Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS212336.roa
File: AS212336.roa (raw, json)
Hash identifier: J9hXbf5BCJlKQuCF1qwPxg8bTt79k7ecnx4cVk2tcMM=
Subject key identifier: 13:F8:6F:53:8A:2F:48:F5:71:30:C9:52:F5:35:CF:00:F7:EC:7B:D5
Certificate issuer: /CN=c2302af143c15daad50042d8455e689d0828eca9
Certificate serial: 17E716AEF5B8698AF0262A5C0E1D316EF371FB42
Authority key identifier: C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS212336.roa
Signing time: Thu 21 Aug 2025 08:17:54 +0000
ROA not before: Thu 21 Aug 2025 08:12:54 +0000
ROA not after: Thu 20 Aug 2026 08:17:54 +0000
asID: 212336
IP address blocks: 141.11.138.0/24 maxlen: 24
141.11.139.0/24 maxlen: 24
141.11.251.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.crl
rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.mft
rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
17:e7:16:ae:f5:b8:69:8a:f0:26:2a:5c:0e:1d:31:6e:f3:71:fb:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2302af143c15daad50042d8455e689d0828eca9
Validity
Not Before: Aug 21 08:12:54 2025 GMT
Not After : Aug 20 08:17:54 2026 GMT
Subject: CN=13F86F538A2F48F57130C952F535CF00F7EC7BD5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:b4:31:16:15:14:4d:87:55:be:ea:45:f2:e3:
76:86:62:64:f2:ca:d9:53:6c:f4:29:1f:f4:b5:36:
88:18:19:c5:2b:74:cf:cd:91:e8:98:dc:86:a4:56:
58:5a:54:70:d6:51:aa:fa:7a:00:f0:dc:41:8d:de:
3b:96:4f:df:c9:8e:f1:a3:1d:d1:19:5d:69:cb:0b:
05:10:12:7d:9a:70:67:83:e9:95:a1:a1:37:fc:2b:
ab:39:2f:55:a4:76:67:de:b8:45:57:3d:4a:54:24:
9a:5a:cc:41:2a:c5:cf:fa:fc:4d:19:e2:76:c0:c5:
2f:86:33:c4:1a:5d:40:4f:6d:4c:8d:83:83:04:f9:
60:76:87:f8:07:90:48:dc:da:9a:a5:bd:2d:3c:4f:
d1:e3:47:63:3e:2d:25:af:0c:a6:e0:b9:47:dc:bd:
33:c2:80:e2:47:4a:8b:20:1e:cf:1f:82:ed:49:c2:
e6:66:25:c7:5e:1c:33:36:ba:ce:14:a8:b0:59:19:
23:af:8f:cb:f8:ac:d6:22:3c:e3:de:05:ee:5e:23:
68:4e:22:cd:29:74:9c:90:1b:56:2c:94:a8:96:7a:
28:db:52:54:24:b2:56:1b:52:f6:55:67:75:66:e9:
bb:b4:b4:ce:f0:4c:f2:fb:3f:b0:74:9d:bc:75:d0:
df:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:F8:6F:53:8A:2F:48:F5:71:30:C9:52:F5:35:CF:00:F7:EC:7B:D5
X509v3 Authority Key Identifier:
keyid:C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS212336.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.11.138.0/23
141.11.251.0/24
Signature Algorithm: sha256WithRSAEncryption
88:d4:19:9d:76:b2:5e:79:87:59:f1:1b:6d:7a:9c:c8:46:04:
