Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS212384.roa
File: AS212384.roa (raw, json)
Hash identifier: FiTTbx+93k4VMwWpyIFsvSnNd4ii4wFr8cpbI9irp04=
Subject key identifier: 6A:74:80:DD:8A:9D:1E:57:D6:EC:9A:B0:A0:18:24:CE:67:9A:18:B7
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 1B57A9BB9D12AB5275EEBC33EDBC40B40C7C9D6A
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS212384.roa
Signing time: Thu 07 May 2026 12:47:11 +0000
ROA not before: Thu 07 May 2026 12:42:11 +0000
ROA not after: Thu 06 May 2027 12:47:11 +0000
asID: 212384
IP address blocks: 96.62.153.0/24 maxlen: 24
96.62.154.0/24 maxlen: 24
96.62.155.0/24 maxlen: 24
96.62.176.0/24 maxlen: 24
96.62.197.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1b:57:a9:bb:9d:12:ab:52:75:ee:bc:33:ed:bc:40:b4:0c:7c:9d:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: May 7 12:42:11 2026 GMT
Not After : May 6 12:47:11 2027 GMT
Subject: CN=6A7480DD8A9D1E57D6EC9AB0A01824CE679A18B7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:0b:a6:7b:db:c7:a4:69:52:ea:cd:c8:7f:b3:
e3:37:74:2a:b1:ae:5d:ba:c4:b6:22:4b:05:57:3b:
06:a2:2d:78:b4:2f:25:00:fa:98:91:e1:3a:30:2c:
df:54:03:31:f5:40:a8:fe:13:dc:d9:17:25:92:a9:
fe:54:44:c9:4a:74:d7:c5:ee:e0:ce:ab:22:69:9e:
5d:6c:57:25:88:c1:3c:ee:b4:15:7f:ac:0b:94:4b:
c4:da:e5:d0:80:29:01:b8:09:18:5b:de:bb:c2:f8:
bb:23:35:5e:f6:00:44:97:68:f0:34:34:81:55:e6:
df:bf:ca:69:7e:c0:32:6c:93:9f:63:cf:e3:94:77:
37:3c:dc:2a:68:5a:6c:c6:75:79:6b:87:72:d8:b3:
c5:ff:fb:55:bd:b9:a1:07:7c:6d:e9:b9:4b:39:5f:
c4:0d:68:7d:85:37:83:8f:3c:69:97:fd:25:86:6e:
3a:3c:ab:c4:d7:40:c6:aa:bb:7c:7d:c3:30:2e:df:
af:5f:10:29:50:2e:e4:76:a3:0e:17:35:23:65:1e:
3e:1b:73:1e:82:0b:85:26:98:e1:90:7f:6e:b5:77:
88:63:56:09:2d:80:98:67:78:ef:e5:a2:bf:39:57:
d8:d7:df:6f:5a:43:eb:01:9f:9a:19:6e:ba:69:ae:
09:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:74:80:DD:8A:9D:1E:57:D6:EC:9A:B0:A0:18:24:CE:67:9A:18:B7
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS212384.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
96.62.153.0-96.62.155.255
96.62.176.0/24
96.62.197.0/24
Signature Algorithm: sha256WithRSAEncryption
27:b3:fb:ed:3d:bb:5b:fb:60:64:0d:51:57:7d:61:bb:ff:c4:
90:56:41:9a:78:74:e0:cb:68:9d:6a:c2:66:f4:e3:7c:d6:23:
00:e5:40:d2:c6:ed:84:16:74:04:ed:b5:ab:d1:3f:86:5a:31:
eb:5a:1e:ea:17:20:e1:88:6d:a3:ec:8c:a6:54:8b:2b:13:e4:
26:aa:e6:f0:26:a0:63:a8:5d:2c:93:b1:d8:f9:b4:0a:f0:74:
d8:75:5a:08:a6:c9:e4:1c:74:50:a5:5f:28:4f:48:7c:df:ab:
89:d2:50:9e:41:2e:1e:f1:6d:87:65:f6:0c:14:55:22:e1:75:
18:f1:60:fe:2d:7b:ab:eb:62:48:88:8a:aa:0c:48:e3:58:49:
79:76:f5:cd:8e:57:c9:51:d2:05:f9:99:e2:8d:9f:64:bd:53:
7b:2b:be:31:e0:ca:3b:e5:58:df:62:89:58:c8:0f:a9:7b:cc:
19:75:45:e9:47:34:10:e1:5a:f7:07:4f:1e:d0:ee:79:70:7d:
ce:ad:02:ab:ee:2a:6f:4a:6f:6b:66:ad:26:4b:fa:1e:d7:0f:
67:b5:de:9a:64:60:61:9e:b4:64:2b:98:b0:e5:da:9a:32:ec:
88:40:88:b6:4e:2d:4d:84:eb:f1:0e:de:b0:fc:cf:96:0a:ec:
36:d3:6f:32
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgIUG1epu50Sq1J17rwz7bxAtAx8nWowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNjA1MDcxMjQyMTFaFw0yNzA1MDYxMjQ3MTFaMDMxMTAvBgNV
BAMTKDZBNzQ4MEREOEE5RDFFNTdENkVDOUFCMEEwMTgyNENFNjc5QTE4QjcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCVC6Z728ekaVLqzch/s+M3dCqx
rl26xLYiSwVXOwaiLXi0LyUA+piR4TowLN9UAzH1QKj+E9zZFyWSqf5URMlKdNfF
7uDOqyJpnl1sVyWIwTzutBV/rAuUS8Ta5dCAKQG4CRhb3rvC+LsjNV72AESXaPA0
NIFV5t+/yml+wDJsk59jz+OUdzc83CpoWmzGdXlrh3LYs8X/+1W9uaEHfG3puUs5
X8QNaH2FN4OPPGmX/SWGbjo8q8TXQMaqu3x9wzAu369fEClQLuR2ow4XNSNlHj4b
cx6CC4UmmOGQf261d4hjVgktgJhneO/lor85V9jX329aQ+sBn5oZbrpprgltAgMB
AAGjggIeMIICGjAdBgNVHQ4EFgQUanSA3YqdHlfW7JqwoBgkzmeaGLcwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMjEyMzg0LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBABg
PpkDBAJgPpgDBABgPrADBABgPsUwDQYJKoZIhvcNAQELBQADggEBACez++09u1v7
YGQNUVd9Ybv/xJBWQZp4dODLaJ1qwmb043zWIwDlQNLG7YQWdATttavRP4ZaMeta
HuoXIOGIbaPsjKZUiysT5Caq5vAmoGOoXSyTsdj5tArwdNh1WgimyeQcdFClXyhP
SHzfq4nSUJ5BLh7xbYdl9gwUVSLhdRjxYP4te6vrYkiIiqoMSONYSXl29c2OV8lR
0gX5meKNn2S9U3srvjHgyjvlWN9iiVjID6l7zBl1RelHNBDhWvcHTx7Q7nlwfc6t
AqvuKm9Kb2tmrSZL+h7XD2e13ppkYGGetGQrmLDl2poy7IhAiLZOLU2E6/EO3rD8
z5YK7DbTbzI=
-----END CERTIFICATE-----
Generated at Wed May 13 00:24:33 2026 by rpki-client