Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/AS214083.roa
File: AS214083.roa (raw, json)
Hash identifier: cC7ZrZuABiVzutCo5sQnwdKrfRAZk7Fuz5WIpRNPUOc=
Subject key identifier: 5B:D3:DE:6A:95:A0:B8:51:B3:DD:BF:7D:D5:DD:62:89:4A:83:E9:6A
Certificate issuer: /CN=88c14ec02adbf083138eddd47871176ddeb93d9d
Certificate serial: 263C3E937099BB195348C7608226BE17E6B77B23
Authority key identifier: 88:C1:4E:C0:2A:DB:F0:83:13:8E:DD:D4:78:71:17:6D:DE:B9:3D:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/AS214083.roa
Signing time: Sat 27 Sep 2025 12:36:39 +0000
ROA not before: Sat 27 Sep 2025 12:31:39 +0000
ROA not after: Sat 26 Sep 2026 12:36:39 +0000
asID: 214083
IP address blocks: 143.20.33.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.crl
rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.mft
rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 01:18:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
26:3c:3e:93:70:99:bb:19:53:48:c7:60:82:26:be:17:e6:b7:7b:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88c14ec02adbf083138eddd47871176ddeb93d9d
Validity
Not Before: Sep 27 12:31:39 2025 GMT
Not After : Sep 26 12:36:39 2026 GMT
Subject: CN=5BD3DE6A95A0B851B3DDBF7DD5DD62894A83E96A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:31:fe:a3:e5:05:b2:ab:10:dd:e2:53:2b:40:
6f:4d:4c:98:82:8d:7f:32:0d:ad:a5:5d:a3:7e:e6:
18:88:59:2c:ae:f2:8d:35:ac:4d:17:b6:15:e1:54:
9f:0f:ef:85:40:95:8d:7c:e1:e6:5f:3c:31:5f:3c:
ae:f3:87:f1:c5:61:0b:aa:23:d9:46:ad:3b:b9:96:
59:16:73:be:5b:6d:96:60:17:e9:7a:1b:aa:4f:40:
19:4d:f1:a0:7b:d3:21:73:ba:19:f9:28:52:fd:b4:
41:3c:cb:4f:ea:8b:62:26:75:e6:18:43:42:86:c5:
bb:8c:13:32:32:14:52:7d:ba:9a:a4:ab:9d:1e:ae:
5c:4b:59:ae:eb:9c:d9:ea:ed:38:68:96:ec:78:18:
3f:0e:f1:4b:d6:74:d0:10:c0:f3:c4:47:90:ed:63:
10:c0:4b:17:fa:d4:a9:32:7b:5e:11:23:80:b5:72:
ca:26:90:8d:3c:c0:87:e2:ea:a4:74:ac:3e:74:2d:
cd:f6:cc:d9:7c:0d:e5:0a:d2:94:f9:54:31:11:6b:
0b:35:5d:3f:6b:04:ee:d9:35:d2:d7:dc:51:c7:8c:
0f:28:2a:fd:23:e7:8c:1d:5a:dc:83:4d:ba:37:af:
d4:cb:c0:8e:e4:22:ff:f0:65:84:19:6d:cf:e9:69:
8c:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:D3:DE:6A:95:A0:B8:51:B3:DD:BF:7D:D5:DD:62:89:4A:83:E9:6A
X509v3 Authority Key Identifier:
keyid:88:C1:4E:C0:2A:DB:F0:83:13:8E:DD:D4:78:71:17:6D:DE:B9:3D:9D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/AS214083.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.20.33.0/24
Signature Algorithm: sha256WithRSAEncryption
0c:1e:1d:fe:e4:53:14:a9:6b:e4:f9:eb:0c:4f:43:d9:f7:b9:
