Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS2914.roa
File: AS2914.roa (raw, json)
Hash identifier: a1TBm2rU0bSh7YsOV4WVPuDV8qlGtD+EA6SCECuZSwM=
Subject key identifier: BD:84:18:DD:AF:F4:EE:E1:98:CA:BC:CD:1D:B4:43:19:54:58:40:2C
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 509EB2C0B829FDB65336EB539ED733A60D59B37E
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS2914.roa
Signing time: Sat 28 Jun 2025 00:02:27 +0000
ROA not before: Fri 27 Jun 2025 23:57:27 +0000
ROA not after: Sat 27 Jun 2026 00:02:27 +0000
asID: 2914
IP address blocks: 91.124.20.0/22 maxlen: 22
92.112.240.0/24 maxlen: 24
92.112.241.0/24 maxlen: 24
92.112.242.0/24 maxlen: 24
92.112.243.0/24 maxlen: 24
92.112.244.0/24 maxlen: 24
92.112.245.0/24 maxlen: 24
92.112.246.0/24 maxlen: 24
92.112.247.0/24 maxlen: 24
95.134.48.0/24 maxlen: 24
95.134.168.0/23 maxlen: 24
95.134.170.0/23 maxlen: 24
95.134.172.0/23 maxlen: 24
95.134.174.0/24 maxlen: 24
95.134.195.0/24 maxlen: 24
95.134.213.0/24 maxlen: 24
95.135.50.0/24 maxlen: 24
178.92.0.0/22 maxlen: 24
178.92.8.0/22 maxlen: 24
178.92.16.0/22 maxlen: 24
178.92.24.0/22 maxlen: 24
178.92.36.0/22 maxlen: 24
178.92.64.0/22 maxlen: 24
178.92.72.0/22 maxlen: 24
178.92.80.0/22 maxlen: 24
178.92.120.0/22 maxlen: 24
178.93.0.0/22 maxlen: 24
178.93.100.0/22 maxlen: 24
178.94.176.0/22 maxlen: 24
178.94.196.0/22 maxlen: 24
178.95.0.0/22 maxlen: 24
178.95.20.0/22 maxlen: 24
178.95.48.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
50:9e:b2:c0:b8:29:fd:b6:53:36:eb:53:9e:d7:33:a6:0d:59:b3:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Jun 27 23:57:27 2025 GMT
Not After : Jun 27 00:02:27 2026 GMT
Subject: CN=BD8418DDAFF4EEE198CABCCD1DB443195458402C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:2b:48:40:78:74:9e:4a:12:3d:ec:38:4d:11:
6e:79:3d:a0:d9:0c:26:9a:d3:16:d0:37:c2:6c:4b:
1e:07:1b:9c:12:33:38:d2:fb:c0:e4:ff:0b:cd:43:
5a:3b:03:1d:76:a5:38:c6:18:9f:07:b7:5e:0f:56:
f0:6a:92:ef:16:09:9e:d1:40:06:c8:87:d2:98:59:
7d:e1:cf:c7:b7:de:4e:23:d9:0f:96:37:42:5f:23:
87:14:2b:f3:8d:f9:9f:ff:f8:45:45:f7:10:2b:3e:
0a:2e:3e:0b:a4:4c:9c:5c:ab:4d:11:70:7a:19:ac:
f3:eb:77:4b:77:c7:04:0f:63:24:f0:8e:5d:8d:0e:
b9:95:7f:00:55:13:a4:d3:80:2c:78:05:22:67:62:
a2:65:67:0e:0e:d0:90:e8:5a:f8:72:9f:a5:04:6c:
59:fd:55:d0:5a:f2:c7:1b:29:e9:ac:2b:08:32:80:
5f:09:bd:a6:b7:23:c9:5d:6e:02:c6:25:ea:52:16:
cd:e8:0a:7c:8b:50:d1:97:11:dc:7c:64:f8:73:e9:
90:b1:55:4f:50:ba:b1:e2:62:ac:49:90:bb:53:60:
f2:84:cd:0d:19:5c:de:f0:c4:ae:e2:87:c3:8e:a7:
5a:1e:48:43:f9:e7:76:75:b8:5c:96:25:57:86:bf:
27:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:84:18:DD:AF:F4:EE:E1:98:CA:BC:CD:1D:B4:43:19:54:58:40:2C
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS2914.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.124.20.0/22
