Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS2914.roa
File: AS2914.roa (raw, json)
Hash identifier: X1vqXEQ7QTkR8mpgX30iqBTXaUIiZWdOmkz9zImovh8=
Subject key identifier: 0F:F3:37:CF:62:EF:9F:86:CB:8C:56:44:2B:93:CF:96:33:98:7C:54
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 51EA422BDA8F220BEB0A6A286CC49C86F160D645
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS2914.roa
Signing time: Tue 03 Mar 2026 20:54:24 +0000
ROA not before: Tue 03 Mar 2026 20:49:24 +0000
ROA not after: Tue 02 Mar 2027 20:54:24 +0000
asID: 2914
IP address blocks: 46.202.53.0/24 maxlen: 24
46.203.176.0/24 maxlen: 24
46.203.197.0/24 maxlen: 24
46.203.205.0/24 maxlen: 24
46.203.223.0/24 maxlen: 24
46.203.225.0/24 maxlen: 24
91.124.20.0/22 maxlen: 22
92.112.240.0/24 maxlen: 24
92.112.241.0/24 maxlen: 24
92.112.242.0/24 maxlen: 24
92.112.243.0/24 maxlen: 24
92.112.246.0/24 maxlen: 24
92.112.247.0/24 maxlen: 24
95.134.6.0/24 maxlen: 24
95.134.83.0/24 maxlen: 24
95.134.148.0/24 maxlen: 24
95.134.150.0/24 maxlen: 24
95.134.168.0/23 maxlen: 24
95.134.170.0/23 maxlen: 24
95.134.172.0/23 maxlen: 24
95.134.174.0/24 maxlen: 24
95.135.194.0/24 maxlen: 24
95.135.223.0/24 maxlen: 24
178.92.16.0/22 maxlen: 24
178.92.36.0/22 maxlen: 24
178.92.226.0/24 maxlen: 24
178.92.235.0/24 maxlen: 24
178.92.237.0/24 maxlen: 24
178.92.251.0/24 maxlen: 24
178.93.0.0/22 maxlen: 24
178.93.37.0/24 maxlen: 24
178.94.0.0/24 maxlen: 24
178.94.4.0/24 maxlen: 24
178.94.6.0/24 maxlen: 24
178.94.7.0/24 maxlen: 24
178.94.21.0/24 maxlen: 24
178.94.27.0/24 maxlen: 24
178.94.32.0/24 maxlen: 24
178.94.66.0/24 maxlen: 24
178.94.73.0/24 maxlen: 24
178.94.77.0/24 maxlen: 24
178.94.79.0/24 maxlen: 24
178.94.103.0/24 maxlen: 24
178.94.110.0/24 maxlen: 24
178.94.120.0/24 maxlen: 24
178.94.189.0/24 maxlen: 24
178.94.210.0/24 maxlen: 24
178.94.212.0/24 maxlen: 24
178.94.220.0/24 maxlen: 24
178.94.223.0/24 maxlen: 24
178.94.254.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Mar 2026 00:55:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
51:ea:42:2b:da:8f:22:0b:eb:0a:6a:28:6c:c4:9c:86:f1:60:d6:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Mar 3 20:49:24 2026 GMT
Not After : Mar 2 20:54:24 2027 GMT
Subject: CN=0FF337CF62EF9F86CB8C56442B93CF9633987C54
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:ef:f2:92:41:0c:e5:4a:98:86:97:92:17:79:
07:34:cf:ed:b4:12:2f:f1:05:9c:4a:73:62:75:21:
7c:5b:df:4f:37:51:2d:31:89:5d:b6:bb:71:f2:c5:
70:61:d8:9d:7a:39:a0:e8:97:c7:37:34:53:38:a0:
6c:96:25:42:4c:ce:36:99:dd:cc:6c:aa:ed:39:ac:
69:c9:b3:92:e2:06:69:cf:bb:6f:b5:d5:30:ce:4e:
c8:73:4a:67:d6:2a:e5:ef:2a:5f:1a:da:12:df:38:
c7:f1:a7:c1:5a:dc:fa:26:1b:51:3a:a8:a1:e3:6e:
45:a2:72:54:db:df:bc:30:18:b2:34:bb:21:23:9d:
ef:17:ca:d7:0c:23:56:4f:a0:f4:67:22:18:c9:49:
e6:8e:81:29:9f:36:ea:70:58:58:5b:96:86:0f:86:
0c:e3:fe:34:3c:56:38:df:5a:40:52:88:5b:49:b5:
03:71:ab:79:e5:af:11:d0:aa:53:38:87:ca:2e:6a:
8f:d2:15:e2:9c:24:ed:03:62:1b:10:bd:7d:6c:6c:
ff:4b:23:cc:16:6c:78:d6:c1:34:cb:2a:4d:da:5b:
cb:50:5c:11:94:d3:fc:54:c5:87:92:13:bb:ef:8f:
27:99:50:7e:54:6d:03:66:63:97:3c:88:67:8d:0b:
cd:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:F3:37:CF:62:EF:9F:86:CB:8C:56:44:2B:93:CF:96:33:98:7C:54
