Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS212238.roa
File: AS212238.roa (raw, json)
Hash identifier: iA2KqCSIyfxSIiYtQ7vS10brOe1qWt0/FWOIFJDRsAg=
Subject key identifier: 92:09:51:D3:7F:0F:E8:0B:68:DF:EA:D7:01:14:6F:9E:99:7F:BE:BB
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 6425D934531A939E0A5B88977390EA435A240F62
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS212238.roa
Signing time: Fri 13 Jun 2025 00:07:36 +0000
ROA not before: Fri 13 Jun 2025 00:02:36 +0000
ROA not after: Fri 12 Jun 2026 00:07:36 +0000
asID: 212238
IP address blocks: 96.62.96.0/23 maxlen: 23
96.62.111.0/24 maxlen: 24
96.62.127.0/24 maxlen: 24
96.62.214.0/24 maxlen: 24
140.233.178.0/23 maxlen: 24
140.233.188.0/23 maxlen: 24
143.14.168.0/22 maxlen: 22
143.14.230.0/23 maxlen: 23
143.14.249.0/24 maxlen: 24
146.103.35.0/24 maxlen: 24
146.103.45.0/24 maxlen: 24
146.103.51.0/24 maxlen: 24
147.79.31.0/24 maxlen: 24
148.135.183.0/24 maxlen: 24
148.135.195.0/24 maxlen: 24
150.241.200.0/23 maxlen: 23
150.241.242.0/24 maxlen: 24
150.241.243.0/24 maxlen: 24
150.241.251.0/24 maxlen: 24
155.117.166.0/23 maxlen: 23
155.117.168.0/23 maxlen: 23
155.117.180.0/22 maxlen: 22
155.117.245.0/24 maxlen: 24
158.140.208.0/22 maxlen: 22
162.141.76.0/22 maxlen: 22
162.141.84.0/22 maxlen: 22
162.141.104.0/22 maxlen: 22
162.141.108.0/22 maxlen: 22
162.141.112.0/24 maxlen: 24
162.141.134.0/23 maxlen: 23
167.148.177.0/24 maxlen: 24
167.148.184.0/22 maxlen: 22
167.148.192.0/22 maxlen: 22
167.148.200.0/22 maxlen: 22
167.148.204.0/22 maxlen: 22
167.148.212.0/22 maxlen: 22
167.148.220.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 10:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
64:25:d9:34:53:1a:93:9e:0a:5b:88:97:73:90:ea:43:5a:24:0f:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Jun 13 00:02:36 2025 GMT
Not After : Jun 12 00:07:36 2026 GMT
Subject: CN=920951D37F0FE80B68DFEAD701146F9E997FBEBB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:26:1c:25:00:99:fa:91:09:9c:a1:dd:34:71:
c4:6c:c3:f3:61:5a:48:99:9a:79:5c:2c:60:a9:39:
b1:e5:bf:35:de:70:5a:dc:5c:9d:c5:5d:6e:4b:9d:
d6:7f:0d:7c:91:64:42:61:4d:8f:99:54:6e:e9:14:
50:3e:f5:6a:11:c9:2e:d1:51:a9:b6:f9:b0:ed:14:
67:83:ff:27:75:c9:ef:53:b4:f5:24:d0:55:7d:c2:
60:dc:37:2f:fd:46:60:73:83:d1:e0:1d:67:a1:8e:
91:5d:de:75:9e:2d:01:1b:91:39:16:6b:8c:79:b2:
d6:85:ba:6f:65:86:1f:d0:18:aa:25:28:b7:c8:25:
b1:ba:c1:e9:ec:e4:c7:eb:22:ab:6b:e3:5a:69:c6:
ae:52:52:d1:6c:d0:81:0b:07:9d:08:10:d4:7f:f1:
4d:f5:93:03:c9:38:28:24:1d:5c:3d:1d:12:49:0f:
47:38:d9:f7:e6:20:bd:15:f3:fb:3a:70:79:94:51:
d1:8a:f5:a2:2a:f6:15:05:2c:2f:d7:3a:5d:85:74:
63:f8:3d:a3:0e:92:b8:f1:ab:26:5e:d6:45:42:18:
46:e7:cd:99:6a:f3:9c:e7:0e:16:9f:fe:59:f0:61:
d9:eb:4a:c9:50:14:8a:bc:79:6f:5c:ff:5c:23:ca:
dd:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:09:51:D3:7F:0F:E8:0B:68:DF:EA:D7:01:14:6F:9E:99:7F:BE:BB
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS212238.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
