Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS214432.roa
File: AS214432.roa (raw, json)
Hash identifier: BKaw/Q3mzY89LhuwuSwrvgFKTSbwZxZvs98f1JwjRCQ=
Subject key identifier: C6:78:80:98:C3:26:9E:75:58:68:0A:08:94:5C:DD:4E:44:A5:5A:03
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 2230EB1217AE585909C9F4E3AFCE40309D59F88C
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS214432.roa
Signing time: Sat 21 Jun 2025 08:23:15 +0000
ROA not before: Sat 21 Jun 2025 08:18:15 +0000
ROA not after: Sat 20 Jun 2026 08:23:15 +0000
asID: 214432
IP address blocks: 96.62.114.0/24 maxlen: 24
143.14.164.0/24 maxlen: 24
155.117.195.0/24 maxlen: 24
162.141.160.0/24 maxlen: 24
167.148.8.0/24 maxlen: 24
167.148.41.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
22:30:eb:12:17:ae:58:59:09:c9:f4:e3:af:ce:40:30:9d:59:f8:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Jun 21 08:18:15 2025 GMT
Not After : Jun 20 08:23:15 2026 GMT
Subject: CN=C6788098C3269E7558680A08945CDD4E44A55A03
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:36:bd:8d:54:d4:f4:34:17:ac:09:c1:00:f2:
76:c6:52:45:c2:48:a9:b0:6c:d5:d9:6d:8f:83:9f:
59:f4:20:7f:e0:1b:ff:3f:24:2a:57:9b:ce:3e:5e:
de:cd:76:1b:33:91:06:23:32:de:4c:f3:03:ba:1d:
8c:a8:58:4f:82:89:39:20:f5:2f:26:e8:5d:0d:8d:
ad:d1:c8:d9:15:6c:fe:3e:a8:d3:4f:cd:80:39:34:
bb:76:46:bb:df:81:28:b9:11:9f:73:bc:ac:6c:ed:
91:65:46:12:cc:d5:8b:03:cd:a8:83:d9:2a:4a:bd:
e7:ec:91:f7:63:9d:e3:5e:fe:9c:b4:cf:1b:67:9c:
5f:f3:58:5f:f2:3b:e0:bb:f4:4b:d8:60:2d:b4:f7:
b0:52:ae:20:90:40:0a:05:f4:5b:4a:e5:1a:0c:d4:
f4:69:71:f9:6f:3d:01:27:d2:89:ae:61:12:21:18:
a8:9b:81:16:bc:bd:1d:7b:10:a0:df:51:10:6c:f7:
28:e0:e2:b0:0c:83:13:61:ce:99:b0:43:ca:a2:e3:
6e:a2:2a:d9:7f:5f:6b:a9:f5:6d:88:01:00:4d:93:
05:3e:42:89:88:46:d4:2c:d8:aa:af:cf:9b:09:75:
3c:ea:6e:00:dc:a2:68:c4:50:59:f1:79:3e:ae:15:
39:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:78:80:98:C3:26:9E:75:58:68:0A:08:94:5C:DD:4E:44:A5:5A:03
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS214432.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
96.62.114.0/24
143.14.164.0/24
155.117.195.0/24
162.141.160.0/24
167.148.8.0/24
167.148.41.0/24
Signature Algorithm: sha256WithRSAEncryption
42:8c:cb:b7:2a:e1:76:b8:84:1e:d2:3f:c4:e3:83:a5:86:ab:
96:7d:de:23:dc:f3:83:01:fc:8e:4d:ca:d0:ff:f7:f1:ad:fe:
a0:0f:59:e5:b8:54:a3:68:12:be:25:ab:e3:4e:b5:a3:76:d1:
07:c2:2b:e9:89:b5:63:ad:5b:5e:94:30:50:b6:6f:71:71:ad:
58:84:4e:6d:28:ec:51:f3:75:e4:3a:29:3e:8e:07:19:93:e5:
87:04:5d:cb:18:20:0a:81:5e:66:d3:fe:0a:da:c1:af:16:dd:
78:1f:ec:01:ed:1c:5a:65:63:f3:3d:40:73:d7:3a:91:42:51:
94:24:11:b9:f3:0f:d0:45:dc:0d:a9:f3:98:fc:9e:5e:af:05:
93:21:7e:8d:35:cd:38:fe:21:ac:ad:76:4b:12:7e:d9:17:b4:
4f:5e:89:f2:77:55:41:a0:de:8d:05:0b:57:3e:09:a2:1a:cf:
e3:81:b6:a8:3d:72:9b:02:14:6a:f9:85:8c:a2:6a:a4:7f:e6:
24:39:c4:20:1b:e3:ec:3f:e8:e6:bf:29:ce:89:c4:e1:b9:b8:
ed:1f:45:3f:f9:92:02:52:10:e6:92:ee:47:c2:36:00:23:e7:
b9:b4:46:86:7d:1b:06:1a:b1:0b:1f:fa:50:1b:78:11:0b:22:
fb:79:26:d7
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgIUIjDrEheuWFkJyfTjr85AMJ1Z+IwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTA2MjEwODE4MTVaFw0yNjA2MjAwODIzMTVaMDMxMTAvBgNV
BAMTKEM2Nzg4MDk4QzMyNjlFNzU1ODY4MEEwODk0NUNERDRFNDRBNTVBMDMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDNNr2NVNT0NBesCcEA8nbGUkXC
SKmwbNXZbY+Dn1n0IH/gG/8/JCpXm84+Xt7NdhszkQYjMt5M8wO6HYyoWE+CiTkg
9S8m6F0Nja3RyNkVbP4+qNNPzYA5NLt2RrvfgSi5EZ9zvKxs7ZFlRhLM1YsDzaiD
2SpKvefskfdjneNe/py0zxtnnF/zWF/yO+C79EvYYC2097BSriCQQAoF9FtK5RoM
1PRpcflvPQEn0omuYRIhGKibgRa8vR17EKDfURBs9yjg4rAMgxNhzpmwQ8qi426i
Ktl/X2up9W2IAQBNkwU+QomIRtQs2Kqvz5sJdTzqbgDcomjEUFnxeT6uFTmPAgMB
AAGjggIoMIICJDAdBgNVHQ4EFgQUxniAmMMmnnVYaAoIlFzdTkSlWgMwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMjE0NDMyLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAYD5y
AwQAjw6kAwQAm3XDAwQAoo2gAwQAp5QIAwQAp5QpMA0GCSqGSIb3DQEBCwUAA4IB
AQBCjMu3KuF2uIQe0j/E44OlhquWfd4j3PODAfyOTcrQ//fxrf6gD1nluFSjaBK+
JavjTrWjdtEHwivpibVjrVtelDBQtm9xca1YhE5tKOxR83XkOik+jgcZk+WHBF3L
GCAKgV5m0/4K2sGvFt14H+wB7RxaZWPzPUBz1zqRQlGUJBG58w/QRdwNqfOY/J5e
rwWTIX6NNc04/iGsrXZLEn7ZF7RPXonyd1VBoN6NBQtXPgmiGs/jgbaoPXKbAhRq
+YWMomqkf+YkOcQgG+PsP+jmvynOicThubjtH0U/+ZICUhDmku5HwjYAI+e5tEaG
fRsGGrELH/pQG3gRCyL7eSbX
-----END CERTIFICATE-----
Generated at Sun Jun 29 03:24:45 2025 by rpki-client