Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS214025.roa
File: AS214025.roa (raw, json)
Hash identifier: iLcc6BRfCHAFz+XVC7O6g3rzjRjc/sVPuejdjYUFKJQ=
Subject key identifier: F1:5A:DD:82:57:03:87:9A:D8:B8:2F:94:9C:4E:36:3E:80:C2:FD:D6
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 624E43C905B6BE41652F98F01075B3B7A24C8122
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS214025.roa
Signing time: Tue 15 Apr 2025 23:19:10 +0000
ROA not before: Tue 15 Apr 2025 23:14:10 +0000
ROA not after: Tue 14 Apr 2026 23:19:10 +0000
asID: 214025
IP address blocks: 46.203.98.0/24 maxlen: 24
46.203.203.0/24 maxlen: 24
92.113.106.0/23 maxlen: 24
92.113.112.0/23 maxlen: 24
92.113.124.0/23 maxlen: 24
92.113.136.0/23 maxlen: 24
92.113.142.0/23 maxlen: 24
95.135.83.0/24 maxlen: 24
95.135.109.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 28 Apr 2025 00:18:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
62:4e:43:c9:05:b6:be:41:65:2f:98:f0:10:75:b3:b7:a2:4c:81:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Apr 15 23:14:10 2025 GMT
Not After : Apr 14 23:19:10 2026 GMT
Subject: CN=F15ADD825703879AD8B82F949C4E363E80C2FDD6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:db:a2:e1:9b:38:5b:3b:39:35:17:84:8a:aa:
7d:d2:01:51:38:3d:76:85:3a:51:86:a7:d4:92:f6:
65:22:dd:ac:53:0f:84:44:2c:70:59:b8:23:a5:89:
cf:3c:47:b7:1c:b5:6a:e1:a0:d1:d6:55:46:06:1a:
96:97:79:99:12:ce:15:e1:39:e5:6c:e7:a8:a5:51:
fa:ba:d5:b7:4e:58:5a:5f:9b:89:95:19:12:17:30:
91:58:36:63:18:fd:f7:92:31:9f:f2:f2:af:90:2e:
f2:52:5b:8c:ae:94:f9:5d:96:5e:35:a2:3f:52:94:
38:d2:16:16:3d:dc:c5:42:ef:12:ce:3d:83:92:c0:
4b:4e:f4:46:69:1c:37:f9:2a:d2:1b:28:92:25:7a:
81:8e:45:63:49:c4:1a:55:ba:a2:33:49:4c:78:74:
09:58:23:79:cd:b2:df:ba:15:cc:35:22:69:13:dd:
b7:38:40:ba:d5:68:74:dc:30:44:47:86:7d:17:19:
c0:c7:aa:cd:19:95:08:9c:ee:09:9f:e0:f2:45:3b:
66:26:ce:70:b8:93:fa:6a:55:c0:2a:60:d2:a3:93:
69:af:37:92:b3:9a:13:9d:30:98:0f:f0:5a:f6:da:
7e:cf:8f:26:87:c6:f8:11:a8:d8:30:71:88:f9:2d:
4c:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:5A:DD:82:57:03:87:9A:D8:B8:2F:94:9C:4E:36:3E:80:C2:FD:D6
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS214025.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.203.98.0/24
46.203.203.0/24
92.113.106.0/23
92.113.112.0/23
