Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS214432.roa
File: AS214432.roa (raw, json)
Hash identifier: tC9AfdA0Sgrpfdc+rzzue9gpN2c+Kv/P+2FdcTZqLzg=
Subject key identifier: 03:7A:AF:1D:C6:F1:91:82:6B:60:17:D1:BA:F7:2B:69:E9:B2:DF:FA
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 6634DAD2AC32DDC4E5190C89C754688BC3111609
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS214432.roa
Signing time: Tue 24 Jun 2025 14:49:40 +0000
ROA not before: Tue 24 Jun 2025 14:44:40 +0000
ROA not after: Tue 23 Jun 2026 14:49:40 +0000
asID: 214432
IP address blocks: 46.203.77.0/24 maxlen: 24
46.203.120.0/24 maxlen: 24
46.203.234.0/24 maxlen: 24
91.124.18.0/24 maxlen: 24
91.124.38.0/24 maxlen: 24
91.124.60.0/24 maxlen: 24
91.124.186.0/24 maxlen: 24
95.134.20.0/24 maxlen: 24
95.134.69.0/24 maxlen: 24
95.134.113.0/24 maxlen: 24
178.95.85.0/24 maxlen: 24
178.95.243.0/24 maxlen: 24
178.95.250.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
66:34:da:d2:ac:32:dd:c4:e5:19:0c:89:c7:54:68:8b:c3:11:16:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Jun 24 14:44:40 2025 GMT
Not After : Jun 23 14:49:40 2026 GMT
Subject: CN=037AAF1DC6F191826B6017D1BAF72B69E9B2DFFA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:b6:a0:02:f1:21:fb:95:82:ea:e5:84:07:d2:
28:f5:66:2c:80:a9:05:c5:77:5a:b7:4c:94:01:08:
b9:82:27:6a:2b:e9:fe:90:e7:33:d5:10:2f:55:4c:
0a:ba:30:39:04:1d:58:66:b5:75:45:9f:1b:3c:36:
48:c5:23:97:0b:fc:5c:72:b5:72:38:68:ce:6a:d6:
a1:fc:42:e2:87:8a:db:3c:d3:98:8a:69:ae:89:e2:
98:d2:10:35:6e:cb:0d:bc:53:b2:4a:ee:b5:d7:39:
d0:65:06:08:6c:f4:77:ea:6a:cf:00:ae:4b:4d:77:
20:51:39:95:de:29:b3:a0:96:b3:54:fe:17:3e:31:
98:fc:1e:d8:96:ab:58:94:b1:4a:93:14:49:49:76:
e7:d6:0f:6f:40:0b:a8:8f:fb:39:1d:ea:a1:0e:b3:
a1:a6:4b:af:36:c3:0a:2f:2f:4d:d3:0b:d3:bb:67:
3c:e1:18:8a:43:0b:bf:46:dc:70:82:be:a7:80:0a:
50:63:0c:a6:b4:c3:d9:c3:34:75:31:2e:ef:2a:cb:
7e:46:5d:47:15:fe:45:76:94:b2:89:22:bb:23:4b:
24:b9:b5:1c:d9:86:0b:be:df:d5:9a:b5:85:26:71:
f2:da:f2:01:98:72:09:3e:9b:70:9d:23:21:1e:75:
51:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:7A:AF:1D:C6:F1:91:82:6B:60:17:D1:BA:F7:2B:69:E9:B2:DF:FA
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS214432.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.203.77.0/24
46.203.120.0/24
46.203.234.0/24
91.124.18.0/24
91.124.38.0/24
91.124.60.0/24
91.124.186.0/24
