Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS214762.roa
File: AS214762.roa (raw, json)
Hash identifier: qMnZXbrDvhzthQ/bDbq3gJAT6b81R1vbm9zmJjKdwgM=
Subject key identifier: 70:0F:02:5D:48:76:2B:63:F1:07:8F:EB:C4:9B:6F:DB:96:A5:90:22
Certificate issuer: /CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Certificate serial: 7EC196A8EF063B47534BD78A75178F5DE5FA3CC9
Authority key identifier: A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS214762.roa
Signing time: Tue 28 Apr 2026 20:54:18 +0000
ROA not before: Tue 28 Apr 2026 20:49:18 +0000
ROA not after: Tue 27 Apr 2027 20:54:18 +0000
asID: 214762
IP address blocks: 2a14:7580:ff9c::/48 maxlen: 48
2a14:7585:4000::/48 maxlen: 48
2a14:7585:d200::/44 maxlen: 44
2a14:7585:d400::/44 maxlen: 44
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft
rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 08:48:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7e:c1:96:a8:ef:06:3b:47:53:4b:d7:8a:75:17:8f:5d:e5:fa:3c:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Validity
Not Before: Apr 28 20:49:18 2026 GMT
Not After : Apr 27 20:54:18 2027 GMT
Subject: CN=700F025D48762B63F1078FEBC49B6FDB96A59022
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:49:7c:5d:da:d3:ce:c0:83:bf:e5:60:f4:97:
40:1b:d4:6a:a6:e8:d2:8c:0d:1c:5e:02:15:46:96:
f2:a9:d0:5c:a4:0b:5e:60:66:97:cd:8e:f4:6c:9b:
2a:71:77:c6:fa:68:9c:dc:6c:4a:0b:a3:95:e1:b4:
73:e0:2a:71:60:63:d5:40:0b:78:82:88:59:a0:19:
33:3d:b0:e4:80:80:4f:e9:d3:11:61:43:17:16:fc:
25:4e:85:ec:39:e0:76:a8:66:27:ba:07:f4:0b:e0:
27:22:00:60:7c:f1:90:26:1a:6c:c3:e4:c1:5e:cc:
bc:f7:42:69:f8:08:40:97:29:a5:79:9a:ff:fa:d3:
a6:49:d8:82:42:0e:dc:4c:81:d7:d0:f3:c6:76:c1:
29:81:40:92:0e:88:6d:9d:03:3a:10:fb:97:6b:59:
7c:c8:2c:54:f7:12:b0:d2:4e:3b:58:0b:ed:91:33:
b9:e8:1b:91:0a:6c:80:12:2c:93:c0:2a:2d:67:15:
1c:4f:50:af:f0:ce:85:7d:b3:56:5d:05:0b:89:a4:
8b:ec:ea:3d:e3:46:31:fd:33:44:a9:47:17:ef:d6:
a6:84:04:5b:c0:6a:0d:fc:29:9a:55:27:00:8f:88:
35:77:e5:99:71:65:99:84:27:7e:8d:04:11:11:a0:
d0:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:0F:02:5D:48:76:2B:63:F1:07:8F:EB:C4:9B:6F:DB:96:A5:90:22
X509v3 Authority Key Identifier:
keyid:A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS214762.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:7580:ff9c::/48
2a14:7585:4000::/48
2a14:7585:d200::/44
2a14:7585:d400::/44
Signature Algorithm: sha256WithRSAEncryption
86:c9:d8:ae:4c:98:7f:b0:cc:f7:45:37:77:b5:83:7f:28:51:
