Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS212238.roa
File: AS212238.roa (raw, json)
Hash identifier: HrE+D64joq5Hi3KBhD/wIvsxABdU1hDvLcm5MXSUwto=
Subject key identifier: 97:91:7D:5A:C0:97:23:C0:BC:16:E6:8C:82:81:5C:68:B1:B9:34:30
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 603A865ED6715BB3D22E09E756582E07C6DCC116
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS212238.roa
Signing time: Fri 01 Aug 2025 00:04:25 +0000
ROA not before: Thu 31 Jul 2025 23:59:25 +0000
ROA not after: Fri 31 Jul 2026 00:04:25 +0000
asID: 212238
IP address blocks: 96.62.96.0/23 maxlen: 23
96.62.111.0/24 maxlen: 24
96.62.127.0/24 maxlen: 24
96.62.214.0/24 maxlen: 24
140.233.178.0/23 maxlen: 24
140.233.188.0/23 maxlen: 24
146.103.35.0/24 maxlen: 24
146.103.45.0/24 maxlen: 24
146.103.51.0/24 maxlen: 24
147.79.31.0/24 maxlen: 24
148.135.183.0/24 maxlen: 24
148.135.195.0/24 maxlen: 24
150.241.200.0/23 maxlen: 23
150.241.242.0/24 maxlen: 24
150.241.243.0/24 maxlen: 24
150.241.251.0/24 maxlen: 24
158.140.208.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 03:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
60:3a:86:5e:d6:71:5b:b3:d2:2e:09:e7:56:58:2e:07:c6:dc:c1:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Jul 31 23:59:25 2025 GMT
Not After : Jul 31 00:04:25 2026 GMT
Subject: CN=97917D5AC09723C0BC16E68C82815C68B1B93430
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:39:eb:d0:57:f2:a8:b3:55:90:dc:29:6c:f2:
64:31:f9:6d:d6:07:bd:e4:35:05:1c:44:f9:46:26:
ba:bb:e7:6a:0c:82:f2:e4:a7:7c:1a:66:c2:4e:05:
4c:a1:6e:a4:7e:90:e9:f0:59:04:09:15:21:8b:ea:
55:ce:15:88:0f:fb:a7:29:43:1d:3e:64:38:fa:d6:
c0:57:ac:e4:fa:26:70:08:4f:56:69:be:61:60:23:
91:7f:c5:ac:cb:76:50:68:4a:b8:13:ef:d9:c1:47:
8c:5c:8d:ad:26:f2:00:66:89:00:c1:b2:44:83:c6:
7c:13:2b:5d:54:37:3b:05:a4:ba:2d:17:39:dd:2b:
c9:37:7c:cd:c1:1e:eb:a2:60:d7:68:e9:4d:9d:28:
ab:eb:6f:7b:f0:91:c5:04:38:41:33:bc:02:1d:48:
ad:fb:56:14:14:ec:bd:ef:cc:31:f2:0e:51:2e:1a:
41:20:d5:50:34:e6:2a:6b:2f:97:ac:54:f0:34:f5:
1a:4a:fe:50:b1:d0:a0:84:12:d1:47:67:54:88:4c:
d7:c9:b8:64:a2:e7:f4:9e:0a:9d:40:e4:35:23:15:
2a:17:43:c2:96:e0:28:d6:77:18:0e:fc:39:23:b2:
52:21:3a:b8:76:d9:bf:26:2a:1d:f8:41:36:08:91:
80:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:91:7D:5A:C0:97:23:C0:BC:16:E6:8C:82:81:5C:68:B1:B9:34:30
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS212238.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
96.62.96.0/23
96.62.111.0/24
96.62.127.0/24
