Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS214639.roa
File: AS214639.roa (raw, json)
Hash identifier: /M0msi06PkstbV820V85bA41jjqb7gBlnEJylBl/ibc=
Subject key identifier: 5D:49:21:6D:23:FC:FF:1C:0F:5E:FA:7C:47:5E:00:AB:6D:39:69:CC
Certificate issuer: /CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Certificate serial: 323F90B6494E1A8D7D94AA447A5308DF6E299F74
Authority key identifier: A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS214639.roa
Signing time: Mon 09 Mar 2026 09:13:47 +0000
ROA not before: Mon 09 Mar 2026 09:08:47 +0000
ROA not after: Mon 08 Mar 2027 09:13:47 +0000
asID: 214639
IP address blocks: 2a14:7580:b000::/36 maxlen: 36
2a14:7583:9000::/36 maxlen: 48
2a14:7583:fa00::/40 maxlen: 48
2a14:7584:d000::/36 maxlen: 48
2a14:7586:4000::/36 maxlen: 36
2a14:7586:8000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft
rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 09:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
32:3f:90:b6:49:4e:1a:8d:7d:94:aa:44:7a:53:08:df:6e:29:9f:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Validity
Not Before: Mar 9 09:08:47 2026 GMT
Not After : Mar 8 09:13:47 2027 GMT
Subject: CN=5D49216D23FCFF1C0F5EFA7C475E00AB6D3969CC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:38:ba:19:88:4a:01:13:cd:09:47:24:20:55:
91:42:36:7c:e9:08:ba:a6:3f:1e:fb:4f:ca:fb:ec:
e3:a2:3d:b7:17:16:8d:ae:d4:df:74:b7:14:01:f2:
2e:56:82:64:1d:c5:ce:50:8f:54:a8:17:8e:f2:98:
a6:c0:54:ab:96:1c:21:12:15:84:cd:a7:f8:c7:30:
38:90:b4:bb:4c:69:e0:3b:a7:71:b3:40:cc:22:db:
b3:f2:3d:e0:6e:01:22:62:8c:13:da:d9:13:c3:ed:
84:94:73:df:f7:c9:96:91:f5:e2:db:2a:83:5c:0f:
0d:51:21:2a:78:cd:a3:6d:78:5e:51:29:e6:a7:f0:
b0:ea:2a:75:a3:af:2c:4b:46:f8:26:b7:75:26:6e:
94:2b:38:6a:0c:15:50:cc:e7:34:19:98:fe:b9:29:
24:b1:1f:7a:9f:54:29:2b:a5:ad:3d:0d:b8:db:0b:
3d:08:73:03:dc:67:cd:ee:bf:e7:f9:bb:ce:81:ad:
70:5f:1b:c1:e9:7d:5b:09:ae:3e:79:98:78:65:c8:
65:d0:d0:e7:55:93:c8:15:11:a9:d6:be:2f:2a:a3:
c5:79:1a:de:a7:0e:91:40:46:0b:86:b9:6f:c5:68:
ee:3d:5f:9c:ad:90:33:a8:0c:15:5e:88:2a:c6:48:
05:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:49:21:6D:23:FC:FF:1C:0F:5E:FA:7C:47:5E:00:AB:6D:39:69:CC
X509v3 Authority Key Identifier:
keyid:A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS214639.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:7580:b000::/36
2a14:7583:9000::/36
2a14:7583:fa00::/40
2a14:7584:d000::/36
2a14:7586:4000::/36
2a14:7586:8000::/36
Signature Algorithm: sha256WithRSAEncryption
29:b5:ae:d5:e8:6c:90:17:0d:3f:d3:17:de:75:94:9d:4f:6a:
