Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS214025.roa
File: AS214025.roa (raw, json)
Hash identifier: ivFnbNpCv02AKDrRPcs5Fle4zKy8ZtYXvKXZlkfayCs=
Subject key identifier: 4C:91:8E:E0:9B:23:C0:B7:C9:54:7A:82:1B:6F:AF:F8:F0:9E:94:47
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 33981A716CF8F8ED4B781CB381A5358805726384
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS214025.roa
Signing time: Mon 06 Apr 2026 02:54:21 +0000
ROA not before: Mon 06 Apr 2026 02:49:21 +0000
ROA not after: Mon 05 Apr 2027 02:54:21 +0000
asID: 214025
IP address blocks: 46.202.51.0/24 maxlen: 24
46.202.66.0/24 maxlen: 24
46.202.70.0/24 maxlen: 24
46.202.75.0/24 maxlen: 24
46.203.37.0/24 maxlen: 24
46.203.39.0/24 maxlen: 24
46.203.98.0/24 maxlen: 24
46.203.155.0/24 maxlen: 24
46.203.203.0/24 maxlen: 24
91.124.86.0/24 maxlen: 24
92.112.36.0/24 maxlen: 24
92.113.73.0/24 maxlen: 24
92.113.101.0/24 maxlen: 24
92.113.102.0/24 maxlen: 24
92.113.104.0/24 maxlen: 24
92.113.105.0/24 maxlen: 24
92.113.124.0/23 maxlen: 24
92.113.142.0/23 maxlen: 24
92.113.159.0/24 maxlen: 24
95.134.7.0/24 maxlen: 24
95.134.120.0/24 maxlen: 24
95.135.162.0/24 maxlen: 24
95.135.201.0/24 maxlen: 24
95.135.251.0/24 maxlen: 24
178.92.83.0/24 maxlen: 24
178.93.56.0/24 maxlen: 24
178.95.5.0/24 maxlen: 24
178.95.42.0/24 maxlen: 24
178.95.123.0/24 maxlen: 24
178.95.138.0/24 maxlen: 24
178.95.190.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 22:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
33:98:1a:71:6c:f8:f8:ed:4b:78:1c:b3:81:a5:35:88:05:72:63:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Apr 6 02:49:21 2026 GMT
Not After : Apr 5 02:54:21 2027 GMT
Subject: CN=4C918EE09B23C0B7C9547A821B6FAFF8F09E9447
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:ef:c4:ee:a7:37:e1:3b:23:e4:98:5e:79:81:
37:9a:7f:7b:9f:64:61:50:1a:20:76:48:42:68:bc:
3b:44:7d:3f:c4:f9:7b:7d:5e:3f:b8:39:37:12:fa:
44:51:b8:7d:7c:85:95:2c:0e:7d:82:35:c6:5e:42:
10:6b:fc:4d:8c:a8:9a:83:ed:50:4e:86:4c:32:68:
0e:4f:5f:cb:fa:a0:a8:f1:21:73:62:e9:0d:70:76:
98:63:e3:4c:9b:c5:ff:3f:7f:42:d1:e5:70:51:4c:
40:51:10:89:1e:c6:84:ff:eb:b5:5c:e7:c9:92:de:
0a:57:83:33:5a:55:6b:0b:7e:cd:8f:77:24:db:02:
06:2f:44:ed:a2:a1:49:73:27:6e:48:e5:40:6b:45:
2e:e5:b9:0f:ad:f3:27:20:83:c7:ff:57:e3:bc:36:
7b:53:59:a9:97:39:e9:66:0f:af:7d:76:76:c2:ee:
dc:84:6f:9f:b8:73:8c:6b:fd:13:e8:a0:49:66:39:
00:8d:ee:c2:42:be:09:35:28:c2:e4:9a:8c:33:92:
0d:ca:71:cf:5d:01:93:5e:65:f9:3a:14:83:c1:5e:
dc:89:66:0b:83:98:6c:54:56:a6:c9:a3:d0:fd:74:
c7:e3:dd:af:b0:23:5c:e1:11:ee:91:6b:fb:93:8c:
13:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:91:8E:E0:9B:23:C0:B7:C9:54:7A:82:1B:6F:AF:F8:F0:9E:94:47
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS214025.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.202.51.0/24
46.202.66.0/24
46.202.70.0/24
