Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS214432.roa
File: AS214432.roa (raw, json)
Hash identifier: 9yy4/BN6pD8xii+mp2HoElN3h2omQ04n4wJVpCd8oqk=
Subject key identifier: B6:0A:7B:1A:B6:34:83:91:86:E8:19:3E:3B:85:29:25:FF:C5:42:43
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 34EC3F69D757F3E7E81BEC951EB3F160D660CCEF
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS214432.roa
Signing time: Sun 03 Aug 2025 00:00:42 +0000
ROA not before: Sat 02 Aug 2025 23:55:42 +0000
ROA not after: Sun 02 Aug 2026 00:00:42 +0000
asID: 214432
IP address blocks: 96.62.114.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 03:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
34:ec:3f:69:d7:57:f3:e7:e8:1b:ec:95:1e:b3:f1:60:d6:60:cc:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Aug 2 23:55:42 2025 GMT
Not After : Aug 2 00:00:42 2026 GMT
Subject: CN=B60A7B1AB634839186E8193E3B852925FFC54243
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:0b:4c:3f:26:65:37:59:58:af:de:33:df:46:
9e:45:b8:99:e8:c1:05:62:25:99:d2:dd:6f:3a:15:
56:a3:4d:e2:da:af:65:94:b1:74:41:56:c5:6b:ec:
01:63:6f:41:09:3b:cb:a7:f8:7f:60:c1:40:38:98:
88:26:81:d5:9c:5b:97:2e:94:03:db:56:32:5a:be:
47:96:1f:9a:0a:eb:7e:24:b3:23:2f:4b:c6:ae:48:
28:6e:6d:53:6a:fe:be:db:cf:17:7f:22:76:bb:51:
92:1f:e5:d9:ab:3e:4e:51:8a:97:09:8f:c9:bb:dd:
d5:e1:3b:07:03:8b:42:7d:5a:0d:a5:8c:83:be:bc:
a1:a1:3f:b5:af:c9:f3:95:47:79:17:69:66:b3:4f:
31:d8:f3:1e:f4:f6:1e:30:5c:d9:60:1c:05:ed:20:
3e:bf:e4:9e:d0:e3:69:32:00:73:b8:ec:33:04:0d:
5b:fc:99:c4:77:ec:4d:4e:11:fb:5a:ac:2a:50:8d:
aa:b8:ed:28:02:f7:5f:da:f2:0e:c9:f7:ad:f5:25:
f3:11:5e:7d:01:13:cd:4e:70:35:ad:9b:f5:17:61:
3d:d6:76:75:d2:b8:3a:77:d7:c5:e3:b6:92:f3:18:
61:44:aa:e0:9a:fe:d7:e2:40:32:3b:db:17:74:01:
24:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:0A:7B:1A:B6:34:83:91:86:E8:19:3E:3B:85:29:25:FF:C5:42:43
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS214432.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
96.62.114.0/24
Signature Algorithm: sha256WithRSAEncryption
bb:60:b2:3a:5c:2c:6e:3d:c5:c7:6e:d2:ee:b4:93:5b:58:4a:
c4:9c:00:9d:7a:99:21:bd:5b:3b:82:fd:f6:e0:c4:af:6f:43:
a5:3b:70:e4:f4:02:60:12:fd:05:ee:5c:02:96:a5:db:8a:5c:
93:17:c9:f3:f5:be:62:66:38:3b:05:a7:fe:4e:be:d4:0d:de:
f5:c5:93:9d:58:46:5e:e6:ec:be:48:47:18:cb:2c:4d:22:d6:
06:e0:60:fd:23:e4:6f:3b:e9:42:4d:39:fa:68:92:78:db:8a:
d3:05:29:c9:c4:55:8a:1f:c2:a9:59:e2:3d:94:bd:40:cb:be:
5a:c6:86:59:3f:1f:89:9d:81:17:07:bd:c3:2c:b7:d7:5f:51:
dd:1a:8c:12:a8:43:9e:b4:8a:ae:cb:d9:2a:13:c9:90:dc:02:
b5:02:fa:05:45:0c:00:5e:d4:f3:e5:a8:b2:ea:29:46:dc:10:
4b:20:ce:15:d4:f6:eb:6b:42:2e:6d:db:94:1b:c9:53:a0:7c:
01:b5:0e:15:4a:c2:ca:57:85:39:7c:e9:1e:f3:01:0a:58:02:
5c:b0:6d:53:d4:a6:61:ab:fe:94:1a:ef:c5:97:c6:a2:38:f8:
48:5b:ac:7f:8e:44:7b:0d:d1:9d:36:72:9b:81:0e:f5:2a:56:
83:8c:91:da
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIUNOw/addX8+foG+yVHrPxYNZgzO8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTA4MDIyMzU1NDJaFw0yNjA4MDIwMDAwNDJaMDMxMTAvBgNV
BAMTKEI2MEE3QjFBQjYzNDgzOTE4NkU4MTkzRTNCODUyOTI1RkZDNTQyNDMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDeC0w/JmU3WViv3jPfRp5FuJno
wQViJZnS3W86FVajTeLar2WUsXRBVsVr7AFjb0EJO8un+H9gwUA4mIgmgdWcW5cu
lAPbVjJavkeWH5oK634ksyMvS8auSChubVNq/r7bzxd/Ina7UZIf5dmrPk5RipcJ
j8m73dXhOwcDi0J9Wg2ljIO+vKGhP7WvyfOVR3kXaWazTzHY8x709h4wXNlgHAXt
ID6/5J7Q42kyAHO47DMEDVv8mcR37E1OEftarCpQjaq47SgC91/a8g7J9631JfMR
Xn0BE81OcDWtm/UXYT3WdnXSuDp318XjtpLzGGFEquCa/tfiQDI72xd0ASRlAgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQUtgp7GrY0g5GG6Bk+O4UpJf/FQkMwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMjE0NDMyLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAYD5y
MA0GCSqGSIb3DQEBCwUAA4IBAQC7YLI6XCxuPcXHbtLutJNbWErEnACdepkhvVs7
gv324MSvb0OlO3Dk9AJgEv0F7lwClqXbilyTF8nz9b5iZjg7Baf+Tr7UDd71xZOd
WEZe5uy+SEcYyyxNItYG4GD9I+RvO+lCTTn6aJJ424rTBSnJxFWKH8KpWeI9lL1A
y75axoZZPx+JnYEXB73DLLfXX1HdGowSqEOetIquy9kqE8mQ3AK1AvoFRQwAXtTz
5aiy6ilG3BBLIM4V1Pbra0IubduUG8lToHwBtQ4VSsLKV4U5fOke8wEKWAJcsG1T
1KZhq/6UGu/Fl8aiOPhIW6x/jkR7DdGdNnKbgQ71KlaDjJHa
-----END CERTIFICATE-----
Generated at Mon Aug 4 07:40:02 2025 by rpki-client