Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS214025.roa
File: AS214025.roa (raw, json)
Hash identifier: UQC/6xLLA0wAQXloVGwdKwOcdvzB9Rw3dQ4RSJsvdQI=
Subject key identifier: 92:8E:FB:19:EA:1F:F7:05:2B:17:B9:CB:B7:51:7F:85:86:0F:7D:68
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 747473A9053B7C49F1CDFA3FC725DB4AAC1EDBD5
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS214025.roa
Signing time: Wed 18 Jun 2025 19:10:12 +0000
ROA not before: Wed 18 Jun 2025 19:05:12 +0000
ROA not after: Wed 17 Jun 2026 19:10:12 +0000
asID: 214025
IP address blocks: 46.203.98.0/24 maxlen: 24
46.203.203.0/24 maxlen: 24
92.113.106.0/23 maxlen: 24
92.113.112.0/23 maxlen: 24
92.113.124.0/23 maxlen: 24
92.113.136.0/23 maxlen: 24
92.113.142.0/23 maxlen: 24
95.134.140.0/24 maxlen: 24
95.134.141.0/24 maxlen: 24
95.134.142.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 15:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
74:74:73:a9:05:3b:7c:49:f1:cd:fa:3f:c7:25:db:4a:ac:1e:db:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Jun 18 19:05:12 2025 GMT
Not After : Jun 17 19:10:12 2026 GMT
Subject: CN=928EFB19EA1FF7052B17B9CBB7517F85860F7D68
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:75:9b:ef:4b:b0:8a:df:a2:b7:10:b5:40:69:
b6:18:e0:05:23:99:11:90:f1:b2:b9:20:62:f0:e9:
35:db:d7:a3:ae:57:f4:88:fa:70:41:ab:53:4f:1e:
fc:8e:4c:68:61:da:cb:38:76:2a:16:2a:33:3d:7f:
24:1b:d9:e9:28:81:59:32:28:38:cb:b0:d8:fa:dd:
ec:67:98:f0:21:e5:a5:6e:da:f8:f1:08:c6:d6:a5:
9a:39:6d:ad:1c:55:64:79:21:49:cb:df:bf:72:71:
40:48:05:c6:97:fe:b3:d0:d0:b6:a0:af:ec:9e:29:
5f:39:86:e4:17:ca:3e:1c:e6:3b:b7:dd:4b:4f:7e:
50:61:9c:f6:8f:ce:0d:fa:57:1e:27:34:54:c7:82:
e7:de:24:cf:04:bf:09:93:81:92:14:1c:3c:d2:d2:
76:b5:51:2d:c0:2e:a9:a9:6e:b4:43:ac:be:d8:0a:
47:39:0a:72:63:e0:96:ef:8e:ae:25:e8:20:72:4b:
36:b8:0e:60:6b:36:ea:ea:e4:2a:fe:1b:63:ae:10:
80:43:01:1d:8e:1c:a8:76:a5:3b:e6:11:a2:f5:30:
8c:ef:d6:70:36:fd:d5:93:b3:e5:41:59:de:df:a2:
d0:67:3c:a8:75:85:c5:b5:65:5d:5f:9b:fc:a0:e3:
ad:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:8E:FB:19:EA:1F:F7:05:2B:17:B9:CB:B7:51:7F:85:86:0F:7D:68
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS214025.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.203.98.0/24
46.203.203.0/24
92.113.106.0/23
