Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS2914.roa
File: AS2914.roa (raw, json)
Hash identifier: XkxQNRAiHPah+xUBi+FWbQqvXGPdWfIzEZWGAOeOKuo=
Subject key identifier: 33:9B:13:DA:F0:8A:3F:E0:CA:59:79:11:C0:79:C5:E5:B0:E9:8C:68
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 0E3C555D73E637D2B5852764428F8A591BD36889
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS2914.roa
Signing time: Fri 20 Jun 2025 10:10:59 +0000
ROA not before: Fri 20 Jun 2025 10:05:59 +0000
ROA not after: Fri 19 Jun 2026 10:10:59 +0000
asID: 2914
IP address blocks: 143.14.92.0/24 maxlen: 24
143.14.152.0/24 maxlen: 24
155.117.171.0/24 maxlen: 24
155.117.186.0/24 maxlen: 24
162.141.16.0/24 maxlen: 24
162.141.17.0/24 maxlen: 24
162.141.18.0/24 maxlen: 24
162.141.20.0/24 maxlen: 24
162.141.21.0/24 maxlen: 24
162.141.36.0/24 maxlen: 24
162.141.44.0/24 maxlen: 24
162.141.45.0/24 maxlen: 24
162.141.46.0/24 maxlen: 24
162.141.47.0/24 maxlen: 24
162.141.50.0/24 maxlen: 24
162.141.53.0/24 maxlen: 24
162.141.66.0/24 maxlen: 24
162.141.67.0/24 maxlen: 24
162.141.70.0/24 maxlen: 24
162.141.80.0/24 maxlen: 24
162.141.81.0/24 maxlen: 24
162.141.82.0/24 maxlen: 24
162.141.88.0/24 maxlen: 24
162.141.89.0/24 maxlen: 24
162.141.90.0/24 maxlen: 24
162.141.92.0/24 maxlen: 24
162.141.93.0/24 maxlen: 24
162.141.97.0/24 maxlen: 24
162.141.98.0/24 maxlen: 24
162.141.99.0/24 maxlen: 24
162.141.100.0/24 maxlen: 24
162.141.102.0/24 maxlen: 24
162.141.113.0/24 maxlen: 24
162.141.115.0/24 maxlen: 24
162.141.116.0/24 maxlen: 24
162.141.117.0/24 maxlen: 24
162.141.131.0/24 maxlen: 24
162.141.132.0/24 maxlen: 24
162.141.133.0/24 maxlen: 24
162.141.136.0/22 maxlen: 24
162.141.142.0/24 maxlen: 24
162.141.143.0/24 maxlen: 24
162.141.152.0/24 maxlen: 24
162.141.154.0/24 maxlen: 24
162.141.158.0/24 maxlen: 24
162.141.159.0/24 maxlen: 24
162.141.162.0/24 maxlen: 24
162.141.163.0/24 maxlen: 24
162.141.167.0/24 maxlen: 24
162.141.176.0/24 maxlen: 24
162.141.177.0/24 maxlen: 24
162.141.178.0/24 maxlen: 24
162.141.180.0/24 maxlen: 24
162.141.182.0/24 maxlen: 24
167.148.6.0/24 maxlen: 24
167.148.7.0/24 maxlen: 24
167.148.9.0/24 maxlen: 24
167.148.11.0/24 maxlen: 24
167.148.31.0/24 maxlen: 24
167.148.32.0/24 maxlen: 24
167.148.34.0/24 maxlen: 24
167.148.40.0/24 maxlen: 24
167.148.43.0/24 maxlen: 24
167.148.47.0/24 maxlen: 24
167.148.71.0/24 maxlen: 24
167.148.72.0/24 maxlen: 24
167.148.73.0/24 maxlen: 24
167.148.74.0/24 maxlen: 24
167.148.96.0/24 maxlen: 24
167.148.101.0/24 maxlen: 24
167.148.103.0/24 maxlen: 24
167.148.107.0/24 maxlen: 24
167.148.113.0/24 maxlen: 24
167.148.114.0/24 maxlen: 24
167.148.124.0/24 maxlen: 24
167.148.129.0/24 maxlen: 24
167.148.132.0/24 maxlen: 24
167.148.133.0/24 maxlen: 24
