Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS214654.roa
File: AS214654.roa (raw, json)
Hash identifier: VmUHi6Ta4wTa563bJY6D0m02+EP+kqiUaZUPo1gniBE=
Subject key identifier: 15:1B:BE:06:F8:C6:DE:A1:33:8E:62:8C:FE:43:BF:72:7C:AD:0E:11
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 7D62B9E04ABC68CAB8E907B49E5AE438C335EDB4
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS214654.roa
Signing time: Thu 25 Sep 2025 16:18:23 +0000
ROA not before: Thu 25 Sep 2025 16:13:23 +0000
ROA not after: Thu 24 Sep 2026 16:18:23 +0000
asID: 214654
IP address blocks: 143.14.1.0/24 maxlen: 24
143.14.226.0/24 maxlen: 24
155.117.6.0/24 maxlen: 24
155.117.127.0/24 maxlen: 24
155.117.136.0/24 maxlen: 24
155.117.137.0/24 maxlen: 24
155.117.197.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 20:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7d:62:b9:e0:4a:bc:68:ca:b8:e9:07:b4:9e:5a:e4:38:c3:35:ed:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Sep 25 16:13:23 2025 GMT
Not After : Sep 24 16:18:23 2026 GMT
Subject: CN=151BBE06F8C6DEA1338E628CFE43BF727CAD0E11
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:12:29:be:33:dc:d6:d8:de:50:b5:8d:01:04:
bb:4c:4c:7e:2d:7f:c8:63:df:1f:cf:16:c3:bd:f6:
6f:a1:c5:f2:0c:68:d3:93:23:5a:9f:ca:bf:fa:4e:
51:f3:0a:7a:bf:1a:c0:4d:5b:67:14:0b:e8:c1:16:
62:8a:37:aa:ec:63:31:d8:e1:54:15:13:9c:7e:e7:
e3:79:55:16:32:97:7e:5f:92:7a:6d:25:3b:3c:4d:
bc:bf:c7:ae:73:cf:85:ba:5a:cd:d5:4d:49:44:2a:
73:7f:4f:53:1d:a6:7f:ff:4a:06:ec:35:de:76:b7:
a9:6c:fc:09:dc:ff:83:b9:a4:e5:e9:b5:a5:17:5f:
1c:d9:1b:d3:39:dc:28:07:2a:fc:1a:c3:94:66:b1:
bb:27:50:21:c6:38:da:b3:29:c0:87:a9:d9:9d:ab:
a7:8d:07:7b:9b:a5:ef:31:11:6f:0c:c7:c8:7a:ec:
5e:b3:71:00:b7:9a:2a:88:99:4b:d8:5e:27:1a:4b:
58:55:0f:53:09:70:0b:72:a6:5c:67:c1:00:32:19:
26:bf:4a:22:5d:fd:6e:a5:79:b3:4f:1a:1c:52:e6:
0e:3e:ba:43:ef:f7:89:22:c4:31:a6:dc:9c:85:e9:
a7:6d:6d:68:c5:66:56:ef:8e:e8:fb:44:47:4d:01:
76:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:1B:BE:06:F8:C6:DE:A1:33:8E:62:8C:FE:43:BF:72:7C:AD:0E:11
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS214654.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.14.1.0/24
143.14.226.0/24
155.117.6.0/24
155.117.127.0/24
155.117.136.0/23
155.117.197.0/24
Signature Algorithm: sha256WithRSAEncryption
49:a9:7e:d9:91:21:43:f7:ba:aa:55:96:48:a5:37:5e:63:43:
f4:00:23:3b:b9:68:ff:7a:d2:57:fd:33:58:11:88:15:80:8e:
05:d7:5f:0e:80:e0:1f:2f:86:8e:d9:f0:29:60:ba:e3:06:42:
06:27:9e:32:bb:6e:05:79:ec:2b:3b:aa:cc:52:8f:e9:5e:3d:
71:a4:77:05:c1:9a:a1:83:93:4f:3e:3d:f2:27:97:44:02:c9:
d5:2f:5f:82:30:02:4c:9f:ce:ea:cd:83:ae:88:7c:92:0a:94:
fc:31:bf:22:ea:a7:94:48:41:18:37:95:f1:0a:70:46:3d:e8:
71:ba:a6:03:e9:74:03:2f:0b:06:71:4c:60:40:ab:f9:3a:eb:
eb:69:5b:97:ca:ee:7d:20:a1:b4:21:f6:e0:8d:28:3c:e3:59:
77:2d:56:a1:8c:25:98:56:2e:92:b8:b2:8d:d8:1e:59:c3:8e:
35:3c:a8:bf:82:bd:00:db:c8:8d:e7:48:72:58:b7:e9:6e:14:
28:76:00:d9:d8:d9:23:4d:3f:e1:d5:2f:21:68:20:2a:48:ba:
a4:58:89:e2:75:7c:51:2a:d5:4a:19:16:28:94:a0:56:ba:bf:
fe:78:01:1c:58:31:e6:08:4f:56:14:18:bf:0d:1c:4e:19:8d:
be:1c:fe:60
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgIUfWK54Eq8aMq46Qe0nlrkOMM17bQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTA5MjUxNjEzMjNaFw0yNjA5MjQxNjE4MjNaMDMxMTAvBgNV
BAMTKDE1MUJCRTA2RjhDNkRFQTEzMzhFNjI4Q0ZFNDNCRjcyN0NBRDBFMTEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDJEim+M9zW2N5QtY0BBLtMTH4t
f8hj3x/PFsO99m+hxfIMaNOTI1qfyr/6TlHzCnq/GsBNW2cUC+jBFmKKN6rsYzHY
4VQVE5x+5+N5VRYyl35fknptJTs8Tby/x65zz4W6Ws3VTUlEKnN/T1Mdpn//Sgbs
Nd52t6ls/Anc/4O5pOXptaUXXxzZG9M53CgHKvwaw5RmsbsnUCHGONqzKcCHqdmd
q6eNB3ubpe8xEW8Mx8h67F6zcQC3miqImUvYXicaS1hVD1MJcAtyplxnwQAyGSa/
SiJd/W6lebNPGhxS5g4+ukPv94kixDGm3JyF6adtbWjFZlbvjuj7REdNAXZRAgMB
AAGjggIoMIICJDAdBgNVHQ4EFgQUFRu+BvjG3qEzjmKM/kO/cnytDhEwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMjE0NjU0LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAjw4B
AwQAjw7iAwQAm3UGAwQAm3V/AwQBm3WIAwQAm3XFMA0GCSqGSIb3DQEBCwUAA4IB
AQBJqX7ZkSFD97qqVZZIpTdeY0P0ACM7uWj/etJX/TNYEYgVgI4F118OgOAfL4aO
2fApYLrjBkIGJ54yu24FeewrO6rMUo/pXj1xpHcFwZqhg5NPPj3yJ5dEAsnVL1+C
MAJMn87qzYOuiHySCpT8Mb8i6qeUSEEYN5XxCnBGPehxuqYD6XQDLwsGcUxgQKv5
OuvraVuXyu59IKG0IfbgjSg841l3LVahjCWYVi6SuLKN2B5Zw441PKi/gr0A28iN
50hyWLfpbhQodgDZ2NkjTT/h1S8haCAqSLqkWInidXxRKtVKGRYolKBWur/+eAEc
WDHmCE9WFBi/DRxOGY2+HP5g
-----END CERTIFICATE-----
Generated at Mon Oct 20 04:11:46 2025 by rpki-client