Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS212238.roa
File: AS212238.roa (raw, json)
Hash identifier: MY/yycF8vsB9LU8KVZCOqeYtlH0OvHx/c69N9WM8sVc=
Subject key identifier: 32:DF:4F:47:79:46:D2:64:27:29:0C:70:19:95:A5:10:3F:AF:87:BF
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 4643E2CD58BDD6D4BE6223AD9796BD55E69F6F18
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS212238.roa
Signing time: Tue 12 May 2026 16:06:28 +0000
ROA not before: Tue 12 May 2026 16:01:28 +0000
ROA not after: Tue 11 May 2027 16:06:28 +0000
asID: 212238
IP address blocks: 96.62.111.0/24 maxlen: 24
96.62.190.0/24 maxlen: 24
96.62.214.0/24 maxlen: 24
136.143.247.0/24 maxlen: 24
140.233.178.0/23 maxlen: 24
140.233.188.0/23 maxlen: 24
143.14.132.0/23 maxlen: 24
143.14.219.0/24 maxlen: 24
146.103.45.0/24 maxlen: 24
146.103.51.0/24 maxlen: 24
146.103.53.0/24 maxlen: 24
147.79.10.0/24 maxlen: 24
148.135.195.0/24 maxlen: 24
150.241.243.0/24 maxlen: 24
150.241.251.0/24 maxlen: 24
155.117.8.0/22 maxlen: 24
155.117.144.0/24 maxlen: 24
155.117.234.0/24 maxlen: 24
158.140.193.0/24 maxlen: 24
158.140.208.0/22 maxlen: 22
168.222.72.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
46:43:e2:cd:58:bd:d6:d4:be:62:23:ad:97:96:bd:55:e6:9f:6f:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: May 12 16:01:28 2026 GMT
Not After : May 11 16:06:28 2027 GMT
Subject: CN=32DF4F477946D26427290C701995A5103FAF87BF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:a7:a9:d3:b9:41:34:5a:12:2f:86:74:b9:f2:
f5:94:04:ea:29:bd:05:5b:c6:bc:a9:ca:63:30:b0:
2e:e9:52:f7:29:e4:e8:6c:67:c1:74:62:d1:92:25:
f7:99:53:93:8f:be:08:a6:14:26:dd:78:bf:eb:9f:
bc:ea:91:83:3d:b9:38:07:be:71:6f:22:53:28:da:
66:13:b2:99:f3:f1:f7:af:57:d8:5f:98:c6:8c:29:
1b:ef:09:0f:65:f5:4d:cb:78:7d:3b:26:7a:d8:38:
c5:cd:3e:95:57:f9:9b:49:01:3d:62:06:92:a8:c2:
a6:16:9e:b4:3c:6f:2b:be:8d:1e:c7:8e:d0:a3:8d:
50:5b:41:b0:ff:9b:4a:ac:ca:6e:72:20:c4:11:09:
73:8a:ba:5d:38:b1:49:f6:20:34:11:fb:68:41:87:
15:d3:b7:2c:0a:a9:11:9d:2a:d4:f4:6b:53:6f:ab:
c7:66:c2:2b:84:39:a2:51:ac:1a:08:3d:40:d0:52:
12:77:f8:6b:f7:27:d7:38:8a:1d:16:b5:2e:e2:52:
e4:70:c5:24:7f:fd:29:84:69:b4:2b:08:74:75:79:
58:f7:64:06:fc:6a:8f:d4:1a:90:ed:c3:a2:00:7b:
06:3b:e4:b8:4e:12:ca:3e:81:42:a0:21:b4:92:c3:
dd:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:DF:4F:47:79:46:D2:64:27:29:0C:70:19:95:A5:10:3F:AF:87:BF
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS212238.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
96.62.111.0/24
96.62.190.0/24
96.62.214.0/24
136.143.247.0/24
140.233.178.0/23
140.233.188.0/23
