Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS214025.roa
File: AS214025.roa (raw, json)
Hash identifier: t8LgomOG9/wAnI0yYJDijGIiUa7d1QF3GiLJRSH/FsI=
Subject key identifier: 5F:DF:4F:35:B3:91:E5:E1:EE:1F:FB:A5:EB:86:E6:5C:45:3D:57:7B
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 784310D2A993F1370A7742F463B5CE0DF79CCCDF
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS214025.roa
Signing time: Wed 25 Mar 2026 11:38:41 +0000
ROA not before: Wed 25 Mar 2026 11:33:41 +0000
ROA not after: Wed 24 Mar 2027 11:38:41 +0000
asID: 214025
IP address blocks: 45.139.183.0/24 maxlen: 24
103.141.69.0/24 maxlen: 24
130.185.127.0/24 maxlen: 24
181.214.7.0/24 maxlen: 24
2a0a:9a00::/29 maxlen: 48
2a0a:9e00::/29 maxlen: 48
2a0b:8700::/29 maxlen: 48
2a0d:4c40::/29 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 15:17:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
78:43:10:d2:a9:93:f1:37:0a:77:42:f4:63:b5:ce:0d:f7:9c:cc:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Mar 25 11:33:41 2026 GMT
Not After : Mar 24 11:38:41 2027 GMT
Subject: CN=5FDF4F35B391E5E1EE1FFBA5EB86E65C453D577B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:32:74:15:de:2e:f0:e5:e5:b4:d7:15:c2:3c:
59:58:2e:3d:19:d6:4e:83:21:24:77:8b:85:9e:d1:
96:9b:f1:ec:b1:f5:01:14:dd:a6:f1:81:0d:62:aa:
d8:6d:40:b4:eb:20:47:60:bd:ef:c2:7c:90:e4:32:
0c:90:aa:2b:dd:13:4c:81:d4:68:11:20:44:4f:54:
32:19:57:0b:ab:a5:94:5a:09:6e:89:f6:46:a5:d8:
50:b9:ef:43:16:ea:14:5c:fa:59:08:37:a3:60:ab:
9a:32:ab:27:a9:11:39:4d:ca:1a:a1:d8:de:e2:9b:
b3:9b:6b:0f:04:cf:d4:7a:48:6c:5c:78:71:c9:cd:
87:2d:d2:38:4f:0d:45:05:56:97:cc:f3:ad:1f:76:
f7:f3:bf:f2:75:a1:37:40:8c:b9:4a:ba:2c:15:4c:
9c:90:be:b4:2d:4b:56:75:ef:f4:8c:43:64:ce:1d:
18:dc:b6:91:c4:c3:e5:4f:a6:60:ba:45:66:2b:0a:
c5:11:72:03:7a:fc:cc:45:eb:f4:9c:e5:58:e3:74:
cc:95:12:f7:e7:ab:b9:2a:e8:86:a9:c3:0b:d5:ce:
54:fe:a8:9f:38:4e:42:46:3d:2d:70:2d:bb:60:99:
c9:09:97:72:07:4e:1d:39:6b:87:1a:28:cc:ca:9c:
40:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:DF:4F:35:B3:91:E5:E1:EE:1F:FB:A5:EB:86:E6:5C:45:3D:57:7B
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS214025.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.139.183.0/24
103.141.69.0/24
130.185.127.0/24
181.214.7.0/24
IPv6:
2a0a:9a00::/29
