Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS212238.roa
File: AS212238.roa (raw, json)
Hash identifier: 9Wes5Zp0Tt9hKt4nDQZabWWNhmwvqzOfqyw/si2ctgk=
Subject key identifier: 38:7D:49:B2:21:EE:91:1B:A5:DF:59:F9:DD:D7:54:AC:AC:04:68:EA
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 2324FA4F3C10E059A381790437A54CFC9F8802CA
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS212238.roa
Signing time: Thu 18 Jun 2026 16:37:57 +0000
ROA not before: Thu 18 Jun 2026 16:32:57 +0000
ROA not after: Thu 17 Jun 2027 16:37:57 +0000
asID: 212238
IP address blocks: 96.62.111.0/24 maxlen: 24
96.62.190.0/24 maxlen: 24
96.62.214.0/24 maxlen: 24
136.143.240.0/24 maxlen: 24
136.143.247.0/24 maxlen: 24
140.233.178.0/23 maxlen: 24
140.233.188.0/23 maxlen: 24
143.14.132.0/23 maxlen: 24
143.14.219.0/24 maxlen: 24
146.103.45.0/24 maxlen: 24
146.103.51.0/24 maxlen: 24
146.103.53.0/24 maxlen: 24
147.79.10.0/24 maxlen: 24
148.135.195.0/24 maxlen: 24
150.241.139.0/24 maxlen: 24
150.241.243.0/24 maxlen: 24
150.241.251.0/24 maxlen: 24
155.117.8.0/22 maxlen: 24
155.117.144.0/24 maxlen: 24
155.117.234.0/24 maxlen: 24
158.140.193.0/24 maxlen: 24
158.140.208.0/22 maxlen: 22
168.222.72.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 20 Jun 2026 19:57:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
23:24:fa:4f:3c:10:e0:59:a3:81:79:04:37:a5:4c:fc:9f:88:02:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Jun 18 16:32:57 2026 GMT
Not After : Jun 17 16:37:57 2027 GMT
Subject: CN=387D49B221EE911BA5DF59F9DDD754ACAC0468EA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:f8:bf:fc:2e:42:c4:a0:b4:42:1f:ea:99:52:
50:18:6e:9c:a1:7e:5c:39:2a:36:84:1b:ce:ba:c8:
32:7b:18:df:12:eb:cc:75:5b:31:9c:e2:e8:98:ab:
9a:c3:a4:56:7b:71:37:73:d4:aa:2d:59:fc:db:f5:
a8:a1:97:15:87:2f:2e:a2:0c:e7:fe:b0:7e:32:22:
30:f2:70:28:2f:58:4c:54:73:4f:61:65:55:75:74:
aa:49:22:6d:f4:35:2c:eb:29:7d:95:9a:d6:5b:02:
4b:76:56:4d:b1:7d:3e:ff:98:87:af:1b:5e:a1:5a:
31:88:d2:cb:7f:14:81:72:40:e1:ed:53:5d:b9:70:
b6:3d:ad:31:53:a9:a2:cc:7c:c4:f8:ee:42:03:33:
f8:e6:46:6a:05:cc:34:75:f4:5b:9c:2d:86:bb:b4:
cf:b3:14:90:ac:5b:90:86:25:3f:7a:04:99:49:81:
06:49:b9:39:f3:4b:8a:b6:b7:ad:e5:48:83:75:10:
70:1d:19:b8:58:38:5d:35:4f:39:44:8b:6c:b5:d4:
c9:34:97:4b:46:bd:01:cb:3e:cd:f2:df:2c:c0:fe:
4f:a8:9b:a7:f8:c5:1c:e8:7f:bd:3a:60:00:ce:9b:
c9:49:63:f1:e0:ff:d7:f0:5d:c7:17:20:4c:46:b5:
6c:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:7D:49:B2:21:EE:91:1B:A5:DF:59:F9:DD:D7:54:AC:AC:04:68:EA
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS212238.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
96.62.111.0/24
96.62.190.0/24
96.62.214.0/24
