Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS212238.roa
File: AS212238.roa (raw, json)
Hash identifier: xG0GuWgQWMfg/6SsT73de8ygkrOn7KOb5DSCp0ZratE=
Subject key identifier: 65:4C:83:88:7A:1C:09:F8:5B:EA:13:28:DE:51:93:E9:82:D8:3D:3E
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 421C6761566667E68C9645C01C3B7BAEAAF97084
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS212238.roa
Signing time: Mon 20 Apr 2026 10:13:02 +0000
ROA not before: Mon 20 Apr 2026 10:08:02 +0000
ROA not after: Mon 19 Apr 2027 10:13:02 +0000
asID: 212238
IP address blocks: 96.62.96.0/23 maxlen: 23
96.62.111.0/24 maxlen: 24
96.62.127.0/24 maxlen: 24
96.62.190.0/24 maxlen: 24
96.62.214.0/24 maxlen: 24
136.143.247.0/24 maxlen: 24
140.233.178.0/23 maxlen: 24
140.233.188.0/23 maxlen: 24
143.14.132.0/23 maxlen: 24
143.14.219.0/24 maxlen: 24
146.103.45.0/24 maxlen: 24
146.103.51.0/24 maxlen: 24
146.103.53.0/24 maxlen: 24
147.79.10.0/24 maxlen: 24
148.135.183.0/24 maxlen: 24
148.135.195.0/24 maxlen: 24
150.241.200.0/23 maxlen: 23
150.241.243.0/24 maxlen: 24
150.241.251.0/24 maxlen: 24
155.117.144.0/24 maxlen: 24
155.117.234.0/24 maxlen: 24
158.140.193.0/24 maxlen: 24
158.140.208.0/22 maxlen: 22
168.222.72.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 06 May 2026 13:57:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
42:1c:67:61:56:66:67:e6:8c:96:45:c0:1c:3b:7b:ae:aa:f9:70:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Apr 20 10:08:02 2026 GMT
Not After : Apr 19 10:13:02 2027 GMT
Subject: CN=654C83887A1C09F85BEA1328DE5193E982D83D3E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:86:8a:e0:4e:7a:1f:e9:f6:76:7f:e1:d4:3e:
e6:bd:69:e8:b6:a6:0c:50:a7:f7:70:83:08:ab:8c:
67:45:b3:12:b1:9c:69:79:e8:c9:8d:5c:6f:38:a3:
ae:b8:09:19:22:d2:f1:37:f1:a8:14:74:f3:18:b4:
e8:bb:da:e1:45:43:9b:02:aa:fd:f7:28:ed:49:59:
3b:a3:06:4d:81:e7:4e:8c:0d:36:44:8c:49:17:59:
d0:80:3a:93:a8:5c:ba:ab:ee:62:55:21:73:78:66:
bb:7d:94:af:a9:98:c6:05:eb:e8:d6:5f:1e:5f:a0:
a7:f1:b0:4e:68:6a:1a:a6:fb:4f:18:1d:00:e7:0e:
cd:e5:61:a1:f4:23:3e:19:b9:3a:2b:c9:4c:80:99:
03:2e:b1:47:75:27:35:34:0c:2d:8a:9a:70:16:cf:
7d:88:da:43:5f:fd:62:31:f5:82:6a:8c:0c:fe:91:
5a:1c:aa:a0:d4:84:e4:52:1b:05:4a:2e:40:dd:22:
52:eb:8f:f0:b5:4f:5d:35:53:95:39:3e:f4:db:7c:
17:df:4a:a1:bc:23:72:2f:84:af:71:6b:04:48:81:
ab:b9:77:00:9b:dc:90:f6:ca:63:90:90:42:de:36:
a7:94:be:53:2a:55:b0:29:97:25:ee:ea:7b:d1:4f:
a5:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:4C:83:88:7A:1C:09:F8:5B:EA:13:28:DE:51:93:E9:82:D8:3D:3E
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS212238.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
96.62.96.0/23
96.62.111.0/24
96.62.127.0/24