143.14.132.0/23
143.14.219.0/24
146.103.45.0/24
146.103.51.0/24
146.103.53.0/24
147.79.10.0/24
148.135.195.0/24
150.241.243.0/24
150.241.251.0/24
155.117.8.0/22
155.117.144.0/24
155.117.234.0/24
158.140.193.0/24
158.140.208.0/22
168.222.72.0/22
Signature Algorithm: sha256WithRSAEncryption
33:44:f2:6d:2f:9a:85:2a:70:70:07:d5:64:e5:53:ae:19:cd:
72:2d:88:68:49:d0:1e:a7:95:8b:28:93:c0:78:46:9d:a3:cd:
f4:61:ed:31:e8:87:f8:4f:5b:d9:f5:57:99:aa:59:86:e4:01:
33:5c:60:a3:4d:45:da:8c:74:92:76:0a:46:c0:52:30:df:4c:
5b:b7:da:b0:82:c1:67:54:3a:37:05:ce:b4:da:b1:ad:7b:a1:
f4:90:47:54:99:bd:2c:d9:98:ea:d7:24:20:e7:f0:68:c1:de:
1d:75:60:c2:e4:39:ff:62:de:9f:66:6e:fd:c2:b1:c5:95:ec:
9b:07:f2:6f:5a:11:70:5d:e5:82:55:63:3a:f2:61:92:27:23:
96:9b:70:d2:dd:3e:ff:ea:1d:41:c0:3b:4f:6c:3e:87:2f:1b:
8a:b2:94:3b:c2:1d:c4:c6:0b:d7:98:13:36:87:79:e6:dd:33:
1f:32:25:e8:63:f7:2f:59:15:33:c7:cc:28:fa:03:11:dd:75:
55:8a:59:05:72:2b:ee:ec:77:51:a4:63:28:67:b9:11:9e:43:
9e:45:6d:dc:19:b6:8d:4d:34:81:1c:05:d5:75:1b:b2:56:64:
96:a1:1d:a3:1c:90:d5:0c:7c:6f:5f:97:32:0e:f2:c0:ac:ec:
e5:fe:0a:6d
-----BEGIN CERTIFICATE-----
MIIFfDCCBGSgAwIBAgIURkPizVi91tS+YiOtl5a9VeafbxgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNjA1MTIxNjAxMjhaFw0yNzA1MTExNjA2MjhaMDMxMTAvBgNV
BAMTKDMyREY0RjQ3Nzk0NkQyNjQyNzI5MEM3MDE5OTVBNTEwM0ZBRjg3QkYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC+p6nTuUE0WhIvhnS58vWUBOop
vQVbxrypymMwsC7pUvcp5OhsZ8F0YtGSJfeZU5OPvgimFCbdeL/rn7zqkYM9uTgH
vnFvIlMo2mYTspnz8fevV9hfmMaMKRvvCQ9l9U3LeH07JnrYOMXNPpVX+ZtJAT1i
BpKowqYWnrQ8byu+jR7HjtCjjVBbQbD/m0qsym5yIMQRCXOKul04sUn2IDQR+2hB
hxXTtywKqRGdKtT0a1Nvq8dmwiuEOaJRrBoIPUDQUhJ3+Gv3J9c4ih0WtS7iUuRw
xSR//SmEabQrCHR1eVj3ZAb8ao/UGpDtw6IAewY75LhOEso+gUKgIbSSw90DAgMB
AAGjggKGMIICgjAdBgNVHQ4EFgQUMt9PR3lG0mQnKQxwGZWlED+vh78wHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMjEyMjM4LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMIGaBggrBgEFBQcBBwEB/wSBijCBhzCBhAQCAAEwfgME
AGA+bwMEAGA+vgMEAGA+1gMEAIiP9wMEAYzpsgMEAYzpvAMEAY8OhAMEAI8O2wME
AJJnLQMEAJJnMwMEAJJnNQMEAJNPCgMEAJSHwwMEAJbx8wMEAJbx+wMEApt1CAME
AJt1kAMEAJt16gMEAJ6MwQMEAp6M0AMEAqjeSDANBgkqhkiG9w0BAQsFAAOCAQEA
M0TybS+ahSpwcAfVZOVTrhnNci2IaEnQHqeViyiTwHhGnaPN9GHtMeiH+E9b2fVX
mapZhuQBM1xgo01F2ox0knYKRsBSMN9MW7fasILBZ1Q6NwXOtNqxrXuh9JBHVJm9
LNmY6tckIOfwaMHeHXVgwuQ5/2Len2Zu/cKxxZXsmwfyb1oRcF3lglVjOvJhkicj
lptw0t0+/+odQcA7T2w+hy8birKUO8IdxMYL15gTNod55t0zHzIl6GP3L1kVM8fM
KPoDEd11VYpZBXIr7ux3UaRjKGe5EZ5DnkVt3Bm2jU00gRwF1XUbslZklqEdoxyQ
1Qx8b1+XMg7ywKzs5f4KbQ==
-----END CERTIFICATE-----
Generated at Tue May 12 22:23:25 2026 by rpki-client