Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS214025.roa
File: AS214025.roa (raw, json)
Hash identifier: RI40ds4MRQt6BqCf6xCB7S/cj4TW7N0oMiFeACkXg+Q=
Subject key identifier: F2:0F:60:B8:A8:51:84:D5:6C:25:77:3E:5F:68:0E:3C:0E:F6:0F:E3
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 639CE15A58970894BFAAF40F7BA9A657BDDA6952
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS214025.roa
Signing time: Fri 24 Oct 2025 02:43:11 +0000
ROA not before: Fri 24 Oct 2025 02:38:11 +0000
ROA not after: Fri 23 Oct 2026 02:43:11 +0000
asID: 214025
IP address blocks: 46.203.98.0/24 maxlen: 24
46.203.203.0/24 maxlen: 24
92.113.106.0/23 maxlen: 24
92.113.112.0/23 maxlen: 24
92.113.124.0/23 maxlen: 24
92.113.136.0/23 maxlen: 24
92.113.142.0/23 maxlen: 24
92.113.211.0/24 maxlen: 24
178.95.113.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 12:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
63:9c:e1:5a:58:97:08:94:bf:aa:f4:0f:7b:a9:a6:57:bd:da:69:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Oct 24 02:38:11 2025 GMT
Not After : Oct 23 02:43:11 2026 GMT
Subject: CN=F20F60B8A85184D56C25773E5F680E3C0EF60FE3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:82:8f:1c:3d:4f:e5:a6:71:84:78:6e:5d:19:
2e:87:13:a8:09:0f:fb:79:0c:7f:dd:be:bb:92:4a:
88:ed:b8:3b:8d:5f:ef:01:7c:f2:7f:e4:2e:14:85:
82:3a:b0:16:6a:d1:e1:74:86:c0:43:37:00:9d:64:
4c:f2:68:4e:c6:b9:3e:61:74:88:7b:d8:2a:47:af:
75:df:bc:20:36:ea:24:3b:41:e1:ab:24:29:95:d4:
52:1a:55:eb:9a:91:3d:1e:f8:f0:cc:26:8a:18:13:
b0:44:d8:d0:77:f8:90:a2:6d:4e:cf:82:d3:16:51:
87:d6:ab:83:b8:04:0f:42:30:f7:10:a8:09:89:64:
fd:5d:ae:02:c7:1d:e1:2b:6a:db:cd:e1:39:1f:51:
f4:fc:fb:1e:8c:e8:38:e9:65:8b:e6:18:c5:12:48:
2b:d2:aa:5f:d0:df:72:20:a2:46:69:0a:be:f3:7a:
61:0b:8d:3f:bd:08:b6:77:6e:a5:1d:7a:ad:de:6e:
a6:6b:79:52:4d:24:7e:19:17:28:55:42:84:af:f6:
97:24:6a:66:45:8b:99:be:6e:d5:66:5b:19:af:20:
26:c5:6f:e0:63:8a:cf:51:6f:06:b9:4c:94:dc:72:
a8:b1:b1:92:dc:6e:62:8f:e6:02:1e:c8:a3:c6:1a:
35:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:0F:60:B8:A8:51:84:D5:6C:25:77:3E:5F:68:0E:3C:0E:F6:0F:E3
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS214025.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.203.98.0/24
46.203.203.0/24
92.113.106.0/23
92.113.112.0/23
