen: 24
155.117.123.0/24 maxlen: 24
155.117.166.0/23 maxlen: 23
155.117.168.0/23 maxlen: 23
155.117.180.0/22 maxlen: 22
155.117.245.0/24 maxlen: 24
158.140.208.0/22 maxlen: 22
162.141.48.0/24 maxlen: 24
162.141.112.0/24 maxlen: 24
162.141.134.0/23 maxlen: 23
162.141.181.0/24 maxlen: 24
167.148.105.0/24 maxlen: 24
167.148.172.0/23 maxlen: 23
167.148.177.0/24 maxlen: 24
167.148.182.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4f:77:90:69:8f:9f:f8:2c:71:85:af:fc:fb:c4:c5:70:40:7a:6b:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Jun 28 23:57:14 2025 GMT
Not After : Jun 28 00:02:14 2026 GMT
Subject: CN=149A49902996D4FAEBE6044B5920F7FCA1A86663
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:1c:f7:19:dc:e1:a2:fd:71:7d:60:75:21:7e:
f6:fc:4b:6b:85:e8:db:c3:39:51:3c:45:92:d4:d3:
d8:2f:a4:53:47:77:d6:be:4c:a2:c7:00:be:75:08:
55:47:5c:2a:27:c9:37:58:ca:45:17:cf:e5:21:cc:
c3:4c:7a:a5:58:27:bd:9a:b1:3d:09:79:cc:23:81:
56:00:e4:0e:3f:2f:08:f4:94:09:1b:6a:54:34:50:
3d:77:fe:6f:f1:87:11:d0:1a:80:b8:00:bf:4c:70:
f0:c7:9a:a6:ba:ad:1a:64:87:92:3a:9b:bb:d8:30:
4c:f9:16:18:2e:cd:52:c7:99:38:56:27:1a:af:b2:
b6:f6:9b:f1:f8:3d:a1:64:a3:2d:57:ad:d7:5f:18:
cd:d3:4a:11:8c:cc:38:46:4f:64:c7:31:d7:2f:27:
f5:e2:0b:ab:04:9f:93:bc:89:4d:26:d8:4f:63:88:
10:c5:c9:a8:47:92:1e:53:15:3b:a5:1b:f7:89:e2:
3c:2b:c1:16:50:d4:4b:54:7d:96:dc:e1:99:fa:48:
17:ac:5b:65:94:6d:5a:69:9f:1a:4d:01:e9:63:0e:
5e:2e:fa:d5:f7:be:d2:10:0b:f6:36:c9:e6:2c:e6:
ed:5e:79:6a:68:d0:72:fb:9d:8b:1e:5c:98:47:5e:
c2:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:9A:49:90:29:96:D4:FA:EB:E6:04:4B:59:20:F7:FC:A1:A8:66:63
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS212238.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
96.62.96.0/23
96.62.111.0/24
96.62.127.0/24
96.62.214.0/24
140.233.178.0/23
140.233.188.0/23
143.14.0.0/22
143.14.80.0/24
143.14.89.0/24
143.14.145.0/24
143.14.168.0/22
143.14.226.0/23
143.14.230.0/23
143.14.249.0/24
146.103.35.0/24
146.103.45.0/24
146.103.51.0/24
147.79.31.0/24
148.135.183.0/24
148.135.195.0/24
150.241.200.0/23
150.241.242.0/23
150.241.251.0/24
155.117.61.0/24
155.117.111.0/24
155.117.122.0/23
155.117.166.0-155.117.169.255
155.117.180.0/22
155.117.245.0/24
158.140.208.0/22
162.141.48.0/24
162.141.112.0/24
162.141.134.0/23
162.141.181.0/24
167.148.105.0/24
167.148.172.0/23
167.148.177.0/24
167.148.182.0/23
Signature Algorithm: sha256WithRSAEncryption
