Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/AS212238.roa
File: AS212238.roa (raw, json)
Hash identifier: IuszAdcQEX+M1WIOlZc3t22nkhaGKhKJC31e+6TrB8s=
Subject key identifier: 41:D3:54:B4:27:D5:0B:42:33:16:A8:B1:F3:F1:39:4A:B4:2F:FA:03
Certificate issuer: /CN=03b1ba3fdb91d8d9ea76c5776320eb7eb2d6ed9d
Certificate serial: 2B4B4C0ABF27E838F2B7CFADC5029D396D1534BF
Authority key identifier: 03:B1:BA:3F:DB:91:D8:D9:EA:76:C5:77:63:20:EB:7E:B2:D6:ED:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/A7G6P9uR2NnqdsV3YyDrfrLW7Z0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/AS212238.roa
Signing time: Fri 18 Apr 2025 00:00:07 +0000
ROA not before: Thu 17 Apr 2025 23:55:07 +0000
ROA not after: Fri 17 Apr 2026 00:00:07 +0000
asID: 212238
IP address blocks: 45.151.46.0/24 maxlen: 24
45.157.18.0/24 maxlen: 24
147.78.123.0/24 maxlen: 24
193.5.10.0/24 maxlen: 24
193.5.11.0/24 maxlen: 24
193.29.98.0/24 maxlen: 24
193.142.22.0/24 maxlen: 24
194.5.148.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/03B1BA3FDB91D8D9EA76C5776320EB7EB2D6ED9D.crl
rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/03B1BA3FDB91D8D9EA76C5776320EB7EB2D6ED9D.mft
rsync://rpki.ripe.net/repository/DEFAULT/A7G6P9uR2NnqdsV3YyDrfrLW7Z0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 14 Jun 2025 18:59:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2b:4b:4c:0a:bf:27:e8:38:f2:b7:cf:ad:c5:02:9d:39:6d:15:34:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=03b1ba3fdb91d8d9ea76c5776320eb7eb2d6ed9d
Validity
Not Before: Apr 17 23:55:07 2025 GMT
Not After : Apr 17 00:00:07 2026 GMT
Subject: CN=41D354B427D50B423316A8B1F3F1394AB42FFA03
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:ad:dd:02:b1:c2:fb:70:4b:5c:d0:35:6b:b8:
f3:72:d8:d9:3b:72:3f:ae:53:76:25:6c:03:ee:e6:
0d:c9:98:6b:9e:37:ef:d6:d2:ad:0c:70:e7:8f:79:
eb:9d:0c:5f:15:25:a1:6c:fc:85:eb:5c:75:44:7e:
f6:36:01:b4:30:15:6a:77:e2:77:9a:0d:83:e5:fd:
54:c6:0e:d2:99:5a:aa:80:b5:94:90:6c:e8:f7:58:
c5:41:47:b7:61:9e:01:5f:79:3f:ea:65:f9:f4:88:
82:d1:03:41:ad:13:37:e0:48:a3:36:47:91:6e:9c:
22:a0:65:24:39:e3:ff:95:b7:f5:05:55:d2:32:d7:
76:b2:9e:64:54:62:fd:f7:e2:25:86:4a:eb:c4:02:
af:af:17:b7:be:7e:17:44:fd:74:af:ee:7c:2b:b1:
18:cd:6e:78:16:49:83:23:c3:fd:41:6e:bb:59:16:
f7:86:59:3f:7e:d4:bd:4d:fe:fd:d0:2d:3f:44:ea:
97:52:11:5f:c3:d9:80:d9:c5:3e:58:24:20:d7:a9:
89:ed:ac:99:8a:83:7a:81:bf:f8:a0:14:0e:40:47:
c0:49:de:18:b9:ce:28:5c:e1:c1:f9:4c:d0:4c:c2:
2d:c1:0c:a8:1e:2c:aa:29:61:55:8a:36:cb:ba:b9:
02:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:D3:54:B4:27:D5:0B:42:33:16:A8:B1:F3:F1:39:4A:B4:2F:FA:03
X509v3 Authority Key Identifier:
keyid:03:B1:BA:3F:DB:91:D8:D9:EA:76:C5:77:63:20:EB:7E:B2:D6:ED:9D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/03B1BA3FDB91D8D9EA76C5776320EB7EB2D6ED9D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A7G6P9uR2NnqdsV3YyDrfrLW7Z0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/AS212238.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.151.46.0/24
