Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS214143.roa
File: AS214143.roa (raw, json)
Hash identifier: z8N31RpfiudywJEjHQOMJoxajaext9LGRJW6DpG/QXo=
Subject key identifier: 28:87:84:09:E9:3D:52:44:C1:F5:DB:70:9D:19:EF:B8:61:FF:10:32
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 5AC0925EACCE2BAF6AB5AD9D38F441DC5C07DA54
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS214143.roa
Signing time: Fri 13 Jun 2025 16:55:55 +0000
ROA not before: Fri 13 Jun 2025 16:50:55 +0000
ROA not after: Fri 12 Jun 2026 16:55:55 +0000
asID: 214143
IP address blocks: 46.203.2.0/24 maxlen: 24
178.92.102.0/24 maxlen: 24
178.92.104.0/24 maxlen: 24
178.92.105.0/24 maxlen: 24
178.92.107.0/24 maxlen: 24
178.92.109.0/24 maxlen: 24
178.92.166.0/24 maxlen: 24
178.92.185.0/24 maxlen: 24
178.92.197.0/24 maxlen: 24
178.92.198.0/24 maxlen: 24
178.92.201.0/24 maxlen: 24
178.92.211.0/24 maxlen: 24
178.92.215.0/24 maxlen: 24
178.92.223.0/24 maxlen: 24
178.92.224.0/24 maxlen: 24
178.92.226.0/24 maxlen: 24
178.92.229.0/24 maxlen: 24
178.92.230.0/24 maxlen: 24
178.92.235.0/24 maxlen: 24
178.92.237.0/24 maxlen: 24
178.92.249.0/24 maxlen: 24
178.92.251.0/24 maxlen: 24
178.93.4.0/24 maxlen: 24
178.93.9.0/24 maxlen: 24
178.93.27.0/24 maxlen: 24
178.93.40.0/24 maxlen: 24
178.93.42.0/24 maxlen: 24
178.93.141.0/24 maxlen: 24
178.93.145.0/24 maxlen: 24
178.93.147.0/24 maxlen: 24
178.93.152.0/24 maxlen: 24
178.93.162.0/24 maxlen: 24
178.94.12.0/24 maxlen: 24
178.94.16.0/24 maxlen: 24
178.94.18.0/24 maxlen: 24
178.94.33.0/24 maxlen: 24
178.94.35.0/24 maxlen: 24
178.94.40.0/24 maxlen: 24
178.94.82.0/24 maxlen: 24
178.94.104.0/24 maxlen: 24
178.94.118.0/24 maxlen: 24
178.94.210.0/24 maxlen: 24
178.94.220.0/24 maxlen: 24
178.94.234.0/24 maxlen: 24
178.94.238.0/24 maxlen: 24
178.94.239.0/24 maxlen: 24
178.94.240.0/24 maxlen: 24
178.94.243.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5a:c0:92:5e:ac:ce:2b:af:6a:b5:ad:9d:38:f4:41:dc:5c:07:da:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Jun 13 16:50:55 2025 GMT
Not After : Jun 12 16:55:55 2026 GMT
Subject: CN=28878409E93D5244C1F5DB709D19EFB861FF1032
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:ef:8f:a2:a3:58:e5:70:ef:ec:8d:15:7b:61:
fe:75:7a:74:19:13:e0:29:9f:b5:2e:2b:27:4f:e2:
7b:64:18:01:cc:96:65:ea:b4:6a:f4:92:43:fe:64:
5e:10:f1:e1:39:64:7c:e7:0f:8f:9b:7f:9b:10:ee:
8e:e1:61:e6:2d:51:00:b9:2c:29:dc:59:f2:a7:8c:
ef:8b:62:49:9e:d9:9d:30:2b:aa:93:00:71:a8:f8:
a9:9c:92:81:a3:d2:bd:bd:39:bf:15:74:d0:cf:01:
a7:a7:5a:c9:47:c4:bf:5d:c1:73:74:2a:e8:46:a5:
33:fb:ea:4c:f2:58:99:6b:48:da:a6:87:1d:a1:52:
58:8f:3f:85:9a:15:bf:48:a9:be:80:2a:77:e1:e1:
3d:d9:36:5a:3b:06:4b:4b:2a:b9:55:20:14:a5:6c:
4a:6c:90:b3:80:de:ae:db:61:15:96:00:ec:3d:16:
27:58:2b:bc:79:11:3c:fe:17:8d:f0:87:2c:2e:61:
c5:77:99:48:44:0a:52:2f:4a:97:89:f8:b9:93:26:
86:2b:d1:2a:4f:5e:02:76:a7:a3:b0:b0:cc:19:b4:
c7:37:5c:0d:87:3b:56:06:29:82:da:8e:19:09:51:
67:0b:c7:0b:77:dd:1c:71:0f:78:ab:fc:3f:2e:23:
56:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:87:84:09:E9:3D:52:44:C1:F5:DB:70:9D:19:EF:B8:61:FF:10:32
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS214143.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.203.2.0/24
178.92.102.0/24
