Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS214208.roa
File: AS214208.roa (raw, json)
Hash identifier: KogwHuduBXVMqSLWE2/AVhbfq3tJF+4QSKOyKfrTPsw=
Subject key identifier: C1:E0:64:01:7B:EE:45:3C:8F:5D:26:BB:9A:BC:E3:B9:CC:1F:6E:1A
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 49102262E9AF6DCCD167922A6D6E7C67AB0C52
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS214208.roa
Signing time: Tue 01 Jul 2025 06:13:55 +0000
ROA not before: Tue 01 Jul 2025 06:08:55 +0000
ROA not after: Tue 30 Jun 2026 06:13:55 +0000
asID: 214208
IP address blocks: 148.135.154.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
49:10:22:62:e9:af:6d:cc:d1:67:92:2a:6d:6e:7c:67:ab:0c:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Jul 1 06:08:55 2025 GMT
Not After : Jun 30 06:13:55 2026 GMT
Subject: CN=C1E064017BEE453C8F5D26BB9ABCE3B9CC1F6E1A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:ae:71:c3:e1:2d:94:f3:1c:25:b0:c0:51:2e:
e0:bf:fd:8c:61:ec:ed:17:27:c0:34:e6:b1:e3:71:
a0:dc:9c:ac:78:b3:4e:c9:88:77:9b:4b:b7:9c:db:
1f:44:cf:e2:7a:2f:f9:3b:d6:9b:9d:fe:e4:fc:3a:
43:b4:18:f3:ed:64:6d:4c:a3:49:c5:f3:8f:45:22:
45:39:5c:35:cd:d1:ae:7b:29:64:fd:7d:2a:e8:fd:
cc:bd:bd:57:30:43:a9:bb:07:b9:e3:ff:e3:45:57:
39:13:8e:88:23:b6:f8:9d:df:44:40:55:86:22:c1:
0a:c6:4c:f5:18:7a:f6:83:4f:d9:d6:12:a3:fc:e7:
52:56:44:ec:86:a1:f9:21:b5:65:49:0b:b1:8f:f4:
04:88:ca:b0:8f:ac:1d:c7:9d:c0:ef:07:1b:c5:09:
9b:66:a1:88:5f:56:30:61:cc:4d:24:e3:bd:38:7c:
1b:e2:89:da:71:ac:59:9a:ef:f5:4f:08:83:55:a4:
35:9d:e7:2f:8e:97:2f:d7:e1:e0:ec:50:91:32:30:
26:fc:7c:e2:91:c5:8c:d4:21:55:31:bf:5c:1d:e4:
c0:fb:89:58:3c:87:38:00:6e:f5:c1:84:4c:95:c5:
76:30:21:53:63:a1:e4:7d:46:60:ee:56:78:3b:63:
f2:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:E0:64:01:7B:EE:45:3C:8F:5D:26:BB:9A:BC:E3:B9:CC:1F:6E:1A
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS214208.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
148.135.154.0/24
Signature Algorithm: sha256WithRSAEncryption
86:22:58:ca:e6:80:ce:a4:66:94:27:ee:0e:db:d6:e2:8e:8b:
22:32:56:56:bd:8b:e1:3c:5a:af:59:7a:1b:af:6b:34:2c:3b:
8d:84:28:40:a1:e7:6a:87:1f:4a:85:96:16:d4:d8:db:c8:b6:
8b:09:0e:f1:d6:b3:63:bf:1b:cb:e1:2d:29:11:ef:f3:5f:6b:
64:37:d5:ab:40:ae:6c:42:6e:ce:bb:97:85:21:6a:60:32:aa:
