Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS212238.roa
File: AS212238.roa (raw, json)
Hash identifier: m1jZ6bQW6JXoB9s+xJMb4A7mL/nRQSxe2DWhRojCkGs=
Subject key identifier: 72:BC:55:73:D9:1E:11:9B:34:17:30:2E:45:3E:B5:C3:91:19:7C:6C
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 7280E9A5A0D971FDC7E43F038202BC2CC8B6826D
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS212238.roa
Signing time: Tue 22 Jul 2025 00:00:35 +0000
ROA not before: Mon 21 Jul 2025 23:55:35 +0000
ROA not after: Tue 21 Jul 2026 00:00:35 +0000
asID: 212238
IP address blocks: 96.62.96.0/23 maxlen: 23
96.62.111.0/24 maxlen: 24
96.62.127.0/24 maxlen: 24
96.62.214.0/24 maxlen: 24
140.233.178.0/23 maxlen: 24
140.233.188.0/23 maxlen: 24
143.14.145.0/24 maxlen: 24
143.14.249.0/24 maxlen: 24
146.103.35.0/24 maxlen: 24
146.103.45.0/24 maxlen: 24
146.103.51.0/24 maxlen: 24
147.79.31.0/24 maxlen: 24
148.135.183.0/24 maxlen: 24
148.135.195.0/24 maxlen: 24
150.241.200.0/23 maxlen: 23
150.241.242.0/24 maxlen: 24
150.241.243.0/24 maxlen: 24
150.241.251.0/24 maxlen: 24
155.117.107.0/24 maxlen: 24
155.117.123.0/24 maxlen: 24
155.117.125.0/24 maxlen: 24
155.117.245.0/24 maxlen: 24
158.140.208.0/22 maxlen: 22
162.141.112.0/24 maxlen: 24
167.148.105.0/24 maxlen: 24
167.148.177.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
72:80:e9:a5:a0:d9:71:fd:c7:e4:3f:03:82:02:bc:2c:c8:b6:82:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Jul 21 23:55:35 2025 GMT
Not After : Jul 21 00:00:35 2026 GMT
Subject: CN=72BC5573D91E119B3417302E453EB5C391197C6C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:fc:0d:ce:52:a4:ba:2a:33:7b:51:db:c7:12:
43:ae:8a:6a:ad:4a:60:73:a1:d8:b8:ed:d3:00:f8:
da:cb:b9:6d:84:25:47:51:f0:d2:ed:30:e6:ea:3a:
f2:1b:db:70:7d:cf:0d:8f:77:2a:fc:bf:c2:58:1c:
1a:ae:c8:4b:e4:54:7a:73:6f:6c:fc:d7:2d:5a:ca:
d1:8d:5a:c2:88:f2:32:3c:03:ec:a2:37:ca:99:e1:
8e:6d:a3:00:cf:6c:9d:aa:c4:93:7b:64:32:f4:1a:
a3:a8:c2:b3:5a:b9:57:ba:31:af:4e:0d:64:3f:cc:
ce:d4:56:a2:df:0c:85:4e:c2:15:50:80:54:dd:9a:
2b:71:54:97:f5:83:ce:a0:c7:ba:b8:72:38:e8:53:
72:ea:b2:03:37:df:e8:3f:20:46:0f:33:b4:0a:97:
12:c6:a5:c5:ea:31:55:2f:aa:67:92:23:c3:a5:cb:
60:95:59:54:30:69:1d:59:60:60:46:ef:0c:83:1e:
08:e2:da:65:68:82:ad:3f:8c:b6:9c:da:d2:be:84:
28:ce:31:ee:b3:02:05:bc:c8:c1:64:a3:80:7d:13:
f5:61:02:f4:5c:d7:4f:7d:48:35:51:5f:0e:22:ca:
c8:d5:21:55:15:61:d3:d6:31:bf:73:3f:1d:fb:b7:
e7:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:BC:55:73:D9:1E:11:9B:34:17:30:2E:45:3E:B5:C3:91:19:7C:6C
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS212238.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
96.62.96.0/23
96.62.111.0/24
96.62.127.0/24
96.62.214.0/24
140.233.178.0/23
