Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS216050.roa
File: AS216050.roa (raw, json)
Hash identifier: ab/xRRlLvI/44NEZ075zEwCqtuPofaZxj8K4b0bpi2A=
Subject key identifier: 2E:03:4E:6E:95:1D:35:DC:C8:F5:73:E9:62:DD:1E:79:4B:A2:08:35
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 5A04AF0E273FFBCEE9938352EC681782FADA7658
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS216050.roa
Signing time: Mon 14 Apr 2025 13:49:04 +0000
ROA not before: Mon 14 Apr 2025 13:44:04 +0000
ROA not after: Mon 13 Apr 2026 13:49:04 +0000
asID: 216050
IP address blocks: 46.202.204.0/24 maxlen: 24
46.202.205.0/24 maxlen: 24
46.203.151.0/24 maxlen: 24
46.203.165.0/24 maxlen: 24
46.203.166.0/24 maxlen: 24
46.203.167.0/24 maxlen: 24
46.203.170.0/24 maxlen: 24
46.203.181.0/24 maxlen: 24
46.203.191.0/24 maxlen: 24
46.203.192.0/24 maxlen: 24
46.203.193.0/24 maxlen: 24
46.203.194.0/24 maxlen: 24
46.203.211.0/24 maxlen: 24
46.203.213.0/24 maxlen: 24
46.203.240.0/24 maxlen: 24
91.124.39.0/24 maxlen: 24
91.124.48.0/24 maxlen: 24
91.124.50.0/24 maxlen: 24
91.124.51.0/24 maxlen: 24
92.112.131.0/24 maxlen: 24
92.113.41.0/24 maxlen: 24
92.113.55.0/24 maxlen: 24
92.113.65.0/24 maxlen: 24
92.113.68.0/24 maxlen: 24
92.113.69.0/24 maxlen: 24
92.113.75.0/24 maxlen: 24
92.113.76.0/24 maxlen: 24
92.113.78.0/24 maxlen: 24
92.113.79.0/24 maxlen: 24
92.113.81.0/24 maxlen: 24
92.113.82.0/24 maxlen: 24
92.113.84.0/24 maxlen: 24
92.113.85.0/24 maxlen: 24
92.113.87.0/24 maxlen: 24
92.113.88.0/24 maxlen: 24
92.113.90.0/24 maxlen: 24
92.113.166.0/24 maxlen: 24
92.113.167.0/24 maxlen: 24
95.135.51.0/24 maxlen: 24
95.135.73.0/24 maxlen: 24
95.135.111.0/24 maxlen: 24
95.135.114.0/24 maxlen: 24
95.135.115.0/24 maxlen: 24
95.135.128.0/24 maxlen: 24
95.135.129.0/24 maxlen: 24
95.135.130.0/24 maxlen: 24
95.135.131.0/24 maxlen: 24
95.135.235.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5a:04:af:0e:27:3f:fb:ce:e9:93:83:52:ec:68:17:82:fa:da:76:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Apr 14 13:44:04 2025 GMT
Not After : Apr 13 13:49:04 2026 GMT
Subject: CN=2E034E6E951D35DCC8F573E962DD1E794BA20835
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:2e:28:80:14:ad:09:2d:e1:3d:1e:a3:c8:9a:
ad:49:58:69:0c:68:de:c6:8f:d4:69:8c:75:a3:00:
3a:0b:3c:ed:03:28:04:0f:51:70:e7:3e:88:1f:ad:
5a:db:61:a6:b0:be:24:1e:55:4b:53:0e:06:99:42:
aa:2d:ed:08:b5:e8:f4:30:21:66:e3:e1:52:5d:65:
a2:3b:ef:cd:ef:8c:97:89:a6:35:11:0d:90:ba:7d:
69:de:6e:48:e0:ae:8f:f8:fe:20:00:6e:93:e4:71:
5a:89:8e:f8:30:6d:07:c0:e8:4d:5b:ac:78:8f:c6:
6d:72:5c:60:f6:fa:92:bd:6c:7b:98:e5:15:3d:d0:
b0:a2:7c:06:9f:2b:d0:9e:e7:3a:df:97:bb:e2:ce:
15:e7:02:bf:87:57:11:a3:03:ba:e8:ef:4a:b7:7f:
35:7b:b5:7d:22:3c:ab:ab:2f:cb:25:0b:e4:92:ea:
54:26:3f:80:dc:6f:f7:02:4f:2e:df:70:59:18:8b:
c8:72:86:1a:61:92:fe:b0:22:12:b4:21:7b:2d:55:
b1:1f:9b:70:d8:8c:7b:4d:0f:0d:ea:22:c8:48:13:
1b:a9:4e:d5:85:5b:41:fb:c4:43:7c:08:1f:d8:34:
f2:53:ec:7c:d9:89:cf:ad:d5:3c:35:25:6a:60:80:
f6:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:03:4E:6E:95:1D:35:DC:C8:F5:73:E9:62:DD:1E:79:4B:A2:08:35
