Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS2914.roa
File: AS2914.roa (raw, json)
Hash identifier: CCqmEjv/SfO1iqve6XVfJ/6kDYRxnbZ4OPc47WTQIMQ=
Subject key identifier: 54:71:1C:F7:BE:F8:36:EC:3D:C7:DB:F8:AC:B3:6C:C8:ED:BB:F6:1D
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 09C0CF51825E93278C0C3A30D376F83B7D523F0C
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS2914.roa
Signing time: Sun 28 Sep 2025 00:04:47 +0000
ROA not before: Sat 27 Sep 2025 23:59:47 +0000
ROA not after: Sun 27 Sep 2026 00:04:47 +0000
asID: 2914
IP address blocks: 82.23.248.0/23 maxlen: 24
82.23.250.0/24 maxlen: 24
82.24.16.0/24 maxlen: 24
82.26.139.0/24 maxlen: 24
82.26.142.0/24 maxlen: 24
82.26.143.0/24 maxlen: 24
82.26.144.0/24 maxlen: 24
82.26.152.0/24 maxlen: 24
82.27.116.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 09 Oct 2025 07:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
09:c0:cf:51:82:5e:93:27:8c:0c:3a:30:d3:76:f8:3b:7d:52:3f:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Sep 27 23:59:47 2025 GMT
Not After : Sep 27 00:04:47 2026 GMT
Subject: CN=54711CF7BEF836EC3DC7DBF8ACB36CC8EDBBF61D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:07:71:cb:fd:00:14:e8:b9:25:64:3b:08:e3:
ea:84:4b:8f:1e:4e:9d:7e:a1:f4:a8:2d:e7:af:64:
df:14:87:42:95:78:ac:dd:fa:7d:a0:4b:4f:06:aa:
f7:73:97:0c:e0:85:cb:c9:63:dd:22:2c:2b:c3:b4:
5c:97:4d:28:83:94:55:95:80:b3:46:41:7a:43:a5:
38:1d:f1:7d:43:90:17:bb:b3:9a:43:ac:cc:ca:06:
13:25:32:0f:89:64:cd:a0:f4:49:7a:b0:9e:2f:ed:
24:fb:01:5d:f9:a4:e8:1a:fd:8e:9a:62:69:f8:c5:
5c:1e:85:e2:39:e1:7f:6e:11:48:61:64:18:ce:b4:
4c:90:04:1b:28:eb:c3:8e:a4:91:57:ae:a4:8e:63:
1a:41:8c:a8:87:dd:ef:f2:b0:28:bf:0c:5b:3d:f2:
2c:aa:1d:a7:23:65:d1:9f:d3:4d:1d:c9:35:99:97:
ef:ee:3a:79:9b:c1:3d:7a:bb:61:b8:58:9b:bc:df:
17:12:51:a5:c2:a9:65:90:11:8a:c5:3f:cb:6b:e8:
ed:8c:61:69:28:83:86:9c:80:74:9d:ef:23:53:bf:
c7:cd:3b:3a:9a:46:bb:5b:ba:bd:89:27:cc:69:d4:
7f:b3:29:c2:97:82:3b:5d:90:92:8c:1d:aa:a5:19:
62:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:71:1C:F7:BE:F8:36:EC:3D:C7:DB:F8:AC:B3:6C:C8:ED:BB:F6:1D
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS2914.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.23.248.0-82.23.250.255
82.24.16.0/24
82.26.139.0/24
