Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS212238.roa
File: AS212238.roa (raw, json)
Hash identifier: utXPZ1hes7a7zYVE/GOFToVnl+yx5l1fuO2F8FCZsmU=
Subject key identifier: E2:71:20:62:57:A9:6B:88:CF:6B:83:61:80:3C:74:C6:F1:B0:DD:89
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 73E1E59ABB0907B0CA57D54EACE598BA66026539
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS212238.roa
Signing time: Tue 01 Apr 2025 17:22:19 +0000
ROA not before: Tue 01 Apr 2025 17:17:19 +0000
ROA not after: Tue 31 Mar 2026 17:22:19 +0000
asID: 212238
IP address blocks: 96.62.96.0/23 maxlen: 23
96.62.111.0/24 maxlen: 24
96.62.127.0/24 maxlen: 24
96.62.214.0/24 maxlen: 24
140.233.172.0/22 maxlen: 22
140.233.178.0/23 maxlen: 24
140.233.188.0/23 maxlen: 24
146.103.35.0/24 maxlen: 24
146.103.45.0/24 maxlen: 24
146.103.51.0/24 maxlen: 24
147.79.31.0/24 maxlen: 24
147.79.48.0/22 maxlen: 22
148.135.183.0/24 maxlen: 24
148.135.195.0/24 maxlen: 24
150.241.200.0/23 maxlen: 23
150.241.228.0/22 maxlen: 22
150.241.242.0/24 maxlen: 24
150.241.243.0/24 maxlen: 24
150.241.251.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 19:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
73:e1:e5:9a:bb:09:07:b0:ca:57:d5:4e:ac:e5:98:ba:66:02:65:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Apr 1 17:17:19 2025 GMT
Not After : Mar 31 17:22:19 2026 GMT
Subject: CN=E271206257A96B88CF6B8361803C74C6F1B0DD89
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:69:dc:b9:47:4e:d8:f8:97:0f:34:68:93:a0:
b5:0b:90:35:f4:0a:70:bb:7d:2e:b6:a3:6b:c6:20:
7e:be:54:8e:c2:94:a2:9c:30:3d:8f:2f:ca:54:ed:
d2:38:1f:73:7e:df:61:62:85:9f:2c:63:61:7e:3f:
e3:7d:5b:9a:2d:6c:96:2e:51:5d:43:c0:01:98:aa:
29:22:13:95:6d:53:df:82:ba:6e:7e:c9:8e:c0:59:
ea:bd:a3:17:aa:a3:f1:fd:c0:e8:33:52:fc:df:8c:
59:6b:8a:eb:92:d9:92:41:20:4b:9a:1c:2e:76:4f:
fa:b8:db:85:5a:82:4e:24:b5:83:3f:aa:71:e7:2d:
d3:f2:c1:ee:d2:c8:f2:c3:f4:ae:93:7d:6c:7c:6b:
dc:27:6d:94:2b:19:54:6c:bb:ba:00:78:bb:0e:86:
8e:70:6c:bc:2f:25:bd:cd:eb:fb:8c:5a:43:a7:56:
d5:2c:69:0f:75:27:fc:6d:a1:77:81:fb:5e:83:f0:
43:1c:54:d3:f1:8c:f6:a6:de:63:de:54:c4:fc:c3:
c6:56:1c:5d:30:bc:bf:77:bc:d4:b3:06:0d:be:84:
ff:56:2a:b2:e6:07:7c:8d:1f:31:48:3a:11:68:f4:
45:8b:94:dd:98:f6:bf:f2:fc:af:e3:97:8f:35:12:
f2:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:71:20:62:57:A9:6B:88:CF:6B:83:61:80:3C:74:C6:F1:B0:DD:89
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS212238.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
96.62.96.0/23
96.62.111.0/24
96.62.127.0/24
