Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS212238.roa
File: AS212238.roa (raw, json)
Hash identifier: kLjjt4uSp9xDpwxoaaUBbcpxfXj5/ZdI1GrXnzqhRQ4=
Subject key identifier: 79:51:6C:8D:22:84:C6:7A:69:D3:7C:7D:A2:2F:7D:A7:4B:31:11:04
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 1FA4DB39AA6C112717FD89117FE157BE30E1F23B
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS212238.roa
Signing time: Thu 28 May 2026 06:52:45 +0000
ROA not before: Thu 28 May 2026 06:47:45 +0000
ROA not after: Thu 27 May 2027 06:52:45 +0000
asID: 212238
IP address blocks: 96.62.111.0/24 maxlen: 24
96.62.190.0/24 maxlen: 24
96.62.214.0/24 maxlen: 24
136.143.240.0/24 maxlen: 24
136.143.247.0/24 maxlen: 24
140.233.178.0/23 maxlen: 24
140.233.188.0/23 maxlen: 24
143.14.132.0/23 maxlen: 24
143.14.219.0/24 maxlen: 24
146.103.45.0/24 maxlen: 24
146.103.51.0/24 maxlen: 24
146.103.53.0/24 maxlen: 24
147.79.10.0/24 maxlen: 24
148.135.195.0/24 maxlen: 24
150.241.243.0/24 maxlen: 24
150.241.251.0/24 maxlen: 24
155.117.8.0/22 maxlen: 24
155.117.144.0/24 maxlen: 24
155.117.234.0/24 maxlen: 24
158.140.193.0/24 maxlen: 24
158.140.208.0/22 maxlen: 22
168.222.72.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 13 Jun 2026 19:43:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1f:a4:db:39:aa:6c:11:27:17:fd:89:11:7f:e1:57:be:30:e1:f2:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: May 28 06:47:45 2026 GMT
Not After : May 27 06:52:45 2027 GMT
Subject: CN=79516C8D2284C67A69D37C7DA22F7DA74B311104
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:78:65:bf:a7:b9:24:cc:35:a0:ff:99:44:66:
43:03:86:d7:c0:d0:07:8f:5e:e9:67:a3:36:1f:cc:
78:6c:4d:37:b9:b0:b9:66:1c:00:a8:6c:b7:7b:bc:
d8:48:13:93:6a:e0:1a:eb:f4:73:ee:c9:5f:df:c4:
5c:b6:69:8f:39:ef:5b:f8:bf:d0:d1:8b:1b:02:a8:
a0:b7:c5:4c:37:0f:34:3f:ba:0a:d4:7e:3f:d1:7d:
2b:54:b4:dd:4b:1e:a7:33:bb:e6:44:32:c8:8a:aa:
c1:cf:09:48:57:18:61:f0:93:7f:8c:6e:a7:3f:df:
bf:9c:17:44:55:b4:b9:ee:86:53:3a:28:13:bd:de:
e7:c8:7d:85:aa:7a:f4:4f:a9:86:8c:d4:2d:72:a5:
a7:65:a1:12:6d:8a:cf:bb:9b:0b:40:71:4c:56:69:
95:08:a3:f8:08:7c:c8:bc:78:1b:46:95:c9:25:5a:
91:b6:ce:42:00:51:a6:f2:5e:63:fa:0b:42:7c:f9:
cc:0d:77:3f:2c:33:74:79:d9:bf:ba:d4:8b:c9:d3:
69:80:21:46:67:02:a0:fd:ad:96:fc:97:f9:3b:aa:
88:79:95:69:36:c0:f9:b9:96:b8:1f:6d:de:f2:2f:
bb:4d:fc:64:82:86:f8:14:78:26:2f:c0:28:68:f6:
da:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:51:6C:8D:22:84:C6:7A:69:D3:7C:7D:A2:2F:7D:A7:4B:31:11:04
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS212238.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
96.62.111.0/24
96.62.190.0/24
96.62.214.0/24
136.143.240.0/24
