Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS212238.roa
File: AS212238.roa (raw, json)
Hash identifier: 2HNM6FcAHXKWagOKJroTddVqaFO0bUjv7JZFRrW23rM=
Subject key identifier: E2:8F:FA:C9:19:2B:68:7F:27:F5:8D:44:39:40:BC:44:E7:1B:23:D2
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 0B473DF48DA2F00FB799F73A79B5502F3BA200D7
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS212238.roa
Signing time: Sun 17 Aug 2025 22:30:42 +0000
ROA not before: Sun 17 Aug 2025 22:25:42 +0000
ROA not after: Sun 16 Aug 2026 22:30:42 +0000
asID: 212238
IP address blocks: 96.62.96.0/23 maxlen: 23
96.62.111.0/24 maxlen: 24
96.62.127.0/24 maxlen: 24
96.62.214.0/24 maxlen: 24
140.233.178.0/23 maxlen: 24
140.233.188.0/23 maxlen: 24
143.14.219.0/24 maxlen: 24
146.103.35.0/24 maxlen: 24
146.103.45.0/24 maxlen: 24
146.103.51.0/24 maxlen: 24
147.79.31.0/24 maxlen: 24
148.135.183.0/24 maxlen: 24
148.135.195.0/24 maxlen: 24
150.241.200.0/23 maxlen: 23
150.241.242.0/24 maxlen: 24
150.241.243.0/24 maxlen: 24
150.241.251.0/24 maxlen: 24
158.140.208.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0b:47:3d:f4:8d:a2:f0:0f:b7:99:f7:3a:79:b5:50:2f:3b:a2:00:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Aug 17 22:25:42 2025 GMT
Not After : Aug 16 22:30:42 2026 GMT
Subject: CN=E28FFAC9192B687F27F58D443940BC44E71B23D2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:34:93:01:a4:34:5c:22:30:7d:ab:1d:b5:8c:
f3:67:93:a6:46:a1:cb:36:db:3b:68:12:49:e8:dd:
48:5a:7f:4c:f7:94:be:18:ce:46:46:b6:7b:0b:5b:
e6:fd:05:62:e7:9b:17:2e:b6:f6:75:2c:0c:ac:24:
d2:95:e4:45:fd:4f:54:ad:4c:35:70:b9:3e:3e:a6:
b8:92:ba:f4:c8:3f:a8:8b:6c:03:7f:1a:e0:8c:e8:
d7:3a:79:68:52:ca:3c:bc:c1:15:2f:c9:c0:82:2a:
df:6a:77:2f:39:cd:68:ed:49:55:c2:8b:3e:bf:92:
0e:ae:ea:5f:a7:8b:51:6e:4f:8c:bf:43:50:f0:2f:
6b:8d:c6:2b:4a:80:25:aa:6c:35:45:93:83:3b:b2:
b9:56:b6:0a:35:fa:75:2c:b7:cc:bd:fb:0c:63:fb:
c1:9d:a3:21:72:f9:90:f4:25:f0:6d:00:50:98:a9:
e7:97:28:89:56:23:1e:5e:5d:1c:c6:94:a7:db:06:
c0:ae:6a:23:d7:70:13:02:32:30:05:e3:79:3a:b3:
98:d9:5e:b3:db:50:ac:38:d1:8a:71:20:3d:22:c8:
42:b5:3e:f7:34:2b:e7:70:e8:ec:5a:b9:ce:23:79:
f6:0a:74:e8:e2:4c:70:16:ab:13:6b:45:84:5d:f0:
ce:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:8F:FA:C9:19:2B:68:7F:27:F5:8D:44:39:40:BC:44:E7:1B:23:D2
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS212238.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
96.62.96.0/23
96.62.111.0/24
96.62.127.0/24
96.62.214.0/24
140.233.178.0/23