2a0a:9e00::/29
2a0b:8700::/29
2a0d:4c40::/29
Signature Algorithm: sha256WithRSAEncryption
7f:68:f6:ac:bc:0e:0b:9d:d2:db:96:1f:9a:c4:cf:cf:eb:13:
08:bc:d6:07:24:eb:be:c0:89:85:b2:7e:ec:40:df:f6:bc:45:
16:f5:85:03:e4:2a:0d:51:de:cb:e8:93:2d:48:72:26:27:0d:
6c:bc:e4:bf:7e:fe:e1:b5:32:a1:de:5a:37:07:bb:d8:51:72:
34:e1:36:f5:51:ed:2c:7f:33:0d:c7:68:bf:a3:08:0a:9b:f0:
65:84:7b:7b:dd:87:eb:ff:ac:ea:8e:82:60:96:44:c4:b1:a8:
c4:58:a8:23:02:0d:00:39:d9:fb:6b:10:b3:30:88:35:0c:c9:
f0:0a:a4:16:50:9d:14:a8:e5:13:b4:38:23:24:e3:dd:5a:c3:
cc:99:17:2c:2e:9d:c2:90:5a:01:f5:d6:ec:31:e2:b6:b8:f5:
d2:f6:b3:bd:30:fb:2a:4b:04:5e:93:98:4a:b6:76:67:7e:0f:
84:1d:b4:5f:ee:a4:4a:4a:af:49:3e:74:66:06:34:d6:4b:d6:
f6:8b:98:0b:f8:ec:ed:be:0c:43:e7:ef:ed:61:c5:eb:30:b7:
06:7a:73:0d:ab:35:85:0b:15:06:04:ce:02:92:78:3d:a5:82:
8a:8b:0a:95:5b:d1:b7:09:c9:3b:f0:a7:01:33:ad:ae:d4:09:
37:2e:3f:6b
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgIUeEMQ0qmT8TcKd0L0Y7XODfeczN8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNjAzMjUxMTMzNDFaFw0yNzAzMjQxMTM4NDFaMDMxMTAvBgNV
BAMTKDVGREY0RjM1QjM5MUU1RTFFRTFGRkJBNUVCODZFNjVDNDUzRDU3N0IwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCJMnQV3i7w5eW01xXCPFlYLj0Z
1k6DISR3i4We0Zab8eyx9QEU3abxgQ1iqthtQLTrIEdgve/CfJDkMgyQqivdE0yB
1GgRIERPVDIZVwurpZRaCW6J9kal2FC570MW6hRc+lkIN6Ngq5oyqyepETlNyhqh
2N7im7Obaw8Ez9R6SGxceHHJzYct0jhPDUUFVpfM860fdvfzv/J1oTdAjLlKuiwV
TJyQvrQtS1Z17/SMQ2TOHRjctpHEw+VPpmC6RWYrCsURcgN6/MxF6/Sc5VjjdMyV
Evfnq7kq6IapwwvVzlT+qJ84TkJGPS1wLbtgmckJl3IHTh05a4caKMzKnEDZAgMB
AAGjggJAMIICPDAdBgNVHQ4EFgQUX99PNbOR5eHuH/ul64bmXEU9V3swHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMjE0MDI1LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDAeBAIAATAYAwQALYu3
AwQAZ41FAwQAgrl/AwQAtdYHMCIEAgACMBwDBQMqCpoAAwUDKgqeAAMFAyoLhwAD
BQMqDUxAMA0GCSqGSIb3DQEBCwUAA4IBAQB/aPasvA4LndLblh+axM/P6xMIvNYH
JOu+wImFsn7sQN/2vEUW9YUD5CoNUd7L6JMtSHImJw1svOS/fv7htTKh3lo3B7vY
UXI04Tb1Ue0sfzMNx2i/owgKm/BlhHt73Yfr/6zqjoJglkTEsajEWKgjAg0AOdn7
axCzMIg1DMnwCqQWUJ0UqOUTtDgjJOPdWsPMmRcsLp3CkFoB9dbsMeK2uPXS9rO9
MPsqSwRek5hKtnZnfg+EHbRf7qRKSq9JPnRmBjTWS9b2i5gL+OztvgxD5+/tYcXr
MLcGenMNqzWFCxUGBM4Ckng9pYKKiwqVW9G3Cck78KcBM62u1Ak3Lj9r
-----END CERTIFICATE-----
Generated at Thu Mar 26 02:25:20 2026 by rpki-client