Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS214025.roa
File: AS214025.roa (raw, json)
Hash identifier: 6+X329PwCG8iOShQjzH3e4U11H3n8+/253T9AtBy5nY=
Subject key identifier: 59:40:DC:7B:61:14:C9:AC:29:63:3D:71:11:27:9E:FA:7E:F4:C1:4B
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 5AB678FE012654A9C97B384C3998102F0AB57DEF
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS214025.roa
Signing time: Sun 01 Mar 2026 07:40:32 +0000
ROA not before: Sun 01 Mar 2026 07:35:32 +0000
ROA not after: Sun 28 Feb 2027 07:40:32 +0000
asID: 214025
IP address blocks: 46.202.51.0/24 maxlen: 24
46.202.62.0/24 maxlen: 24
46.203.98.0/24 maxlen: 24
46.203.203.0/24 maxlen: 24
92.112.39.0/24 maxlen: 24
92.112.54.0/24 maxlen: 24
92.112.56.0/24 maxlen: 24
92.113.56.0/24 maxlen: 24
92.113.112.0/23 maxlen: 24
92.113.124.0/23 maxlen: 24
92.113.142.0/23 maxlen: 24
92.113.169.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 08:09:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5a:b6:78:fe:01:26:54:a9:c9:7b:38:4c:39:98:10:2f:0a:b5:7d:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Mar 1 07:35:32 2026 GMT
Not After : Feb 28 07:40:32 2027 GMT
Subject: CN=5940DC7B6114C9AC29633D7111279EFA7EF4C14B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:86:98:d6:81:e3:39:5a:c1:3c:d8:f5:4f:f6:
c8:e0:bb:0e:58:be:50:91:db:33:04:11:62:2d:e9:
94:23:01:11:d5:6d:77:90:14:51:64:b0:bb:80:24:
30:e5:08:dc:77:91:7f:ac:b5:9f:95:f8:81:e4:30:
5d:71:bc:78:bd:e9:50:9d:a7:bc:d2:aa:7a:a8:da:
08:c4:8a:7e:67:17:de:1b:7e:e3:6f:07:d5:15:92:
2c:eb:2b:b2:3b:a9:f4:86:e9:9e:47:e5:d0:54:ed:
7f:96:4d:bf:98:cd:8d:d7:e7:07:b8:76:fd:c0:ba:
39:2a:54:c8:ab:1d:b5:c5:87:cb:2a:1a:4e:1f:2f:
bc:2b:fb:b5:ed:04:b6:d0:fc:bb:1d:e5:73:7f:d8:
36:67:92:13:b9:f4:e0:83:0a:ca:06:ab:cd:57:56:
c6:91:1b:00:52:e4:92:a2:55:c9:4a:82:3c:d2:d3:
a1:84:e7:03:29:f4:29:f2:37:84:93:d5:ea:3b:6c:
e9:76:27:d4:04:57:af:1d:1c:a4:14:f8:23:94:86:
db:a6:d2:c1:1a:9f:d3:db:ad:ee:4b:81:ab:08:3d:
4e:c1:0a:27:38:1e:4e:7f:22:c0:6f:4e:39:1f:e6:
b4:20:b3:d2:de:d0:8e:8d:9b:64:0e:d1:e2:62:e2:
85:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:40:DC:7B:61:14:C9:AC:29:63:3D:71:11:27:9E:FA:7E:F4:C1:4B
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS214025.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.202.51.0/24
46.202.62.0/24
46.203.98.0/24
46.203.203.0/24