92.113.124.0/23
92.113.136.0/23
92.113.142.0/23
92.113.211.0/24
178.95.113.0/24
Signature Algorithm: sha256WithRSAEncryption
85:95:77:a5:51:93:95:79:04:e2:a4:8c:91:7c:10:c4:8c:06:
37:10:ce:11:a9:96:a2:28:e2:61:83:1e:dc:1a:8c:85:4b:72:
18:a4:1e:7a:7e:f0:df:4e:36:7b:f3:f5:cf:dc:e4:c9:4a:a7:
25:76:6b:1c:19:ab:85:0f:2e:9e:83:6f:de:2d:fb:56:1f:8a:
5c:47:fc:1a:49:34:7f:1a:f6:2d:c9:e8:ab:c0:e8:9f:2d:a6:
3b:f6:31:e2:00:d5:69:00:00:37:dd:34:62:75:53:18:ca:4a:
3c:a2:44:00:5a:14:26:9b:d0:55:16:ca:2c:a6:5e:5f:4a:64:
3e:fa:29:bf:51:ae:b2:f0:9e:c8:27:3e:0a:02:47:f1:59:cc:
74:4b:9c:e2:ef:0e:08:a8:67:32:65:83:51:56:8c:59:36:0e:
45:4f:ea:2d:a3:50:ea:5d:fe:55:4b:62:8b:ca:55:37:d8:75:
a9:a1:71:13:9e:46:a1:db:35:4a:18:68:ba:b4:1f:fa:ad:48:
23:e7:93:ee:4b:39:49:b1:14:e8:0b:15:66:a2:3f:10:f9:2d:
7c:c5:82:25:67:d2:a5:fd:a3:45:c7:36:ae:ba:c0:7f:72:86:
37:95:59:ea:2f:66:36:13:ea:ca:b5:36:64:9c:7b:bc:7e:a4:
7e:00:9d:fc
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgIUY5zhWliXCJS/qvQPe6mmV73aaVIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNTEwMjQwMjM4MTFaFw0yNjEwMjMwMjQzMTFaMDMxMTAvBgNV
BAMTKEYyMEY2MEI4QTg1MTg0RDU2QzI1NzczRTVGNjgwRTNDMEVGNjBGRTMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCPgo8cPU/lpnGEeG5dGS6HE6gJ
D/t5DH/dvruSSojtuDuNX+8BfPJ/5C4UhYI6sBZq0eF0hsBDNwCdZEzyaE7GuT5h
dIh72CpHr3XfvCA26iQ7QeGrJCmV1FIaVeuakT0e+PDMJooYE7BE2NB3+JCibU7P
gtMWUYfWq4O4BA9CMPcQqAmJZP1drgLHHeEratvN4TkfUfT8+x6M6DjpZYvmGMUS
SCvSql/Q33IgokZpCr7zemELjT+9CLZ3bqUdeq3ebqZreVJNJH4ZFyhVQoSv9pck
amZFi5m+btVmWxmvICbFb+Bjis9Rbwa5TJTccqixsZLcbmKP5gIeyKPGGjXlAgMB
AAGjggI6MIICNjAdBgNVHQ4EFgQU8g9guKhRhNVsJXc+X2gOPA72D+MwHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTMjE0MDI1LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQALsti
AwQALsvLAwQBXHFqAwQBXHFwAwQBXHF8AwQBXHGIAwQBXHGOAwQAXHHTAwQAsl9x
MA0GCSqGSIb3DQEBCwUAA4IBAQCFlXelUZOVeQTipIyRfBDEjAY3EM4RqZaiKOJh
gx7cGoyFS3IYpB56fvDfTjZ78/XP3OTJSqcldmscGauFDy6eg2/eLftWH4pcR/wa
STR/GvYtyeirwOifLaY79jHiANVpAAA33TRidVMYyko8okQAWhQmm9BVFsospl5f
SmQ++im/Ua6y8J7IJz4KAkfxWcx0S5zi7w4IqGcyZYNRVoxZNg5FT+oto1DqXf5V
S2KLylU32HWpoXETnkah2zVKGGi6tB/6rUgj55PuSzlJsRToCxVmoj8Q+S18xYIl
Z9Kl/aNFxzauusB/coY3lVnqL2Y2E+rKtTZknHu8fqR+AJ38
-----END CERTIFICATE-----
Generated at Wed Nov 5 14:52:33 2025 by rpki-client