Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS2914.roa
File: AS2914.roa (raw, json)
Hash identifier: +WafU5770/aZFL5f83ZPaQZqkxdYhP7Yp8YouHgndbg=
Subject key identifier: 03:B1:28:27:41:2E:99:CC:B6:DB:E7:B2:EA:68:F6:A0:2F:92:11:6F
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 3632456DE54D825B05AF82831693C42695C5B47D
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS2914.roa
Signing time: Wed 20 Aug 2025 00:00:11 +0000
ROA not before: Tue 19 Aug 2025 23:55:11 +0000
ROA not after: Wed 19 Aug 2026 00:00:11 +0000
asID: 2914
IP address blocks: 91.124.20.0/22 maxlen: 22
92.112.240.0/24 maxlen: 24
92.112.241.0/24 maxlen: 24
92.112.242.0/24 maxlen: 24
92.112.243.0/24 maxlen: 24
92.112.244.0/24 maxlen: 24
92.112.245.0/24 maxlen: 24
92.112.246.0/24 maxlen: 24
92.112.247.0/24 maxlen: 24
95.134.48.0/24 maxlen: 24
95.134.168.0/23 maxlen: 24
95.134.170.0/23 maxlen: 24
95.134.172.0/23 maxlen: 24
95.134.174.0/24 maxlen: 24
95.134.195.0/24 maxlen: 24
95.134.213.0/24 maxlen: 24
95.135.50.0/24 maxlen: 24
178.92.8.0/22 maxlen: 24
178.92.16.0/22 maxlen: 24
178.92.24.0/22 maxlen: 24
178.92.36.0/22 maxlen: 24
178.92.64.0/22 maxlen: 24
178.92.120.0/22 maxlen: 24
178.92.226.0/24 maxlen: 24
178.92.235.0/24 maxlen: 24
178.92.237.0/24 maxlen: 24
178.92.251.0/24 maxlen: 24
178.93.0.0/22 maxlen: 24
178.93.37.0/24 maxlen: 24
178.93.100.0/22 maxlen: 24
178.94.176.0/22 maxlen: 24
178.94.189.0/24 maxlen: 24
178.94.196.0/22 maxlen: 24
178.94.210.0/24 maxlen: 24
178.94.220.0/24 maxlen: 24
178.94.223.0/24 maxlen: 24
178.95.0.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 02:34:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
36:32:45:6d:e5:4d:82:5b:05:af:82:83:16:93:c4:26:95:c5:b4:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Aug 19 23:55:11 2025 GMT
Not After : Aug 19 00:00:11 2026 GMT
Subject: CN=03B12827412E99CCB6DBE7B2EA68F6A02F92116F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:d6:63:69:d5:ec:8d:2e:cb:f7:76:d8:05:b0:
46:71:af:b5:5a:5d:2a:ac:a8:3a:7c:64:99:03:50:
bd:38:63:08:3b:65:a0:cf:68:93:c1:1d:bd:7b:42:
ab:ff:84:25:cc:b2:0e:4a:7f:f5:81:82:93:4a:18:
c0:90:2a:1e:04:2e:12:94:91:7d:e8:7e:77:31:33:
5b:d6:e8:09:81:d8:12:3d:18:51:c6:b0:42:2b:fd:
7b:ec:dd:87:d4:23:41:35:6a:e1:e9:7b:8b:04:ff:
ac:b3:3e:93:7b:a6:8f:6f:7b:ef:7b:e0:64:c5:c8:
bc:7c:a5:3d:ad:8b:c7:49:2e:17:8c:9f:ec:89:c6:
d9:1e:ae:e8:e0:e9:f5:e1:b8:28:5d:37:2c:b3:35:
e6:e6:9e:1a:b9:8f:0d:25:fc:56:94:82:85:f1:fb:
9b:e1:8b:35:09:c4:fa:4c:85:f2:1c:24:d2:99:55:
18:8b:ce:5e:85:14:9f:3d:71:b5:74:39:01:8d:56:
a7:f1:4a:c1:d5:53:bc:45:2b:a0:cc:8c:2d:c3:02:
17:75:fe:22:fb:88:00:0c:c9:53:9d:08:73:66:2d:
ab:fc:fd:14:ce:35:6f:cf:8f:d0:9f:01:6e:4e:ed:
4d:ed:99:45:c1:51:3f:c4:55:f1:d8:32:0c:5e:41:
ec:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:B1:28:27:41:2E:99:CC:B6:DB:E7:B2:EA:68:F6:A0:2F:92:11:6F
