Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/AS212238.roa
File: AS212238.roa (raw, json)
Hash identifier: vaw1BuI6QU8js2RLmHyoWu12EA82EhKzFgQVeBdGXic=
Subject key identifier: 3C:2B:39:4E:10:D3:8F:55:2C:FF:C9:C3:AD:69:05:EA:EE:7E:43:40
Certificate issuer: /CN=88c14ec02adbf083138eddd47871176ddeb93d9d
Certificate serial: 07C3D1DA7385CB9E609946F19DDD916C759D4DED
Authority key identifier: 88:C1:4E:C0:2A:DB:F0:83:13:8E:DD:D4:78:71:17:6D:DE:B9:3D:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/AS212238.roa
Signing time: Tue 28 Oct 2025 08:47:13 +0000
ROA not before: Tue 28 Oct 2025 08:42:13 +0000
ROA not after: Tue 27 Oct 2026 08:47:13 +0000
asID: 212238
IP address blocks: 143.20.160.0/24 maxlen: 24
143.20.165.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.crl
rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.mft
rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 09:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
07:c3:d1:da:73:85:cb:9e:60:99:46:f1:9d:dd:91:6c:75:9d:4d:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88c14ec02adbf083138eddd47871176ddeb93d9d
Validity
Not Before: Oct 28 08:42:13 2025 GMT
Not After : Oct 27 08:47:13 2026 GMT
Subject: CN=3C2B394E10D38F552CFFC9C3AD6905EAEE7E4340
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:db:a1:61:45:7e:9c:bc:d3:94:93:7e:ac:65:
28:38:87:8f:44:19:27:9c:85:5d:88:32:8c:03:40:
1f:f6:2b:9c:65:eb:29:03:2a:ae:0b:f4:9b:ec:ed:
97:6b:89:ff:f4:e0:0f:5f:7e:1b:ad:cf:32:a3:ce:
e4:eb:1e:b8:46:1a:c6:87:aa:3c:98:c2:09:e9:2f:
0f:04:13:fa:fa:c5:ef:99:83:5b:35:36:d2:bf:09:
06:84:ed:56:d1:96:54:33:1b:43:12:84:c5:e7:aa:
d8:16:6f:75:1e:df:ef:13:2c:ee:dd:46:88:c1:2d:
b7:78:c5:3c:f1:6a:39:e3:1b:52:59:c3:50:0a:6b:
ea:72:f0:af:3e:a4:71:00:e1:2c:1d:59:b4:7a:44:
df:8a:2b:99:e1:39:2a:9c:43:c2:ba:51:e2:3e:83:
34:4e:15:ea:3a:74:79:3c:66:ce:92:b7:a5:24:60:
e4:04:4e:4b:18:4b:41:04:33:14:df:31:72:f7:22:
5f:3e:06:7b:80:7d:c3:1e:52:bc:05:5b:fd:0f:46:
99:b6:ab:d9:ba:21:7a:a2:01:08:10:89:7c:9f:40:
2d:7b:9e:3d:3f:f0:16:7d:33:06:85:dd:46:5a:6d:
e5:03:7f:35:be:29:b2:79:fd:5d:89:56:ab:c4:70:
6c:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:2B:39:4E:10:D3:8F:55:2C:FF:C9:C3:AD:69:05:EA:EE:7E:43:40
X509v3 Authority Key Identifier:
keyid:88:C1:4E:C0:2A:DB:F0:83:13:8E:DD:D4:78:71:17:6D:DE:B9:3D:9D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/AS212238.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.20.160.0/24
143.20.165.0/24
Signature Algorithm: sha256WithRSAEncryption
