Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS214025.roa
File: AS214025.roa (raw, json)
Hash identifier: GWmrYQ/ghP1ugZUCPZHJKDlH3mqia0pki6Ul/txay10=
Subject key identifier: C3:02:D6:DF:6A:B2:C7:2B:2D:A0:83:EC:F1:37:63:62:BB:99:A0:A8
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 29D04F3D3A209C43D89490EB24C3E74EF6DBDC4E
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS214025.roa
Signing time: Fri 17 Oct 2025 03:06:42 +0000
ROA not before: Fri 17 Oct 2025 03:01:42 +0000
ROA not after: Fri 16 Oct 2026 03:06:42 +0000
asID: 214025
IP address blocks: 46.203.98.0/24 maxlen: 24
46.203.203.0/24 maxlen: 24
92.113.106.0/23 maxlen: 24
92.113.112.0/23 maxlen: 24
92.113.124.0/23 maxlen: 24
92.113.136.0/23 maxlen: 24
92.113.142.0/23 maxlen: 24
92.113.211.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
29:d0:4f:3d:3a:20:9c:43:d8:94:90:eb:24:c3:e7:4e:f6:db:dc:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Oct 17 03:01:42 2025 GMT
Not After : Oct 16 03:06:42 2026 GMT
Subject: CN=C302D6DF6AB2C72B2DA083ECF1376362BB99A0A8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:39:cf:d0:04:b2:0a:a6:64:f0:03:27:ad:88:
d7:9b:40:aa:da:0f:f5:74:2c:ba:22:a7:96:91:9f:
b6:44:30:32:c0:08:bb:0f:5d:65:5a:cd:7e:24:b9:
d3:9d:69:00:e0:4b:32:5d:79:12:68:2f:c5:c7:13:
32:33:23:56:06:c5:89:33:aa:12:a4:08:71:51:db:
f7:f2:a0:51:38:4d:ed:9e:a9:a0:d5:ed:49:e2:69:
74:f4:d1:04:cb:f0:9b:5d:4e:d6:34:17:e6:9c:0f:
b5:d2:bf:b6:e9:81:10:d7:8d:f9:8a:8f:a4:8d:b9:
5b:67:44:2c:85:41:3d:7c:a5:9c:c3:e2:85:fd:e1:
16:f4:7f:68:8d:52:46:09:3c:be:2a:cc:00:3b:ac:
45:2a:d6:25:27:03:a8:03:26:97:f2:81:35:ce:e2:
a3:c6:15:4a:5d:9d:b5:06:e8:24:1f:69:d5:07:ca:
27:10:4e:b9:30:d1:41:70:b9:f6:cc:b6:47:c8:3b:
40:44:a7:af:61:a7:82:c7:4d:44:9c:a5:d8:75:99:
d8:e1:aa:b3:01:56:7c:b9:d5:a3:dd:fd:7d:ad:f7:
f7:ee:3d:36:1b:f8:ce:c4:b8:db:59:f8:4f:5f:7f:
b3:90:af:d5:75:ec:d5:e9:fb:25:32:27:bf:e5:b6:
40:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:02:D6:DF:6A:B2:C7:2B:2D:A0:83:EC:F1:37:63:62:BB:99:A0:A8
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS214025.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.203.98.0/24
46.203.203.0/24
92.113.106.0/23
92.113.112.0/23
92.113.124.0/23
92.113.136.0/23
92.113.142.0/23
92.113.211.0/24
Signature Algorithm: sha256WithRSAEncryption
4d:73:18:1d:59:88:a7:16:84:0e:c2:5f:6a:81:58:e0:08:00:
7c:09:5f:a0:0c:02:f1:6a:9e:bf:2e:fe:30:a4:20:32:7a:4d:
db:7f:26:eb:68:94:ad:f1:7b:81:9c:ee:75:ef:44:f2:a7:63:
e4:e9:4d:bf:fd:dc:5d:57:5b:0f:1f:ac:93:b6:21:f5:2e:3e:
4d:94:e5:20:c0:1a:de:c2:87:c5:aa:0e:2b:e6:14:7c:43:e4:
44:6d:88:a7:a4:5a:bd:6b:88:a4:e7:bb:56:bd:32:4e:33:21:
18:7e:d2:95:7f:5a:46:ae:00:89:75:96:8c:6b:e0:b4:cd:bf:
85:b9:77:7e:de:21:d4:4b:1e:57:f0:11:51:99:af:09:01:6d:
7d:95:69:4f:bf:c8:f2:7d:39:2c:93:ef:74:cd:b0:af:6b:52:
1c:77:48:93:75:eb:2b:64:16:6d:8b:37:ea:30:44:1d:e3:e7:
b5:80:35:ea:d7:30:da:af:1f:ef:43:a7:55:f4:d1:6e:06:6f:
89:ed:78:fa:44:a4:29:12:cc:d2:42:74:e0:19:d2:0f:83:88:
0d:63:65:1c:98:27:09:64:dd:92:eb:ff:1c:69:9b:6b:8c:e2:
1b:5a:53:39:0a:28:26:fd:4f:1a:69:cd:19:3f:21:27:7c:44:
3b:fc:7d:75
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgIUKdBPPTognEPYlJDrJMPnTvbb3E4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNTEwMTcwMzAxNDJaFw0yNjEwMTYwMzA2NDJaMDMxMTAvBgNV
BAMTKEMzMDJENkRGNkFCMkM3MkIyREEwODNFQ0YxMzc2MzYyQkI5OUEwQTgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCmOc/QBLIKpmTwAyetiNebQKra
D/V0LLoip5aRn7ZEMDLACLsPXWVazX4kudOdaQDgSzJdeRJoL8XHEzIzI1YGxYkz
qhKkCHFR2/fyoFE4Te2eqaDV7UniaXT00QTL8JtdTtY0F+acD7XSv7bpgRDXjfmK
j6SNuVtnRCyFQT18pZzD4oX94Rb0f2iNUkYJPL4qzAA7rEUq1iUnA6gDJpfygTXO
4qPGFUpdnbUG6CQfadUHyicQTrkw0UFwufbMtkfIO0BEp69hp4LHTUScpdh1mdjh
qrMBVny51aPd/X2t9/fuPTYb+M7EuNtZ+E9ff7OQr9V17NXp+yUyJ7/ltkABAgMB
AAGjggI0MIICMDAdBgNVHQ4EFgQUwwLW32qyxystoIPs8TdjYruZoKgwHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTMjE0MDI1LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQALsti
AwQALsvLAwQBXHFqAwQBXHFwAwQBXHF8AwQBXHGIAwQBXHGOAwQAXHHTMA0GCSqG
SIb3DQEBCwUAA4IBAQBNcxgdWYinFoQOwl9qgVjgCAB8CV+gDALxap6/Lv4wpCAy
ek3bfybraJSt8XuBnO5170Typ2Pk6U2//dxdV1sPH6yTtiH1Lj5NlOUgwBrewofF
qg4r5hR8Q+REbYinpFq9a4ik57tWvTJOMyEYftKVf1pGrgCJdZaMa+C0zb+FuXd+
3iHUSx5X8BFRma8JAW19lWlPv8jyfTksk+90zbCva1Icd0iTdesrZBZtizfqMEQd
4+e1gDXq1zDarx/vQ6dV9NFuBm+J7Xj6RKQpEszSQnTgGdIPg4gNY2UcmCcJZN2S
6/8caZtrjOIbWlM5Cigm/U8aac0ZPyEnfEQ7/H11
-----END CERTIFICATE-----
Generated at Sun Oct 19 19:31:13 2025 by rpki-client