Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS212238.roa
File: AS212238.roa (raw, json)
Hash identifier: 2XcdBtLilfiYgcNwJQuzqvoVThSmBfXlz7DDFJO4/i4=
Subject key identifier: 42:31:6E:97:DB:EA:33:3B:6E:A1:ED:AC:7E:37:47:D8:25:1B:A5:CE
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 75CBE3E3473C635F2E1AECCB0322766D54E4867D
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS212238.roa
Signing time: Tue 10 Feb 2026 08:37:07 +0000
ROA not before: Tue 10 Feb 2026 08:32:07 +0000
ROA not after: Tue 09 Feb 2027 08:37:07 +0000
asID: 212238
IP address blocks: 96.62.96.0/23 maxlen: 23
96.62.111.0/24 maxlen: 24
96.62.127.0/24 maxlen: 24
96.62.190.0/24 maxlen: 24
96.62.214.0/24 maxlen: 24
136.143.247.0/24 maxlen: 24
140.233.178.0/23 maxlen: 24
140.233.188.0/23 maxlen: 24
143.14.219.0/24 maxlen: 24
146.103.45.0/24 maxlen: 24
146.103.51.0/24 maxlen: 24
146.103.53.0/24 maxlen: 24
147.79.10.0/24 maxlen: 24
148.135.183.0/24 maxlen: 24
148.135.195.0/24 maxlen: 24
150.241.200.0/23 maxlen: 23
150.241.243.0/24 maxlen: 24
150.241.251.0/24 maxlen: 24
155.117.144.0/24 maxlen: 24
155.117.234.0/24 maxlen: 24
158.140.193.0/24 maxlen: 24
158.140.208.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 12:54:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
75:cb:e3:e3:47:3c:63:5f:2e:1a:ec:cb:03:22:76:6d:54:e4:86:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Feb 10 08:32:07 2026 GMT
Not After : Feb 9 08:37:07 2027 GMT
Subject: CN=42316E97DBEA333B6EA1EDAC7E3747D8251BA5CE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:72:9b:22:fa:7a:af:e2:e9:ad:ea:5f:50:2c:
62:e4:06:d6:82:4f:bc:04:c5:e0:23:cd:7d:dc:ab:
6a:64:d8:4a:36:13:f1:ca:46:ad:de:a9:5c:72:f8:
51:c8:17:f7:93:f8:28:ef:42:0c:48:f6:31:31:b9:
26:f8:20:97:04:12:97:60:94:c1:ca:03:55:cb:6d:
28:05:eb:a3:be:d3:af:36:d4:0e:94:2b:87:9e:ad:
30:20:86:f3:9b:24:81:2f:61:30:45:4c:6e:35:9c:
53:bd:f4:aa:08:fb:f4:fa:16:65:cc:9e:39:1f:3f:
df:e8:32:5a:f2:f2:ef:a9:78:a5:ab:6b:ac:92:b7:
c4:7e:5a:27:fe:33:bd:96:b8:4f:57:bd:ac:75:8e:
32:19:04:5f:62:74:36:d0:7d:3d:bf:db:4b:32:4f:
25:2f:48:37:86:6e:0a:cf:3b:8d:6d:8d:4b:d0:d9:
b6:13:42:29:0c:d6:67:c2:84:76:13:85:ee:54:57:
a1:e4:13:5a:47:98:5e:69:f8:e6:81:50:f6:01:87:
9d:cc:0b:4a:06:1d:9c:b8:5d:01:e8:1b:e0:81:d9:
53:38:f2:8e:f8:e0:d0:88:88:8d:02:23:07:6a:0f:
d3:48:52:ab:fd:ea:8f:ae:ff:7e:cb:77:ec:bb:5d:
b2:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:31:6E:97:DB:EA:33:3B:6E:A1:ED:AC:7E:37:47:D8:25:1B:A5:CE
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS212238.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
96.62.96.0/23
96.62.111.0/24
96.62.127.0/24
96.62.190.0/24