45.157.18.0/24
147.78.123.0/24
193.5.10.0/23
193.29.98.0/24
193.142.22.0/24
194.5.148.0/24
Signature Algorithm: sha256WithRSAEncryption
d3:2a:f5:59:b3:f3:2f:30:d2:43:94:db:1a:c9:d0:c0:bc:ab:
f1:9e:be:a1:a0:c5:00:11:30:0b:fe:14:7e:05:f1:e6:81:f1:
98:20:02:1b:53:78:bd:c1:37:4e:d0:38:3c:7d:dd:9c:46:54:
38:f2:27:9f:1a:48:33:e6:10:e3:f7:38:d0:d6:6b:e7:ee:11:
50:bb:9d:fc:ff:1e:6e:3b:1f:c9:a1:4f:fd:fb:46:3a:97:df:
8d:44:e0:ec:29:5c:99:46:97:d6:48:c1:93:56:fd:2f:42:ae:
1c:a6:b0:da:26:ac:14:dd:eb:d9:36:ce:ae:53:c8:73:42:63:
dd:09:78:9f:ee:57:0b:e3:d9:ff:2a:48:75:9e:b3:ce:f4:dd:
f1:5d:f8:16:39:0e:84:e7:1e:9e:91:de:5e:88:4b:2b:15:ca:
c8:8c:81:a0:21:42:d9:d1:3e:ee:67:96:72:bc:2a:38:de:33:
4b:c9:dd:6d:4e:e9:9f:e0:56:19:7b:b1:22:08:87:11:56:2d:
1c:9d:bb:3d:43:11:fc:a1:d3:ba:80:98:6f:69:8c:38:a1:17:
7c:46:46:f5:70:1f:e2:eb:a5:5e:25:72:6f:8d:1b:34:bd:96:
e7:06:61:ea:e3:f8:56:9f:d6:13:87:4f:75:ec:08:8a:1e:36:
ec:3f:e4:6a
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgIUK0tMCr8n6Djyt8+txQKdOW0VNL8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDNiMWJhM2ZkYjkxZDhkOWVhNzZjNTc3NjMyMGViN2Vi
MmQ2ZWQ5ZDAeFw0yNTA0MTcyMzU1MDdaFw0yNjA0MTcwMDAwMDdaMDMxMTAvBgNV
BAMTKDQxRDM1NEI0MjdENTBCNDIzMzE2QThCMUYzRjEzOTRBQjQyRkZBMDMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCkrd0CscL7cEtc0DVruPNy2Nk7
cj+uU3YlbAPu5g3JmGueN+/W0q0McOePeeudDF8VJaFs/IXrXHVEfvY2AbQwFWp3
4neaDYPl/VTGDtKZWqqAtZSQbOj3WMVBR7dhngFfeT/qZfn0iILRA0GtEzfgSKM2
R5FunCKgZSQ54/+Vt/UFVdIy13aynmRUYv334iWGSuvEAq+vF7e+fhdE/XSv7nwr
sRjNbngWSYMjw/1BbrtZFveGWT9+1L1N/v3QLT9E6pdSEV/D2YDZxT5YJCDXqYnt
rJmKg3qBv/igFA5AR8BJ3hi5zihc4cH5TNBMwi3BDKgeLKopYVWKNsu6uQL/AgMB
AAGjggIuMIICKjAdBgNVHQ4EFgQUQdNUtCfVC0IzFqix8/E5SrQv+gMwHwYDVR0j
BBgwFoAUA7G6P9uR2NnqdsV3YyDrfrLW7Z0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvN2ZmMGY1NTUtZGJhNy00MTkyLWEwMWQtZjY5MTZkNWJi
ODRlLzAvMDNCMUJBM0ZEQjkxRDhEOUVBNzZDNTc3NjMyMEVCN0VCMkQ2RUQ5RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0E3RzZQOXVSMk5ucWRzVjNZeURyZnJM
VzdaMC5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzdmZjBmNTU1LWRiYTct
NDE5Mi1hMDFkLWY2OTE2ZDViYjg0ZS8wL0FTMjEyMjM4LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQALZcu
AwQALZ0SAwQAk057AwQBwQUKAwQAwR1iAwQAwY4WAwQAwgWUMA0GCSqGSIb3DQEB
CwUAA4IBAQDTKvVZs/MvMNJDlNsaydDAvKvxnr6hoMUAETAL/hR+BfHmgfGYIAIb
U3i9wTdO0Dg8fd2cRlQ48iefGkgz5hDj9zjQ1mvn7hFQu538/x5uOx/JoU/9+0Y6
l9+NRODsKVyZRpfWSMGTVv0vQq4cprDaJqwU3evZNs6uU8hzQmPdCXif7lcL49n/
Kkh1nrPO9N3xXfgWOQ6E5x6ekd5eiEsrFcrIjIGgIULZ0T7uZ5ZyvCo43jNLyd1t
Tumf4FYZe7EiCIcRVi0cnbs9QxH8odO6gJhvaYw4oRd8Rkb1cB/i66VeJXJvjRs0
vZbnBmHq4/hWn9YTh0917AiKHjbsP+Rq
-----END CERTIFICATE-----
Generated at Sat Jun 14 04:11:45 2025 by rpki-client