13:67:ad:ff:d8:a0:a0:e2:31:c6:4d:27:a9:64:9c:5a:71:3d:
c0:41:f1:75:58:93:d3:d5:0a:51:2e:4f:07:eb:6f:db:2e:59:
44:fb:6c:93:a5:41:c7:cc:10:3d:37:68:b9:8d:a7:51:db:e6:
84:92:8c:e6:d3:72:96:10:69:46:1f:57:6f:81:1e:3a:67:66:
ac:34:fe:79:5c:4c:dd:5b:3d:29:10:ac:ea:df:a0:26:96:8f:
e7:e6:15:ad:ce:a1:29:e4:64:ca:0a:aa:60:06:c8:2a:74:f5:
0c:58:8c:1b:25:19:1a:29:17:f6:99:fc:c6:e8:9c:11:03:22:
fe:bf:03:2e:85:19:23:54:5e:30:55:96:da:f0:54:22:8f:c7:
2b:ac:f9:ed:3d:cf:01:72:92:8c:90:90:a3:08:c9:27:84:63:
1a:f7:0c:22:0c:2b:df:15:25:87:a2:1e:dc:ba:4c:f1:87:a6:
25:27:06:54:2b:19:ab:21:a1:e7:ff:93:c5:28:79:78:23:61:
17:ac:32:fe:f8:1d:36:19:32:11:fe:5e:0a:b8:48:1f:21:c3:
13:85:56:82:4c:bc:67:e7:de:06:bc:2b:f6:2a:60:50:2c:40:
b2:0e:2a:7f
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgIUfsGWqO8GO0dTS9eKdRePXeX6PMkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTgzZDQ4NjUyZjNiMmRmNzRmNmJmOWJhYThhOWMxNzRj
Y2ZkMzc3MjAeFw0yNjA0MjgyMDQ5MThaFw0yNzA0MjcyMDU0MThaMDMxMTAvBgNV
BAMTKDcwMEYwMjVENDg3NjJCNjNGMTA3OEZFQkM0OUI2RkRCOTZBNTkwMjIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCTSXxd2tPOwIO/5WD0l0Ab1Gqm
6NKMDRxeAhVGlvKp0FykC15gZpfNjvRsmypxd8b6aJzcbEoLo5XhtHPgKnFgY9VA
C3iCiFmgGTM9sOSAgE/p0xFhQxcW/CVOhew54HaoZie6B/QL4CciAGB88ZAmGmzD
5MFezLz3Qmn4CECXKaV5mv/606ZJ2IJCDtxMgdfQ88Z2wSmBQJIOiG2dAzoQ+5dr
WXzILFT3ErDSTjtYC+2RM7noG5EKbIASLJPAKi1nFRxPUK/wzoV9s1ZdBQuJpIvs
6j3jRjH9M0SpRxfv1qaEBFvAag38KZpVJwCPiDV35ZlxZZmEJ36NBBERoNAZAgMB
AAGjggIoMIICJDAdBgNVHQ4EFgQUcA8CXUh2K2PxB4/rxJtv25alkCIwHwYDVR0j
BBgwFoAUqD1IZS87LfdPa/m6qKnBdMz9N3IwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODkyNzBmNmMtYTNmZS00Mjk5LWIwNzktMzA5ZWQ5N2Yz
ODI0LzAvQTgzRDQ4NjUyRjNCMkRGNzRGNkJGOUJBQThBOUMxNzRDQ0ZEMzc3Mi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FEMUlaUzg3TGZkUGFfbTZxS25CZE16
OU4zSS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5Lzg5MjcwZjZjLWEzZmUt
NDI5OS1iMDc5LTMwOWVkOTdmMzgyNC8wL0FTMjE0NzYyLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAAjAkAwcAKhR1
gP+cAwcAKhR1hUAAAwcEKhR1hdIAAwcEKhR1hdQAMA0GCSqGSIb3DQEBCwUAA4IB
AQCGydiuTJh/sMz3RTd3tYN/KFETZ63/2KCg4jHGTSepZJxacT3AQfF1WJPT1QpR
Lk8H62/bLllE+2yTpUHHzBA9N2i5jadR2+aEkozm03KWEGlGH1dvgR46Z2asNP55
XEzdWz0pEKzq36Amlo/n5hWtzqEp5GTKCqpgBsgqdPUMWIwbJRkaKRf2mfzG6JwR
AyL+vwMuhRkjVF4wVZba8FQij8crrPntPc8BcpKMkJCjCMknhGMa9wwiDCvfFSWH
oh7cukzxh6YlJwZUKxmrIaHn/5PFKHl4I2EXrDL++B02GTIR/l4KuEgfIcMThVaC
TLxn594GvCv2KmBQLECyDip/
-----END CERTIFICATE-----
Generated at Tue May 12 22:05:57 2026 by rpki-client