Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS214432.roa
File: AS214432.roa (raw, json)
Hash identifier: b4+q23XPVCS6VpiuxTxX6Uy8KRho2y0rzP06ZaGX8oE=
Subject key identifier: 9A:90:30:B9:0D:00:8F:2C:B7:02:BA:4C:83:FB:63:70:D0:27:E2:40
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 3E2DC49588532DA781B753FD16B192FDAF230804
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS214432.roa
Signing time: Sun 03 Aug 2025 00:00:19 +0000
ROA not before: Sat 02 Aug 2025 23:55:19 +0000
ROA not after: Sun 02 Aug 2026 00:00:19 +0000
asID: 214432
IP address blocks: 91.124.18.0/24 maxlen: 24
91.124.38.0/24 maxlen: 24
91.124.60.0/24 maxlen: 24
91.124.186.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 11:52:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3e:2d:c4:95:88:53:2d:a7:81:b7:53:fd:16:b1:92:fd:af:23:08:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Aug 2 23:55:19 2025 GMT
Not After : Aug 2 00:00:19 2026 GMT
Subject: CN=9A9030B90D008F2CB702BA4C83FB6370D027E240
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:9c:a2:76:a0:0b:66:d6:57:fc:19:18:00:22:
50:eb:8b:31:2e:ca:32:4c:00:ff:71:d0:d7:d8:18:
2f:5e:cb:ad:14:dc:ab:2d:0d:c5:b4:2f:a1:4a:83:
27:2b:7a:eb:68:a2:ed:37:d7:fc:43:6c:f3:58:8d:
36:13:2c:b5:9e:0a:a0:86:13:e6:2b:27:18:bd:75:
e2:dc:7a:68:1a:85:fe:55:b3:42:56:59:a4:03:4b:
57:31:6b:1a:37:56:32:76:d3:5d:57:7c:b8:cb:90:
1f:78:ea:b2:d0:d9:79:37:7b:71:fd:60:c6:a4:f4:
eb:63:d3:54:62:28:7d:99:1f:d8:cd:39:d5:47:77:
8e:b3:e5:fd:b9:18:76:5c:51:c4:30:0d:1a:68:e7:
2a:8c:b3:b7:e6:60:d2:bf:f7:99:dd:02:78:cf:24:
eb:a7:36:62:ab:1a:eb:a9:3f:c4:4d:37:04:1f:8b:
b0:47:54:ee:10:f3:71:b4:51:28:8e:93:c7:39:8d:
d8:fd:c9:7e:ee:85:03:7b:fc:ec:61:28:d8:19:94:
e0:c1:6d:59:4d:04:14:fd:73:bb:b4:dd:70:d0:08:
eb:2b:37:da:fe:96:a7:05:02:9e:a2:e9:d6:26:57:
a4:b5:7a:1c:19:c6:76:7e:da:97:ca:57:2e:2a:7c:
30:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:90:30:B9:0D:00:8F:2C:B7:02:BA:4C:83:FB:63:70:D0:27:E2:40
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS214432.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.124.18.0/24
91.124.38.0/24
91.124.60.0/24
91.124.186.0/24
Signature Algorithm: sha256WithRSAEncryption
35:25:70:fa:2f:2f:6e:ca:28:50:d5:79:d6:61:5b:ba:ae:bb:
8e:d7:f4:58:e5:bf:df:91:05:9c:5f:fc:95:6e:27:18:7b:cf:
0b:11:a8:9f:02:82:9c:a6:2c:dd:5f:5f:d5:1c:94:63:dc:57:
89:cb:5d:fb:c7:dc:64:c0:3c:ae:fb:8c:5a:e7:49:0a:80:5b:
2d:08:a2:8b:d5:2a:52:94:7f:6a:36:40:d1:b9:b0:9e:f0:9e:
d7:0e:48:50:7f:f4:3d:96:29:99:f1:0a:b4:94:35:5d:75:1c:
1d:de:e3:2f:61:53:38:e2:92:de:e7:12:cd:50:91:c2:68:d9:
6a:79:39:b2:4a:f2:b2:62:d4:3c:30:7d:75:e1:2e:b9:19:9f:
1b:8d:5e:3e:50:1f:22:fc:b2:3c:46:3b:ed:c2:a2:1a:90:9b:
05:3c:69:24:80:bc:43:7c:2f:35:27:28:88:f8:94:84:47:47:
2e:f0:50:27:c7:21:af:60:d3:96:14:49:e1:2b:a1:07:bf:a2:
5f:f1:f6:2d:cf:3a:51:2e:dd:b7:a2:1c:3d:fc:4d:c3:8b:de:
53:cc:1c:08:7c:13:5d:74:21:5c:43:81:c2:9d:89:d3:c1:a2:
60:5c:12:e8:a8:03:7e:6d:01:7a:e5:70:e9:8c:81:b0:b7:86:
51:19:04:ef
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgIUPi3ElYhTLaeBt1P9FrGS/a8jCAQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNTA4MDIyMzU1MTlaFw0yNjA4MDIwMDAwMTlaMDMxMTAvBgNV
BAMTKDlBOTAzMEI5MEQwMDhGMkNCNzAyQkE0QzgzRkI2MzcwRDAyN0UyNDAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC2nKJ2oAtm1lf8GRgAIlDrizEu
yjJMAP9x0NfYGC9ey60U3KstDcW0L6FKgycreutoou031/xDbPNYjTYTLLWeCqCG
E+YrJxi9deLcemgahf5Vs0JWWaQDS1cxaxo3VjJ2011XfLjLkB946rLQ2Xk3e3H9
YMak9Otj01RiKH2ZH9jNOdVHd46z5f25GHZcUcQwDRpo5yqMs7fmYNK/95ndAnjP
JOunNmKrGuupP8RNNwQfi7BHVO4Q83G0USiOk8c5jdj9yX7uhQN7/OxhKNgZlODB
bVlNBBT9c7u03XDQCOsrN9r+lqcFAp6i6dYmV6S1ehwZxnZ+2pfKVy4qfDBdAgMB
AAGjggIcMIICGDAdBgNVHQ4EFgQUmpAwuQ0Ajyy3ArpMg/tjcNAn4kAwHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTMjE0NDMyLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAW3wS
AwQAW3wmAwQAW3w8AwQAW3y6MA0GCSqGSIb3DQEBCwUAA4IBAQA1JXD6Ly9uyihQ
1XnWYVu6rruO1/RY5b/fkQWcX/yVbicYe88LEaifAoKcpizdX1/VHJRj3FeJy137
x9xkwDyu+4xa50kKgFstCKKL1SpSlH9qNkDRubCe8J7XDkhQf/Q9limZ8Qq0lDVd
dRwd3uMvYVM44pLe5xLNUJHCaNlqeTmySvKyYtQ8MH114S65GZ8bjV4+UB8i/LI8
RjvtwqIakJsFPGkkgLxDfC81JyiI+JSER0cu8FAnxyGvYNOWFEnhK6EHv6Jf8fYt
zzpRLt23ohw9/E3Di95TzBwIfBNddCFcQ4HCnYnTwaJgXBLoqAN+bQF65XDpjIGw
t4ZRGQTv
-----END CERTIFICATE-----
Generated at Mon Aug 4 13:56:42 2025 by rpki-client