178.92.104.0/23
178.92.107.0/24
178.92.109.0/24
178.92.166.0/24
178.92.185.0/24
178.92.197.0-178.92.198.255
178.92.201.0/24
178.92.211.0/24
178.92.215.0/24
178.92.223.0-178.92.224.255
178.92.226.0/24
178.92.229.0-178.92.230.255
178.92.235.0/24
178.92.237.0/24
178.92.249.0/24
178.92.251.0/24
178.93.4.0/24
178.93.9.0/24
178.93.27.0/24
178.93.40.0/24
178.93.42.0/24
178.93.141.0/24
178.93.145.0/24
178.93.147.0/24
178.93.152.0/24
178.93.162.0/24
178.94.12.0/24
178.94.16.0/24
178.94.18.0/24
178.94.33.0/24
178.94.35.0/24
178.94.40.0/24
178.94.82.0/24
178.94.104.0/24
178.94.118.0/24
178.94.210.0/24
178.94.220.0/24
178.94.234.0/24
178.94.238.0-178.94.240.255
178.94.243.0/24
Signature Algorithm: sha256WithRSAEncryption
00:a7:35:ca:08:c9:71:b3:9f:f8:a0:1d:6a:52:32:8d:3c:18:
b3:0f:20:bd:02:29:80:1a:67:ec:5b:d4:c3:40:c6:15:00:1d:
32:98:28:95:02:1e:cc:e1:f5:f5:d4:c1:65:e0:4e:6a:f1:9c:
bb:06:53:74:d1:dc:52:e2:50:cf:be:50:d1:6b:55:d7:e4:95:
71:c1:fb:52:99:54:c7:c2:14:c1:c9:d8:34:50:f9:e1:4a:8c:
0a:f3:e2:a2:22:32:a8:e2:21:24:02:05:69:11:af:6c:d0:c7:
b4:1d:7f:09:fb:2b:d9:cd:e9:7e:7f:53:37:ff:e5:91:7d:80:
df:a6:3e:be:2f:52:24:2c:0a:60:0d:22:d0:78:e0:c9:48:c5:
42:5c:d1:89:bd:d4:c1:aa:64:a2:f1:ed:b6:88:b4:55:4b:70:
78:59:9e:5f:73:06:cf:be:0f:6a:9f:6f:20:0e:e9:ae:1a:88:
5b:d4:f4:7c:e5:01:7d:6b:56:09:8c:79:d6:cd:1f:04:45:89:
c4:9c:7b:92:f9:18:86:81:cc:ff:27:ee:29:e9:c1:01:3b:7b:
db:fa:11:60:63:8b:64:68:04:f5:c6:53:31:15:5b:4b:30:a3:
dc:e2:2f:4b:53:a3:11:a8:d6:df:e1:1b:13:40:21:b3:dc:16:
12:7d:13:03
-----BEGIN CERTIFICATE-----
MIIGIDCCBQigAwIBAgIUWsCSXqzOK69qta2dOPRB3FwH2lQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNTA2MTMxNjUwNTVaFw0yNjA2MTIxNjU1NTVaMDMxMTAvBgNV
BAMTKDI4ODc4NDA5RTkzRDUyNDRDMUY1REI3MDlEMTlFRkI4NjFGRjEwMzIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCp74+io1jlcO/sjRV7Yf51enQZ
E+Apn7UuKydP4ntkGAHMlmXqtGr0kkP+ZF4Q8eE5ZHznD4+bf5sQ7o7hYeYtUQC5
LCncWfKnjO+LYkme2Z0wK6qTAHGo+KmckoGj0r29Ob8VdNDPAaenWslHxL9dwXN0
KuhGpTP76kzyWJlrSNqmhx2hUliPP4WaFb9Iqb6AKnfh4T3ZNlo7BktLKrlVIBSl
bEpskLOA3q7bYRWWAOw9FidYK7x5ETz+F43whywuYcV3mUhEClIvSpeJ+LmTJoYr
0SpPXgJ2p6OwsMwZtMc3XA2HO1YGKYLajhkJUWcLxwt33RxxD3ir/D8uI1ZxAgMB
AAGjggMqMIIDJjAdBgNVHQ4EFgQUKIeECek9UkTB9dtwnRnvuGH/EDIwHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTMjE0MTQzLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMIIBPQYIKwYBBQUHAQcBAf8EggEsMIIBKDCCASQEAgAB
MIIBHAMEAC7LAgMEALJcZgMEAbJcaAMEALJcawMEALJcbQMEALJcpgMEALJcuTAM
AwQAslzFAwQAslzGAwQAslzJAwQAslzTAwQAslzXMAwDBACyXN8DBACyXOADBACy
XOIwDAMEALJc5QMEALJc5gMEALJc6wMEALJc7QMEALJc+QMEALJc+wMEALJdBAME
ALJdCQMEALJdGwMEALJdKAMEALJdKgMEALJdjQMEALJdkQMEALJdkwMEALJdmAME
ALJdogMEALJeDAMEALJeEAMEALJeEgMEALJeIQMEALJeIwMEALJeKAMEALJeUgME
ALJeaAMEALJedgMEALJe0gMEALJe3AMEALJe6jAMAwQBsl7uAwQAsl7wAwQAsl7z
MA0GCSqGSIb3DQEBCwUAA4IBAQAApzXKCMlxs5/4oB1qUjKNPBizDyC9AimAGmfs
W9TDQMYVAB0ymCiVAh7M4fX11MFl4E5q8Zy7BlN00dxS4lDPvlDRa1XX5JVxwftS
mVTHwhTBydg0UPnhSowK8+KiIjKo4iEkAgVpEa9s0Me0HX8J+yvZzel+f1M3/+WR
fYDfpj6+L1IkLApgDSLQeODJSMVCXNGJvdTBqmSi8e22iLRVS3B4WZ5fcwbPvg9q
n28gDumuGohb1PR85QF9a1YJjHnWzR8ERYnEnHuS+RiGgcz/J+4p6cEBO3vb+hFg
Y4tkaAT1xlMxFVtLMKPc4i9LU6MRqNbf4RsTQCGz3BYSfRMD
-----END CERTIFICATE-----
Generated at Sat Jun 14 11:00:02 2025 by rpki-client