c6:24:5f:6f:7d:85:e0:2f:52:d6:a6:8f:91:ce:91:42:d0:98:
4e:dc:0a:ca:53:da:7b:fb:e5:e6:62:4b:0b:a6:95:07:6e:36:
ea:89:59:ff:1e:8d:ec:e6:30:59:f7:e6:11:3b:ad:18:17:33:
b1:38:ab:36:cc:8c:84:a8:97:43:2b:dc:b1:45:01:0e:79:84:
b8:de:50:af:de:34:5c:52:b2:50:36:89:85:2f:12:02:3c:e2:
a0:82:84:e9:5f:ca:1b:12:f1:fc:b8:49:8d:8d:d6:6f:75:46:
5d:6c:95:05:8d:32:6c:04:e8:19:73:0b:54:8b:18:1e:bd:4d:
75:6f:ea:80:08:1b:6f:e5:0a:f0:b8:0a:0c:57:55:52:69:20:
54:c9:92:35:d1:5e:61:46:86:77:9b:49:a9:f6:26:69:b4:6f:
e4:aa:33:f3:a2:5f:0d:1c:be:49:67:e1:c5:7d:13:d9:c9:7c:
58:57:01:1e:93:1e:e6:0b:29:48:91:34:cc:8a:53:37:93:21:
2e:0b:48:68:f1:83:d9:b9:42:b5:1b:52:6e:60:4c:73:f5:17:
d9:1c:a3:f0:f0:65:72:ab:a4:63:9d:2a:f1:d7:79:7b:0e:e9:
7f:29:10:69
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgIUMj+QtklOGo19lKpEelMI324pn3QwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTgzZDQ4NjUyZjNiMmRmNzRmNmJmOWJhYThhOWMxNzRj
Y2ZkMzc3MjAeFw0yNjAzMDkwOTA4NDdaFw0yNzAzMDgwOTEzNDdaMDMxMTAvBgNV
BAMTKDVENDkyMTZEMjNGQ0ZGMUMwRjVFRkE3QzQ3NUUwMEFCNkQzOTY5Q0MwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC+OLoZiEoBE80JRyQgVZFCNnzp
CLqmPx77T8r77OOiPbcXFo2u1N90txQB8i5WgmQdxc5Qj1SoF47ymKbAVKuWHCES
FYTNp/jHMDiQtLtMaeA7p3GzQMwi27PyPeBuASJijBPa2RPD7YSUc9/3yZaR9eLb
KoNcDw1RISp4zaNteF5RKean8LDqKnWjryxLRvgmt3UmbpQrOGoMFVDM5zQZmP65
KSSxH3qfVCkrpa09DbjbCz0IcwPcZ83uv+f5u86BrXBfG8HpfVsJrj55mHhlyGXQ
0OdVk8gVEanWvi8qo8V5Gt6nDpFARguGuW/FaO49X5ytkDOoDBVeiCrGSAWnAgMB
AAGjggI0MIICMDAdBgNVHQ4EFgQUXUkhbSP8/xwPXvp8R14Aq205acwwHwYDVR0j
BBgwFoAUqD1IZS87LfdPa/m6qKnBdMz9N3IwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODkyNzBmNmMtYTNmZS00Mjk5LWIwNzktMzA5ZWQ5N2Yz
ODI0LzAvQTgzRDQ4NjUyRjNCMkRGNzRGNkJGOUJBQThBOUMxNzRDQ0ZEMzc3Mi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FEMUlaUzg3TGZkUGFfbTZxS25CZE16
OU4zSS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5Lzg5MjcwZjZjLWEzZmUt
NDI5OS1iMDc5LTMwOWVkOTdmMzgyNC8wL0FTMjE0NjM5LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAAjAwAwYEKhR1
gLADBgQqFHWDkAMGACoUdYP6AwYEKhR1hNADBgQqFHWGQAMGBCoUdYaAMA0GCSqG
SIb3DQEBCwUAA4IBAQApta7V6GyQFw0/0xfedZSdT2rGJF9vfYXgL1LWpo+RzpFC
0JhO3ArKU9p7++XmYksLppUHbjbqiVn/Ho3s5jBZ9+YRO60YFzOxOKs2zIyEqJdD
K9yxRQEOeYS43lCv3jRcUrJQNomFLxICPOKggoTpX8obEvH8uEmNjdZvdUZdbJUF
jTJsBOgZcwtUixgevU11b+qACBtv5QrwuAoMV1VSaSBUyZI10V5hRoZ3m0mp9iZp
tG/kqjPzol8NHL5JZ+HFfRPZyXxYVwEekx7mCylIkTTMilM3kyEuC0ho8YPZuUK1
G1JuYExz9RfZHKPw8GVyq6RjnSrx13l7Dul/KRBp
-----END CERTIFICATE-----
Generated at Thu Mar 26 17:16:04 2026 by rpki-client