136.143.247.0/24
140.233.178.0/23
140.233.188.0/23
143.14.132.0/23
143.14.219.0/24
146.103.45.0/24
146.103.51.0/24
146.103.53.0/24
147.79.10.0/24
148.135.195.0/24
150.241.243.0/24
150.241.251.0/24
155.117.8.0/22
155.117.144.0/24
155.117.234.0/24
158.140.193.0/24
158.140.208.0/22
168.222.72.0/22
Signature Algorithm: sha256WithRSAEncryption
21:b7:42:8e:25:82:37:e0:fa:dd:54:0c:2e:53:76:9a:49:2c:
7f:26:69:1a:1d:ec:1f:97:3d:bd:2c:eb:a1:8e:aa:1a:15:6f:
63:20:69:50:a4:34:e5:9b:96:ea:85:ab:98:4f:b7:c1:08:ab:
c1:c2:27:a4:38:6d:f5:80:b1:f0:4b:f2:da:21:aa:3f:92:de:
df:e8:9b:49:3a:06:f4:7f:46:5b:57:0e:d5:76:a4:91:a9:81:
ae:d7:17:26:1f:d9:89:5d:b3:bb:1e:d9:77:54:2c:f9:2e:da:
b0:3a:6b:62:f9:e3:71:4f:ca:1b:82:a9:0d:6f:e2:8c:69:4c:
83:ea:87:cc:4c:a1:01:a0:06:9a:7b:5e:1d:e7:f0:e9:58:0f:
6b:59:2c:c3:97:b5:d1:a2:35:54:a7:97:45:d0:ee:75:f0:0c:
ea:c9:84:fb:4e:06:8a:4d:d0:97:f3:7c:5d:d9:ae:a5:38:57:
83:f8:56:bb:44:ed:09:d4:11:b7:70:a7:68:e4:70:77:d2:c0:
60:0e:ae:f5:87:cc:59:3b:75:59:bf:db:0f:19:09:88:e7:09:
8e:02:81:9c:27:a1:bb:10:6c:4e:75:97:01:88:ac:dc:cd:98:
f3:e6:ff:03:a0:ec:4d:c6:9c:6c:05:55:8b:9b:12:14:08:5e:
73:cb:42:d6
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgIUH6TbOapsEScX/YkRf+FXvjDh8jswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNjA1MjgwNjQ3NDVaFw0yNzA1MjcwNjUyNDVaMDMxMTAvBgNV
BAMTKDc5NTE2QzhEMjI4NEM2N0E2OUQzN0M3REEyMkY3REE3NEIzMTExMDQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC8eGW/p7kkzDWg/5lEZkMDhtfA
0AePXulnozYfzHhsTTe5sLlmHACobLd7vNhIE5Nq4Brr9HPuyV/fxFy2aY8571v4
v9DRixsCqKC3xUw3DzQ/ugrUfj/RfStUtN1LHqczu+ZEMsiKqsHPCUhXGGHwk3+M
bqc/37+cF0RVtLnuhlM6KBO93ufIfYWqevRPqYaM1C1ypadloRJtis+7mwtAcUxW
aZUIo/gIfMi8eBtGlcklWpG2zkIAUabyXmP6C0J8+cwNdz8sM3R52b+61IvJ02mA
IUZnAqD9rZb8l/k7qoh5lWk2wPm5lrgfbd7yL7tN/GSChvgUeCYvwCho9tp5AgMB
AAGjggKNMIICiTAdBgNVHQ4EFgQUeVFsjSKExnpp03x9oi99p0sxEQQwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMjEyMjM4LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMIGhBggrBgEFBQcBBwEB/wSBkTCBjjCBiwQCAAEwgYQD
BABgPm8DBABgPr4DBABgPtYDBACIj/ADBACIj/cDBAGM6bIDBAGM6bwDBAGPDoQD
BACPDtsDBACSZy0DBACSZzMDBACSZzUDBACTTwoDBACUh8MDBACW8fMDBACW8fsD
BAKbdQgDBACbdZADBACbdeoDBACejMEDBAKejNADBAKo3kgwDQYJKoZIhvcNAQEL
BQADggEBACG3Qo4lgjfg+t1UDC5TdppJLH8maRod7B+XPb0s66GOqhoVb2MgaVCk
NOWbluqFq5hPt8EIq8HCJ6Q4bfWAsfBL8tohqj+S3t/om0k6BvR/RltXDtV2pJGp
ga7XFyYf2Ylds7se2XdULPku2rA6a2L543FPyhuCqQ1v4oxpTIPqh8xMoQGgBpp7
Xh3n8OlYD2tZLMOXtdGiNVSnl0XQ7nXwDOrJhPtOBopN0JfzfF3ZrqU4V4P4VrtE
7QnUEbdwp2jkcHfSwGAOrvWHzFk7dVm/2w8ZCYjnCY4CgZwnobsQbE51lwGIrNzN
mPPm/wOg7E3GnGwFVYubEhQIXnPLQtY=
-----END CERTIFICATE-----
Generated at Sat Jun 13 08:01:40 2026 by rpki-client