92.113.124.0/23
92.113.136.0/23
92.113.142.0/23
95.135.83.0/24
95.135.109.0/24
Signature Algorithm: sha256WithRSAEncryption
98:65:0b:8b:18:ab:5c:b7:03:fd:e4:ce:d3:b6:b3:98:68:62:
6a:d1:e1:2d:3c:dc:f4:da:f2:a4:ca:5c:aa:6d:d8:fc:4b:6f:
d4:6e:10:98:fb:d7:8a:99:c5:38:0a:24:fb:0e:d5:f5:0d:7d:
12:39:b8:a9:5c:a9:9e:18:2a:4a:07:58:9a:05:ce:01:ad:23:
48:49:5c:98:33:1a:27:27:9f:26:c7:ea:8b:16:22:f9:c5:ef:
63:2d:d6:07:6d:46:13:10:b0:27:b9:35:1c:1b:b8:81:69:af:
ed:60:2e:ab:fe:23:3d:36:3a:4c:20:97:a8:ef:d2:8e:b7:b4:
c3:10:d4:84:90:9b:ce:9e:40:8d:69:46:e8:c2:ba:74:f6:f1:
b2:c9:a7:06:b4:d1:57:7b:94:a1:aa:2c:f4:58:d1:2a:71:aa:
c0:19:f1:46:ea:a7:66:77:1c:48:13:cd:ad:7b:49:58:ed:1c:
76:52:42:e5:6f:d2:b6:7e:5d:44:33:40:e9:4a:cc:95:bd:e4:
79:3c:78:a1:77:38:4b:29:43:02:26:4a:b9:1c:4d:12:df:70:
bb:4c:19:54:a2:12:c0:03:2c:4f:1d:42:3f:51:49:5c:75:69:
e2:53:bb:c8:80:42:03:2b:09:dd:c9:d4:35:dd:24:1f:04:1f:
b2:18:f2:f9
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgIUYk5DyQW2vkFlL5jwEHWzt6JMgSIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNTA0MTUyMzE0MTBaFw0yNjA0MTQyMzE5MTBaMDMxMTAvBgNV
BAMTKEYxNUFERDgyNTcwMzg3OUFEOEI4MkY5NDlDNEUzNjNFODBDMkZERDYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDd26LhmzhbOzk1F4SKqn3SAVE4
PXaFOlGGp9SS9mUi3axTD4RELHBZuCOlic88R7cctWrhoNHWVUYGGpaXeZkSzhXh
OeVs56ilUfq61bdOWFpfm4mVGRIXMJFYNmMY/feSMZ/y8q+QLvJSW4yulPldll41
oj9SlDjSFhY93MVC7xLOPYOSwEtO9EZpHDf5KtIbKJIleoGORWNJxBpVuqIzSUx4
dAlYI3nNst+6Fcw1ImkT3bc4QLrVaHTcMERHhn0XGcDHqs0ZlQic7gmf4PJFO2Ym
znC4k/pqVcAqYNKjk2mvN5KzmhOdMJgP8Fr22n7PjyaHxvgRqNgwcYj5LUy1AgMB
AAGjggI6MIICNjAdBgNVHQ4EFgQU8VrdglcDh5rYuC+UnE42PoDC/dYwHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTMjE0MDI1LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQALsti
AwQALsvLAwQBXHFqAwQBXHFwAwQBXHF8AwQBXHGIAwQBXHGOAwQAX4dTAwQAX4dt
MA0GCSqGSIb3DQEBCwUAA4IBAQCYZQuLGKtctwP95M7TtrOYaGJq0eEtPNz02vKk
ylyqbdj8S2/UbhCY+9eKmcU4CiT7DtX1DX0SObipXKmeGCpKB1iaBc4BrSNISVyY
MxonJ58mx+qLFiL5xe9jLdYHbUYTELAnuTUcG7iBaa/tYC6r/iM9NjpMIJeo79KO
t7TDENSEkJvOnkCNaUbowrp09vGyyacGtNFXe5Shqiz0WNEqcarAGfFG6qdmdxxI
E82te0lY7Rx2UkLlb9K2fl1EM0DpSsyVveR5PHihdzhLKUMCJkq5HE0S33C7TBlU
ohLAAyxPHUI/UUlcdWniU7vIgEIDKwndydQ13SQfBB+yGPL5
-----END CERTIFICATE-----
Generated at Sun Apr 27 07:05:13 2025 by rpki-client