Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS212238.roa
File: AS212238.roa (raw, json)
Hash identifier: eEhRhbblHzmS4HgA57qCV/NXc2iYUp05JxVNePrxqdw=
Subject key identifier: 2F:CB:26:0D:0E:37:6D:1C:0C:92:C0:B6:20:B3:35:59:6C:2C:E4:10
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 47B2F37F6B3AD05FBA749FC12CAE357DA1CCCFBB
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS212238.roa
Signing time: Wed 07 May 2025 15:07:29 +0000
ROA not before: Wed 07 May 2025 15:02:29 +0000
ROA not after: Wed 06 May 2026 15:07:29 +0000
asID: 212238
IP address blocks: 96.62.96.0/23 maxlen: 23
96.62.111.0/24 maxlen: 24
96.62.127.0/24 maxlen: 24
96.62.214.0/24 maxlen: 24
140.233.172.0/22 maxlen: 22
140.233.178.0/23 maxlen: 24
140.233.188.0/23 maxlen: 24
146.103.35.0/24 maxlen: 24
146.103.45.0/24 maxlen: 24
146.103.51.0/24 maxlen: 24
147.79.16.0/22 maxlen: 22
147.79.31.0/24 maxlen: 24
148.135.183.0/24 maxlen: 24
148.135.195.0/24 maxlen: 24
150.241.200.0/23 maxlen: 23
150.241.236.0/22 maxlen: 22
150.241.242.0/24 maxlen: 24
150.241.243.0/24 maxlen: 24
150.241.251.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 10 May 2025 16:09:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
47:b2:f3:7f:6b:3a:d0:5f:ba:74:9f:c1:2c:ae:35:7d:a1:cc:cf:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: May 7 15:02:29 2025 GMT
Not After : May 6 15:07:29 2026 GMT
Subject: CN=2FCB260D0E376D1C0C92C0B620B335596C2CE410
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:ae:18:9d:31:b3:83:33:01:54:2d:34:90:cf:
fe:ef:a6:01:03:b1:3b:81:2f:41:83:33:69:f1:99:
03:35:eb:f8:02:7b:3e:33:e5:a7:d3:f8:01:f8:6f:
84:83:ca:d9:79:76:0d:45:c3:5e:0e:5f:34:07:d3:
32:c9:d0:c6:86:40:7d:00:32:f7:12:7f:da:ab:5e:
fa:19:81:7b:7b:5a:78:1f:e2:68:ae:61:84:68:8f:
05:a7:ac:7b:63:1e:51:68:cc:7d:88:0a:c3:21:87:
83:56:35:7f:e9:9b:14:ed:e1:c1:39:82:47:e1:de:
77:fb:0f:af:05:be:28:d2:3e:01:82:53:4a:79:4a:
da:af:af:c9:b8:1c:b3:ac:be:c4:c7:48:2f:fb:49:
4a:cd:ce:9a:2e:04:d0:0a:94:f5:31:ed:03:72:d5:
9a:32:0d:21:8c:bc:d8:97:74:e7:c9:4b:6e:f7:e3:
34:fe:8c:0f:27:15:2f:b0:f3:a9:a9:fb:ba:95:d7:
67:ae:07:f0:83:96:8f:f8:b3:27:d2:17:43:59:dd:
ee:e8:86:36:cb:23:4b:98:f4:f5:42:ee:5e:06:fe:
8c:bb:43:1d:b3:ba:1b:79:b5:d7:e3:9a:2e:2f:a2:
14:ce:60:d2:32:b8:56:ba:62:8c:12:15:bc:e9:4b:
b5:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:CB:26:0D:0E:37:6D:1C:0C:92:C0:B6:20:B3:35:59:6C:2C:E4:10
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS212238.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
96.62.96.0/23
96.62.111.0/24
96.62.127.0/24