95.134.20.0/24
95.134.69.0/24
95.134.113.0/24
178.95.85.0/24
178.95.243.0/24
178.95.250.0/24
Signature Algorithm: sha256WithRSAEncryption
44:01:d3:5b:cf:40:7d:bc:c1:4a:dd:1a:2e:bb:9f:0e:f7:49:
05:db:75:5b:f6:12:ef:b6:4c:cd:87:0d:00:91:94:c3:65:b2:
ca:62:f6:10:1f:5d:ed:03:5b:3c:fa:04:13:79:a4:ee:58:56:
44:e4:f3:3e:3a:a2:c4:4c:e7:ca:68:60:6a:d0:bf:55:7c:e9:
db:11:31:a1:70:de:ac:78:fd:5a:eb:a3:a2:73:26:5f:9e:f5:
55:fd:9c:8f:4a:2e:d2:f5:77:3f:1a:f4:65:db:4f:2d:cb:ad:
2f:6a:e2:15:6d:37:a5:74:be:74:e4:17:d9:a4:c8:89:1d:b6:
76:36:96:84:24:36:66:22:fb:fa:aa:5b:1f:b8:3e:7f:ea:75:
92:14:c2:bd:d5:7c:aa:9d:9e:f2:94:9e:af:56:fa:42:bc:28:
b3:a5:b3:28:7a:c5:9d:06:75:a9:09:0a:eb:38:03:a9:fb:71:
65:4d:7d:7a:ae:17:e3:5f:fb:86:b2:4e:3d:32:98:28:db:a3:
62:45:25:a8:e0:00:8b:e7:af:28:f2:60:40:6c:62:93:70:04:
97:0e:76:05:18:4a:db:27:88:ff:91:77:97:74:43:f4:88:81:
8e:c2:17:f3:42:49:20:01:09:e4:48:15:7c:b1:50:b1:bd:00:
bf:48:e0:f8
-----BEGIN CERTIFICATE-----
MIIFSDCCBDCgAwIBAgIUZjTa0qwy3cTlGQyJx1Roi8MRFgkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNTA2MjQxNDQ0NDBaFw0yNjA2MjMxNDQ5NDBaMDMxMTAvBgNV
BAMTKDAzN0FBRjFEQzZGMTkxODI2QjYwMTdEMUJBRjcyQjY5RTlCMkRGRkEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvtqAC8SH7lYLq5YQH0ij1ZiyA
qQXFd1q3TJQBCLmCJ2or6f6Q5zPVEC9VTAq6MDkEHVhmtXVFnxs8NkjFI5cL/Fxy
tXI4aM5q1qH8QuKHits805iKaa6J4pjSEDVuyw28U7JK7rXXOdBlBghs9Hfqas8A
rktNdyBROZXeKbOglrNU/hc+MZj8HtiWq1iUsUqTFElJdufWD29AC6iP+zkd6qEO
s6GmS682wwovL03TC9O7ZzzhGIpDC79G3HCCvqeAClBjDKa0w9nDNHUxLu8qy35G
XUcV/kV2lLKJIrsjSyS5tRzZhgu+39WatYUmcfLa8gGYcgk+m3CdIyEedVHXAgMB
AAGjggJSMIICTjAdBgNVHQ4EFgQUA3qvHcbxkYJrYBfRuvcraemy3/owHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTMjE0NDMyLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMGcGCCsGAQUFBwEHAQH/BFgwVjBUBAIAATBOAwQALstN
AwQALst4AwQALsvqAwQAW3wSAwQAW3wmAwQAW3w8AwQAW3y6AwQAX4YUAwQAX4ZF
AwQAX4ZxAwQAsl9VAwQAsl/zAwQAsl/6MA0GCSqGSIb3DQEBCwUAA4IBAQBEAdNb
z0B9vMFK3Rouu58O90kF23Vb9hLvtkzNhw0AkZTDZbLKYvYQH13tA1s8+gQTeaTu
WFZE5PM+OqLETOfKaGBq0L9VfOnbETGhcN6seP1a66OicyZfnvVV/ZyPSi7S9Xc/
GvRl208ty60vauIVbTeldL505BfZpMiJHbZ2NpaEJDZmIvv6qlsfuD5/6nWSFMK9
1XyqnZ7ylJ6vVvpCvCizpbMoesWdBnWpCQrrOAOp+3FlTX16rhfjX/uGsk49Mpgo
26NiRSWo4ACL568o8mBAbGKTcASXDnYFGErbJ4j/kXeXdEP0iIGOwhfzQkkgAQnk
SBV8sVCxvQC/SOD4
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:56:32 2025 by rpki-client