Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS214025.roa
File: AS214025.roa (raw, json)
Hash identifier: KTwsLjLypzCqBX6+oLYA202vGW1dkI95W6Mdlwbb+n4=
Subject key identifier: 1E:AA:07:BA:2E:6C:23:4D:9F:F4:53:81:22:48:9B:7A:CB:69:05:FD
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 790FFD93C992893B7224762047BC89A8EAA30539
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS214025.roa
Signing time: Wed 23 Jul 2025 00:01:59 +0000
ROA not before: Tue 22 Jul 2025 23:56:59 +0000
ROA not after: Wed 22 Jul 2026 00:01:59 +0000
asID: 214025
IP address blocks: 46.203.98.0/24 maxlen: 24
46.203.203.0/24 maxlen: 24
92.113.106.0/23 maxlen: 24
92.113.112.0/23 maxlen: 24
92.113.124.0/23 maxlen: 24
92.113.136.0/23 maxlen: 24
92.113.142.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 11:52:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
79:0f:fd:93:c9:92:89:3b:72:24:76:20:47:bc:89:a8:ea:a3:05:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Jul 22 23:56:59 2025 GMT
Not After : Jul 22 00:01:59 2026 GMT
Subject: CN=1EAA07BA2E6C234D9FF4538122489B7ACB6905FD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:0d:8f:2f:1e:c2:e1:44:a5:c9:ba:ce:bf:12:
7e:5f:56:e5:2f:5a:93:c9:ac:e1:5f:b4:fd:65:fe:
da:98:96:63:24:c4:42:05:9b:e4:62:ac:7d:63:a7:
20:0e:ce:0e:7e:78:54:75:2a:e0:d3:36:97:d9:8b:
82:c6:52:cf:1f:bf:0c:7c:d4:37:f6:6d:04:58:eb:
d1:db:c4:e9:c9:c6:8b:06:25:c7:51:ab:68:b0:4e:
52:dd:18:01:33:33:6b:d1:dc:63:44:e5:35:a5:b6:
fd:12:3d:ba:ca:7e:71:80:91:a4:6d:65:3e:9c:34:
ea:ea:f1:a6:9f:8a:24:ef:b6:12:b8:6a:d7:3a:c2:
d0:cf:ec:29:cf:ac:c4:0f:8b:f2:55:60:f9:29:d2:
f0:34:c7:aa:56:9f:4a:d9:72:22:4a:bf:e7:1e:3c:
c8:9f:60:45:46:00:ec:2b:13:a3:e7:53:9b:26:e7:
9e:14:93:0a:03:e9:2f:94:60:3c:2c:ee:66:3f:da:
dd:b8:a5:f5:e3:9d:bb:19:49:dc:2f:44:c7:f7:93:
87:75:ea:3d:80:55:c6:dc:24:9f:59:05:e1:9b:3f:
39:52:57:90:b6:41:8b:f9:c6:76:c1:29:2e:db:f2:
dd:37:68:ef:a1:4d:72:23:81:5e:8c:0d:33:5d:a3:
8a:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:AA:07:BA:2E:6C:23:4D:9F:F4:53:81:22:48:9B:7A:CB:69:05:FD
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS214025.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.203.98.0/24
46.203.203.0/24
92.113.106.0/23
92.113.112.0/23
92.113.124.0/23
92.113.136.0/23
92.113.142.0/23
Signature Algorithm: sha256WithRSAEncryption
77:b4:90:09:a7:61:d3:db:0f:b3:31:f9:6e:c0:12:23:7f:2e:
a2:31:67:8a:16:70:f6:a1:7c:bc:29:69:59:de:c6:38:8c:09:
e8:64:81:cd:66:0e:af:9d:ee:59:ca:1e:a8:9d:c3:3d:07:fe:
e0:e0:b0:96:f3:a3:a8:20:40:b6:da:34:50:5d:8f:c2:a7:6d:
ac:7c:a8:c9:67:1d:d6:ef:73:f4:b8:5d:1c:58:33:bf:6f:ca:
bc:5a:8c:18:c6:14:dd:5a:ae:5c:39:6a:bf:bf:46:0f:a0:26:
57:43:f8:89:58:d8:c3:1f:d6:68:1c:82:74:75:dc:78:e8:e8:
c4:6e:75:9b:dc:97:17:5e:e6:50:32:71:78:ea:26:74:69:ba:
cc:b8:bd:86:c7:b0:d9:39:23:c5:8d:64:46:ef:70:b9:9e:20:
3b:4d:7e:0c:a4:d6:3d:81:54:98:11:3d:05:05:f0:85:f7:d8:
a1:3b:22:91:59:33:87:32:4c:dd:ea:83:0d:17:44:86:2c:42:
74:a9:ae:d6:06:4f:0a:cd:bb:73:0a:98:cc:65:12:98:c7:9b:
6a:0d:18:f0:02:ae:8e:88:af:85:e2:7d:34:79:02:00:8f:d0:
f0:cc:4c:60:9c:d9:e4:30:2e:ba:2b:d2:11:a1:b1:d0:fc:6f:
40:13:38:b6
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgIUeQ/9k8mSiTtyJHYgR7yJqOqjBTkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNTA3MjIyMzU2NTlaFw0yNjA3MjIwMDAxNTlaMDMxMTAvBgNV
BAMTKDFFQUEwN0JBMkU2QzIzNEQ5RkY0NTM4MTIyNDg5QjdBQ0I2OTA1RkQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDcDY8vHsLhRKXJus6/En5fVuUv
WpPJrOFftP1l/tqYlmMkxEIFm+RirH1jpyAOzg5+eFR1KuDTNpfZi4LGUs8fvwx8
1Df2bQRY69HbxOnJxosGJcdRq2iwTlLdGAEzM2vR3GNE5TWltv0SPbrKfnGAkaRt
ZT6cNOrq8aafiiTvthK4atc6wtDP7CnPrMQPi/JVYPkp0vA0x6pWn0rZciJKv+ce
PMifYEVGAOwrE6PnU5sm554UkwoD6S+UYDws7mY/2t24pfXjnbsZSdwvRMf3k4d1
6j2AVcbcJJ9ZBeGbPzlSV5C2QYv5xnbBKS7b8t03aO+hTXIjgV6MDTNdo4rDAgMB
AAGjggIuMIICKjAdBgNVHQ4EFgQUHqoHui5sI02f9FOBIkibestpBf0wHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTMjE0MDI1LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQALsti
AwQALsvLAwQBXHFqAwQBXHFwAwQBXHF8AwQBXHGIAwQBXHGOMA0GCSqGSIb3DQEB
CwUAA4IBAQB3tJAJp2HT2w+zMfluwBIjfy6iMWeKFnD2oXy8KWlZ3sY4jAnoZIHN
Zg6vne5Zyh6oncM9B/7g4LCW86OoIEC22jRQXY/Cp22sfKjJZx3W73P0uF0cWDO/
b8q8WowYxhTdWq5cOWq/v0YPoCZXQ/iJWNjDH9ZoHIJ0ddx46OjEbnWb3JcXXuZQ
MnF46iZ0abrMuL2Gx7DZOSPFjWRG73C5niA7TX4MpNY9gVSYET0FBfCF99ihOyKR
WTOHMkzd6oMNF0SGLEJ0qa7WBk8KzbtzCpjMZRKYx5tqDRjwAq6OiK+F4n00eQIA
j9DwzExgnNnkMC66K9IRobHQ/G9AEzi2
-----END CERTIFICATE-----
Generated at Mon Aug 4 13:58:57 2025 by rpki-client