Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS214654.roa
File: AS214654.roa (raw, json)
Hash identifier: Bpcma7UnhQPl9Af5S+iXJACi5sChjgFDILHeseyjUdg=
Subject key identifier: 56:75:85:20:58:D8:7D:E1:C1:96:C2:70:C8:BE:6F:F1:E7:2B:AE:EC
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 51DCB9B65D72AF721885F34AA2C53CE7365E299A
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS214654.roa
Signing time: Fri 08 Aug 2025 16:34:10 +0000
ROA not before: Fri 08 Aug 2025 16:29:10 +0000
ROA not after: Fri 07 Aug 2026 16:34:10 +0000
asID: 214654
IP address blocks: 143.14.1.0/24 maxlen: 24
143.14.226.0/24 maxlen: 24
155.117.127.0/24 maxlen: 24
155.117.136.0/24 maxlen: 24
155.117.137.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 14:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
51:dc:b9:b6:5d:72:af:72:18:85:f3:4a:a2:c5:3c:e7:36:5e:29:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Aug 8 16:29:10 2025 GMT
Not After : Aug 7 16:34:10 2026 GMT
Subject: CN=5675852058D87DE1C196C270C8BE6FF1E72BAEEC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:75:a4:bb:9a:ba:e3:10:fe:ea:a9:a4:c8:ac:
91:2c:af:2d:da:0d:c5:10:22:95:58:ea:8d:09:13:
4d:f5:e5:03:17:e3:14:3f:ac:c8:96:3a:28:59:a4:
05:6f:c6:e4:c5:3d:bb:7c:4c:83:1d:b7:15:c5:34:
cc:fb:6f:a8:ae:62:9c:9b:64:aa:f3:e1:95:f9:49:
f1:16:25:77:25:26:86:fb:aa:4f:f7:f9:c7:8e:19:
0b:b4:a1:cb:44:2c:17:99:1c:a5:82:59:28:7d:72:
49:a6:f6:61:53:50:5d:3a:0f:ee:37:20:8f:94:52:
2e:9b:9f:bb:81:33:f0:5c:38:2a:d4:f7:d4:8e:00:
c4:5c:c9:8d:bb:0d:32:b8:cd:bf:e4:b9:c9:85:3c:
16:93:55:59:ac:73:ef:82:39:0d:6c:a3:df:b4:f6:
80:3a:a9:21:7b:67:81:2d:df:ce:95:a1:5b:a9:fc:
b5:b9:b6:3d:94:b5:f5:08:be:58:39:8c:28:11:1e:
70:7e:13:21:34:6e:8c:84:bd:ed:5d:a3:03:a9:f7:
dc:03:76:77:cb:4c:21:fd:e5:65:32:c4:b6:ac:c9:
fd:e0:4e:06:c5:4d:05:7e:79:6f:8e:b1:f3:a8:6f:
8c:55:07:d5:7c:86:41:4d:77:ae:22:90:4c:ab:05:
e2:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:75:85:20:58:D8:7D:E1:C1:96:C2:70:C8:BE:6F:F1:E7:2B:AE:EC
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS214654.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.14.1.0/24
143.14.226.0/24
155.117.127.0/24
155.117.136.0/23
Signature Algorithm: sha256WithRSAEncryption
48:ca:0c:1c:54:82:c5:5c:2c:cc:eb:1e:3e:e0:cd:f8:17:c0:
7b:fe:f8:6d:62:55:13:ef:42:b9:66:e6:b1:f5:fb:43:f2:26:
65:35:51:f4:64:00:da:8b:72:fa:04:fb:1b:1a:ef:24:20:72:
59:88:b3:6c:9b:2d:23:d1:58:da:ae:de:98:32:95:17:9e:7c:
9d:33:04:88:3a:d0:cf:c9:b8:ac:19:1c:f3:61:0e:11:73:bc:
77:b5:a1:26:b0:dd:e3:c1:7e:d2:27:8a:76:33:3e:f3:3e:31:
95:47:a9:97:32:4f:3a:e6:11:4e:8a:db:db:df:00:a2:d5:1e:
71:75:0a:d6:bf:c5:5d:c5:71:fb:5b:6f:96:a7:5f:1c:11:bd:
50:6c:3d:45:17:ee:2f:90:73:63:cc:1c:fa:a1:26:6a:1b:1c:
7a:c6:fd:5f:93:0e:43:3d:f3:7f:ec:6d:29:40:36:bd:3e:3b:
ae:72:d7:ac:42:01:7c:a6:da:90:d6:d7:aa:79:ed:5f:eb:f0:
c4:d3:e9:0e:f2:aa:85:9e:12:61:a8:de:9b:7c:8b:34:df:b3:
65:d9:ff:61:18:e2:ee:03:d9:ee:b1:e3:8b:76:1f:21:29:77:
f3:4e:a7:c3:cd:d7:70:f6:c0:b8:d0:2e:00:5f:3e:8b:55:69:
ad:42:79:d3
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgIUUdy5tl1yr3IYhfNKosU85zZeKZowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTA4MDgxNjI5MTBaFw0yNjA4MDcxNjM0MTBaMDMxMTAvBgNV
BAMTKDU2NzU4NTIwNThEODdERTFDMTk2QzI3MEM4QkU2RkYxRTcyQkFFRUMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCgdaS7mrrjEP7qqaTIrJEsry3a
DcUQIpVY6o0JE0315QMX4xQ/rMiWOihZpAVvxuTFPbt8TIMdtxXFNMz7b6iuYpyb
ZKrz4ZX5SfEWJXclJob7qk/3+ceOGQu0octELBeZHKWCWSh9ckmm9mFTUF06D+43
II+UUi6bn7uBM/BcOCrU99SOAMRcyY27DTK4zb/kucmFPBaTVVmsc++COQ1so9+0
9oA6qSF7Z4Et386VoVup/LW5tj2UtfUIvlg5jCgRHnB+EyE0boyEve1dowOp99wD
dnfLTCH95WUyxLasyf3gTgbFTQV+eW+OsfOob4xVB9V8hkFNd64ikEyrBeL1AgMB
AAGjggIcMIICGDAdBgNVHQ4EFgQUVnWFIFjYfeHBlsJwyL5v8ecrruwwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMjE0NjU0LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAjw4B
AwQAjw7iAwQAm3V/AwQBm3WIMA0GCSqGSIb3DQEBCwUAA4IBAQBIygwcVILFXCzM
6x4+4M34F8B7/vhtYlUT70K5Zuax9ftD8iZlNVH0ZADai3L6BPsbGu8kIHJZiLNs
my0j0Vjart6YMpUXnnydMwSIOtDPybisGRzzYQ4Rc7x3taEmsN3jwX7SJ4p2Mz7z
PjGVR6mXMk865hFOitvb3wCi1R5xdQrWv8VdxXH7W2+Wp18cEb1QbD1FF+4vkHNj
zBz6oSZqGxx6xv1fkw5DPfN/7G0pQDa9PjuuctesQgF8ptqQ1teqee1f6/DE0+kO
8qqFnhJhqN6bfIs037Nl2f9hGOLuA9nuseOLdh8hKXfzTqfDzddw9sC40C4AXz6L
VWmtQnnT
-----END CERTIFICATE-----
Generated at Sat Aug 23 22:53:05 2025 by rpki-client