96.62.96.0/23
96.62.111.0/24
96.62.127.0/24
96.62.214.0/24
140.233.178.0/23
140.233.188.0/23
143.14.168.0/22
143.14.230.0/23
143.14.249.0/24
146.103.35.0/24
146.103.45.0/24
146.103.51.0/24
147.79.31.0/24
148.135.183.0/24
148.135.195.0/24
150.241.200.0/23
150.241.242.0/23
150.241.251.0/24
155.117.166.0-155.117.169.255
155.117.180.0/22
155.117.245.0/24
158.140.208.0/22
162.141.76.0/22
162.141.84.0/22
162.141.104.0-162.141.112.255
162.141.134.0/23
167.148.177.0/24
167.148.184.0/22
167.148.192.0/22
167.148.200.0/21
167.148.212.0/22
167.148.220.0/22
Signature Algorithm: sha256WithRSAEncryption
38:cb:61:a4:e4:fe:ac:78:e5:fe:e5:b6:a6:66:9e:0b:c8:69:
ac:2e:67:41:b8:09:30:c9:08:23:90:4e:6a:0d:cd:4e:12:d2:
1c:6c:63:67:c3:73:a9:e0:a8:30:f6:5e:9c:ac:12:91:f0:c9:
6f:8d:b9:71:ee:56:e6:98:38:2a:53:03:90:0a:3d:dc:69:24:
cc:5f:c9:ad:34:91:78:c7:12:9b:1a:fa:23:52:63:e7:8f:dd:
2e:1d:2d:40:bb:17:69:a2:df:1a:b2:19:e4:9d:b6:96:4c:ce:
63:f8:08:50:f2:cd:0f:4b:93:1c:21:97:e4:bc:20:21:57:04:
75:c0:e4:a4:f0:58:d5:e5:d5:c6:0b:cd:9e:46:82:05:9c:a4:
06:21:83:f6:80:35:6a:2d:21:8c:24:66:b9:04:b7:9f:04:6c:
fa:dc:d2:f7:8c:90:a0:55:7e:68:dc:19:93:d0:d2:57:10:32:
60:99:04:ae:dc:05:64:6a:6e:82:fe:23:fc:05:e7:3d:89:fd:
8f:b0:b9:54:6a:09:e2:09:1d:24:96:b9:e7:67:22:fb:f1:d0:
52:27:69:34:3f:ce:16:3a:4c:70:95:dd:63:d2:a7:07:c0:18:
d4:c2:4e:54:88:02:8e:e0:46:6d:61:85:1e:29:e1:a4:e6:83:
e2:e4:01:6e
-----BEGIN CERTIFICATE-----
MIIFzzCCBLegAwIBAgIUZCXZNFMak54KW4iXc5DqQ1okD2IwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTA2MTMwMDAyMzZaFw0yNjA2MTIwMDA3MzZaMDMxMTAvBgNV
BAMTKDkyMDk1MUQzN0YwRkU4MEI2OERGRUFENzAxMTQ2RjlFOTk3RkJFQkIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC2JhwlAJn6kQmcod00ccRsw/Nh
WkiZmnlcLGCpObHlvzXecFrcXJ3FXW5LndZ/DXyRZEJhTY+ZVG7pFFA+9WoRyS7R
Uam2+bDtFGeD/yd1ye9TtPUk0FV9wmDcNy/9RmBzg9HgHWehjpFd3nWeLQEbkTkW
a4x5staFum9lhh/QGKolKLfIJbG6wens5MfrIqtr41ppxq5SUtFs0IELB50IENR/
8U31kwPJOCgkHVw9HRJJD0c42ffmIL0V8/s6cHmUUdGK9aIq9hUFLC/XOl2FdGP4
PaMOkrjxqyZe1kVCGEbnzZlq85znDhaf/lnwYdnrSslQFIq8eW9c/1wjyt2HAgMB
AAGjggLZMIIC1TAdBgNVHQ4EFgQUkglR038P6Ato3+rXARRvnpl/vrswHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMjEyMjM4LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMIHtBggrBgEFBQcBBwEB/wSB3TCB2jCB1wQCAAEwgdAD
BAFgPmADBABgPm8DBABgPn8DBABgPtYDBAGM6bIDBAGM6bwDBAKPDqgDBAGPDuYD
BACPDvkDBACSZyMDBACSZy0DBACSZzMDBACTTx8DBACUh7cDBACUh8MDBAGW8cgD
BAGW8fIDBACW8fswDAMEAZt1pgMEAZt1qAMEApt1tAMEAJt19QMEAp6M0AMEAqKN
TAMEAqKNVDAMAwQDoo1oAwQAoo1wAwQBoo2GAwQAp5SxAwQCp5S4AwQCp5TAAwQD
p5TIAwQCp5TUAwQCp5TcMA0GCSqGSIb3DQEBCwUAA4IBAQA4y2Gk5P6seOX+5bam
Zp4LyGmsLmdBuAkwyQgjkE5qDc1OEtIcbGNnw3Op4Kgw9l6crBKR8Mlvjblx7lbm
mDgqUwOQCj3caSTMX8mtNJF4xxKbGvojUmPnj90uHS1Auxdpot8ashnknbaWTM5j
+AhQ8s0PS5McIZfkvCAhVwR1wOSk8FjV5dXGC82eRoIFnKQGIYP2gDVqLSGMJGa5
BLefBGz63NL3jJCgVX5o3BmT0NJXEDJgmQSu3AVkam6C/iP8Bec9if2PsLlUagni
CR0klrnnZyL78dBSJ2k0P84WOkxwld1j0qcHwBjUwk5UiAKO4EZtYYUeKeGk5oPi
5AFu
-----END CERTIFICATE-----
Generated at Sat Jun 14 17:13:58 2025 by rpki-client