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS216050.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.202.204.0/23
46.203.151.0/24
46.203.165.0-46.203.167.255
46.203.170.0/24
46.203.181.0/24
46.203.191.0-46.203.194.255
46.203.211.0/24
46.203.213.0/24
46.203.240.0/24
91.124.39.0/24
91.124.48.0/24
91.124.50.0/23
92.112.131.0/24
92.113.41.0/24
92.113.55.0/24
92.113.65.0/24
92.113.68.0/23
92.113.75.0-92.113.76.255
92.113.78.0/23
92.113.81.0-92.113.82.255
92.113.84.0/23
92.113.87.0-92.113.88.255
92.113.90.0/24
92.113.166.0/23
95.135.51.0/24
95.135.73.0/24
95.135.111.0/24
95.135.114.0/23
95.135.128.0/22
95.135.235.0/24
Signature Algorithm: sha256WithRSAEncryption
7e:64:db:fa:45:e2:6a:58:2e:d9:07:cd:ef:15:3f:78:04:db:
1a:d4:c5:a6:2b:ce:17:23:6d:1b:28:b1:0b:2d:57:0b:c5:c3:
1d:42:eb:43:ce:33:56:a7:6f:bf:6d:b6:66:1e:50:db:6c:c8:
e2:87:6c:84:8b:04:2e:16:f3:8c:f6:63:67:78:6f:98:3c:a1:
e1:0f:38:7f:0e:e5:84:86:73:c2:04:0c:f2:83:22:24:5d:ed:
e9:17:68:88:48:50:b5:cb:1f:db:32:08:05:be:a6:9b:99:81:
7c:6e:cb:78:2f:23:c6:de:92:ed:a9:e5:fc:64:96:f8:c0:39:
f8:8a:ed:b9:07:9e:4a:78:be:75:a0:2d:1d:80:30:9b:34:a7:
eb:59:46:f1:a0:5d:d1:72:32:ab:f7:3b:87:48:c6:df:2e:f9:
c9:15:bf:40:9f:ef:b6:37:66:3a:2d:9f:64:bc:66:fc:a0:e8:
ae:e8:5d:e7:6f:7b:e7:59:b2:17:35:34:67:3d:dc:11:83:f9:
a0:d8:2b:a3:d3:f9:1c:34:bc:65:12:98:9e:3b:72:68:51:fd:
cc:df:d6:59:a8:74:dc:c3:b6:aa:08:30:fc:d5:50:b2:77:b6:
18:67:a5:9f:15:35:3b:b1:4b:12:fc:a1:21:79:8e:99:9e:2f:
fa:07:9d:d4
-----BEGIN CERTIFICATE-----
MIIF2zCCBMOgAwIBAgIUWgSvDic/+87pk4NS7GgXgvradlgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNTA0MTQxMzQ0MDRaFw0yNjA0MTMxMzQ5MDRaMDMxMTAvBgNV
BAMTKDJFMDM0RTZFOTUxRDM1RENDOEY1NzNFOTYyREQxRTc5NEJBMjA4MzUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC7LiiAFK0JLeE9HqPImq1JWGkM
aN7Gj9RpjHWjADoLPO0DKAQPUXDnPogfrVrbYaawviQeVUtTDgaZQqot7Qi16PQw
IWbj4VJdZaI7783vjJeJpjURDZC6fWnebkjgro/4/iAAbpPkcVqJjvgwbQfA6E1b
rHiPxm1yXGD2+pK9bHuY5RU90LCifAafK9Ce5zrfl7vizhXnAr+HVxGjA7ro70q3
fzV7tX0iPKurL8slC+SS6lQmP4Dcb/cCTy7fcFkYi8hyhhphkv6wIhK0IXstVbEf
m3DYjHtNDw3qIshIExupTtWFW0H7xEN8CB/YNPJT7HzZic+t1Tw1JWpggPbFAgMB
AAGjggLlMIIC4TAdBgNVHQ4EFgQULgNObpUdNdzI9XPpYt0eeUuiCDUwHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTMjE2MDUwLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMIH5BggrBgEFBQcBBwEB/wSB6TCB5jCB4wQCAAEwgdwD
BAEuyswDBAAuy5cwDAMEAC7LpQMEAy7LoAMEAC7LqgMEAC7LtTAMAwQALsu/AwQA
LsvCAwQALsvTAwQALsvVAwQALsvwAwQAW3wnAwQAW3wwAwQBW3wyAwQAXHCDAwQA
XHEpAwQAXHE3AwQAXHFBAwQBXHFEMAwDBABccUsDBABccUwDBAFccU4wDAMEAFxx
UQMEAFxxUgMEAVxxVDAMAwQAXHFXAwQAXHFYAwQAXHFaAwQBXHGmAwQAX4czAwQA
X4dJAwQAX4dvAwQBX4dyAwQCX4eAAwQAX4frMA0GCSqGSIb3DQEBCwUAA4IBAQB+
ZNv6ReJqWC7ZB83vFT94BNsa1MWmK84XI20bKLELLVcLxcMdQutDzjNWp2+/bbZm
HlDbbMjih2yEiwQuFvOM9mNneG+YPKHhDzh/DuWEhnPCBAzygyIkXe3pF2iISFC1
yx/bMggFvqabmYF8bst4LyPG3pLtqeX8ZJb4wDn4iu25B55KeL51oC0dgDCbNKfr
WUbxoF3RcjKr9zuHSMbfLvnJFb9An++2N2Y6LZ9kvGb8oOiu6F3nb3vnWbIXNTRn
PdwRg/mg2Cuj0/kcNLxlEpieO3JoUf3M39ZZqHTcw7aqCDD81VCyd7YYZ6WfFTU7
sUsS/KEheY6Zni/6B53U
-----END CERTIFICATE-----
Generated at Sat Apr 26 19:48:58 2025 by rpki-client