140.233.188.0/23
143.14.219.0/24
146.103.35.0/24
146.103.45.0/24
146.103.51.0/24
147.79.31.0/24
148.135.183.0/24
148.135.195.0/24
150.241.200.0/23
150.241.242.0/23
150.241.251.0/24
158.140.208.0/22
Signature Algorithm: sha256WithRSAEncryption
6b:40:80:18:69:33:83:9b:48:7f:a2:ba:20:ef:58:a3:5e:6a:
b0:82:4d:9e:c8:00:7e:74:28:c5:41:1d:2c:fc:f2:e0:f8:db:
73:b1:31:83:ea:84:13:a9:a9:24:a8:a5:8d:1f:8f:05:8c:d1:
d6:4a:2e:fc:fe:d5:a3:72:43:82:07:04:60:98:32:eb:dd:c6:
d9:e7:5d:bb:53:f7:c0:80:b3:31:c7:7f:2a:68:08:e9:c8:b4:
d5:e6:fa:3a:c1:3e:bb:7a:11:6b:95:e5:6e:d1:c7:d8:1f:b6:
ea:61:4e:fe:84:0d:25:be:47:8b:38:f1:6e:9a:17:1f:14:94:
a2:9c:ae:e6:6c:ce:46:01:33:11:73:05:90:a2:bd:f2:85:f9:
c8:2c:da:11:b2:91:95:cb:63:c4:76:68:47:a7:57:67:0d:3b:
ff:f7:6b:08:24:58:04:9f:93:a8:30:25:43:87:b6:a2:38:5d:
1b:cf:24:5a:56:54:43:f6:a7:79:f2:0a:05:72:20:ab:54:a3:
6c:08:ee:e4:99:89:54:91:34:9b:c3:b6:55:be:47:18:c0:40:
84:82:ad:63:bd:ad:ff:0b:2f:f4:08:a5:98:db:e0:81:fa:16:
ac:3a:6b:c4:a3:84:7a:4c:be:1b:03:46:31:7b:a7:9b:03:cf:
de:b4:31:1d
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUC0c99I2i8A+3mfc6ebVQLzuiANcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTA4MTcyMjI1NDJaFw0yNjA4MTYyMjMwNDJaMDMxMTAvBgNV
BAMTKEUyOEZGQUM5MTkyQjY4N0YyN0Y1OEQ0NDM5NDBCQzQ0RTcxQjIzRDIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDkNJMBpDRcIjB9qx21jPNnk6ZG
ocs22ztoEkno3Uhaf0z3lL4YzkZGtnsLW+b9BWLnmxcutvZ1LAysJNKV5EX9T1St
TDVwuT4+priSuvTIP6iLbAN/GuCM6Nc6eWhSyjy8wRUvycCCKt9qdy85zWjtSVXC
iz6/kg6u6l+ni1FuT4y/Q1DwL2uNxitKgCWqbDVFk4M7srlWtgo1+nUst8y9+wxj
+8GdoyFy+ZD0JfBtAFCYqeeXKIlWIx5eXRzGlKfbBsCuaiPXcBMCMjAF43k6s5jZ
XrPbUKw40YpxID0iyEK1Pvc0K+dw6Oxauc4jefYKdOjiTHAWqxNrRYRd8M49AgMB
AAGjggJqMIICZjAdBgNVHQ4EFgQU4o/6yRkraH8n9Y1EOUC8ROcbI9IwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMjEyMjM4LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMH8GCCsGAQUFBwEHAQH/BHAwbjBsBAIAATBmAwQBYD5g
AwQAYD5vAwQAYD5/AwQAYD7WAwQBjOmyAwQBjOm8AwQAjw7bAwQAkmcjAwQAkmct
AwQAkmczAwQAk08fAwQAlIe3AwQAlIfDAwQBlvHIAwQBlvHyAwQAlvH7AwQCnozQ
MA0GCSqGSIb3DQEBCwUAA4IBAQBrQIAYaTODm0h/orog71ijXmqwgk2eyAB+dCjF
QR0s/PLg+NtzsTGD6oQTqakkqKWNH48FjNHWSi78/tWjckOCBwRgmDLr3cbZ5127
U/fAgLMxx38qaAjpyLTV5vo6wT67ehFrleVu0cfYH7bqYU7+hA0lvkeLOPFumhcf
FJSinK7mbM5GATMRcwWQor3yhfnILNoRspGVy2PEdmhHp1dnDTv/92sIJFgEn5Oo
MCVDh7aiOF0bzyRaVlRD9qd58goFciCrVKNsCO7kmYlUkTSbw7ZVvkcYwECEgq1j
va3/Cy/0CKWY2+CB+hasOmvEo4R6TL4bA0Yxe6ebA8/etDEd
-----END CERTIFICATE-----
Generated at Sat Aug 23 12:58:08 2025 by rpki-client