Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS212384.roa
File: AS212384.roa (raw, json)
Hash identifier: czvFSMyHMOWn7W57X5UKJVIDXqUd4aAqIiQMWkD97Ds=
Subject key identifier: FE:DC:7F:27:04:1C:F7:12:BA:79:A5:B8:21:56:C9:47:50:77:C7:39
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 593043D1D56BE4947C266149859DD78162B4C0B1
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS212384.roa
Signing time: Thu 05 Jun 2025 12:28:48 +0000
ROA not before: Thu 05 Jun 2025 12:23:48 +0000
ROA not after: Thu 04 Jun 2026 12:28:48 +0000
asID: 212384
IP address blocks: 96.62.153.0/24 maxlen: 24
96.62.154.0/24 maxlen: 24
96.62.155.0/24 maxlen: 24
96.62.176.0/24 maxlen: 24
96.62.197.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 07 Jun 2025 22:50:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
59:30:43:d1:d5:6b:e4:94:7c:26:61:49:85:9d:d7:81:62:b4:c0:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Jun 5 12:23:48 2025 GMT
Not After : Jun 4 12:28:48 2026 GMT
Subject: CN=FEDC7F27041CF712BA79A5B82156C9475077C739
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:04:8e:7f:a0:12:b4:87:7c:2b:b6:55:bf:fe:
fa:ef:ab:5d:7e:e0:9b:9a:c4:9d:b8:0e:e6:69:76:
bb:29:48:0e:fe:ec:64:a0:7f:65:8c:38:89:81:11:
c3:ad:a7:90:de:47:94:12:46:4f:bf:a2:54:70:36:
1c:3e:65:a9:49:be:4e:76:51:30:db:94:8d:5b:77:
8a:8b:67:7f:5c:fd:e1:c0:e9:7f:dc:99:b1:68:1f:
85:34:93:4e:b4:f0:2b:a7:16:d7:1d:63:80:fc:8f:
5e:d0:3f:16:11:e8:14:bd:5f:3e:8f:64:5d:e3:95:
1f:e0:5d:f5:7a:84:a5:31:3f:fc:aa:f8:44:54:47:
29:b7:af:17:3e:da:89:5e:15:3d:dd:d7:da:38:e8:
56:71:1c:10:b9:56:12:09:67:f9:d8:05:22:04:77:
42:4a:0b:1e:2c:c8:47:d9:bc:0a:60:6f:52:67:17:
1a:c9:2f:fc:86:fd:b2:cf:5a:1f:91:01:97:bc:8e:
28:b1:bc:60:d3:27:0a:df:18:1c:99:d0:59:65:96:
58:bd:2a:e0:93:16:e8:2c:42:59:06:a7:77:5f:19:
41:74:8e:7a:5c:c7:8a:45:64:6a:a9:8f:90:1f:0b:
7a:55:be:1f:01:c6:54:df:1b:9e:83:46:1a:eb:d2:
10:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:DC:7F:27:04:1C:F7:12:BA:79:A5:B8:21:56:C9:47:50:77:C7:39
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS212384.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
96.62.153.0-96.62.155.255
96.62.176.0/24
96.62.197.0/24
Signature Algorithm: sha256WithRSAEncryption
a0:c1:ea:10:e6:cf:bc:6d:ae:21:a3:1d:43:4f:25:4e:ed:24:
0f:de:50:5a:84:2f:2d:71:32:5a:86:ad:91:af:8c:33:17:80:
d4:c5:59:89:0b:5b:ef:8f:c9:ab:fc:97:1d:f3:0f:e9:39:a7:
2c:4e:c9:49:26:25:b7:65:82:50:11:b3:05:de:5e:4e:26:ea:
50:fb:02:fe:cd:62:5d:97:a2:b0:d3:a0:cd:a2:a3:37:4d:e5:
29:35:d0:0c:d4:20:5d:ac:09:b8:8f:18:60:e4:38:c6:ba:e1:
d7:af:14:5d:d3:dd:53:1d:ca:dc:21:87:82:68:2c:30:f4:86:
09:b4:c7:31:11:ef:71:80:e4:60:04:0e:8b:f9:3b:e2:53:82:
08:ad:81:c6:df:83:72:0f:dc:4a:87:c0:60:29:ba:ab:32:89:
9d:53:d8:2d:da:e2:44:c2:44:0b:b1:88:da:8b:66:38:c5:79:
85:1f:a4:de:30:f6:f4:64:10:42:dc:80:62:75:06:30:39:21:
9b:5a:8f:9d:8c:b9:e5:9b:2b:6b:89:8d:8b:59:9a:65:d8:5a:
8e:e1:85:79:3d:5d:b8:9d:ca:0e:3b:8a:f5:56:0f:d7:f5:cb:
4f:e1:d7:4d:98:06:ae:24:64:a3:fd:58:b9:85:e7:b4:df:24:
96:38:22:e6
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgIUWTBD0dVr5JR8JmFJhZ3XgWK0wLEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTA2MDUxMjIzNDhaFw0yNjA2MDQxMjI4NDhaMDMxMTAvBgNV
BAMTKEZFREM3RjI3MDQxQ0Y3MTJCQTc5QTVCODIxNTZDOTQ3NTA3N0M3MzkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCeBI5/oBK0h3wrtlW//vrvq11+
4JuaxJ24DuZpdrspSA7+7GSgf2WMOImBEcOtp5DeR5QSRk+/olRwNhw+ZalJvk52
UTDblI1bd4qLZ39c/eHA6X/cmbFoH4U0k0608CunFtcdY4D8j17QPxYR6BS9Xz6P
ZF3jlR/gXfV6hKUxP/yq+ERURym3rxc+2oleFT3d19o46FZxHBC5VhIJZ/nYBSIE
d0JKCx4syEfZvApgb1JnFxrJL/yG/bLPWh+RAZe8jiixvGDTJwrfGByZ0Flllli9
KuCTFugsQlkGp3dfGUF0jnpcx4pFZGqpj5AfC3pVvh8BxlTfG56DRhrr0hCpAgMB
AAGjggIeMIICGjAdBgNVHQ4EFgQU/tx/JwQc9xK6eaW4IVbJR1B3xzkwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMjEyMzg0LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBABg
PpkDBAJgPpgDBABgPrADBABgPsUwDQYJKoZIhvcNAQELBQADggEBAKDB6hDmz7xt
riGjHUNPJU7tJA/eUFqELy1xMlqGrZGvjDMXgNTFWYkLW++Pyav8lx3zD+k5pyxO
yUkmJbdlglARswXeXk4m6lD7Av7NYl2XorDToM2iozdN5Sk10AzUIF2sCbiPGGDk
OMa64devFF3T3VMdytwhh4JoLDD0hgm0xzER73GA5GAEDov5O+JTggitgcbfg3IP
3EqHwGApuqsyiZ1T2C3a4kTCRAuxiNqLZjjFeYUfpN4w9vRkEELcgGJ1BjA5IZta
j52MueWbK2uJjYtZmmXYWo7hhXk9Xbidyg47ivVWD9f1y0/h102YBq4kZKP9WLmF
57TfJJY4IuY=
-----END CERTIFICATE-----
Generated at Sat Jun 7 04:02:16 2025 by rpki-client