96.62.214.0/24
140.233.178.0/23
140.233.188.0/23
146.103.35.0/24
146.103.45.0/24
146.103.51.0/24
147.79.31.0/24
148.135.183.0/24
148.135.195.0/24
150.241.200.0/23
150.241.242.0/23
150.241.251.0/24
158.140.208.0/22
Signature Algorithm: sha256WithRSAEncryption
33:e2:8e:37:38:30:99:20:a4:0e:ea:e0:b3:bb:3b:ae:61:68:
64:8c:bd:5d:3b:99:53:73:17:ba:6c:b1:3a:79:98:17:85:87:
f4:da:d5:12:af:93:a2:75:68:86:d8:f2:3f:26:b1:1c:a3:aa:
40:7a:7e:85:39:68:48:82:27:52:ea:a0:e4:7c:1c:7b:06:c6:
ea:09:35:3a:1e:db:2f:8f:5e:3d:2f:6f:ff:77:8f:6d:75:1c:
93:44:3c:57:d5:6a:21:81:e6:d9:41:17:3e:f5:43:33:bb:a5:
61:de:19:65:3e:17:f0:6e:a5:4c:5e:0d:2f:87:c3:18:aa:b4:
bd:08:1a:32:37:43:af:c5:c2:f2:2f:fe:6f:81:c2:0c:73:c9:
9e:78:67:c9:db:7b:bf:a7:80:21:85:1b:e1:29:ce:02:2f:3e:
3e:43:c3:c5:ab:e5:26:94:7c:90:8b:2c:11:9e:54:44:fc:3f:
be:cb:cf:4e:bf:e7:16:f5:7e:8f:35:0f:eb:80:80:08:f0:26:
23:e9:c7:14:eb:a1:74:eb:9f:8b:13:28:b6:a8:68:df:9c:b3:
1b:49:b2:76:e9:85:23:3f:76:fe:2b:dc:cf:a1:47:c2:6b:2e:
0c:0d:94:8e:54:89:ff:f7:8a:24:3e:ff:5e:a8:95:d6:3c:1a:
79:f3:de:30
-----BEGIN CERTIFICATE-----
MIIFWjCCBEKgAwIBAgIUYDqGXtZxW7PSLgnnVlguB8bcwRYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTA3MzEyMzU5MjVaFw0yNjA3MzEwMDA0MjVaMDMxMTAvBgNV
BAMTKDk3OTE3RDVBQzA5NzIzQzBCQzE2RTY4QzgyODE1QzY4QjFCOTM0MzAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCzOevQV/Kos1WQ3Cls8mQx+W3W
B73kNQUcRPlGJrq752oMgvLkp3waZsJOBUyhbqR+kOnwWQQJFSGL6lXOFYgP+6cp
Qx0+ZDj61sBXrOT6JnAIT1ZpvmFgI5F/xazLdlBoSrgT79nBR4xcja0m8gBmiQDB
skSDxnwTK11UNzsFpLotFzndK8k3fM3BHuuiYNdo6U2dKKvrb3vwkcUEOEEzvAId
SK37VhQU7L3vzDHyDlEuGkEg1VA05iprL5esVPA09RpK/lCx0KCEEtFHZ1SITNfJ
uGSi5/SeCp1A5DUjFSoXQ8KW4CjWdxgO/DkjslIhOrh22b8mKh34QTYIkYBrAgMB
AAGjggJkMIICYDAdBgNVHQ4EFgQUl5F9WsCXI8C8FuaMgoFcaLG5NDAwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMjEyMjM4LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMHkGCCsGAQUFBwEHAQH/BGowaDBmBAIAATBgAwQBYD5g
AwQAYD5vAwQAYD5/AwQAYD7WAwQBjOmyAwQBjOm8AwQAkmcjAwQAkmctAwQAkmcz
AwQAk08fAwQAlIe3AwQAlIfDAwQBlvHIAwQBlvHyAwQAlvH7AwQCnozQMA0GCSqG
SIb3DQEBCwUAA4IBAQAz4o43ODCZIKQO6uCzuzuuYWhkjL1dO5lTcxe6bLE6eZgX
hYf02tUSr5OidWiG2PI/JrEco6pAen6FOWhIgidS6qDkfBx7BsbqCTU6Htsvj149
L2//d49tdRyTRDxX1WohgebZQRc+9UMzu6Vh3hllPhfwbqVMXg0vh8MYqrS9CBoy
N0OvxcLyL/5vgcIMc8meeGfJ23u/p4AhhRvhKc4CLz4+Q8PFq+UmlHyQiywRnlRE
/D++y89Ov+cW9X6PNQ/rgIAI8CYj6ccU66F065+LEyi2qGjfnLMbSbJ26YUjP3b+
K9zPoUfCay4MDZSOVIn/94okPv9eqJXWPBp5894w
-----END CERTIFICATE-----
Generated at Mon Aug 4 11:19:48 2025 by rpki-client