167.148.137.0/24 maxlen: 24
167.148.142.0/24 maxlen: 24
167.148.143.0/24 maxlen: 24
167.148.146.0/24 maxlen: 24
167.148.149.0/24 maxlen: 24
167.148.155.0/24 maxlen: 24
167.148.174.0/24 maxlen: 24
167.148.175.0/24 maxlen: 24
167.148.176.0/24 maxlen: 24
167.148.190.0/24 maxlen: 24
167.148.197.0/24 maxlen: 24
167.148.209.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0e:3c:55:5d:73:e6:37:d2:b5:85:27:64:42:8f:8a:59:1b:d3:68:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Jun 20 10:05:59 2025 GMT
Not After : Jun 19 10:10:59 2026 GMT
Subject: CN=339B13DAF08A3FE0CA597911C079C5E5B0E98C68
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:ad:29:16:94:fd:84:f7:d4:f0:bf:87:bf:31:
81:3c:ee:52:fd:a5:38:94:0f:6c:53:35:8e:c6:cf:
09:d0:ca:f8:7e:fb:33:60:95:46:3a:fe:19:5b:ca:
35:2b:3d:5b:79:47:89:6c:75:ec:b0:e6:de:5b:4f:
f9:47:2b:bd:47:64:fa:6f:31:08:63:47:5a:fb:8a:
b4:59:b3:87:8a:a4:a5:a0:9d:81:82:2a:36:7c:e3:
44:cd:4d:bf:c6:49:1c:5d:d8:b2:4a:b3:14:a2:ac:
c6:de:e3:0c:d7:fb:94:19:00:f4:96:64:67:ed:26:
05:d0:28:bb:db:ae:46:d3:d9:59:c5:2e:71:e2:cd:
08:aa:a5:3f:89:73:6d:1f:9e:85:f9:4e:e6:76:53:
98:03:a0:60:0f:3f:50:c2:1d:bb:d8:86:f9:d2:49:
9a:79:47:8d:15:67:64:e6:ad:69:76:17:af:1a:23:
b3:3e:a0:87:6b:25:d1:05:8f:83:8a:fd:b1:41:0e:
31:39:0f:c7:51:36:95:cf:ef:7e:1d:d0:64:d0:69:
78:3e:fb:84:f8:22:a0:66:d4:26:2a:06:94:9c:11:
e3:0b:9a:51:73:60:27:7c:7b:63:af:6b:7f:9e:64:
fe:25:8d:16:83:39:3b:49:5c:dd:83:84:6b:55:0a:
ee:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:9B:13:DA:F0:8A:3F:E0:CA:59:79:11:C0:79:C5:E5:B0:E9:8C:68
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS2914.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.14.92.0/24
143.14.152.0/24
155.117.171.0/24
155.117.186.0/24
162.141.16.0-162.141.18.255
162.141.20.0/23
162.141.36.0/24
162.141.44.0/22
162.141.50.0/24
162.141.53.0/24
162.141.66.0/23
162.141.70.0/24
162.141.80.0-162.141.82.255
162.141.88.0-162.141.90.255
162.141.92.0/23
162.141.97.0-162.141.100.255
162.141.102.0/24
162.141.113.0/24
162.141.115.0-162.141.117.255
162.141.131.0-162.141.133.255
162.141.136.0/22
162.141.142.0/23
162.141.152.0/24
162.141.154.0/24
162.141.158.0/23
162.141.162.0/23
162.141.167.0/24
162.141.176.0-162.141.178.255
162.141.180.0/24
162.141.182.0/24
167.148.6.0/23
167.148.9.0/24
167.148.11.0/24
167.148.31.0-167.148.32.255
167.148.34.0/24
167.148.40.0/24
167.148.43.0/24
167.148.47.0/24
167.148.71.0-167.148.74.255
167.148.96.0/24
167.148.101.0/24
167.148.103.0/24
167.148.107.0/24
167.148.113.0-167.148.114.255
167.148.124.0/24
167.148.129.0/24
167.148.132.0/23
167.148.137.0/24
167.148.142.0/23
167.148.146.0/24
167.148.149.0/24
167.148.155.0/24
167.148.174.0-167.148.176.255
167.148.190.0/24
167.148.197.0/24
167.148.209.0/24