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS2914.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.202.53.0/24
46.203.176.0/24
46.203.197.0/24
46.203.205.0/24
46.203.223.0/24
46.203.225.0/24
91.124.20.0/22
92.112.240.0/22
92.112.246.0/23
95.134.6.0/24
95.134.83.0/24
95.134.148.0/24
95.134.150.0/24
95.134.168.0-95.134.174.255
95.135.194.0/24
95.135.223.0/24
178.92.16.0/22
178.92.36.0/22
178.92.226.0/24
178.92.235.0/24
178.92.237.0/24
178.92.251.0/24
178.93.0.0/22
178.93.37.0/24
178.94.0.0/24
178.94.4.0/24
178.94.6.0/23
178.94.21.0/24
178.94.27.0/24
178.94.32.0/24
178.94.66.0/24
178.94.73.0/24
178.94.77.0/24
178.94.79.0/24
178.94.103.0/24
178.94.110.0/24
178.94.120.0/24
178.94.189.0/24
178.94.210.0/24
178.94.212.0/24
178.94.220.0/24
178.94.223.0/24
178.94.254.0/24
Signature Algorithm: sha256WithRSAEncryption
98:cd:1a:ea:18:e6:bc:6e:e4:c5:c6:07:f5:00:8b:bc:3d:6a:
13:e5:85:71:9f:f9:f7:a5:f5:80:de:30:d1:78:f1:d6:22:46:
b8:76:0c:0d:75:c6:c3:fa:80:bd:03:82:f2:00:f6:e2:95:a0:
99:d3:2c:29:40:f4:a4:cd:f0:5d:85:16:eb:8f:7a:ef:03:bb:
95:9e:8b:3d:4d:ce:3c:7f:b0:f0:4c:bd:d3:57:94:ad:e3:92:
cf:6d:ec:34:e5:41:67:57:54:e9:f3:b0:4c:f7:c9:ca:36:de:
c5:7e:7c:3f:98:77:1f:2b:06:7e:6a:44:1f:58:97:c4:d1:1c:
cb:d6:d4:8f:04:2e:0e:75:47:bc:b2:8e:39:d6:a0:8b:24:74:
98:fe:76:ec:6a:8a:18:53:48:3c:4e:7d:7b:5b:ad:e0:c5:e2:
d6:84:18:ea:5e:e4:d0:0c:43:c9:fd:fc:88:03:d7:28:4e:35:
ea:fb:6b:d9:8a:f3:17:ae:dd:9f:79:70:18:65:e3:1d:2b:62:
87:2a:23:0a:c4:39:a7:01:b9:f9:6a:3d:72:0c:df:6b:b2:95:
45:29:6a:a8:2d:02:9a:f6:c6:93:52:1d:53:f6:33:f5:06:af:
c8:92:3c:50:06:90:46:a2:1c:0d:e7:c4:c2:7f:62:85:bc:ad:
f4:46:60:34
-----BEGIN CERTIFICATE-----
MIIGDDCCBPSgAwIBAgIUUepCK9qPIgvrCmoobMSchvFg1kUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNjAzMDMyMDQ5MjRaFw0yNzAzMDIyMDU0MjRaMDMxMTAvBgNV
BAMTKDBGRjMzN0NGNjJFRjlGODZDQjhDNTY0NDJCOTNDRjk2MzM5ODdDNTQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDC7/KSQQzlSpiGl5IXeQc0z+20
Ei/xBZxKc2J1IXxb3083US0xiV22u3HyxXBh2J16OaDol8c3NFM4oGyWJUJMzjaZ
3cxsqu05rGnJs5LiBmnPu2+11TDOTshzSmfWKuXvKl8a2hLfOMfxp8Fa3PomG1E6
qKHjbkWiclTb37wwGLI0uyEjne8XytcMI1ZPoPRnIhjJSeaOgSmfNupwWFhbloYP
hgzj/jQ8VjjfWkBSiFtJtQNxq3nlrxHQqlM4h8ouao/SFeKcJO0DYhsQvX1sbP9L
I8wWbHjWwTTLKk3aW8tQXBGU0/xUxYeSE7vvjyeZUH5UbQNmY5c8iGeNC81HAgMB
AAGjggMWMIIDEjAdBgNVHQ4EFgQUD/M3z2Lvn4bLjFZEK5PPljOYfFQwHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTMjkxNC5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCCASsGCCsGAQUFBwEHAQH/BIIBGjCCARYwggESBAIAATCC
AQoDBAAuyjUDBAAuy7ADBAAuy8UDBAAuy80DBAAuy98DBAAuy+EDBAJbfBQDBAJc
cPADBAFccPYDBABfhgYDBABfhlMDBABfhpQDBABfhpYwDAMEA1+GqAMEAF+GrgME
AF+HwgMEAF+H3wMEArJcEAMEArJcJAMEALJc4gMEALJc6wMEALJc7QMEALJc+wME
ArJdAAMEALJdJQMEALJeAAMEALJeBAMEAbJeBgMEALJeFQMEALJeGwMEALJeIAME
ALJeQgMEALJeSQMEALJeTQMEALJeTwMEALJeZwMEALJebgMEALJeeAMEALJevQME
ALJe0gMEALJe1AMEALJe3AMEALJe3wMEALJe/jANBgkqhkiG9w0BAQsFAAOCAQEA
mM0a6hjmvG7kxcYH9QCLvD1qE+WFcZ/596X1gN4w0Xjx1iJGuHYMDXXGw/qAvQOC
8gD24pWgmdMsKUD0pM3wXYUW64967wO7lZ6LPU3OPH+w8Ey901eUreOSz23sNOVB
Z1dU6fOwTPfJyjbexX58P5h3HysGfmpEH1iXxNEcy9bUjwQuDnVHvLKOOdagiyR0
mP527GqKGFNIPE59e1ut4MXi1oQY6l7k0AxDyf38iAPXKE416vtr2YrzF67dn3lw
GGXjHStihyojCsQ5pwG5+Wo9cgzfa7KVRSlqqC0CmvbGk1IdU/Yz9QavyJI8UAaQ
RqIcDefEwn9ihbyt9EZgNA==
-----END CERTIFICATE-----
Generated at Sat Mar 28 10:27:34 2026 by rpki-client