72:8a:92:51:59:40:93:4e:df:e8:b4:39:e2:c0:32:4c:f8:f3:
61:0c:60:0a:43:f8:19:17:79:1d:26:fa:c9:aa:0f:5a:0f:4a:
aa:c1:78:b3:03:e3:f5:c0:61:5a:2e:a9:7b:32:79:15:7c:f3:
ea:fa:77:a7:f2:20:4f:60:b3:46:ee:14:81:7d:e5:a7:dd:a9:
b5:d4:71:a2:c6:fa:79:48:10:d2:9b:a7:0a:73:f3:77:28:f4:
6c:76:bf:f5:1b:bc:70:02:90:7c:13:35:07:80:23:f7:b3:50:
f8:43:a0:9a:b0:a6:47:bc:5a:20:c0:e3:64:c6:b9:6d:88:bb:
73:c9:ae:44:3b:44:f9:2a:08:e9:05:83:69:21:b9:77:09:f7:
13:34:ef:02:e3:8d:b3:cc:53:59:da:0a:83:c7:2d:e6:76:ec:
6e:a3:9c:ed:01:71:12:b9:0c:c9:3a:19:74:14:6d:0b:7a:84:
87:de:63:80:e3:d2:26:0b:d2:e1:00:23:ef:0c:cf:54:3b:7e:
43:86:65:d3:aa:5b:67:05:a0:7b:3a:00:18:1a:2a:bd:c6:bf:
c3:14:4c:8e:d1:4d:bc:9c:7f:ae:8c:10:95:32:10:eb:64:15:
45:76:96:dd:08:a4:7e:3d:5e:88:dd:d2:19:8b:04:5f:0a:dd:
18:17:e3:c1
-----BEGIN CERTIFICATE-----
MIIF7DCCBNSgAwIBAgIUT3eQaY+f+Cxxha/8+8TFcEB6a1QwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTA2MjgyMzU3MTRaFw0yNjA2MjgwMDAyMTRaMDMxMTAvBgNV
BAMTKDE0OUE0OTkwMjk5NkQ0RkFFQkU2MDQ0QjU5MjBGN0ZDQTFBODY2NjMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDiHPcZ3OGi/XF9YHUhfvb8S2uF
6NvDOVE8RZLU09gvpFNHd9a+TKLHAL51CFVHXConyTdYykUXz+UhzMNMeqVYJ72a
sT0JecwjgVYA5A4/Lwj0lAkbalQ0UD13/m/xhxHQGoC4AL9McPDHmqa6rRpkh5I6
m7vYMEz5FhguzVLHmThWJxqvsrb2m/H4PaFkoy1XrddfGM3TShGMzDhGT2THMdcv
J/XiC6sEn5O8iU0m2E9jiBDFyahHkh5TFTulG/eJ4jwrwRZQ1EtUfZbc4Zn6SBes
W2WUbVppnxpNAeljDl4u+tX3vtIQC/Y2yeYs5u1eeWpo0HL7nYseXJhHXsK3AgMB
AAGjggL2MIIC8jAdBgNVHQ4EFgQUFJpJkCmW1Prr5gRLWSD3/KGoZmMwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMjEyMjM4LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMIIBCQYIKwYBBQUHAQcBAf8EgfkwgfYwgfMEAgABMIHs
AwQBYD5gAwQAYD5vAwQAYD5/AwQAYD7WAwQBjOmyAwQBjOm8AwQCjw4AAwQAjw5Q
AwQAjw5ZAwQAjw6RAwQCjw6oAwQBjw7iAwQBjw7mAwQAjw75AwQAkmcjAwQAkmct
AwQAkmczAwQAk08fAwQAlIe3AwQAlIfDAwQBlvHIAwQBlvHyAwQAlvH7AwQAm3U9
AwQAm3VvAwQBm3V6MAwDBAGbdaYDBAGbdagDBAKbdbQDBACbdfUDBAKejNADBACi
jTADBACijXADBAGijYYDBACijbUDBACnlGkDBAGnlKwDBACnlLEDBAGnlLYwDQYJ
KoZIhvcNAQELBQADggEBAHKKklFZQJNO3+i0OeLAMkz482EMYApD+BkXeR0m+smq
D1oPSqrBeLMD4/XAYVouqXsyeRV88+r6d6fyIE9gs0buFIF95afdqbXUcaLG+nlI
ENKbpwpz83co9Gx2v/UbvHACkHwTNQeAI/ezUPhDoJqwpke8WiDA42TGuW2Iu3PJ
rkQ7RPkqCOkFg2khuXcJ9xM07wLjjbPMU1naCoPHLeZ27G6jnO0BcRK5DMk6GXQU
bQt6hIfeY4Dj0iYL0uEAI+8Mz1Q7fkOGZdOqW2cFoHs6ABgaKr3Gv8MUTI7RTbyc
f66MEJUyEOtkFUV2lt0IpH49Xojd0hmLBF8K3RgX48E=
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:17:25 2025 by rpki-client