Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS211192.roa
File: AS211192.roa (raw, json)
Hash identifier: f2nUbdGrEJBavnv7VlckeGhgPDa6o7M1OPCcNTL2ljw=
Subject key identifier: 15:F0:C7:80:07:BC:B8:D4:A8:31:63:5B:A9:30:8F:FC:BE:45:D8:96
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 71B0998B6E6473A8FDF5033658A0BF31EBFC5CA7
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS211192.roa
Signing time: Wed 04 Mar 2026 15:07:15 +0000
ROA not before: Wed 04 Mar 2026 15:02:15 +0000
ROA not after: Wed 03 Mar 2027 15:07:15 +0000
asID: 211192
IP address blocks: 181.214.25.0/24 maxlen: 24
181.214.41.0/24 maxlen: 24
181.214.54.0/24 maxlen: 24
181.214.58.0/24 maxlen: 24
181.214.76.0/24 maxlen: 24
181.214.79.0/24 maxlen: 24
181.214.91.0/24 maxlen: 24
181.214.98.0/24 maxlen: 24
181.214.101.0/24 maxlen: 24
181.214.107.0/24 maxlen: 24
181.214.119.0/24 maxlen: 24
181.214.130.0/24 maxlen: 24
181.214.148.0/24 maxlen: 24
181.214.154.0/24 maxlen: 24
181.214.161.0/24 maxlen: 24
181.214.167.0/24 maxlen: 24
181.214.180.0/24 maxlen: 24
181.214.201.0/24 maxlen: 24
181.214.211.0/24 maxlen: 24
181.214.216.0/24 maxlen: 24
181.214.236.0/24 maxlen: 24
181.214.248.0/24 maxlen: 24
181.215.113.0/24 maxlen: 24
181.215.149.0/24 maxlen: 24
181.215.159.0/24 maxlen: 24
181.215.163.0/24 maxlen: 24
181.215.164.0/24 maxlen: 24
181.215.189.0/24 maxlen: 24
181.215.190.0/24 maxlen: 24
181.215.216.0/24 maxlen: 24
181.215.225.0/24 maxlen: 24
181.215.227.0/24 maxlen: 24
181.215.247.0/24 maxlen: 24
181.215.250.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 06 Mar 2026 16:05:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
71:b0:99:8b:6e:64:73:a8:fd:f5:03:36:58:a0:bf:31:eb:fc:5c:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Mar 4 15:02:15 2026 GMT
Not After : Mar 3 15:07:15 2027 GMT
Subject: CN=15F0C78007BCB8D4A831635BA9308FFCBE45D896
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:53:b5:a3:b5:c8:75:03:f1:5b:54:90:8d:29:
66:63:d8:9d:1f:85:6a:fd:8b:12:6a:1f:5d:d0:9b:
dd:44:76:71:4b:a9:23:10:03:99:58:2a:58:84:0f:
5e:37:70:ab:14:7d:87:06:e3:93:34:db:cc:cd:83:
77:40:e7:15:e8:7b:f0:e2:58:dd:c1:70:a2:01:19:
19:6e:30:6e:f7:31:64:29:12:ed:86:7b:fd:8e:b9:
0e:f9:a1:d3:a9:82:ed:40:ce:f6:cc:a3:7c:97:d0:
4d:5b:48:01:b0:55:2b:51:49:3a:cf:81:66:5c:39:
85:ca:51:cf:ea:1f:f9:26:da:35:48:1e:37:15:a8:
cb:c0:7e:e8:8b:8c:ac:ae:51:cf:95:98:53:26:7c:
7c:46:32:ff:d1:75:93:ef:a6:33:c0:20:4b:d0:54:
70:ed:6f:54:f7:98:69:7b:90:3a:b4:1e:3d:25:c3:
97:b8:52:75:44:4e:2d:ef:2b:9b:36:ce:ab:5d:58:
ab:8b:50:ff:8c:ae:99:b0:37:d6:56:61:87:41:b6:
40:23:42:15:1f:c2:5c:40:a5:4a:3d:3f:66:ce:2d:
10:de:72:bd:92:c7:3c:66:28:63:ac:4d:6d:44:c7:
98:fb:b5:36:4f:4a:59:c6:29:6b:96:a5:9f:bf:26:
fc:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:F0:C7:80:07:BC:B8:D4:A8:31:63:5B:A9:30:8F:FC:BE:45:D8:96
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS211192.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
181.214.25.0/24
181.214.41.0/24
