Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS212336.roa
File: AS212336.roa (raw, json)
Hash identifier: qQonjlmC2inQTUusVP0qj4gVAmlLyhqs1e+Th5obPdY=
Subject key identifier: E3:E0:ED:8C:46:DF:DD:A6:55:9D:0E:43:F0:3F:A0:E7:00:49:48:5F
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 67A146361423245F4A9A25FB5A1C04B472E6E9F4
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS212336.roa
Signing time: Fri 13 Mar 2026 00:05:53 +0000
ROA not before: Fri 13 Mar 2026 00:00:53 +0000
ROA not after: Fri 12 Mar 2027 00:05:53 +0000
asID: 212336
IP address blocks: 147.79.20.0/24 maxlen: 24
155.117.155.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
67:a1:46:36:14:23:24:5f:4a:9a:25:fb:5a:1c:04:b4:72:e6:e9:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Mar 13 00:00:53 2026 GMT
Not After : Mar 12 00:05:53 2027 GMT
Subject: CN=E3E0ED8C46DFDDA6559D0E43F03FA0E70049485F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:2b:2a:a0:e2:c7:2b:ee:52:96:82:0d:5c:a0:
eb:34:91:2c:e3:43:ab:7b:86:51:04:69:4c:f0:3f:
e6:df:07:96:67:2e:51:6e:b5:36:17:bf:57:55:37:
fc:5d:38:2f:84:6e:44:8a:ad:bb:cf:5a:2a:47:d2:
a6:f8:43:28:83:0d:64:c1:af:9b:b3:12:4f:a1:51:
87:94:d6:ad:a7:b3:4b:82:f1:48:87:32:b8:e0:fe:
6e:98:6b:60:7d:e5:39:f0:2d:b0:5e:35:aa:3f:38:
aa:50:b0:5f:3a:8a:db:0b:0d:b8:50:5d:7b:dc:72:
b6:d4:6c:26:ac:9e:da:88:94:73:a9:60:4d:21:c6:
11:df:ec:cf:e9:80:59:8a:14:1b:19:17:a5:70:53:
b1:95:b7:12:7e:1c:d8:51:00:56:57:c2:42:6e:07:
05:f9:84:b7:63:0a:c5:73:ab:a0:2c:c8:1d:b2:5d:
aa:43:fc:6e:d6:94:e6:de:62:57:7e:a9:f4:13:23:
6d:ee:e7:21:47:11:7d:dc:68:cc:5c:b8:fa:25:41:
a9:ba:33:d0:c5:b9:fd:de:5f:94:d9:a7:38:db:93:
47:db:25:b0:bb:52:75:33:c4:18:f6:fb:ab:0c:4c:
ea:49:f9:d1:6a:f4:06:6c:2c:9a:a6:d5:65:74:a1:
d4:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:E0:ED:8C:46:DF:DD:A6:55:9D:0E:43:F0:3F:A0:E7:00:49:48:5F
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS212336.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.79.20.0/24
155.117.155.0/24
Signature Algorithm: sha256WithRSAEncryption
02:30:90:67:00:0d:da:8a:68:66:2b:fc:e8:86:6f:55:1e:4e:
e4:28:40:c9:9c:ff:bd:ef:e6:39:6e:e4:ae:8b:9f:0e:d4:da:
5c:4f:21:ba:a3:fd:17:9b:22:8a:fe:9a:51:13:e4:7d:0a:99:
c9:9d:9a:ab:6b:0c:e1:62:e3:ff:5e:e5:69:10:f4:71:98:64:
46:e1:13:42:0b:04:6f:ec:4d:87:9b:64:dd:3f:9a:31:d5:70:
a1:8b:8e:15:b5:f4:5e:73:49:78:75:2b:a3:00:0c:da:96:12:
cc:3d:1f:6f:7e:ff:57:7f:9f:b4:cb:86:83:68:36:53:23:5e:
e7:b3:e9:68:c1:34:94:03:36:35:3f:33:02:53:98:12:07:a6:
c9:dd:b0:83:c3:55:99:2e:81:98:08:d0:6e:54:45:0c:9f:9e:
de:fd:4e:c0:3c:2c:d5:34:e7:22:66:50:56:f1:b7:7c:9b:1f:
47:8c:3a:e7:ab:c7:e2:1c:af:16:28:85:5c:4d:a5:70:6b:1f:
52:e2:7d:93:da:8e:aa:ec:7e:99:80:15:b7:93:c6:28:21:3d:
4f:96:05:8c:bc:65:59:b8:45:da:d7:5b:e5:51:84:54:83:f3:
a1:35:65:f8:4a:af:df:02:ca:4e:24:e2:1a:09:a0:ed:75:0c:
40:49:eb:29
-----BEGIN CERTIFICATE-----
MIIFBjCCA+6gAwIBAgIUZ6FGNhQjJF9KmiX7WhwEtHLm6fQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNjAzMTMwMDAwNTNaFw0yNzAzMTIwMDA1NTNaMDMxMTAvBgNV
BAMTKEUzRTBFRDhDNDZERkREQTY1NTlEMEU0M0YwM0ZBMEU3MDA0OTQ4NUYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDHKyqg4scr7lKWgg1coOs0kSzj
Q6t7hlEEaUzwP+bfB5ZnLlFutTYXv1dVN/xdOC+EbkSKrbvPWipH0qb4QyiDDWTB
r5uzEk+hUYeU1q2ns0uC8UiHMrjg/m6Ya2B95TnwLbBeNao/OKpQsF86itsLDbhQ
XXvccrbUbCasntqIlHOpYE0hxhHf7M/pgFmKFBsZF6VwU7GVtxJ+HNhRAFZXwkJu
BwX5hLdjCsVzq6AsyB2yXapD/G7WlObeYld+qfQTI23u5yFHEX3caMxcuPolQam6
M9DFuf3eX5TZpzjbk0fbJbC7UnUzxBj2+6sMTOpJ+dFq9AZsLJqm1WV0odSxAgMB
AAGjggIQMIICDDAdBgNVHQ4EFgQU4+DtjEbf3aZVnQ5D8D+g5wBJSF8wHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMjEyMzM2LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAk08U
AwQAm3WbMA0GCSqGSIb3DQEBCwUAA4IBAQACMJBnAA3aimhmK/zohm9VHk7kKEDJ
nP+97+Y5buSui58O1NpcTyG6o/0XmyKK/ppRE+R9CpnJnZqrawzhYuP/XuVpEPRx
mGRG4RNCCwRv7E2Hm2TdP5ox1XChi44VtfRec0l4dSujAAzalhLMPR9vfv9Xf5+0
y4aDaDZTI17ns+lowTSUAzY1PzMCU5gSB6bJ3bCDw1WZLoGYCNBuVEUMn57e/U7A
PCzVNOciZlBW8bd8mx9HjDrnq8fiHK8WKIVcTaVwax9S4n2T2o6q7H6ZgBW3k8Yo
IT1PlgWMvGVZuEXa11vlUYRUg/OhNWX4Sq/fAspOJOIaCaDtdQxASesp
-----END CERTIFICATE-----
Generated at Wed Mar 25 04:42:05 2026 by rpki-client