96.62.214.0/24
140.233.172.0/22
140.233.178.0/23
140.233.188.0/23
146.103.35.0/24
146.103.45.0/24
146.103.51.0/24
147.79.31.0/24
147.79.48.0/22
148.135.183.0/24
148.135.195.0/24
150.241.200.0/23
150.241.228.0/22
150.241.242.0/23
150.241.251.0/24
Signature Algorithm: sha256WithRSAEncryption
21:e8:e0:d9:54:82:b5:be:8b:d2:d5:e5:92:b5:12:2b:d8:d5:
85:f6:4e:61:58:23:8e:c2:25:f6:b7:a1:6c:ef:55:d3:6f:c3:
5c:9a:50:18:37:76:d9:e3:c9:ee:a4:68:90:81:97:21:57:42:
3a:85:fc:6f:63:4e:1b:1d:1f:c1:f3:0f:56:bc:1f:6e:d2:69:
f3:96:f2:6b:3a:e6:10:80:c8:88:ee:e7:a6:df:09:80:3e:b4:
0e:8a:1f:c2:2b:f2:b6:a1:f4:d6:53:55:2a:e1:34:1e:06:5f:
2e:d4:32:cd:d9:75:bd:a7:9a:36:2b:da:d8:bd:f7:40:9f:4c:
cb:e8:73:25:d4:0c:f2:1e:b9:90:4c:b4:e1:ef:70:e5:a0:c5:
d8:07:4a:2b:be:22:1c:68:e7:34:7a:29:1c:27:d4:ce:94:0c:
ee:d5:18:5f:ac:b3:ab:19:25:26:b0:a6:b8:9d:59:84:fd:20:
a5:6f:69:c5:39:55:d2:3a:7e:2b:ab:00:c8:40:e4:5b:87:49:
64:fa:04:ff:3f:32:29:da:c3:d5:56:dc:fe:0f:6c:29:17:1d:
54:5b:77:a3:6d:e9:87:5a:40:02:6a:b8:d8:4b:7e:0c:63:01:
1e:26:f2:25:5a:00:07:b7:c1:30:c0:ab:fe:b9:84:26:a1:f4:
51:11:4d:86
-----BEGIN CERTIFICATE-----
MIIFZzCCBE+gAwIBAgIUc+HlmrsJB7DKV9VOrOWYumYCZTkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTA0MDExNzE3MTlaFw0yNjAzMzExNzIyMTlaMDMxMTAvBgNV
BAMTKEUyNzEyMDYyNTdBOTZCODhDRjZCODM2MTgwM0M3NEM2RjFCMEREODkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDgady5R07Y+JcPNGiToLULkDX0
CnC7fS62o2vGIH6+VI7ClKKcMD2PL8pU7dI4H3N+32FihZ8sY2F+P+N9W5otbJYu
UV1DwAGYqikiE5VtU9+Cum5+yY7AWeq9oxeqo/H9wOgzUvzfjFlriuuS2ZJBIEua
HC52T/q424Vagk4ktYM/qnHnLdPywe7SyPLD9K6TfWx8a9wnbZQrGVRsu7oAeLsO
ho5wbLwvJb3N6/uMWkOnVtUsaQ91J/xtoXeB+16D8EMcVNPxjPam3mPeVMT8w8ZW
HF0wvL93vNSzBg2+hP9WKrLmB3yNHzFIOhFo9EWLlN2Y9r/y/K/jl481EvLhAgMB
AAGjggJxMIICbTAdBgNVHQ4EFgQU4nEgYlepa4jPa4NhgDx0xvGw3YkwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMjEyMjM4LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMIGFBggrBgEFBQcBBwEB/wR2MHQwcgQCAAEwbAMEAWA+
YAMEAGA+bwMEAGA+fwMEAGA+1gMEAozprAMEAYzpsgMEAYzpvAMEAJJnIwMEAJJn
LQMEAJJnMwMEAJNPHwMEApNPMAMEAJSHtwMEAJSHwwMEAZbxyAMEApbx5AMEAZbx
8gMEAJbx+zANBgkqhkiG9w0BAQsFAAOCAQEAIejg2VSCtb6L0tXlkrUSK9jVhfZO
YVgjjsIl9rehbO9V02/DXJpQGDd22ePJ7qRokIGXIVdCOoX8b2NOGx0fwfMPVrwf
btJp85byazrmEIDIiO7npt8JgD60DoofwivytqH01lNVKuE0HgZfLtQyzdl1vaea
Niva2L33QJ9My+hzJdQM8h65kEy04e9w5aDF2AdKK74iHGjnNHopHCfUzpQM7tUY
X6yzqxklJrCmuJ1ZhP0gpW9pxTlV0jp+K6sAyEDkW4dJZPoE/z8yKdrD1Vbc/g9s
KRcdVFt3o23ph1pAAmq42Et+DGMBHibyJVoAB7fBMMCr/rmEJqH0URFNhg==
-----END CERTIFICATE-----
Generated at Sat Apr 5 04:35:02 2025 by rpki-client