181.214.54.0/24
181.214.58.0/24
181.214.76.0/24
181.214.79.0/24
181.214.91.0/24
181.214.98.0/24
181.214.101.0/24
181.214.107.0/24
181.214.119.0/24
181.214.130.0/24
181.214.148.0/24
181.214.154.0/24
181.214.161.0/24
181.214.167.0/24
181.214.180.0/24
181.214.201.0/24
181.214.211.0/24
181.214.216.0/24
181.214.236.0/24
181.214.248.0/24
181.215.113.0/24
181.215.149.0/24
181.215.159.0/24
181.215.163.0-181.215.164.255
181.215.189.0-181.215.190.255
181.215.216.0/24
181.215.225.0/24
181.215.227.0/24
181.215.247.0/24
181.215.250.0/24
Signature Algorithm: sha256WithRSAEncryption
29:6e:8c:9a:52:b4:a9:46:17:3c:00:3e:16:9c:ef:e2:5b:6e:
71:4c:86:9a:e3:96:40:4a:19:d0:53:ab:a4:be:97:05:84:a9:
d5:cf:27:13:13:b8:b0:fe:5d:ea:c6:93:88:de:e3:43:9a:7c:
5e:be:37:52:52:c3:1f:6c:03:4a:1e:e1:e6:a6:8a:15:99:ef:
73:4f:5f:b9:02:62:11:87:29:d7:04:fb:04:6f:6a:db:86:97:
9a:8e:33:80:61:56:0c:be:f7:2e:0a:22:ce:3e:3d:e0:d0:9d:
b1:60:a0:8d:19:54:7e:02:18:1e:40:dd:54:31:7b:57:d3:35:
e4:b2:81:e9:f3:d3:c7:53:3b:9e:6e:15:06:8f:42:a6:08:29:
13:f4:7d:b5:34:ae:cd:d9:fb:f1:74:a4:37:ce:f6:98:b4:86:
d5:8f:b6:ff:11:38:6f:ff:05:dc:2e:67:21:c2:20:b0:e0:a4:
d2:03:f1:8c:fd:d4:92:b1:cb:35:d4:b6:da:5c:7c:92:fc:6a:
9d:0e:f1:85:5e:7b:b0:38:f4:19:f5:9f:3d:f3:24:3f:fa:3d:
cd:d3:12:c5:c0:72:a3:67:0d:96:8c:ab:5e:4f:b4:e1:89:41:
76:cb:d9:8e:be:58:29:1d:69:72:4d:19:a5:a4:4b:68:e6:4e:
be:0e:65:cb
-----BEGIN CERTIFICATE-----
MIIFzzCCBLegAwIBAgIUcbCZi25kc6j99QM2WKC/Mev8XKcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNjAzMDQxNTAyMTVaFw0yNzAzMDMxNTA3MTVaMDMxMTAvBgNV
BAMTKDE1RjBDNzgwMDdCQ0I4RDRBODMxNjM1QkE5MzA4RkZDQkU0NUQ4OTYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCbU7Wjtch1A/FbVJCNKWZj2J0f
hWr9ixJqH13Qm91EdnFLqSMQA5lYKliED143cKsUfYcG45M028zNg3dA5xXoe/Di
WN3BcKIBGRluMG73MWQpEu2Ge/2OuQ75odOpgu1AzvbMo3yX0E1bSAGwVStRSTrP
gWZcOYXKUc/qH/km2jVIHjcVqMvAfuiLjKyuUc+VmFMmfHxGMv/RdZPvpjPAIEvQ
VHDtb1T3mGl7kDq0Hj0lw5e4UnVETi3vK5s2zqtdWKuLUP+MrpmwN9ZWYYdBtkAj
QhUfwlxApUo9P2bOLRDecr2SxzxmKGOsTW1Ex5j7tTZPSlnGKWuWpZ+/JvwdAgMB
AAGjggLZMIIC1TAdBgNVHQ4EFgQUFfDHgAe8uNSoMWNbqTCP/L5F2JYwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMjExMTkyLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMIHtBggrBgEFBQcBBwEB/wSB3TCB2jCB1wQCAAEwgdAD
BAC11hkDBAC11ikDBAC11jYDBAC11joDBAC11kwDBAC11k8DBAC11lsDBAC11mID
BAC11mUDBAC11msDBAC11ncDBAC11oIDBAC11pQDBAC11poDBAC11qEDBAC11qcD
BAC11rQDBAC11skDBAC11tMDBAC11tgDBAC11uwDBAC11vgDBAC113EDBAC115UD
BAC1158wDAMEALXXowMEALXXpDAMAwQAtde9AwQAtde+AwQAtdfYAwQAtdfhAwQA
tdfjAwQAtdf3AwQAtdf6MA0GCSqGSIb3DQEBCwUAA4IBAQApboyaUrSpRhc8AD4W
nO/iW25xTIaa45ZAShnQU6ukvpcFhKnVzycTE7iw/l3qxpOI3uNDmnxevjdSUsMf
bANKHuHmpooVme9zT1+5AmIRhynXBPsEb2rbhpeajjOAYVYMvvcuCiLOPj3g0J2x
YKCNGVR+AhgeQN1UMXtX0zXksoHp89PHUzuebhUGj0KmCCkT9H21NK7N2fvxdKQ3
zvaYtIbVj7b/EThv/wXcLmchwiCw4KTSA/GM/dSSscs11LbaXHyS/GqdDvGFXnuw
OPQZ9Z898yQ/+j3N0xLFwHKjZw2WjKteT7ThiUF2y9mOvlgpHWlyTRmlpEto5k6+
DmXL
-----END CERTIFICATE-----
Generated at Thu Mar 5 19:06:49 2026 by rpki-client