96.62.214.0/24
140.233.172.0/22
140.233.178.0/23
140.233.188.0/23
146.103.35.0/24
146.103.45.0/24
146.103.51.0/24
147.79.16.0/22
147.79.31.0/24
148.135.183.0/24
148.135.195.0/24
150.241.200.0/23
150.241.236.0/22
150.241.242.0/23
150.241.251.0/24
Signature Algorithm: sha256WithRSAEncryption
ad:e4:60:0f:b3:99:dd:53:6c:53:d2:ef:97:dc:95:66:23:43:
86:ea:16:bf:59:67:f5:4c:ef:cd:93:3d:bf:39:77:15:db:3b:
7e:ac:b8:f9:47:bd:1c:57:aa:6f:10:64:34:40:c0:65:c4:90:
02:b6:8a:1d:07:74:2a:0b:12:1e:f7:14:d8:d2:f2:92:2b:ae:
7a:95:b4:a5:95:fb:a7:a4:c3:72:10:c0:7e:31:90:69:f1:1c:
df:fd:c7:b4:4c:2b:dd:87:6d:93:07:0b:82:d8:60:0c:97:26:
3f:fd:c0:40:20:e8:db:c8:f2:ca:08:7d:4b:a9:35:b9:94:f3:
61:a6:f5:22:b7:4e:af:e5:49:1f:ec:e5:e1:f7:c8:2e:e7:8f:
c7:c1:fd:d7:cf:10:80:41:b1:88:bb:40:c9:27:ea:0a:75:6c:
01:32:39:e3:5b:63:80:01:ec:2e:29:65:36:5d:d0:f9:b3:6a:
d7:f1:46:1e:0b:ff:2f:08:6b:66:59:7a:b1:c3:be:df:db:97:
13:dc:c1:9e:8a:4f:0f:49:12:6e:ae:a0:6d:ac:79:7d:2e:0f:
46:66:e9:61:2a:10:54:48:43:a5:a2:c4:e0:99:fd:66:5a:d4:
fd:92:eb:00:8c:06:b5:ff:a4:b6:c8:02:00:6b:be:11:ef:b0:
db:30:1b:65
-----BEGIN CERTIFICATE-----
MIIFZzCCBE+gAwIBAgIUR7Lzf2s60F+6dJ/BLK41faHMz7swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTA1MDcxNTAyMjlaFw0yNjA1MDYxNTA3MjlaMDMxMTAvBgNV
BAMTKDJGQ0IyNjBEMEUzNzZEMUMwQzkyQzBCNjIwQjMzNTU5NkMyQ0U0MTAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDRrhidMbODMwFULTSQz/7vpgED
sTuBL0GDM2nxmQM16/gCez4z5afT+AH4b4SDytl5dg1Fw14OXzQH0zLJ0MaGQH0A
MvcSf9qrXvoZgXt7Wngf4miuYYRojwWnrHtjHlFozH2ICsMhh4NWNX/pmxTt4cE5
gkfh3nf7D68FvijSPgGCU0p5Stqvr8m4HLOsvsTHSC/7SUrNzpouBNAKlPUx7QNy
1ZoyDSGMvNiXdOfJS2734zT+jA8nFS+w86mp+7qV12euB/CDlo/4syfSF0NZ3e7o
hjbLI0uY9PVC7l4G/oy7Qx2zuht5tdfjmi4vohTOYNIyuFa6YowSFbzpS7XvAgMB
AAGjggJxMIICbTAdBgNVHQ4EFgQUL8smDQ43bRwMksC2ILM1WWws5BAwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMjEyMjM4LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMIGFBggrBgEFBQcBBwEB/wR2MHQwcgQCAAEwbAMEAWA+
YAMEAGA+bwMEAGA+fwMEAGA+1gMEAozprAMEAYzpsgMEAYzpvAMEAJJnIwMEAJJn
LQMEAJJnMwMEApNPEAMEAJNPHwMEAJSHtwMEAJSHwwMEAZbxyAMEApbx7AMEAZbx
8gMEAJbx+zANBgkqhkiG9w0BAQsFAAOCAQEAreRgD7OZ3VNsU9Lvl9yVZiNDhuoW
v1ln9UzvzZM9vzl3Fds7fqy4+Ue9HFeqbxBkNEDAZcSQAraKHQd0KgsSHvcU2NLy
kiuuepW0pZX7p6TDchDAfjGQafEc3/3HtEwr3YdtkwcLgthgDJcmP/3AQCDo28jy
ygh9S6k1uZTzYab1IrdOr+VJH+zl4ffILuePx8H9188QgEGxiLtAySfqCnVsATI5
41tjgAHsLillNl3Q+bNq1/FGHgv/LwhrZll6scO+39uXE9zBnopPD0kSbq6gbax5
fS4PRmbpYSoQVEhDpaLE4Jn9ZlrU/ZLrAIwGtf+ktsgCAGu+Ee+w2zAbZQ==
-----END CERTIFICATE-----
Generated at Sat May 10 08:31:44 2025 by rpki-client