92.112.39.0/24
92.112.54.0/24
92.112.56.0/24
92.113.56.0/24
92.113.112.0/23
92.113.124.0/23
92.113.142.0/23
92.113.169.0/24
Signature Algorithm: sha256WithRSAEncryption
6a:50:9c:c3:66:c3:fa:18:0d:67:d7:b8:70:7d:2d:de:c1:79:
b8:ec:25:ec:54:ef:49:b6:3e:29:27:fa:e1:8d:2d:d8:dd:b5:
5a:84:54:c6:d5:d8:be:0f:ec:22:72:59:7a:d5:e5:2a:14:6a:
02:8f:65:c8:d6:68:55:b1:1d:c0:8d:23:f1:00:42:7f:32:82:
97:18:d4:f7:8c:22:a0:94:e4:3a:1b:03:b2:1e:59:80:66:5c:
dd:9c:eb:d9:7a:6f:f7:6d:8e:8f:1c:35:d5:64:01:6a:dc:86:
ef:77:67:d8:7c:67:e5:aa:4d:3f:38:77:43:2f:3f:54:e4:f4:
3b:5f:da:3e:40:f8:9f:73:de:a4:4e:ce:9e:6d:a3:d1:e5:66:
20:6d:f3:48:e0:04:ec:29:9a:ce:57:c7:39:03:b7:07:a6:4a:
c9:96:f4:e9:95:a5:28:31:34:33:b0:95:20:f6:08:54:6d:c8:
5b:3d:b2:ef:bd:66:f6:59:07:71:a9:38:48:69:57:a9:b2:54:
1a:84:ae:76:69:78:83:bf:cf:f4:60:db:5e:82:65:33:76:7e:
fb:12:7a:40:77:a9:9c:e6:ec:5e:35:5f:0d:67:b1:01:aa:5b:
13:0c:7d:03:bd:62:02:f5:84:57:4e:37:ba:0f:51:ad:9a:03:
ce:f3:a4:9b
-----BEGIN CERTIFICATE-----
MIIFQjCCBCqgAwIBAgIUWrZ4/gEmVKnJezhMOZgQLwq1fe8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNjAzMDEwNzM1MzJaFw0yNzAyMjgwNzQwMzJaMDMxMTAvBgNV
BAMTKDU5NDBEQzdCNjExNEM5QUMyOTYzM0Q3MTExMjc5RUZBN0VGNEMxNEIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDAhpjWgeM5WsE82PVP9sjguw5Y
vlCR2zMEEWIt6ZQjARHVbXeQFFFksLuAJDDlCNx3kX+stZ+V+IHkMF1xvHi96VCd
p7zSqnqo2gjEin5nF94bfuNvB9UVkizrK7I7qfSG6Z5H5dBU7X+WTb+YzY3X5we4
dv3AujkqVMirHbXFh8sqGk4fL7wr+7XtBLbQ/Lsd5XN/2DZnkhO59OCDCsoGq81X
VsaRGwBS5JKiVclKgjzS06GE5wMp9CnyN4ST1eo7bOl2J9QEV68dHKQU+COUhtum
0sEan9Pbre5LgasIPU7BCic4Hk5/IsBvTjkf5rQgs9Le0I6Nm2QO0eJi4oW1AgMB
AAGjggJMMIICSDAdBgNVHQ4EFgQUWUDce2EUyawpYz1xESee+n70wUswHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTMjE0MDI1LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDBOBAIAATBIAwQALsoz
AwQALso+AwQALstiAwQALsvLAwQAXHAnAwQAXHA2AwQAXHA4AwQAXHE4AwQBXHFw
AwQBXHF8AwQBXHGOAwQAXHGpMA0GCSqGSIb3DQEBCwUAA4IBAQBqUJzDZsP6GA1n
17hwfS3ewXm47CXsVO9Jtj4pJ/rhjS3Y3bVahFTG1di+D+wicll61eUqFGoCj2XI
1mhVsR3AjSPxAEJ/MoKXGNT3jCKglOQ6GwOyHlmAZlzdnOvZem/3bY6PHDXVZAFq
3Ibvd2fYfGflqk0/OHdDLz9U5PQ7X9o+QPifc96kTs6ebaPR5WYgbfNI4ATsKZrO
V8c5A7cHpkrJlvTplaUoMTQzsJUg9ghUbchbPbLvvWb2WQdxqThIaVepslQahK52
aXiDv8/0YNtegmUzdn77EnpAd6mc5uxeNV8NZ7EBqlsTDH0DvWIC9YRXTje6D1Gt
mgPO86Sb
-----END CERTIFICATE-----
Generated at Sun Mar 1 20:10:49 2026 by rpki-client