Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS2914.roa
File: AS2914.roa (raw, json)
Hash identifier: xr3dc5hXIH4svhGq5t528kpAArziu93cob11w65cci4=
Subject key identifier: FA:00:7B:C3:15:8A:DD:0F:80:DA:79:AA:00:E9:1A:DD:2B:CB:93:A3
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 7A2220D39808E412830067EA1A2F33E7304F295A
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS2914.roa
Signing time: Mon 04 May 2026 18:24:46 +0000
ROA not before: Mon 04 May 2026 18:19:46 +0000
ROA not after: Mon 03 May 2027 18:24:46 +0000
asID: 2914
IP address blocks: 46.202.53.0/24 maxlen: 24
46.203.176.0/24 maxlen: 24
46.203.197.0/24 maxlen: 24
46.203.205.0/24 maxlen: 24
46.203.223.0/24 maxlen: 24
46.203.225.0/24 maxlen: 24
91.124.20.0/22 maxlen: 22
92.112.240.0/24 maxlen: 24
92.112.241.0/24 maxlen: 24
92.112.242.0/24 maxlen: 24
92.112.243.0/24 maxlen: 24
92.112.246.0/24 maxlen: 24
92.112.247.0/24 maxlen: 24
95.134.6.0/24 maxlen: 24
95.134.83.0/24 maxlen: 24
95.134.148.0/24 maxlen: 24
95.134.150.0/24 maxlen: 24
95.134.168.0/23 maxlen: 24
95.134.170.0/23 maxlen: 24
95.134.172.0/23 maxlen: 24
95.134.174.0/24 maxlen: 24
95.135.194.0/24 maxlen: 24
95.135.223.0/24 maxlen: 24
178.92.36.0/24 maxlen: 24
178.92.39.0/24 maxlen: 24
178.92.226.0/24 maxlen: 24
178.92.235.0/24 maxlen: 24
178.92.237.0/24 maxlen: 24
178.92.251.0/24 maxlen: 24
178.93.0.0/24 maxlen: 24
178.93.1.0/24 maxlen: 24
178.93.37.0/24 maxlen: 24
178.94.0.0/24 maxlen: 24
178.94.4.0/24 maxlen: 24
178.94.6.0/24 maxlen: 24
178.94.7.0/24 maxlen: 24
178.94.21.0/24 maxlen: 24
178.94.27.0/24 maxlen: 24
178.94.32.0/24 maxlen: 24
178.94.66.0/24 maxlen: 24
178.94.73.0/24 maxlen: 24
178.94.77.0/24 maxlen: 24
178.94.79.0/24 maxlen: 24
178.94.103.0/24 maxlen: 24
178.94.110.0/24 maxlen: 24
178.94.120.0/24 maxlen: 24
178.94.189.0/24 maxlen: 24
178.94.210.0/24 maxlen: 24
178.94.212.0/24 maxlen: 24
178.94.220.0/24 maxlen: 24
178.94.223.0/24 maxlen: 24
178.94.254.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7a:22:20:d3:98:08:e4:12:83:00:67:ea:1a:2f:33:e7:30:4f:29:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: May 4 18:19:46 2026 GMT
Not After : May 3 18:24:46 2027 GMT
Subject: CN=FA007BC3158ADD0F80DA79AA00E91ADD2BCB93A3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:5c:06:59:e6:b5:41:05:47:43:72:f3:6e:c7:
ef:21:e1:fd:bf:26:c1:a6:2a:c4:2f:43:20:0b:91:
3e:f0:6b:e8:ad:49:7a:cc:b0:0d:30:50:33:39:27:
d5:24:44:c2:ba:8c:70:3f:c9:c7:2b:12:f5:0b:bf:
dd:f3:ce:8a:c4:09:55:3b:f6:30:0f:55:21:ff:3e:
b7:f5:c9:a0:de:49:ac:17:bf:5a:a7:d1:32:e9:65:
9a:d6:69:ce:46:a2:1e:5c:88:cc:64:b5:ce:23:42:
63:e1:ca:8f:68:24:a6:81:72:2f:dc:5e:67:05:d2:
f9:d7:2c:c6:e8:2e:70:f6:94:14:38:eb:20:d2:aa:
60:f6:2c:1a:37:b0:ca:7b:67:65:3b:82:1a:98:e3:
0c:5b:b5:dc:4f:4f:47:10:8d:6a:f8:9c:2a:6c:9c:
f8:67:18:b4:b6:86:48:f8:c8:06:3f:fb:5f:d4:79:
27:a9:2f:85:e4:76:e2:15:22:68:8e:dd:7a:8a:94:
ad:37:29:bb:20:62:c5:5d:f9:a9:2d:c3:dd:a7:9a:
d2:af:93:c9:5c:5c:c6:fe:3b:d9:99:03:98:5e:a0:
60:3b:02:63:45:64:59:ee:80:fb:da:34:18:7b:1b:
43:15:6f:4a:8c:5c:f5:ea:62:6b:a9:0b:8b:62:e2:
07:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:00:7B:C3:15:8A:DD:0F:80:DA:79:AA:00:E9:1A:DD:2B:CB:93:A3
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS2914.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.202.53.0/24