Signature Algorithm: sha256WithRSAEncryption
ba:ae:cb:8e:5a:12:0c:89:ed:8e:97:e6:f4:4e:cf:4e:2e:55:
ee:0c:d9:a4:48:c8:79:65:bf:d6:06:02:49:6f:6b:12:8e:d5:
11:7f:ad:77:6c:53:ac:e7:c8:40:8f:24:ca:f2:a1:4c:7d:f5:
a1:03:37:c2:d0:27:75:e4:be:38:9c:88:f6:32:e4:6f:7d:2c:
9b:12:45:50:42:42:b7:e3:da:1c:ec:59:dd:24:3e:3c:12:84:
6b:81:31:96:4a:cc:5f:05:10:de:67:7f:2a:95:1e:0e:a1:84:
4f:46:6e:1f:12:eb:a7:ba:ad:c1:45:f0:d3:bf:bb:3b:a1:8a:
27:f2:29:46:98:77:a7:be:9d:70:62:d7:1f:ce:48:d6:9a:7c:
ef:c3:6c:2c:60:1c:34:83:a6:d2:ac:3c:21:a1:d4:41:6d:48:
da:65:e4:2a:32:46:fe:f1:89:44:3b:03:68:30:25:c6:01:e0:
15:e4:7a:bc:f8:67:28:bc:7c:53:ec:f6:2c:01:00:7f:78:a8:
54:25:33:b7:b5:23:3b:c8:d3:79:0a:33:0f:8c:74:83:a7:57:
78:89:68:5a:dc:97:c2:e2:5a:41:f1:06:b8:62:37:0d:d0:35:
bb:77:88:25:26:00:10:9f:6d:1a:f6:2a:6b:a3:ed:f1:e8:a2:
da:3d:e5:f4
-----BEGIN CERTIFICATE-----
MIIGqjCCBZKgAwIBAgIUDjxVXXPmN9K1hSdkQo+KWRvTaIkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTA2MjAxMDA1NTlaFw0yNjA2MTkxMDEwNTlaMDMxMTAvBgNV
BAMTKDMzOUIxM0RBRjA4QTNGRTBDQTU5NzkxMUMwNzlDNUU1QjBFOThDNjgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5rSkWlP2E99Twv4e/MYE87lL9
pTiUD2xTNY7GzwnQyvh++zNglUY6/hlbyjUrPVt5R4lsdeyw5t5bT/lHK71HZPpv
MQhjR1r7irRZs4eKpKWgnYGCKjZ840TNTb/GSRxd2LJKsxSirMbe4wzX+5QZAPSW
ZGftJgXQKLvbrkbT2VnFLnHizQiqpT+Jc20fnoX5TuZ2U5gDoGAPP1DCHbvYhvnS
SZp5R40VZ2TmrWl2F68aI7M+oIdrJdEFj4OK/bFBDjE5D8dRNpXP734d0GTQaXg+
+4T4IqBm1CYqBpScEeMLmlFzYCd8e2Ova3+eZP4ljRaDOTtJXN2DhGtVCu6fAgMB
AAGjggO0MIIDsDAdBgNVHQ4EFgQUM5sT2vCKP+DKWXkRwHnF5bDpjGgwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMjkxNC5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCCAckGCCsGAQUFBwEHAQH/BIIBuDCCAbQwggGwBAIAATCC
AagDBACPDlwDBACPDpgDBACbdasDBACbdbowDAMEBKKNEAMEAKKNEgMEAaKNFAME
AKKNJAMEAqKNLAMEAKKNMgMEAKKNNQMEAaKNQgMEAKKNRjAMAwQEoo1QAwQAoo1S
MAwDBAOijVgDBACijVoDBAGijVwwDAMEAKKNYQMEAKKNZAMEAKKNZgMEAKKNcTAM
AwQAoo1zAwQBoo10MAwDBACijYMDBAGijYQDBAKijYgDBAGijY4DBACijZgDBACi
jZoDBAGijZ4DBAGijaIDBACijacwDAMEBKKNsAMEAKKNsgMEAKKNtAMEAKKNtgME
AaeUBgMEAKeUCQMEAKeUCzAMAwQAp5QfAwQAp5QgAwQAp5QiAwQAp5QoAwQAp5Qr
AwQAp5QvMAwDBACnlEcDBACnlEoDBACnlGADBACnlGUDBACnlGcDBACnlGswDAME
AKeUcQMEAKeUcgMEAKeUfAMEAKeUgQMEAaeUhAMEAKeUiQMEAaeUjgMEAKeUkgME
AKeUlQMEAKeUmzAMAwQBp5SuAwQAp5SwAwQAp5S+AwQAp5TFAwQAp5TRMA0GCSqG
SIb3DQEBCwUAA4IBAQC6rsuOWhIMie2Ol+b0Ts9OLlXuDNmkSMh5Zb/WBgJJb2sS
jtURf613bFOs58hAjyTK8qFMffWhAzfC0Cd15L44nIj2MuRvfSybEkVQQkK349oc
7FndJD48EoRrgTGWSsxfBRDeZ38qlR4OoYRPRm4fEuunuq3BRfDTv7s7oYon8ilG
mHenvp1wYtcfzkjWmnzvw2wsYBw0g6bSrDwhodRBbUjaZeQqMkb+8YlEOwNoMCXG
AeAV5Hq8+GcovHxT7PYsAQB/eKhUJTO3tSM7yNN5CjMPjHSDp1d4iWha3JfC4lpB
8Qa4YjcN0DW7d4glJgAQn20a9ipro+3x6KLaPeX0
-----END CERTIFICATE-----
Generated at Sun Jun 29 03:12:54 2025 by rpki-client