6e:c5:39:3e:96:bf:fa:81:47:b9:15:ef:99:5e:8d:8a:a6:ca:
ec:07:33:c5:d1:10:0d:a4:30:87:6a:1f:01:74:9f:d3:c0:0d:
98:02:91:39:4c:99:1b:11:f7:d5:0e:f7:11:09:30:c7:d4:af:
9b:ff:27:6a:6d:18:05:57:f1:a0:c5:cb:62:3a:cc:c8:c4:fc:
0f:62:93:58:e0:ec:03:e4:30:90:4a:a2:89:2f:65:6a:ad:da:
ed:3d:52:8f:58:9a:3c:c4:09:6e:4c:ff:ea:70:5f:5e:e2:2a:
e0:3e:b2:cd:d3:89:c9:74:d9:d0:71:a6:8b:2b:51:9a:d9:8e:
ec:f6:0f:87:de:10:9c:c3:b3:3c:8e:56:ef:05:53:83:86:a1:
5f:4c:ca:96:d8:66:1e:a7:26:ef:9c:4c:c7:eb:3c:db:3f:19:
1d:b1:30:f1:48:a2:40:1d:7b:ed:05:24:85:0f:57:e8:ad:fe:
d1:6d:62:7e:4d:db:3b:9a:0f:a9:b7:c2:a0:e5:d8:46:b1:4b:
7f:e3:9e:67:21:0f:22:af:fd:73:7b:f0:bc:5a:9c:7c:73:b7:
f1:a6:e3:e9:76:50:63:d3:3c:3e:07:d0:d4:25:0b:42:a8:e3:
a2:6c:49:58:aa:c0:b3:3c:de:97:e1:56:29:c4:b6:6d:9c:6b:
c3:d0:87:3f
-----BEGIN CERTIFICATE-----
MIIFBjCCA+6gAwIBAgIUB8PR2nOFy55gmUbxnd2RbHWdTe0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODhjMTRlYzAyYWRiZjA4MzEzOGVkZGQ0Nzg3MTE3NmRk
ZWI5M2Q5ZDAeFw0yNTEwMjgwODQyMTNaFw0yNjEwMjcwODQ3MTNaMDMxMTAvBgNV
BAMTKDNDMkIzOTRFMTBEMzhGNTUyQ0ZGQzlDM0FENjkwNUVBRUU3RTQzNDAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCc26FhRX6cvNOUk36sZSg4h49E
GSechV2IMowDQB/2K5xl6ykDKq4L9Jvs7Zdrif/04A9ffhutzzKjzuTrHrhGGsaH
qjyYwgnpLw8EE/r6xe+Zg1s1NtK/CQaE7VbRllQzG0MShMXnqtgWb3Ue3+8TLO7d
RojBLbd4xTzxajnjG1JZw1AKa+py8K8+pHEA4SwdWbR6RN+KK5nhOSqcQ8K6UeI+
gzROFeo6dHk8Zs6St6UkYOQETksYS0EEMxTfMXL3Il8+BnuAfcMeUrwFW/0PRpm2
q9m6IXqiAQgQiXyfQC17nj0/8BZ9MwaF3UZabeUDfzW+KbJ5/V2JVqvEcGzdAgMB
AAGjggIQMIICDDAdBgNVHQ4EFgQUPCs5ThDTj1Us/8nDrWkF6u5+Q0AwHwYDVR0j
BBgwFoAUiMFOwCrb8IMTjt3UeHEXbd65PZ0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQwOWQ3YjItZWU2NC00OWYxLWFkODEtOGU0YTEwN2Q2
MmUwLzAvODhDMTRFQzAyQURCRjA4MzEzOEVEREQ0Nzg3MTE3NkRERUI5M0Q5RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2lNRk93Q3JiOElNVGp0M1VlSEVYYmQ2
NVBaMC5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0MDlkN2IyLWVlNjQt
NDlmMS1hZDgxLThlNGExMDdkNjJlMC8wL0FTMjEyMjM4LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAjxSg
AwQAjxSlMA0GCSqGSIb3DQEBCwUAA4IBAQBuxTk+lr/6gUe5Fe+ZXo2KpsrsBzPF
0RANpDCHah8BdJ/TwA2YApE5TJkbEffVDvcRCTDH1K+b/ydqbRgFV/GgxctiOszI
xPwPYpNY4OwD5DCQSqKJL2VqrdrtPVKPWJo8xAluTP/qcF9e4irgPrLN04nJdNnQ
caaLK1Ga2Y7s9g+H3hCcw7M8jlbvBVODhqFfTMqW2GYepybvnEzH6zzbPxkdsTDx
SKJAHXvtBSSFD1forf7RbWJ+Tds7mg+pt8Kg5dhGsUt/455nIQ8ir/1ze/C8Wpx8
c7fxpuPpdlBj0zw+B9DUJQtCqOOibElYqsCzPN6X4VYpxLZtnGvD0Ic/
-----END CERTIFICATE-----
Generated at Tue Nov 4 18:37:32 2025 by rpki-client