46.202.75.0/24
46.203.37.0/24
46.203.39.0/24
46.203.98.0/24
46.203.155.0/24
46.203.203.0/24
91.124.86.0/24
92.112.36.0/24
92.113.73.0/24
92.113.101.0-92.113.102.255
92.113.104.0/23
92.113.124.0/23
92.113.142.0/23
92.113.159.0/24
95.134.7.0/24
95.134.120.0/24
95.135.162.0/24
95.135.201.0/24
95.135.251.0/24
178.92.83.0/24
178.93.56.0/24
178.95.5.0/24
178.95.42.0/24
178.95.123.0/24
178.95.138.0/24
178.95.190.0/24
Signature Algorithm: sha256WithRSAEncryption
35:82:86:8f:83:7f:66:65:c3:c8:fd:f4:94:2a:f1:f6:d9:71:
e8:d6:e3:a6:53:56:38:5f:07:36:84:d6:8a:b4:b5:cc:13:a2:
02:b3:64:bc:26:a9:1f:45:0f:5a:bb:cc:ba:1f:fe:bb:45:61:
51:31:0b:d5:3e:12:16:19:f0:5c:e4:4e:00:19:0e:9a:b0:0e:
b4:60:96:7d:59:28:17:43:08:5a:9a:6f:97:bc:f4:c0:90:d3:
90:17:e5:ea:13:48:fa:db:49:b1:37:6b:e9:da:8c:1d:d5:ee:
eb:37:25:5b:2b:74:ac:f8:5a:e4:ab:7f:d5:88:6e:c0:c7:b9:
c8:1a:d9:40:25:ee:c7:30:0f:b4:bb:fb:88:4c:c9:5c:f6:61:
54:dd:60:46:34:61:01:3c:20:44:05:ef:72:e8:87:5f:c8:2f:
b3:a2:40:62:d9:02:75:86:16:b1:dc:2b:ba:e3:9b:bc:fa:51:
c0:29:ea:16:9a:7d:42:67:bf:26:42:6a:65:26:2c:7a:ec:22:
8e:a2:78:b8:ad:f1:f2:e4:c0:67:bc:1d:28:9c:83:93:e8:10:
a6:59:7c:25:5b:2b:b8:f7:1e:61:a0:fb:03:39:02:0d:bd:cf:
85:57:b3:55:61:18:5f:f1:ed:a0:48:11:08:11:d9:9d:d0:4d:
82:ec:4b:e5
-----BEGIN CERTIFICATE-----
MIIFtTCCBJ2gAwIBAgIUM5gacWz4+O1LeByzgaU1iAVyY4QwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNjA0MDYwMjQ5MjFaFw0yNzA0MDUwMjU0MjFaMDMxMTAvBgNV
BAMTKDRDOTE4RUUwOUIyM0MwQjdDOTU0N0E4MjFCNkZBRkY4RjA5RTk0NDcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCu78TupzfhOyPkmF55gTeaf3uf
ZGFQGiB2SEJovDtEfT/E+Xt9Xj+4OTcS+kRRuH18hZUsDn2CNcZeQhBr/E2MqJqD
7VBOhkwyaA5PX8v6oKjxIXNi6Q1wdphj40ybxf8/f0LR5XBRTEBREIkexoT/67Vc
58mS3gpXgzNaVWsLfs2PdyTbAgYvRO2ioUlzJ25I5UBrRS7luQ+t8ycgg8f/V+O8
NntTWamXOelmD699dnbC7tyEb5+4c4xr/RPooElmOQCN7sJCvgk1KMLkmowzkg3K
cc9dAZNeZfk6FIPBXtyJZguDmGxUVqbJo9D9dMfj3a+wI1zhEe6Ra/uTjBNxAgMB
AAGjggK/MIICuzAdBgNVHQ4EFgQUTJGO4JsjwLfJVHqCG2+v+PCelEcwHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTMjE0MDI1LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMIHTBggrBgEFBQcBBwEB/wSBwzCBwDCBvQQCAAEwgbYD
BAAuyjMDBAAuykIDBAAuykYDBAAuyksDBAAuyyUDBAAuyycDBAAuy2IDBAAuy5sD
BAAuy8sDBABbfFYDBABccCQDBABccUkwDAMEAFxxZQMEAFxxZgMEAVxxaAMEAVxx
fAMEAVxxjgMEAFxxnwMEAF+GBwMEAF+GeAMEAF+HogMEAF+HyQMEAF+H+wMEALJc
UwMEALJdOAMEALJfBQMEALJfKgMEALJfewMEALJfigMEALJfvjANBgkqhkiG9w0B
AQsFAAOCAQEANYKGj4N/ZmXDyP30lCrx9tlx6NbjplNWOF8HNoTWirS1zBOiArNk
vCapH0UPWrvMuh/+u0VhUTEL1T4SFhnwXOROABkOmrAOtGCWfVkoF0MIWppvl7z0
wJDTkBfl6hNI+ttJsTdr6dqMHdXu6zclWyt0rPha5Kt/1YhuwMe5yBrZQCXuxzAP
tLv7iEzJXPZhVN1gRjRhATwgRAXvcuiHX8gvs6JAYtkCdYYWsdwruuObvPpRwCnq
Fpp9Qme/JkJqZSYseuwijqJ4uK3x8uTAZ7wdKJyDk+gQpll8JVsruPceYaD7AzkC
Db3PhVezVWEYX/HtoEgRCBHZndBNguxL5Q==
-----END CERTIFICATE-----
Generated at Fri Apr 17 05:52:24 2026 by rpki-client