92.113.112.0/23
92.113.124.0/23
92.113.136.0/23
92.113.142.0/23
95.134.140.0-95.134.142.255
Signature Algorithm: sha256WithRSAEncryption
a2:13:8c:70:de:5e:b2:0c:40:fd:0c:1a:e9:a4:64:b7:f3:e3:
f1:a5:ba:f8:00:05:e9:70:2a:eb:13:64:71:0c:7c:9f:e0:63:
8e:4f:32:ac:90:a5:46:45:f7:d6:b4:a6:2c:90:77:71:4e:49:
14:c3:e0:44:2e:df:dd:7d:11:87:c6:74:82:d3:90:a9:2e:40:
82:f7:c8:ee:61:ca:cd:13:89:ac:4a:36:0a:e5:64:dd:ab:9b:
05:50:60:98:cd:0d:bc:92:cb:2e:70:bb:ca:8b:cd:da:f9:14:
a3:9e:05:25:79:50:ef:34:64:bf:e0:ac:29:83:c6:cf:8c:bc:
87:1d:6d:c8:c3:52:2b:21:f8:35:ef:1f:38:76:30:0e:c6:bf:
f0:b4:89:2a:4c:3b:d8:bb:40:cd:b4:b8:2c:43:03:12:c3:9b:
9e:e8:4d:3a:9a:24:1e:53:b8:66:f3:c0:d8:2b:35:7b:44:3c:
65:1a:59:49:db:d0:3e:24:b2:30:5c:55:3f:58:8e:e6:df:3c:
d0:d6:f9:ba:98:e2:5b:41:1c:1c:f3:d6:10:2a:82:9f:65:65:
ec:79:31:96:25:bb:ca:db:45:86:62:17:68:83:9a:99:65:95:
3e:6d:c3:b0:f4:8a:41:cd:14:38:13:11:47:aa:92:a5:14:e2:
fd:4e:14:18
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgIUdHRzqQU7fEnxzfo/xyXbSqwe29UwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNTA2MTgxOTA1MTJaFw0yNjA2MTcxOTEwMTJaMDMxMTAvBgNV
BAMTKDkyOEVGQjE5RUExRkY3MDUyQjE3QjlDQkI3NTE3Rjg1ODYwRjdENjgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDCdZvvS7CK36K3ELVAabYY4AUj
mRGQ8bK5IGLw6TXb16OuV/SI+nBBq1NPHvyOTGhh2ss4dioWKjM9fyQb2ekogVky
KDjLsNj63exnmPAh5aVu2vjxCMbWpZo5ba0cVWR5IUnL379ycUBIBcaX/rPQ0Lag
r+yeKV85huQXyj4c5ju33UtPflBhnPaPzg36Vx4nNFTHgufeJM8EvwmTgZIUHDzS
0na1US3ALqmpbrRDrL7YCkc5CnJj4Jbvjq4l6CBySza4DmBrNurq5Cr+G2OuEIBD
AR2OHKh2pTvmEaL1MIzv1nA2/dWTs+VBWd7fotBnPKh1hcW1ZV1fm/yg462fAgMB
AAGjggI8MIICODAdBgNVHQ4EFgQUko77Geof9wUrF7nLt1F/hYYPfWgwHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTMjE0MDI1LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAATA4AwQALsti
AwQALsvLAwQBXHFqAwQBXHFwAwQBXHF8AwQBXHGIAwQBXHGOMAwDBAJfhowDBABf
ho4wDQYJKoZIhvcNAQELBQADggEBAKITjHDeXrIMQP0MGumkZLfz4/GluvgABelw
KusTZHEMfJ/gY45PMqyQpUZF99a0piyQd3FOSRTD4EQu3919EYfGdILTkKkuQIL3
yO5hys0TiaxKNgrlZN2rmwVQYJjNDbySyy5wu8qLzdr5FKOeBSV5UO80ZL/grCmD
xs+MvIcdbcjDUish+DXvHzh2MA7Gv/C0iSpMO9i7QM20uCxDAxLDm57oTTqaJB5T
uGbzwNgrNXtEPGUaWUnb0D4ksjBcVT9YjubfPNDW+bqY4ltBHBzz1hAqgp9lZex5
MZYlu8rbRYZiF2iDmplllT5tw7D0ikHNFDgTEUeqkqUU4v1OFBg=
-----END CERTIFICATE-----
Generated at Sat Jun 28 23:56:43 2025 by rpki-client