b3:92:62:a7:2e:5d:96:fa:80:9e:a6:ae:fd:c1:85:bb:03:5c:
29:25:76:87:84:2b:f6:bd:34:3e:22:db:13:db:6e:c4:2a:31:
43:bc:ba:61:05:83:f2:39:88:39:ec:6b:2b:af:13:69:3c:2f:
1e:f1:23:63:c8:f6:3d:c6:e9:0b:1d:71:03:e2:e5:d3:f3:0c:
06:a0:f7:1a:36:8f:9b:fd:a6:dd:37:0a:5b:bf:33:c3:89:85:
6d:bf:6a:22:ef:e3:5a:24:24:26:35:2f:dd:17:91:41:ce:26:
27:92:0e:f1:4d:a5:81:8e:83:7b:00:c5:2b:0f:20:26:1e:76:
1b:67:f3:d3:bb:4b:88:21:8e:13:bf:fd:0d:57:42:bb:90:3c:
3e:49:e7:cb:a4:a3:6a:f0:6d:c4:04:60:38:68:5d:89:8e:c7:
3a:5f:2c:9b:0b:a1:16:0a:9e:2f:d1:50:a3:bf:dc:e0:0b:35:
9c:83:c5:86:e1:2e:01:70:cc:64:69:bd:07:c6:e7:5d:52:ad:
fd:7f:78:64:91:95:9e:f1:45:ca:ca:e9:88:01:b8:51:14:f1:
60:26:76:0c:ad:61:ea:b1:8e:22:2a:6b:f3:6a:4c:b4:38:20:
63:de:ae:65
-----BEGIN CERTIFICATE-----
MIIFBjCCA+6gAwIBAgIUF+cWrvW4aYrwJipcDh0xbvNx+0IwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYzIzMDJhZjE0M2MxNWRhYWQ1MDA0MmQ4NDU1ZTY4OWQw
ODI4ZWNhOTAeFw0yNTA4MjEwODEyNTRaFw0yNjA4MjAwODE3NTRaMDMxMTAvBgNV
BAMTKDEzRjg2RjUzOEEyRjQ4RjU3MTMwQzk1MkY1MzVDRjAwRjdFQzdCRDUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCwtDEWFRRNh1W+6kXy43aGYmTy
ytlTbPQpH/S1NogYGcUrdM/NkeiY3IakVlhaVHDWUar6egDw3EGN3juWT9/JjvGj
HdEZXWnLCwUQEn2acGeD6ZWhoTf8K6s5L1WkdmfeuEVXPUpUJJpazEEqxc/6/E0Z
4nbAxS+GM8QaXUBPbUyNg4ME+WB2h/gHkEjc2pqlvS08T9HjR2M+LSWvDKbguUfc
vTPCgOJHSosgHs8fgu1JwuZmJcdeHDM2us4UqLBZGSOvj8v4rNYiPOPeBe5eI2hO
Is0pdJyQG1YslKiWeijbUlQkslYbUvZVZ3Vm6bu0tM7wTPL7P7B0nbx10N8BAgMB
AAGjggIQMIICDDAdBgNVHQ4EFgQUE/hvU4ovSPVxMMlS9TXPAPfse9UwHwYDVR0j
BBgwFoAUwjAq8UPBXarVAELYRV5onQgo7KkwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYTkzY2I1NWMtOTU3MS00NGM4LTkwZTEtOTY1YjkyNzY5
ZTRlLzAvQzIzMDJBRjE0M0MxNURBQUQ1MDA0MkQ4NDU1RTY4OUQwODI4RUNBOS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3dqQXE4VVBCWGFyVkFFTFlSVjVvblFn
bzdLay5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2E5M2NiNTVjLTk1NzEt
NDRjOC05MGUxLTk2NWI5Mjc2OWU0ZS8wL0FTMjEyMzM2LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBjQuK
AwQAjQv7MA0GCSqGSIb3DQEBCwUAA4IBAQCI1BmddrJeeYdZ8RttepzIRgSzkmKn
Ll2W+oCepq79wYW7A1wpJXaHhCv2vTQ+ItsT227EKjFDvLphBYPyOYg57GsrrxNp
PC8e8SNjyPY9xukLHXED4uXT8wwGoPcaNo+b/abdNwpbvzPDiYVtv2oi7+NaJCQm
NS/dF5FBziYnkg7xTaWBjoN7AMUrDyAmHnYbZ/PTu0uIIY4Tv/0NV0K7kDw+SefL
pKNq8G3EBGA4aF2Jjsc6XyybC6EWCp4v0VCjv9zgCzWcg8WG4S4BcMxkab0Hxudd
Uq39f3hkkZWe8UXKyumIAbhRFPFgJnYMrWHqsY4iKmvzaky0OCBj3q5l
-----END CERTIFICATE-----
Generated at Sat Aug 23 14:41:42 2025 by rpki-client