Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS212335.roa
File: AS212335.roa (raw, json)
Hash identifier: d8lYqPxSYtO7hL5Q4BTRjReV9hXoxhptRMVdOu7moCY=
Subject key identifier: 11:0E:64:FD:EE:49:85:54:DA:6B:6B:23:0C:54:08:6F:B2:E1:8F:2E
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 71C3880545FD165335830A76C15BDBA393145621
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS212335.roa
Signing time: Thu 21 May 2026 13:47:15 +0000
ROA not before: Thu 21 May 2026 13:42:15 +0000
ROA not after: Thu 20 May 2027 13:47:15 +0000
asID: 212335
IP address blocks: 140.233.185.0/24 maxlen: 24
146.103.61.0/24 maxlen: 24
150.241.231.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 04 Jun 2026 22:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
71:c3:88:05:45:fd:16:53:35:83:0a:76:c1:5b:db:a3:93:14:56:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: May 21 13:42:15 2026 GMT
Not After : May 20 13:47:15 2027 GMT
Subject: CN=110E64FDEE498554DA6B6B230C54086FB2E18F2E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:1e:49:dc:54:5b:0b:97:13:10:27:f3:b2:bd:
c5:ad:51:71:cc:85:79:85:5d:85:e9:fa:21:b9:42:
b9:0f:8d:06:b7:09:7e:46:b4:91:12:3a:3b:74:1e:
9b:3d:c6:c2:92:fb:11:3e:79:77:7a:99:a6:96:b0:
8f:60:60:d2:31:c7:7d:3c:da:54:a0:88:ee:f0:7f:
41:f0:c9:cb:97:b1:7c:0a:5e:cb:db:8f:cc:5f:ea:
5c:15:8f:bd:ef:4b:c3:1a:92:dd:af:73:85:4c:e9:
e9:05:97:21:f1:83:4e:78:34:44:9c:62:13:c7:b8:
ec:e6:b8:86:8a:c0:48:59:2f:cf:d8:84:76:9b:1a:
ad:7f:0e:c7:be:da:2b:6a:8f:f0:03:a5:39:30:cb:
97:3f:46:e6:a4:fb:e9:c2:8c:69:78:f7:13:4c:4a:
f9:21:35:9e:9e:ea:37:26:e7:d2:5e:a0:f3:5e:2d:
a2:27:a2:9e:66:c0:d2:ce:f4:7a:a6:55:fe:7b:aa:
52:53:e7:ec:96:fd:b6:38:1b:c4:b8:a3:0a:46:08:
2d:1f:38:71:b9:5e:19:f4:c3:c6:9f:fc:51:2e:8d:
b5:d7:e2:4b:4b:1e:a1:3a:6c:2a:47:c3:ea:a5:f6:
44:dd:92:d7:01:a1:8c:66:5b:53:46:86:cf:b9:f2:
9b:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:0E:64:FD:EE:49:85:54:DA:6B:6B:23:0C:54:08:6F:B2:E1:8F:2E
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS212335.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
140.233.185.0/24
146.103.61.0/24
150.241.231.0/24
Signature Algorithm: sha256WithRSAEncryption
68:aa:65:23:4e:b5:3e:60:30:00:ff:f0:f1:1b:a5:34:df:f4:
fd:c8:f1:cf:2c:a1:eb:2c:b1:62:12:17:62:f1:24:28:fe:74:
83:6c:02:13:a4:f6:bb:8c:ae:fd:58:07:34:8b:e3:b5:e8:64:
64:04:e6:9f:78:81:ae:4b:26:09:a7:d5:36:f0:81:44:fb:33:
a7:98:91:c6:18:ba:4e:a9:15:89:77:6c:fe:8b:d8:ad:5a:36:
8e:c6:c6:b3:0f:cf:ff:89:5a:72:24:74:c3:a8:a1:35:18:54:
31:99:d5:4b:8e:d4:f1:e7:30:6f:1c:0e:8c:09:58:c1:15:0e:
be:fc:49:89:bd:07:56:bd:e5:3f:ed:70:a1:73:32:53:57:1d:
77:e8:7c:1f:de:5e:bf:85:af:a1:7f:cf:32:aa:02:9b:76:b4:
6b:f4:6b:38:b7:dc:dc:72:cb:d2:f8:38:e0:1e:09:56:b6:52:
29:e7:36:00:91:05:f7:fe:fd:5d:1f:2d:92:f7:18:70:b4:2d:
ec:a7:cd:1e:66:10:51:6e:4c:d6:37:93:ca:f5:b4:46:a2:4f:
d1:e5:c4:ab:4b:2a:fe:03:7b:8b:62:da:2e:62:9b:1e:53:ab:
e0:69:db:26:5c:79:99:31:3b:9d:5a:42:f1:40:93:91:82:5f:
1b:5a:70:85
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgIUccOIBUX9FlM1gwp2wVvbo5MUViEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNjA1MjExMzQyMTVaFw0yNzA1MjAxMzQ3MTVaMDMxMTAvBgNV
BAMTKDExMEU2NEZERUU0OTg1NTREQTZCNkIyMzBDNTQwODZGQjJFMThGMkUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC/HkncVFsLlxMQJ/OyvcWtUXHM
hXmFXYXp+iG5QrkPjQa3CX5GtJESOjt0Hps9xsKS+xE+eXd6maaWsI9gYNIxx308
2lSgiO7wf0HwycuXsXwKXsvbj8xf6lwVj73vS8Makt2vc4VM6ekFlyHxg054NESc
YhPHuOzmuIaKwEhZL8/YhHabGq1/Dse+2itqj/ADpTkwy5c/Ruak++nCjGl49xNM
SvkhNZ6e6jcm59JeoPNeLaInop5mwNLO9HqmVf57qlJT5+yW/bY4G8S4owpGCC0f
OHG5Xhn0w8af/FEujbXX4ktLHqE6bCpHw+ql9kTdktcBoYxmW1NGhs+58ptDAgMB
AAGjggIWMIICEjAdBgNVHQ4EFgQUEQ5k/e5JhVTaa2sjDFQIb7Lhjy4wHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMjEyMzM1LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAjOm5
AwQAkmc9AwQAlvHnMA0GCSqGSIb3DQEBCwUAA4IBAQBoqmUjTrU+YDAA//DxG6U0
3/T9yPHPLKHrLLFiEhdi8SQo/nSDbAITpPa7jK79WAc0i+O16GRkBOafeIGuSyYJ
p9U28IFE+zOnmJHGGLpOqRWJd2z+i9itWjaOxsazD8//iVpyJHTDqKE1GFQxmdVL
jtTx5zBvHA6MCVjBFQ6+/EmJvQdWveU/7XChczJTVx136Hwf3l6/ha+hf88yqgKb
drRr9Gs4t9zccsvS+DjgHglWtlIp5zYAkQX3/v1dHy2S9xhwtC3sp80eZhBRbkzW
N5PK9bRGok/R5cSrSyr+A3uLYtouYpseU6vgadsmXHmZMTudWkLxQJORgl8bWnCF
-----END CERTIFICATE-----
Generated at Thu Jun 4 03:21:03 2026 by rpki-client