Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS214432.roa
File: AS214432.roa (raw, json)
Hash identifier: zXSvWmxU8Tg2w/im64vfJMwz27FABZ0pHKsI/Bu0iyM=
Subject key identifier: 0B:6A:CF:74:80:B4:BC:C8:A1:67:1C:01:97:0C:D5:F7:B6:A1:59:A6
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 6C984F94F1FC810B96B52890CA2AF7F778C0CE62
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS214432.roa
Signing time: Sat 09 May 2026 12:02:22 +0000
ROA not before: Sat 09 May 2026 11:57:22 +0000
ROA not after: Sat 08 May 2027 12:02:22 +0000
asID: 214432
IP address blocks: 146.103.11.0/24 maxlen: 24
167.148.189.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6c:98:4f:94:f1:fc:81:0b:96:b5:28:90:ca:2a:f7:f7:78:c0:ce:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: May 9 11:57:22 2026 GMT
Not After : May 8 12:02:22 2027 GMT
Subject: CN=0B6ACF7480B4BCC8A1671C01970CD5F7B6A159A6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:c7:a7:23:52:93:c2:bd:4c:6e:c5:d0:46:27:
f3:5a:d8:cb:48:e6:aa:3b:6d:57:f6:71:aa:53:95:
7b:ab:b6:6a:9d:c4:52:da:64:b5:72:2b:81:3b:2d:
87:6d:8c:de:0d:5e:80:0c:ba:7d:ae:d0:31:f0:29:
27:41:e5:34:16:7f:ed:18:45:d3:91:54:85:c9:6e:
38:49:06:8f:2a:a8:47:11:72:da:6f:51:56:eb:81:
a5:2e:9f:1f:74:d4:d9:6c:07:66:c0:74:cb:6a:ec:
45:05:1d:f4:44:9a:fe:3e:d7:bd:a4:40:a3:e8:93:
68:c2:a8:d2:cc:3e:31:05:bd:a8:91:4e:27:a7:f4:
5b:32:0b:48:32:a7:ee:e8:75:ac:e1:98:91:74:1a:
58:a4:36:b7:98:93:fb:a6:bc:84:7b:c8:7b:92:81:
43:58:5a:70:e1:69:94:ba:63:23:50:2e:10:4e:68:
a8:7b:af:c7:84:7c:f6:ef:5b:4c:93:35:8c:49:94:
c5:25:63:69:d0:8d:7a:6f:11:d5:ab:1c:24:3e:51:
ea:8d:88:52:b7:dc:81:43:89:74:9b:e5:84:b2:1e:
a7:6d:0c:38:0a:a9:4d:66:0e:08:0c:33:76:e9:1d:
22:f6:40:ff:5f:29:4f:21:5e:3a:64:f9:6f:20:0f:
46:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:6A:CF:74:80:B4:BC:C8:A1:67:1C:01:97:0C:D5:F7:B6:A1:59:A6
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS214432.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.103.11.0/24
167.148.189.0/24
Signature Algorithm: sha256WithRSAEncryption
15:26:88:1c:c1:a6:fb:ea:fc:49:3d:f3:af:96:eb:27:08:17:
43:74:c9:ef:a8:37:23:91:21:41:9a:12:9f:b6:bd:9b:9a:3b:
74:44:6d:f8:7b:f2:0f:3e:0d:24:ca:c6:39:89:07:57:83:27:
06:f6:ac:ee:50:69:4d:9c:c9:82:0b:f1:0d:b1:a0:06:64:78:
87:b8:e4:f1:e5:18:c1:4e:b8:31:e7:a8:8a:a8:b6:83:d0:60:
a1:86:c5:2f:2c:dd:64:49:71:8c:ec:fd:a1:c4:40:8f:ee:c0:
0e:85:9b:67:f2:87:d2:16:e4:5a:9c:80:2d:67:19:f4:2e:07:
e7:7e:b0:20:79:c1:d0:1b:6e:f7:7b:74:f9:e0:ce:ec:c0:6c:
59:cf:b4:51:ea:db:05:7c:cf:b6:35:33:bf:38:fa:d0:07:70:
35:fc:f1:e6:c4:78:35:5f:81:5b:d9:ab:55:ec:a8:14:79:c5:
10:be:a4:8c:7b:64:2c:da:77:fc:4b:73:25:7d:52:0e:e7:e1:
fc:24:0a:0c:92:81:a6:29:7c:b7:dc:e0:07:e8:54:7a:0b:af:
22:67:d8:c3:48:94:c4:cf:ce:e3:5c:19:78:11:d3:9a:fb:82:
01:f8:b6:9b:3d:c6:a0:d2:04:56:a5:ea:a8:62:c5:62:83:5c:
9e:9f:31:4d
-----BEGIN CERTIFICATE-----
MIIFBjCCA+6gAwIBAgIUbJhPlPH8gQuWtSiQyir393jAzmIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNjA1MDkxMTU3MjJaFw0yNzA1MDgxMjAyMjJaMDMxMTAvBgNV
BAMTKDBCNkFDRjc0ODBCNEJDQzhBMTY3MUMwMTk3MENENUY3QjZBMTU5QTYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5x6cjUpPCvUxuxdBGJ/Na2MtI
5qo7bVf2capTlXurtmqdxFLaZLVyK4E7LYdtjN4NXoAMun2u0DHwKSdB5TQWf+0Y
RdORVIXJbjhJBo8qqEcRctpvUVbrgaUunx901NlsB2bAdMtq7EUFHfREmv4+172k
QKPok2jCqNLMPjEFvaiRTien9FsyC0gyp+7odazhmJF0GlikNreYk/umvIR7yHuS
gUNYWnDhaZS6YyNQLhBOaKh7r8eEfPbvW0yTNYxJlMUlY2nQjXpvEdWrHCQ+UeqN
iFK33IFDiXSb5YSyHqdtDDgKqU1mDggMM3bpHSL2QP9fKU8hXjpk+W8gD0ZPAgMB
AAGjggIQMIICDDAdBgNVHQ4EFgQUC2rPdIC0vMihZxwBlwzV97ahWaYwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMjE0NDMyLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAkmcL
AwQAp5S9MA0GCSqGSIb3DQEBCwUAA4IBAQAVJogcwab76vxJPfOvlusnCBdDdMnv
qDcjkSFBmhKftr2bmjt0RG34e/IPPg0kysY5iQdXgycG9qzuUGlNnMmCC/ENsaAG
ZHiHuOTx5RjBTrgx56iKqLaD0GChhsUvLN1kSXGM7P2hxECP7sAOhZtn8ofSFuRa
nIAtZxn0LgfnfrAgecHQG273e3T54M7swGxZz7RR6tsFfM+2NTO/OPrQB3A1/PHm
xHg1X4Fb2atV7KgUecUQvqSMe2Qs2nf8S3MlfVIO5+H8JAoMkoGmKXy33OAH6FR6
C68iZ9jDSJTEz87jXBl4EdOa+4IB+LabPcag0gRWpeqoYsVig1yenzFN
-----END CERTIFICATE-----
Generated at Tue May 12 23:13:07 2026 by rpki-client