82.26.142.0-82.26.144.255
82.26.152.0/24
82.27.116.0/23
Signature Algorithm: sha256WithRSAEncryption
47:14:fe:7c:9b:9e:9c:3c:f6:96:19:43:0d:3f:43:45:c1:bc:
80:d6:94:e9:7a:e4:e0:65:f1:a5:39:4f:2c:b6:3b:20:34:1c:
24:55:64:29:02:e3:bb:6c:a7:f6:98:1f:0c:7f:7b:1e:0f:7d:
81:a9:fe:a3:02:4f:84:45:96:c1:40:3a:78:40:80:a8:85:88:
bf:ed:9b:34:eb:58:c4:04:5b:ca:9a:3b:fe:08:8e:58:ae:08:
a3:81:d8:07:3f:1a:61:a9:61:43:58:58:70:eb:0b:3d:8d:59:
34:3b:7b:95:5c:ec:47:62:ab:3a:40:8e:24:e1:2b:0a:b0:4c:
67:1e:61:62:ad:3a:21:14:7e:4d:f6:70:3c:73:a3:aa:7b:b3:
d3:f1:8d:d8:08:d7:c7:f8:25:0f:c5:95:33:a8:3f:f7:97:42:
1a:75:6e:dd:72:8c:a0:60:d4:06:31:d8:9b:10:cb:1b:62:cf:
98:1c:fd:f2:8d:71:fc:fb:65:bb:3d:f0:5b:6d:bc:9a:8b:39:
41:60:57:67:95:c5:6c:f8:5e:c1:ce:48:b1:ef:21:d7:7c:e5:
89:93:14:f9:71:53:ff:1c:77:b0:71:f9:42:79:67:a8:31:38:
7f:37:37:c9:19:7b:28:56:dd:71:df:ee:9f:e2:e0:95:93:70:
5e:50:42:22
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgIUCcDPUYJekyeMDDow03b4O31SPwwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTA5MjcyMzU5NDdaFw0yNjA5MjcwMDA0NDdaMDMxMTAvBgNV
BAMTKDU0NzExQ0Y3QkVGODM2RUMzREM3REJGOEFDQjM2Q0M4RURCQkY2MUQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5B3HL/QAU6LklZDsI4+qES48e
Tp1+ofSoLeevZN8Uh0KVeKzd+n2gS08GqvdzlwzghcvJY90iLCvDtFyXTSiDlFWV
gLNGQXpDpTgd8X1DkBe7s5pDrMzKBhMlMg+JZM2g9El6sJ4v7ST7AV35pOga/Y6a
Ymn4xVweheI54X9uEUhhZBjOtEyQBBso68OOpJFXrqSOYxpBjKiH3e/ysCi/DFs9
8iyqHacjZdGf000dyTWZl+/uOnmbwT16u2G4WJu83xcSUaXCqWWQEYrFP8tr6O2M
YWkog4acgHSd7yNTv8fNOzqaRrtbur2JJ8xp1H+zKcKXgjtdkJKMHaqlGWKLAgMB
AAGjggI2MIICMjAdBgNVHQ4EFgQUVHEc9774Nuw9x9v4rLNsyO279h0wHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMjkxNC5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBNBggrBgEFBQcBBwEB/wQ+MDwwOgQCAAEwNDAMAwQDUhf4
AwQAUhf6AwQAUhgQAwQAUhqLMAwDBAFSGo4DBABSGpADBABSGpgDBAFSG3QwDQYJ
KoZIhvcNAQELBQADggEBAEcU/nybnpw89pYZQw0/Q0XBvIDWlOl65OBl8aU5Tyy2
OyA0HCRVZCkC47tsp/aYHwx/ex4PfYGp/qMCT4RFlsFAOnhAgKiFiL/tmzTrWMQE
W8qaO/4IjliuCKOB2Ac/GmGpYUNYWHDrCz2NWTQ7e5Vc7EdiqzpAjiThKwqwTGce
YWKtOiEUfk32cDxzo6p7s9PxjdgI18f4JQ/FlTOoP/eXQhp1bt1yjKBg1AYx2JsQ
yxtiz5gc/fKNcfz7Zbs98FttvJqLOUFgV2eVxWz4XsHOSLHvIdd85YmTFPlxU/8c
d7Bx+UJ5Z6gxOH83N8kZeyhW3XHf7p/i4JWTcF5QQiI=
-----END CERTIFICATE-----
Generated at Wed Oct 8 11:55:21 2025 by rpki-client