91:25:8c:f8:f0:5d:53:4c:d3:34:68:09:7f:6c:a2:43:aa:20:
53:ed:a3:1b:99:ba:4f:c3:a9:2f:31:2d:51:2b:4a:fa:13:56:
19:50:69:3a:79:54:ba:c9:5d:af:ca:b2:7a:38:1b:b3:b5:67:
b5:bf:ca:2c:28:7b:7b:6f:f0:c5:32:64:a7:95:dc:f8:f6:d6:
27:1f:d5:66:9d:c7:8a:1b:42:f5:32:c9:a9:46:78:68:d4:6d:
b7:04:e1:4b:56:9c:14:2c:d7:9d:5a:40:4b:f5:37:10:b9:a3:
8d:66:ab:92:da:0d:4a:49:84:94:eb:ca:ca:d1:c1:15:bc:ba:
1b:ef:29:01:05:13:0d:fa:68:f5:67:95:66:f4:5a:c4:6e:80:
16:4b:3f:17:4e:9a:fd:ce:52:a6:57:d8:f9:25:0b:3f:d2:9e:
ca:e5:2d:5c
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgITSRAiYumvbczRZ5IqbW58Z6sMUjANBgkqhkiG9w0BAQsF
ADAzMTEwLwYDVQQDEyg0ZmMzMzZiZjlmM2RlNWNlNDE0MTRiZDE5NzE5NDVmNGIy
NDZiZmNjMB4XDTI1MDcwMTA2MDg1NVoXDTI2MDYzMDA2MTM1NVowMzExMC8GA1UE
AxMoQzFFMDY0MDE3QkVFNDUzQzhGNUQyNkJCOUFCQ0UzQjlDQzFGNkUxQTCCASIw
DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKeuccPhLZTzHCWwwFEu4L/9jGHs
7RcnwDTmseNxoNycrHizTsmId5tLt5zbH0TP4nov+TvWm53+5Pw6Q7QY8+1kbUyj
ScXzj0UiRTlcNc3RrnspZP19Kuj9zL29VzBDqbsHueP/40VXOROOiCO2+J3fREBV
hiLBCsZM9Rh69oNP2dYSo/znUlZE7Iah+SG1ZUkLsY/0BIjKsI+sHcedwO8HG8UJ
m2ahiF9WMGHMTSTjvTh8G+KJ2nGsWZrv9U8Ig1WkNZ3nL46XL9fh4OxQkTIwJvx8
4pHFjNQhVTG/XB3kwPuJWDyHOABu9cGETJXFdjAhU2Oh5H1GYO5WeDtj8r0CAwEA
AaOCAgowggIGMB0GA1UdDgQWBBTB4GQBe+5FPI9dJruavOO5zB9uGjAfBgNVHSME
GDAWgBRPwza/nz3lzkFBS9GXGUX0ska/zDAOBgNVHQ8BAf8EBAMCB4AwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5u
ZXQvcmVwb3NpdG9yeS8wOWJlM2FhZS1hZWExLTQxZGMtYjFiOS05NWFjNTkxODI0
NGQvMC80RkMzMzZCRjlGM0RFNUNFNDE0MTRCRDE5NzE5NDVGNEIyNDZCRkNDLmNy
bDBkBggrBgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvVDhNMnY1ODk1YzVCUVV2Umx4bEY5TEpH
djh3LmNlcjB7BggrBgEFBQcBCwRvMG0wawYIKwYBBQUHMAuGX3JzeW5jOi8vcnN5
bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00
MWRjLWIxYjktOTVhYzU5MTgyNDRkLzAvQVMyMTQyMDgucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACUh5ow
DQYJKoZIhvcNAQELBQADggEBAIYiWMrmgM6kZpQn7g7b1uKOiyIyVla9i+E8Wq9Z
ehuvazQsO42EKECh52qHH0qFlhbU2NvItosJDvHWs2O/G8vhLSkR7/Nfa2Q31atA
rmxCbs67l4UhamAyqpEljPjwXVNM0zRoCX9sokOqIFPtoxuZuk/DqS8xLVErSvoT
VhlQaTp5VLrJXa/Ksno4G7O1Z7W/yiwoe3tv8MUyZKeV3Pj21icf1Wadx4obQvUy
yalGeGjUbbcE4UtWnBQs151aQEv1NxC5o41mq5LaDUpJhJTrysrRwRW8uhvvKQEF
Ew36aPVnlWb0WsRugBZLPxdOmv3OUqZX2PklCz/SnsrlLVw=
-----END CERTIFICATE-----
Generated at Tue Jul 22 19:01:29 2025 by rpki-client