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS2914.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.124.20.0/22
92.112.240.0/21
95.134.48.0/24
95.134.168.0-95.134.174.255
95.134.195.0/24
95.134.213.0/24
95.135.50.0/24
178.92.8.0/22
178.92.16.0/22
178.92.24.0/22
178.92.36.0/22
178.92.64.0/22
178.92.120.0/22
178.92.226.0/24
178.92.235.0/24
178.92.237.0/24
178.92.251.0/24
178.93.0.0/22
178.93.37.0/24
178.93.100.0/22
178.94.176.0/22
178.94.189.0/24
178.94.196.0/22
178.94.210.0/24
178.94.220.0/24
178.94.223.0/24
178.95.0.0/22
Signature Algorithm: sha256WithRSAEncryption
20:64:81:0b:7b:ab:01:62:35:43:31:c6:f0:a6:3d:3b:f8:1f:
a8:17:64:36:9b:63:cc:a3:22:03:16:35:6a:33:e6:71:61:79:
a9:80:95:d5:4a:13:d4:96:19:4c:21:dc:20:e0:f8:35:a5:06:
0f:89:b5:c1:49:d0:5a:84:40:00:7a:7c:c6:fe:24:e3:b4:21:
dd:34:9a:c6:54:13:0e:7e:66:d0:e0:38:8d:2b:07:c9:ff:3d:
47:c8:fe:cc:5b:87:27:a8:23:fc:b3:1c:87:bb:0c:9a:68:d7:
18:35:1e:19:09:1a:f3:ff:45:ba:5d:83:cb:cb:98:35:57:8f:
69:6b:c4:33:40:0f:31:63:1b:4a:99:a1:42:50:13:51:4a:bc:
97:21:c6:98:60:0e:88:8e:9c:61:58:ff:b6:3e:01:fe:69:93:
71:7c:ec:d9:a8:62:f7:06:61:91:f0:7d:97:e7:af:40:e9:7a:
75:58:fa:93:44:dc:86:12:74:b4:94:2f:f3:08:68:10:59:0b:
bc:38:4a:61:fe:85:4e:52:9c:e7:33:34:5e:33:05:9b:2c:1e:
ac:72:d8:a9:f4:65:13:7e:b0:08:8d:d2:7b:b7:08:24:09:62:
b3:5c:e6:e7:87:5e:66:6b:7c:67:ff:09:40:b1:d4:f0:76:da:
e8:e5:da:de
-----BEGIN CERTIFICATE-----
MIIFpzCCBI+gAwIBAgIUNjJFbeVNglsFr4KDFpPEJpXFtH0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNTA4MTkyMzU1MTFaFw0yNjA4MTkwMDAwMTFaMDMxMTAvBgNV
BAMTKDAzQjEyODI3NDEyRTk5Q0NCNkRCRTdCMkVBNjhGNkEwMkY5MjExNkYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC/1mNp1eyNLsv3dtgFsEZxr7Va
XSqsqDp8ZJkDUL04Ywg7ZaDPaJPBHb17Qqv/hCXMsg5Kf/WBgpNKGMCQKh4ELhKU
kX3ofncxM1vW6AmB2BI9GFHGsEIr/Xvs3YfUI0E1auHpe4sE/6yzPpN7po9ve+97
4GTFyLx8pT2ti8dJLheMn+yJxtkerujg6fXhuChdNyyzNebmnhq5jw0l/FaUgoXx
+5vhizUJxPpMhfIcJNKZVRiLzl6FFJ89cbV0OQGNVqfxSsHVU7xFK6DMjC3DAhd1
/iL7iAAMyVOdCHNmLav8/RTONW/Pj9CfAW5O7U3tmUXBUT/EVfHYMgxeQeyBAgMB
AAGjggKxMIICrTAdBgNVHQ4EFgQUA7EoJ0Eumcy22+ey6mj2oC+SEW8wHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTMjkxNC5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCBxwYIKwYBBQUHAQcBAf8EgbcwgbQwgbEEAgABMIGqAwQC
W3wUAwQDXHDwAwQAX4YwMAwDBANfhqgDBABfhq4DBABfhsMDBABfhtUDBABfhzID
BAKyXAgDBAKyXBADBAKyXBgDBAKyXCQDBAKyXEADBAKyXHgDBACyXOIDBACyXOsD
BACyXO0DBACyXPsDBAKyXQADBACyXSUDBAKyXWQDBAKyXrADBACyXr0DBAKyXsQD
BACyXtIDBACyXtwDBACyXt8DBAKyXwAwDQYJKoZIhvcNAQELBQADggEBACBkgQt7
qwFiNUMxxvCmPTv4H6gXZDabY8yjIgMWNWoz5nFheamAldVKE9SWGUwh3CDg+DWl
Bg+JtcFJ0FqEQAB6fMb+JOO0Id00msZUEw5+ZtDgOI0rB8n/PUfI/sxbhyeoI/yz
HIe7DJpo1xg1HhkJGvP/Rbpdg8vLmDVXj2lrxDNADzFjG0qZoUJQE1FKvJchxphg
DoiOnGFY/7Y+Af5pk3F87NmoYvcGYZHwfZfnr0DpenVY+pNE3IYSdLSUL/MIaBBZ
C7w4SmH+hU5SnOczNF4zBZssHqxy2Kn0ZRN+sAiN0nu3CCQJYrNc5ueHXmZrfGf/
CUCx1PB22ujl2t4=
-----END CERTIFICATE-----
Generated at Sat Aug 23 19:17:29 2025 by rpki-client