46.203.176.0/24
46.203.197.0/24
46.203.205.0/24
46.203.223.0/24
46.203.225.0/24
91.124.20.0/22
92.112.240.0/22
92.112.246.0/23
95.134.6.0/24
95.134.83.0/24
95.134.148.0/24
95.134.150.0/24
95.134.168.0-95.134.174.255
95.135.194.0/24
95.135.223.0/24
178.92.36.0/24
178.92.39.0/24
178.92.226.0/24
178.92.235.0/24
178.92.237.0/24
178.92.251.0/24
178.93.0.0/23
178.93.37.0/24
178.94.0.0/24
178.94.4.0/24
178.94.6.0/23
178.94.21.0/24
178.94.27.0/24
178.94.32.0/24
178.94.66.0/24
178.94.73.0/24
178.94.77.0/24
178.94.79.0/24
178.94.103.0/24
178.94.110.0/24
178.94.120.0/24
178.94.189.0/24
178.94.210.0/24
178.94.212.0/24
178.94.220.0/24
178.94.223.0/24
178.94.254.0/24
Signature Algorithm: sha256WithRSAEncryption
94:9d:84:57:7b:4e:e2:53:ef:78:e4:22:76:35:45:c3:bc:1e:
7d:12:d8:df:7a:1c:9f:52:73:bc:cd:75:38:31:47:8a:90:02:
18:aa:b6:1c:c9:a1:f5:b0:39:1b:45:ba:6d:46:b7:b4:b2:7c:
fe:2b:0c:7e:73:68:46:6d:c3:97:04:74:c2:90:a2:3c:0c:d2:
52:4c:b4:d3:74:ab:0e:d3:72:d1:10:90:ac:08:c6:7f:16:95:
9a:c1:04:1e:cc:63:96:2e:b1:dd:7c:67:81:13:22:7f:8a:88:
f9:bc:58:17:b2:a3:68:00:8f:a2:de:1a:76:7c:e5:c9:46:20:
1d:a3:78:92:36:cd:3e:ca:9f:42:07:45:f3:38:3e:d2:cf:e5:
76:4a:ee:a9:44:b5:67:d7:24:03:fa:e0:8f:ff:5d:78:7d:6a:
ae:6e:b1:b5:74:96:54:31:77:be:0f:3c:63:5f:3c:33:98:e8:
f6:20:e3:cc:92:97:79:dc:3b:c2:06:cb:25:d3:2f:13:8a:81:
e6:5b:71:d2:73:bf:d2:d2:6d:35:6c:03:48:02:24:53:2c:cd:
29:48:b3:df:dc:2e:a6:c0:e2:7b:65:ec:56:0e:0f:db:9e:d5:
0f:1d:0e:a9:da:18:dd:e2:4a:fe:66:66:c2:6b:8a:85:ee:dc:
51:9c:88:50
-----BEGIN CERTIFICATE-----
MIIGDDCCBPSgAwIBAgIUeiIg05gI5BKDAGfqGi8z5zBPKVowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNjA1MDQxODE5NDZaFw0yNzA1MDMxODI0NDZaMDMxMTAvBgNV
BAMTKEZBMDA3QkMzMTU4QUREMEY4MERBNzlBQTAwRTkxQUREMkJDQjkzQTMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC3XAZZ5rVBBUdDcvNux+8h4f2/
JsGmKsQvQyALkT7wa+itSXrMsA0wUDM5J9UkRMK6jHA/yccrEvULv93zzorECVU7
9jAPVSH/Prf1yaDeSawXv1qn0TLpZZrWac5Goh5ciMxktc4jQmPhyo9oJKaBci/c
XmcF0vnXLMboLnD2lBQ46yDSqmD2LBo3sMp7Z2U7ghqY4wxbtdxPT0cQjWr4nCps
nPhnGLS2hkj4yAY/+1/UeSepL4XkduIVImiO3XqKlK03KbsgYsVd+aktw92nmtKv
k8lcXMb+O9mZA5heoGA7AmNFZFnugPvaNBh7G0MVb0qMXPXqYmupC4ti4gcfAgMB
AAGjggMWMIIDEjAdBgNVHQ4EFgQU+gB7wxWK3Q+A2nmqAOka3SvLk6MwHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTMjkxNC5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCCASsGCCsGAQUFBwEHAQH/BIIBGjCCARYwggESBAIAATCC
AQoDBAAuyjUDBAAuy7ADBAAuy8UDBAAuy80DBAAuy98DBAAuy+EDBAJbfBQDBAJc
cPADBAFccPYDBABfhgYDBABfhlMDBABfhpQDBABfhpYwDAMEA1+GqAMEAF+GrgME
AF+HwgMEAF+H3wMEALJcJAMEALJcJwMEALJc4gMEALJc6wMEALJc7QMEALJc+wME
AbJdAAMEALJdJQMEALJeAAMEALJeBAMEAbJeBgMEALJeFQMEALJeGwMEALJeIAME
ALJeQgMEALJeSQMEALJeTQMEALJeTwMEALJeZwMEALJebgMEALJeeAMEALJevQME
ALJe0gMEALJe1AMEALJe3AMEALJe3wMEALJe/jANBgkqhkiG9w0BAQsFAAOCAQEA
lJ2EV3tO4lPveOQidjVFw7wefRLY33ocn1JzvM11ODFHipACGKq2HMmh9bA5G0W6
bUa3tLJ8/isMfnNoRm3DlwR0wpCiPAzSUky003SrDtNy0RCQrAjGfxaVmsEEHsxj
li6x3XxngRMif4qI+bxYF7KjaACPot4adnzlyUYgHaN4kjbNPsqfQgdF8zg+0s/l
dkruqUS1Z9ckA/rgj/9deH1qrm6xtXSWVDF3vg88Y188M5jo9iDjzJKXedw7wgbL
JdMvE4qB5ltx0nO/0tJtNWwDSAIkUyzNKUiz39wupsDie2XsVg4P257VDx0OqdoY
3eJK/mZmwmuKhe7cUZyIUA==
-----END CERTIFICATE-----
Generated at Tue May 12 22:35:45 2026 by rpki-client