136.143.240.0/24
136.143.247.0/24
140.233.178.0/23
140.233.188.0/23
143.14.132.0/23
143.14.219.0/24
146.103.45.0/24
146.103.51.0/24
146.103.53.0/24
147.79.10.0/24
148.135.195.0/24
150.241.139.0/24
150.241.243.0/24
150.241.251.0/24
155.117.8.0/22
155.117.144.0/24
155.117.234.0/24
158.140.193.0/24
158.140.208.0/22
168.222.72.0/22
Signature Algorithm: sha256WithRSAEncryption
3c:28:bb:c3:cc:af:75:3c:b6:c2:63:77:a8:a9:38:85:1a:c0:
5e:19:9e:65:85:46:6e:01:92:c5:57:2c:a3:03:0f:57:f0:e5:
78:a5:e7:f0:37:b2:19:76:4e:b3:91:e7:c1:3d:9d:c7:df:8b:
4d:e9:df:3f:46:58:81:b9:84:b6:c7:04:95:4e:93:aa:bd:7f:
49:7f:92:63:ba:ff:8f:c7:70:76:c5:29:7b:ed:52:7c:c6:54:
be:b0:27:e9:74:80:49:6e:10:39:4d:4b:f2:80:97:67:fd:d1:
dd:6b:a9:5c:0d:bd:42:c7:11:c0:98:79:2a:56:ea:3c:7d:e4:
19:81:9b:b9:39:54:60:37:db:ac:42:91:7f:35:5b:f6:38:93:
9a:80:26:c3:41:d4:cd:31:23:b9:23:ff:d3:ef:ea:65:35:2b:
13:7f:6a:d8:bf:6c:78:7b:98:56:74:41:96:86:2d:32:33:89:
bd:40:5d:0e:d9:c1:a8:7f:d4:66:de:9d:6e:93:d7:c9:41:1e:
13:24:2f:f5:55:92:cd:22:90:34:53:d9:36:ba:f4:4b:ca:11:
eb:97:94:bf:3c:3d:0d:f1:e6:e7:6a:d9:22:45:58:a0:4f:ce:
be:7e:d3:fb:9c:40:bd:81:57:a7:87:bd:37:47:f9:4d:d6:d0:
1d:bb:52:ba
-----BEGIN CERTIFICATE-----
MIIFiTCCBHGgAwIBAgIUIyT6TzwQ4FmjgXkEN6VM/J+IAsowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNjA2MTgxNjMyNTdaFw0yNzA2MTcxNjM3NTdaMDMxMTAvBgNV
BAMTKDM4N0Q0OUIyMjFFRTkxMUJBNURGNTlGOURERDc1NEFDQUMwNDY4RUEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC/+L/8LkLEoLRCH+qZUlAYbpyh
flw5KjaEG866yDJ7GN8S68x1WzGc4uiYq5rDpFZ7cTdz1KotWfzb9aihlxWHLy6i
DOf+sH4yIjDycCgvWExUc09hZVV1dKpJIm30NSzrKX2VmtZbAkt2Vk2xfT7/mIev
G16hWjGI0st/FIFyQOHtU125cLY9rTFTqaLMfMT47kIDM/jmRmoFzDR19FucLYa7
tM+zFJCsW5CGJT96BJlJgQZJuTnzS4q2t63lSIN1EHAdGbhYOF01TzlEi2y11Mk0
l0tGvQHLPs3y3yzA/k+om6f4xRzof706YADOm8lJY/Hg/9fwXccXIExGtWyZAgMB
AAGjggKTMIICjzAdBgNVHQ4EFgQUOH1JsiHukRul31n53ddUrKwEaOowHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMjEyMjM4LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMIGnBggrBgEFBQcBBwEB/wSBlzCBlDCBkQQCAAEwgYoD
BABgPm8DBABgPr4DBABgPtYDBACIj/ADBACIj/cDBAGM6bIDBAGM6bwDBAGPDoQD
BACPDtsDBACSZy0DBACSZzMDBACSZzUDBACTTwoDBACUh8MDBACW8YsDBACW8fMD
BACW8fsDBAKbdQgDBACbdZADBACbdeoDBACejMEDBAKejNADBAKo3kgwDQYJKoZI
hvcNAQELBQADggEBADwou8PMr3U8tsJjd6ipOIUawF4ZnmWFRm4BksVXLKMDD1fw
5Xil5/A3shl2TrOR58E9ncffi03p3z9GWIG5hLbHBJVOk6q9f0l/kmO6/4/HcHbF
KXvtUnzGVL6wJ+l0gEluEDlNS/KAl2f90d1rqVwNvULHEcCYeSpW6jx95BmBm7k5
VGA326xCkX81W/Y4k5qAJsNB1M0xI7kj/9Pv6mU1KxN/ati/bHh7mFZ0QZaGLTIz
ib1AXQ7Zwah/1GbenW6T18lBHhMkL/VVks0ikDRT2Ta69EvKEeuXlL88PQ3x5udq
2SJFWKBPzr5+0/ucQL2BV6eHvTdH+U3W0B27Uro=
-----END CERTIFICATE-----
Generated at Sat Jun 20 03:12:52 2026 by rpki-client