Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS214024.roa
File: AS214024.roa (raw, json)
Hash identifier: Nns/SSgf2c+ZEiyXPMKHxOk1ocqQESM4yzke6PFsF9Q=
Subject key identifier: 56:75:71:D9:70:9E:03:80:43:92:EE:AE:94:D1:7F:AF:6D:B9:D1:46
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 309F8E074C97F1C1074B0F536BE3912B026BC637
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS214024.roa
Signing time: Sun 27 Jul 2025 09:29:42 +0000
ROA not before: Sun 27 Jul 2025 09:24:42 +0000
ROA not after: Sun 26 Jul 2026 09:29:42 +0000
asID: 214024
IP address blocks: 95.135.199.0/24 maxlen: 24
178.95.89.0/24 maxlen: 24
178.95.90.0/24 maxlen: 24
178.95.91.0/24 maxlen: 24
178.95.232.0/24 maxlen: 24
178.95.233.0/24 maxlen: 24
178.95.234.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 11:52:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
30:9f:8e:07:4c:97:f1:c1:07:4b:0f:53:6b:e3:91:2b:02:6b:c6:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Jul 27 09:24:42 2025 GMT
Not After : Jul 26 09:29:42 2026 GMT
Subject: CN=567571D9709E03804392EEAE94D17FAF6DB9D146
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:0d:92:e9:1a:dc:45:9b:41:c6:39:e3:12:4a:
5e:52:39:bd:eb:0d:5d:64:d4:38:f2:7f:c6:49:79:
93:a2:d6:7a:6c:68:68:be:a1:b6:5f:b2:08:58:a5:
3d:b1:d2:1f:ed:63:84:68:a0:25:72:f3:c5:11:5f:
33:a3:e3:ab:9b:54:d3:e0:a7:a8:29:b2:fc:13:ba:
c9:64:12:0d:64:5d:b7:03:36:d0:61:3d:92:6f:ab:
8e:b4:1c:51:44:2f:7d:92:10:6d:2e:db:b7:b3:01:
2e:64:9c:78:9e:f1:ef:06:cc:51:3a:38:41:39:0e:
04:e8:e8:23:d4:ea:93:79:db:e0:3e:69:ad:74:95:
ec:b6:7e:a0:7d:44:35:b9:8b:43:af:bd:f2:03:ca:
c0:bb:8a:d7:44:6f:37:59:fd:10:2f:89:b9:62:8a:
3b:73:09:3a:8d:93:6d:a1:f6:83:4f:64:a6:70:fb:
96:87:7e:c5:e4:6c:8c:b7:a8:1b:9c:51:4d:8c:5b:
fd:4d:7e:a9:9e:ed:a7:8e:b2:ca:ec:f2:0f:f3:d5:
46:9e:69:f9:60:5e:3b:95:02:1c:84:ae:16:ba:9b:
53:e8:3b:b8:68:0c:16:a8:fb:68:5e:6d:cb:de:e0:
6a:f4:91:ac:6d:33:10:1a:e7:4e:c8:3f:56:4a:c7:
2c:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:75:71:D9:70:9E:03:80:43:92:EE:AE:94:D1:7F:AF:6D:B9:D1:46
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS214024.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.135.199.0/24
178.95.89.0-178.95.91.255
178.95.232.0-178.95.234.255
Signature Algorithm: sha256WithRSAEncryption
18:7c:e9:19:e8:41:33:2e:a0:9a:7a:d9:ff:0d:63:0e:0a:b8:
e7:16:01:aa:a0:d4:3e:1d:c1:75:68:f9:73:d7:bd:37:70:2c:
11:ec:c6:6e:2b:51:a0:cc:1e:71:b1:f2:e9:fe:05:99:d3:c9:
1c:0d:2d:3f:33:f2:46:9f:d6:9e:64:af:14:b5:ec:fa:59:df:
29:bd:24:d7:cd:a4:04:0d:73:44:ec:84:4c:a1:fa:73:90:bc:
8d:00:35:96:b9:3b:2b:67:ed:3a:7c:2c:c5:53:43:2a:f6:d6:
6c:9d:b7:a1:06:6c:eb:74:5d:63:b4:60:db:0e:69:9b:b7:27:
35:32:55:5f:81:fb:39:a8:f9:56:1d:ce:f2:15:72:a9:8c:fc:
b6:a0:61:c2:68:50:91:90:bb:a6:c8:45:95:48:78:85:76:1f:
a1:c0:34:30:84:a9:c4:e2:1a:68:35:90:99:32:80:3d:d9:9a:
62:ba:4e:e2:cc:0a:7d:46:15:10:bf:03:ea:3f:7c:8f:e2:87:
d1:09:7d:53:41:5a:09:e7:15:9a:36:23:ba:0f:9a:38:09:93:
43:a0:7b:73:9c:6d:f2:f9:b7:64:5c:40:95:f5:c1:5e:22:1c:
7e:fb:d6:45:e0:e5:d7:88:c9:d3:a2:b8:51:44:27:ca:00:31:
8c:47:96:fe
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgIUMJ+OB0yX8cEHSw9Ta+ORKwJrxjcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNTA3MjcwOTI0NDJaFw0yNjA3MjYwOTI5NDJaMDMxMTAvBgNV
BAMTKDU2NzU3MUQ5NzA5RTAzODA0MzkyRUVBRTk0RDE3RkFGNkRCOUQxNDYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDADZLpGtxFm0HGOeMSSl5SOb3r
DV1k1Djyf8ZJeZOi1npsaGi+obZfsghYpT2x0h/tY4RooCVy88URXzOj46ubVNPg
p6gpsvwTuslkEg1kXbcDNtBhPZJvq460HFFEL32SEG0u27ezAS5knHie8e8GzFE6
OEE5DgTo6CPU6pN52+A+aa10ley2fqB9RDW5i0OvvfIDysC7itdEbzdZ/RAvibli
ijtzCTqNk22h9oNPZKZw+5aHfsXkbIy3qBucUU2MW/1Nfqme7aeOssrs8g/z1Uae
aflgXjuVAhyErha6m1PoO7hoDBao+2hebcve4Gr0kaxtMxAa507IP1ZKxyyRAgMB
AAGjggImMIICIjAdBgNVHQ4EFgQUVnVx2XCeA4BDku6ulNF/r2250UYwHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTMjE0MDI0LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAoBAIAATAiAwQAX4fH
MAwDBACyX1kDBAKyX1gwDAMEA7Jf6AMEALJf6jANBgkqhkiG9w0BAQsFAAOCAQEA
GHzpGehBMy6gmnrZ/w1jDgq45xYBqqDUPh3BdWj5c9e9N3AsEezGbitRoMwecbHy
6f4FmdPJHA0tPzPyRp/WnmSvFLXs+lnfKb0k182kBA1zROyETKH6c5C8jQA1lrk7
K2ftOnwsxVNDKvbWbJ23oQZs63RdY7Rg2w5pm7cnNTJVX4H7Oaj5Vh3O8hVyqYz8
tqBhwmhQkZC7pshFlUh4hXYfocA0MISpxOIaaDWQmTKAPdmaYrpO4swKfUYVEL8D
6j98j+KH0Ql9U0FaCecVmjYjug+aOAmTQ6B7c5xt8vm3ZFxAlfXBXiIcfvvWReDl
14jJ06K4UUQnygAxjEeW/g==
-----END CERTIFICATE-----
Generated at Mon Aug 4 13:58:54 2025 by rpki-client