Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS213618.roa
File: AS213618.roa (raw, json)
Hash identifier: aWvI5oHQH7/6+0McNM3l7XP+yha4ZkWWZljYdPEFS6E=
Subject key identifier: 8B:CA:B9:AA:E0:39:A9:1A:2D:F7:F3:65:AA:9B:D1:80:84:EE:E0:99
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 71793825DA44062694EFFDEE7E2D39FBE75BCDD7
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS213618.roa
Signing time: Tue 24 Mar 2026 10:02:06 +0000
ROA not before: Tue 24 Mar 2026 09:57:06 +0000
ROA not after: Tue 23 Mar 2027 10:02:06 +0000
asID: 213618
IP address blocks: 140.150.232.0/24 maxlen: 24
140.150.233.0/24 maxlen: 24
143.14.20.0/24 maxlen: 24
150.241.139.0/24 maxlen: 24
150.241.174.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Mar 2026 00:55:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
71:79:38:25:da:44:06:26:94:ef:fd:ee:7e:2d:39:fb:e7:5b:cd:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Mar 24 09:57:06 2026 GMT
Not After : Mar 23 10:02:06 2027 GMT
Subject: CN=8BCAB9AAE039A91A2DF7F365AA9BD18084EEE099
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:50:fb:f7:a9:df:0a:5a:84:00:ba:1e:24:45:
33:c4:2d:ec:d2:10:35:a9:dc:0b:ea:21:55:23:7e:
da:42:d9:de:4f:9f:f2:a5:91:2e:e5:4d:7b:8f:0a:
27:08:93:00:65:03:25:bb:0a:dc:10:7f:6f:a0:09:
af:4f:1f:c5:18:5c:29:c3:f5:c0:76:00:37:51:5d:
5b:68:2d:28:6b:90:9e:e1:d8:61:c7:a4:40:1a:47:
61:c7:39:ac:51:22:d4:b9:82:d7:52:38:9a:d3:de:
d2:2f:81:26:39:84:86:81:34:fc:23:0f:53:22:14:
f5:8a:3d:6f:65:06:7c:c4:9c:44:bb:7e:f0:e7:b9:
eb:d1:e0:90:0f:19:63:97:47:a7:cb:2a:6a:27:4b:
a1:bf:72:2e:31:7b:56:05:75:08:63:88:13:49:b0:
bf:da:c2:01:3a:43:c1:f6:7f:2b:96:81:36:2d:de:
e7:9d:92:8f:10:e0:79:69:7d:14:e7:f4:5d:9a:b1:
67:77:f8:b0:99:e1:cf:92:dc:78:ed:c3:0e:36:e5:
e7:0f:61:89:27:2f:2b:c3:d7:20:81:cb:0c:5d:8a:
e5:8c:d8:b4:2c:8b:2c:c0:2a:c1:26:10:cf:db:9a:
ec:b6:b3:7d:bd:ad:b3:33:65:91:a4:bf:9f:ee:a9:
a9:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:CA:B9:AA:E0:39:A9:1A:2D:F7:F3:65:AA:9B:D1:80:84:EE:E0:99
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS213618.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
140.150.232.0/23
143.14.20.0/24
150.241.139.0/24
150.241.174.0/24
Signature Algorithm: sha256WithRSAEncryption
16:bf:54:f0:34:ab:f5:45:9d:08:23:39:1a:e2:a9:cf:2e:45:
80:44:04:59:ce:46:5b:4e:04:89:18:78:c6:20:d5:51:9a:13:
58:51:02:d4:76:3c:e3:78:bb:c4:db:1f:ad:e0:ac:e1:bb:c4:
7b:b0:30:49:fb:04:12:30:ce:78:0d:a9:06:0a:72:5a:75:e0:
09:7d:35:e3:57:cd:cb:b9:9d:c6:c1:b2:ef:b8:aa:79:6d:89:
39:5f:99:39:2e:bc:ec:2c:7a:bc:5f:ad:9b:40:28:93:e5:13:
ba:9d:0d:31:2e:03:37:db:63:63:39:1f:5c:3b:30:93:73:08:
17:df:95:32:97:86:a9:71:2a:d7:10:c1:07:10:71:f6:30:df:
10:15:b4:aa:cc:b8:a2:fa:2f:59:a8:c9:fc:3f:02:8f:6c:89:
49:52:eb:db:9d:a8:da:af:ff:38:42:b7:4b:40:15:aa:28:49:
a4:b6:25:93:b0:17:ea:31:c4:29:da:2f:0d:4f:b8:f5:f2:7b:
e4:7a:34:c7:08:32:63:32:8c:d9:da:cd:3d:0f:bf:0a:3a:e3:
71:fd:a0:18:4e:df:f4:42:c9:f5:1e:ef:26:ec:fd:0c:5e:51:
13:9c:3b:45:dd:e5:20:f2:34:97:10:bf:be:04:2f:08:4e:b3:
b5:34:2a:c0
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgIUcXk4JdpEBiaU7/3ufi05++dbzdcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNjAzMjQwOTU3MDZaFw0yNzAzMjMxMDAyMDZaMDMxMTAvBgNV
BAMTKDhCQ0FCOUFBRTAzOUE5MUEyREY3RjM2NUFBOUJEMTgwODRFRUUwOTkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCjUPv3qd8KWoQAuh4kRTPELezS
EDWp3AvqIVUjftpC2d5Pn/KlkS7lTXuPCicIkwBlAyW7CtwQf2+gCa9PH8UYXCnD
9cB2ADdRXVtoLShrkJ7h2GHHpEAaR2HHOaxRItS5gtdSOJrT3tIvgSY5hIaBNPwj
D1MiFPWKPW9lBnzEnES7fvDnuevR4JAPGWOXR6fLKmonS6G/ci4xe1YFdQhjiBNJ
sL/awgE6Q8H2fyuWgTYt3uedko8Q4HlpfRTn9F2asWd3+LCZ4c+S3Hjtww425ecP
YYknLyvD1yCBywxdiuWM2LQsiyzAKsEmEM/bmuy2s329rbMzZZGkv5/uqal5AgMB
AAGjggIcMIICGDAdBgNVHQ4EFgQUi8q5quA5qRot9/NlqpvRgITu4JkwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMjEzNjE4LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBjJbo
AwQAjw4UAwQAlvGLAwQAlvGuMA0GCSqGSIb3DQEBCwUAA4IBAQAWv1TwNKv1RZ0I
Izka4qnPLkWARARZzkZbTgSJGHjGINVRmhNYUQLUdjzjeLvE2x+t4Kzhu8R7sDBJ
+wQSMM54DakGCnJadeAJfTXjV83LuZ3GwbLvuKp5bYk5X5k5LrzsLHq8X62bQCiT
5RO6nQ0xLgM322NjOR9cOzCTcwgX35Uyl4apcSrXEMEHEHH2MN8QFbSqzLii+i9Z
qMn8PwKPbIlJUuvbnajar/84QrdLQBWqKEmktiWTsBfqMcQp2i8NT7j18nvkejTH
CDJjMozZ2s09D78KOuNx/aAYTt/0Qsn1Hu8m7P0MXlETnDtF3eUg8jSXEL++BC8I
TrO1NCrA
-----END CERTIFICATE-----
Generated at Sat Mar 28 10:27:32 2026 by rpki-client