96.62.214.0/24
136.143.247.0/24
140.233.178.0/23
140.233.188.0/23
143.14.219.0/24
146.103.45.0/24
146.103.51.0/24
146.103.53.0/24
147.79.10.0/24
148.135.183.0/24
148.135.195.0/24
150.241.200.0/23
150.241.243.0/24
150.241.251.0/24
155.117.144.0/24
155.117.234.0/24
158.140.193.0/24
158.140.208.0/22
Signature Algorithm: sha256WithRSAEncryption
78:38:2b:f9:30:65:0b:40:aa:1a:20:49:4c:f8:22:79:02:74:
14:f5:7b:00:31:f6:07:37:5c:b9:5c:a7:be:05:97:52:6b:64:
3a:5d:5c:a3:12:8b:5c:bb:19:75:15:7a:7d:ed:76:27:66:aa:
b8:6f:3c:17:34:b9:b8:71:52:e1:38:16:1f:e8:5b:db:08:f9:
7e:4c:b8:f6:f8:16:49:92:f0:99:01:6a:6b:06:cb:89:5a:18:
ef:8d:11:76:8b:87:99:9a:55:6c:ba:02:35:fb:d2:59:1a:fa:
71:8b:66:28:94:b6:ff:8a:c3:af:69:c9:0b:2b:8a:26:88:c7:
2c:ae:6d:b3:1a:d4:28:4c:da:5a:58:29:21:58:83:11:b9:34:
00:4b:77:96:34:fd:66:f5:ae:8f:d3:77:a7:30:00:8a:03:a8:
bd:0e:2b:a7:cc:45:2a:f2:77:1c:7e:6e:6b:8f:d3:3e:0b:73:
32:32:1a:da:b0:7a:2b:5f:c7:de:5c:84:29:9e:4b:90:e4:a1:
08:08:85:de:2d:96:45:21:79:a6:56:a9:9e:87:5b:ff:66:bc:
5b:a6:c1:2d:93:2e:9f:c9:16:0c:00:b9:f0:cd:4a:38:39:3b:
4b:f7:3c:b7:e9:3b:58:10:98:65:06:67:fd:df:3a:af:4b:1c:
9e:81:e5:53
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgIUdcvj40c8Y18uGuzLAyJ2bVTkhn0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNjAyMTAwODMyMDdaFw0yNzAyMDkwODM3MDdaMDMxMTAvBgNV
BAMTKDQyMzE2RTk3REJFQTMzM0I2RUExRURBQzdFMzc0N0Q4MjUxQkE1Q0UwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCicpsi+nqv4umt6l9QLGLkBtaC
T7wExeAjzX3cq2pk2Eo2E/HKRq3eqVxy+FHIF/eT+CjvQgxI9jExuSb4IJcEEpdg
lMHKA1XLbSgF66O+06821A6UK4eerTAghvObJIEvYTBFTG41nFO99KoI+/T6FmXM
njkfP9/oMlry8u+peKWra6ySt8R+Wif+M72WuE9Xvax1jjIZBF9idDbQfT2/20sy
TyUvSDeGbgrPO41tjUvQ2bYTQikM1mfChHYThe5UV6HkE1pHmF5p+OaBUPYBh53M
C0oGHZy4XQHoG+CB2VM48o744NCIiI0CIwdqD9NIUqv96o+u/37Ld+y7XbJxAgMB
AAGjggKNMIICiTAdBgNVHQ4EFgQUQjFul9vqMztuoe2sfjdH2CUbpc4wHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMjEyMjM4LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMIGhBggrBgEFBQcBBwEB/wSBkTCBjjCBiwQCAAEwgYQD
BAFgPmADBABgPm8DBABgPn8DBABgPr4DBABgPtYDBACIj/cDBAGM6bIDBAGM6bwD
BACPDtsDBACSZy0DBACSZzMDBACSZzUDBACTTwoDBACUh7cDBACUh8MDBAGW8cgD
BACW8fMDBACW8fsDBACbdZADBACbdeoDBACejMEDBAKejNAwDQYJKoZIhvcNAQEL
BQADggEBAHg4K/kwZQtAqhogSUz4InkCdBT1ewAx9gc3XLlcp74Fl1JrZDpdXKMS
i1y7GXUVen3tdidmqrhvPBc0ubhxUuE4Fh/oW9sI+X5MuPb4FkmS8JkBamsGy4la
GO+NEXaLh5maVWy6AjX70lka+nGLZiiUtv+Kw69pyQsriiaIxyyubbMa1ChM2lpY
KSFYgxG5NABLd5Y0/Wb1ro/Td6cwAIoDqL0OK6fMRSrydxx+bmuP0z4LczIyGtqw
eitfx95chCmeS5DkoQgIhd4tlkUheaZWqZ6HW/9mvFumwS2TLp/JFgwAufDNSjg5
O0v3PLfpO1gQmGUGZ/3fOq9LHJ6B5VM=
-----END CERTIFICATE-----
Generated at Sun Mar 1 23:39:03 2026 by rpki-client