140.233.188.0/23
143.14.145.0/24
143.14.249.0/24
146.103.35.0/24
146.103.45.0/24
146.103.51.0/24
147.79.31.0/24
148.135.183.0/24
148.135.195.0/24
150.241.200.0/23
150.241.242.0/23
150.241.251.0/24
155.117.107.0/24
155.117.123.0/24
155.117.125.0/24
155.117.245.0/24
158.140.208.0/22
162.141.112.0/24
167.148.105.0/24
167.148.177.0/24
Signature Algorithm: sha256WithRSAEncryption
02:d5:5b:82:dd:27:6d:43:af:70:39:7b:c2:84:1c:3a:03:79:
ea:f8:62:f7:0b:a3:83:7a:f3:4d:c0:92:eb:84:32:aa:2d:28:
e3:c8:0b:6a:23:3c:2d:b1:3d:7d:fc:1d:fe:53:94:df:ac:be:
ac:73:29:59:88:33:3d:77:e2:d5:28:cf:f9:3e:b9:e2:b2:35:
72:44:90:99:47:8c:87:12:ec:6b:aa:28:f2:17:37:25:3b:33:
89:dd:dc:17:88:ae:d5:3b:8d:45:02:0c:b2:cf:cb:50:b7:9d:
ac:41:e6:cc:2c:dd:08:a9:c4:47:7c:75:c0:c6:31:35:ad:cc:
1a:e7:92:61:03:4e:8b:a8:41:b2:18:df:20:7c:2c:43:8b:87:
4c:7b:ec:6b:d7:eb:24:49:ec:d5:6f:0b:be:3b:16:a6:87:2e:
48:4d:1f:cc:15:59:a1:06:47:6e:d8:ce:fa:8a:c8:37:dc:19:
ba:50:0c:58:95:fe:ce:fd:77:89:af:78:2b:75:38:79:3c:21:
1b:50:40:b0:d1:50:9f:22:3b:a1:19:fc:43:cd:91:69:fb:f6:
33:65:e8:d6:9e:f4:82:d6:1f:87:79:d1:b4:44:ef:77:54:3f:
f9:9a:14:90:ab:44:07:8c:89:fe:9b:81:6c:90:68:48:29:4f:
8e:32:92:85
-----BEGIN CERTIFICATE-----
MIIFlTCCBH2gAwIBAgIUcoDppaDZcf3H5D8DggK8LMi2gm0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTA3MjEyMzU1MzVaFw0yNjA3MjEwMDAwMzVaMDMxMTAvBgNV
BAMTKDcyQkM1NTczRDkxRTExOUIzNDE3MzAyRTQ1M0VCNUMzOTExOTdDNkMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC1/A3OUqS6KjN7UdvHEkOuimqt
SmBzodi47dMA+NrLuW2EJUdR8NLtMObqOvIb23B9zw2Pdyr8v8JYHBquyEvkVHpz
b2z81y1aytGNWsKI8jI8A+yiN8qZ4Y5towDPbJ2qxJN7ZDL0GqOowrNauVe6Ma9O
DWQ/zM7UVqLfDIVOwhVQgFTdmitxVJf1g86gx7q4cjjoU3LqsgM33+g/IEYPM7QK
lxLGpcXqMVUvqmeSI8Oly2CVWVQwaR1ZYGBG7wyDHgji2mVogq0/jLac2tK+hCjO
Me6zAgW8yMFko4B9E/VhAvRc1099SDVRXw4iysjVIVUVYdPWMb9zPx37t+fjAgMB
AAGjggKfMIICmzAdBgNVHQ4EFgQUcrxVc9keEZs0FzAuRT61w5EZfGwwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMjEyMjM4LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMIGzBggrBgEFBQcBBwEB/wSBozCBoDCBnQQCAAEwgZYD
BAFgPmADBABgPm8DBABgPn8DBABgPtYDBAGM6bIDBAGM6bwDBACPDpEDBACPDvkD
BACSZyMDBACSZy0DBACSZzMDBACTTx8DBACUh7cDBACUh8MDBAGW8cgDBAGW8fID
BACW8fsDBACbdWsDBACbdXsDBACbdX0DBACbdfUDBAKejNADBACijXADBACnlGkD
BACnlLEwDQYJKoZIhvcNAQELBQADggEBAALVW4LdJ21Dr3A5e8KEHDoDeer4YvcL
o4N6803AkuuEMqotKOPIC2ojPC2xPX38Hf5TlN+svqxzKVmIMz134tUoz/k+ueKy
NXJEkJlHjIcS7GuqKPIXNyU7M4nd3BeIrtU7jUUCDLLPy1C3naxB5sws3QipxEd8
dcDGMTWtzBrnkmEDTouoQbIY3yB8LEOLh0x77GvX6yRJ7NVvC747FqaHLkhNH8wV
WaEGR27YzvqKyDfcGbpQDFiV/s79d4mveCt1OHk8IRtQQLDRUJ8iO6EZ/EPNkWn7
9jNl6Nae9ILWH4d50bRE73dUP/maFJCrRAeMif6bgWyQaEgpT44ykoU=
-----END CERTIFICATE-----
Generated at Tue Jul 22 19:05:42 2025 by rpki-client