c4:b6:8e:1e:97:1a:fd:8f:fa:3c:16:6e:07:0a:72:be:0c:83:
02:8c:01:5d:06:d6:07:70:d0:ee:77:a0:94:2c:1c:1b:72:d2:
8a:c2:d4:2c:f5:cc:e9:14:08:82:59:22:5d:2d:be:fb:0e:8e:
45:4c:69:c4:45:5d:a7:29:0e:76:3a:f7:fc:a7:82:3c:85:a7:
0e:7f:9e:be:46:65:9c:c1:b4:3d:0e:b1:97:2f:9b:7f:ba:5f:
71:76:d2:03:99:cb:5e:65:a7:91:74:c2:49:48:bb:20:94:bb:
af:3a:42:d3:ba:fa:9f:6b:46:80:30:c4:1c:72:5f:6c:6e:c1:
66:19:2a:cd:22:1c:12:76:87:5d:cd:76:00:1e:91:c0:1f:6d:
98:83:a3:2e:af:b3:94:98:42:63:88:6d:1c:0a:75:80:30:cb:
7b:da:66:85:5a:a8:b3:ec:83:7b:89:c0:f8:18:4a:9b:7e:94:
43:aa:3a:ce:71:7c:ad:d6:48:38:1b:48:e7:7e:57:ad:46:60:
8e:01:76:61:90:c1:95:eb:e0:d1:68:cf:d4:12:b2:29:08:d8:
e1:58:86:df:d6:cc:c2:2d:f3:fa:0e:45:05:3d:d2:0b:58:4d:
a5:a0:de:b1
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIUJjw+k3CZuxlTSMdggia+F+a3eyMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODhjMTRlYzAyYWRiZjA4MzEzOGVkZGQ0Nzg3MTE3NmRk
ZWI5M2Q5ZDAeFw0yNTA5MjcxMjMxMzlaFw0yNjA5MjYxMjM2MzlaMDMxMTAvBgNV
BAMTKDVCRDNERTZBOTVBMEI4NTFCM0REQkY3REQ1REQ2Mjg5NEE4M0U5NkEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCVMf6j5QWyqxDd4lMrQG9NTJiC
jX8yDa2lXaN+5hiIWSyu8o01rE0XthXhVJ8P74VAlY184eZfPDFfPK7zh/HFYQuq
I9lGrTu5llkWc75bbZZgF+l6G6pPQBlN8aB70yFzuhn5KFL9tEE8y0/qi2ImdeYY
Q0KGxbuMEzIyFFJ9upqkq50erlxLWa7rnNnq7Tholux4GD8O8UvWdNAQwPPER5Dt
YxDASxf61Kkye14RI4C1csomkI08wIfi6qR0rD50Lc32zNl8DeUK0pT5VDERaws1
XT9rBO7ZNdLX3FHHjA8oKv0j54wdWtyDTbo3r9TLwI7kIv/wZYQZbc/paYxlAgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQUW9PeapWguFGz3b991d1iiUqD6WowHwYDVR0j
BBgwFoAUiMFOwCrb8IMTjt3UeHEXbd65PZ0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQwOWQ3YjItZWU2NC00OWYxLWFkODEtOGU0YTEwN2Q2
MmUwLzAvODhDMTRFQzAyQURCRjA4MzEzOEVEREQ0Nzg3MTE3NkRERUI5M0Q5RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2lNRk93Q3JiOElNVGp0M1VlSEVYYmQ2
NVBaMC5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0MDlkN2IyLWVlNjQt
NDlmMS1hZDgxLThlNGExMDdkNjJlMC8wL0FTMjE0MDgzLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAjxQh
MA0GCSqGSIb3DQEBCwUAA4IBAQAMHh3+5FMUqWvk+esMT0PZ97nEto4elxr9j/o8
Fm4HCnK+DIMCjAFdBtYHcNDud6CULBwbctKKwtQs9czpFAiCWSJdLb77Do5FTGnE
RV2nKQ52Ovf8p4I8hacOf56+RmWcwbQ9DrGXL5t/ul9xdtIDmcteZaeRdMJJSLsg
lLuvOkLTuvqfa0aAMMQccl9sbsFmGSrNIhwSdoddzXYAHpHAH22Yg6Mur7OUmEJj
iG0cCnWAMMt72maFWqiz7IN7icD4GEqbfpRDqjrOcXyt1kg4G0jnfletRmCOAXZh
kMGV6+DRaM/UErIpCNjhWIbf1szCLfP6DkUFPdILWE2loN6x
-----END CERTIFICATE-----
Generated at Sun Oct 19 15:02:42 2025 by rpki-client