96.62.190.0/24
96.62.214.0/24
136.143.247.0/24
140.233.178.0/23
140.233.188.0/23
143.14.132.0/23
143.14.219.0/24
146.103.45.0/24
146.103.51.0/24
146.103.53.0/24
147.79.10.0/24
148.135.183.0/24
148.135.195.0/24
150.241.200.0/23
150.241.243.0/24
150.241.251.0/24
155.117.144.0/24
155.117.234.0/24
158.140.193.0/24
158.140.208.0/22
168.222.72.0/22
Signature Algorithm: sha256WithRSAEncryption
57:49:c5:b5:e0:f2:bf:4f:20:03:44:53:3f:43:d0:99:d2:32:
d2:71:36:e9:7b:11:12:06:bd:3d:a4:9b:9d:af:45:db:4a:cf:
76:7c:dd:5e:78:e0:52:bc:3b:c0:88:14:2a:83:f2:46:c9:24:
d0:93:fe:6c:04:89:dc:36:c8:44:a7:90:d4:3e:ff:cd:db:10:
8b:34:80:18:cf:94:a2:0f:66:84:8a:4f:63:99:c5:7e:45:e5:
ea:66:2c:aa:f9:48:ad:de:06:9e:cf:21:52:20:db:87:92:39:
c3:37:e1:70:58:35:0c:bf:c9:96:ca:20:b0:1f:62:87:69:5d:
be:1e:b9:4c:bb:d8:a4:0a:91:1d:0b:4b:a9:21:53:d4:28:c8:
e6:e6:4e:64:43:f0:f9:0f:e3:fa:55:a9:22:7d:fc:87:36:9d:
66:77:d4:b7:71:f9:a4:2a:9c:7e:c8:26:35:28:5a:67:17:f0:
58:b6:3f:89:07:08:71:a8:8b:04:6c:4a:34:cb:a7:f2:31:66:
e3:2c:fc:c2:49:90:68:ed:01:ef:60:24:e1:92:8f:5c:27:97:
91:31:b1:cd:6e:f0:02:f8:21:02:cd:d2:12:35:51:0f:8d:96:
ef:1a:3e:e5:f1:d6:46:a4:f6:c4:d0:0f:cb:2c:ac:36:9d:e5:
20:34:ee:f0
-----BEGIN CERTIFICATE-----
MIIFjzCCBHegAwIBAgIUQhxnYVZmZ+aMlkXAHDt7rqr5cIQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNjA0MjAxMDA4MDJaFw0yNzA0MTkxMDEzMDJaMDMxMTAvBgNV
BAMTKDY1NEM4Mzg4N0ExQzA5Rjg1QkVBMTMyOERFNTE5M0U5ODJEODNEM0UwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDahorgTnof6fZ2f+HUPua9aei2
pgxQp/dwgwirjGdFsxKxnGl56MmNXG84o664CRki0vE38agUdPMYtOi72uFFQ5sC
qv33KO1JWTujBk2B506MDTZEjEkXWdCAOpOoXLqr7mJVIXN4Zrt9lK+pmMYF6+jW
Xx5foKfxsE5oahqm+08YHQDnDs3lYaH0Iz4ZuToryUyAmQMusUd1JzU0DC2KmnAW
z32I2kNf/WIx9YJqjAz+kVocqqDUhORSGwVKLkDdIlLrj/C1T101U5U5PvTbfBff
SqG8I3IvhK9xawRIgau5dwCb3JD2ymOQkELeNqeUvlMqVbAplyXu6nvRT6X1AgMB
AAGjggKZMIIClTAdBgNVHQ4EFgQUZUyDiHocCfhb6hMo3lGT6YLYPT4wHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMjEyMjM4LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMIGtBggrBgEFBQcBBwEB/wSBnTCBmjCBlwQCAAEwgZAD
BAFgPmADBABgPm8DBABgPn8DBABgPr4DBABgPtYDBACIj/cDBAGM6bIDBAGM6bwD
BAGPDoQDBACPDtsDBACSZy0DBACSZzMDBACSZzUDBACTTwoDBACUh7cDBACUh8MD
BAGW8cgDBACW8fMDBACW8fsDBACbdZADBACbdeoDBACejMEDBAKejNADBAKo3kgw
DQYJKoZIhvcNAQELBQADggEBAFdJxbXg8r9PIANEUz9D0JnSMtJxNul7ERIGvT2k
m52vRdtKz3Z83V544FK8O8CIFCqD8kbJJNCT/mwEidw2yESnkNQ+/83bEIs0gBjP
lKIPZoSKT2OZxX5F5epmLKr5SK3eBp7PIVIg24eSOcM34XBYNQy/yZbKILAfYodp
Xb4euUy72KQKkR0LS6khU9QoyObmTmRD8PkP4/pVqSJ9/Ic2nWZ31Ldx+aQqnH7I
JjUoWmcX8Fi2P4kHCHGoiwRsSjTLp/IxZuMs/MJJkGjtAe9gJOGSj1wnl5Exsc1u
8AL4IQLN0hI1UQ+Nlu8aPuXx1kak9sTQD8ssrDad5SA07vA=
-----END CERTIFICATE-----
Generated at Tue May 5 23:16:37 2026 by rpki-client