92.112.240.0/21
95.134.48.0/24
95.134.168.0-95.134.174.255
95.134.195.0/24
95.134.213.0/24
95.135.50.0/24
178.92.0.0/22
178.92.8.0/22
178.92.16.0/22
178.92.24.0/22
178.92.36.0/22
178.92.64.0/22
178.92.72.0/22
178.92.80.0/22
178.92.120.0/22
178.93.0.0/22
178.93.100.0/22
178.94.176.0/22
178.94.196.0/22
178.95.0.0/22
178.95.20.0/22
178.95.48.0/22
Signature Algorithm: sha256WithRSAEncryption
33:40:9d:a9:6f:99:4c:16:ee:ae:a1:87:f1:20:3b:15:fd:9b:
55:a0:54:e4:d7:01:c9:52:74:23:31:4b:1e:20:7f:09:83:0a:
d9:64:c5:5b:c7:6e:2b:d7:c2:1b:b0:18:ab:1a:d1:14:80:3e:
b1:d8:f3:9b:c1:d3:19:2f:33:1e:32:33:93:fa:ac:8a:30:82:
84:f8:40:4e:0e:49:fa:97:d5:0e:d5:dc:fb:f0:f6:13:64:75:
b6:ef:6a:f9:15:8d:de:76:8a:65:0f:01:a6:a0:ff:2c:d7:12:
67:48:69:d5:b4:03:e1:3b:cb:41:77:c0:07:11:77:92:8e:e0:
e1:85:f7:d4:11:31:a4:c3:ca:2a:5a:18:03:9c:48:5f:0a:c1:
32:48:50:3e:84:13:a7:60:1c:d7:4f:54:0d:27:c4:57:7c:47:
93:06:5e:25:d1:a6:ee:03:1c:ba:31:1c:ba:e1:dc:10:41:8b:
47:c9:e7:bd:7c:9b:81:72:10:e9:41:c6:c6:87:21:de:4f:18:
5e:c0:d0:8f:f6:96:e7:31:b2:99:ac:7c:58:15:85:3b:57:2d:
73:3f:15:65:61:51:a8:f3:97:ca:18:b6:ab:9f:6a:ae:e6:3c:
7a:05:46:99:81:ad:37:c9:ab:63:42:b9:e3:9b:0a:41:c8:b4:
34:3b:80:83
-----BEGIN CERTIFICATE-----
MIIFjzCCBHegAwIBAgIUUJ6ywLgp/bZTNutTntczpg1Zs34wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNTA2MjcyMzU3MjdaFw0yNjA2MjcwMDAyMjdaMDMxMTAvBgNV
BAMTKEJEODQxOEREQUZGNEVFRTE5OENBQkNDRDFEQjQ0MzE5NTQ1ODQwMkMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCTK0hAeHSeShI97DhNEW55PaDZ
DCaa0xbQN8JsSx4HG5wSMzjS+8Dk/wvNQ1o7Ax12pTjGGJ8Ht14PVvBqku8WCZ7R
QAbIh9KYWX3hz8e33k4j2Q+WN0JfI4cUK/ON+Z//+EVF9xArPgouPgukTJxcq00R
cHoZrPPrd0t3xwQPYyTwjl2NDrmVfwBVE6TTgCx4BSJnYqJlZw4O0JDoWvhyn6UE
bFn9VdBa8scbKemsKwgygF8Jvaa3I8ldbgLGJepSFs3oCnyLUNGXEdx8ZPhz6ZCx
VU9QurHiYqxJkLtTYPKEzQ0ZXN7wxK7ih8OOp1oeSEP553Z1uFyWJVeGvydnAgMB
AAGjggKZMIIClTAdBgNVHQ4EFgQUvYQY3a/07uGYyrzNHbRDGVRYQCwwHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTMjkxNC5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCBrwYIKwYBBQUHAQcBAf8EgZ8wgZwwgZkEAgABMIGSAwQC
W3wUAwQDXHDwAwQAX4YwMAwDBANfhqgDBABfhq4DBABfhsMDBABfhtUDBABfhzID
BAKyXAADBAKyXAgDBAKyXBADBAKyXBgDBAKyXCQDBAKyXEADBAKyXEgDBAKyXFAD
BAKyXHgDBAKyXQADBAKyXWQDBAKyXrADBAKyXsQDBAKyXwADBAKyXxQDBAKyXzAw
DQYJKoZIhvcNAQELBQADggEBADNAnalvmUwW7q6hh/EgOxX9m1WgVOTXAclSdCMx
Sx4gfwmDCtlkxVvHbivXwhuwGKsa0RSAPrHY85vB0xkvMx4yM5P6rIowgoT4QE4O
SfqX1Q7V3Pvw9hNkdbbvavkVjd52imUPAaag/yzXEmdIadW0A+E7y0F3wAcRd5KO
4OGF99QRMaTDyipaGAOcSF8KwTJIUD6EE6dgHNdPVA0nxFd8R5MGXiXRpu4DHLox
HLrh3BBBi0fJ5718m4FyEOlBxsaHId5PGF7A0I/2lucxspmsfFgVhTtXLXM/FWVh
Uajzl8oYtqufaq7mPHoFRpmBrTfJq2NCueObCkHItDQ7gIM=
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:54:40 2025 by rpki-client