Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS214432.roa
File: AS214432.roa (raw, json)
Hash identifier: 9fh+w2gF4jrQ1bUJOvviIK/yrOH6G7z5kp7MlrtOOXo=
Subject key identifier: 9E:90:D6:F4:1C:EE:04:AE:B8:14:3E:B9:B5:17:62:98:C8:6A:EE:65
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 033785CC859F8EDDCFA50B35B4911E89286A94D9
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS214432.roa
Signing time: Tue 22 Jul 2025 00:01:59 +0000
ROA not before: Mon 21 Jul 2025 23:56:59 +0000
ROA not after: Tue 21 Jul 2026 00:01:59 +0000
asID: 214432
IP address blocks: 91.124.18.0/24 maxlen: 24
91.124.38.0/24 maxlen: 24
91.124.60.0/24 maxlen: 24
91.124.186.0/24 maxlen: 24
178.92.70.0/24 maxlen: 24
178.93.89.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
03:37:85:cc:85:9f:8e:dd:cf:a5:0b:35:b4:91:1e:89:28:6a:94:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Jul 21 23:56:59 2025 GMT
Not After : Jul 21 00:01:59 2026 GMT
Subject: CN=9E90D6F41CEE04AEB8143EB9B5176298C86AEE65
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:89:a6:87:85:f2:4f:2a:23:5b:51:3a:ca:e3:
1e:da:e9:b4:cd:fe:a7:90:31:0b:39:c4:23:ca:cd:
51:8f:a2:b4:a2:f3:2f:61:c2:db:92:8c:c0:be:2b:
09:6b:52:d8:7c:b0:9c:68:53:31:fe:cc:75:ef:b5:
65:13:b2:65:a8:a6:e2:8a:15:7a:c3:da:d1:ef:6b:
97:31:a9:5c:f1:e0:d4:6d:ab:ce:b9:b6:d8:81:6b:
0c:39:2c:b5:81:16:00:58:5b:a0:2c:92:df:20:c3:
73:58:bc:8c:b8:1a:98:f2:48:40:af:11:0b:70:61:
89:18:27:1f:e0:e7:18:27:b3:88:5b:db:23:0d:d8:
a2:53:78:7c:24:4c:e5:bc:b2:60:44:b0:e4:c4:af:
01:3a:b1:52:05:24:90:40:15:eb:ce:be:fe:68:c7:
d0:11:f2:e0:cd:51:e0:15:c6:69:7e:77:2f:c7:33:
0f:81:e9:15:17:72:3f:49:9a:3a:28:3c:75:59:2b:
68:e5:c1:44:1f:e3:6b:5f:4e:85:7c:8d:61:1d:8b:
33:51:47:bb:df:c0:8e:02:19:36:5c:4e:6e:44:ce:
7d:0d:19:bd:8b:7b:41:58:17:ba:4b:10:c6:6d:d8:
13:94:f6:29:2b:87:0a:62:20:96:73:6e:e8:6e:60:
da:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:90:D6:F4:1C:EE:04:AE:B8:14:3E:B9:B5:17:62:98:C8:6A:EE:65
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS214432.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.124.18.0/24
91.124.38.0/24
91.124.60.0/24
91.124.186.0/24
178.92.70.0/24
178.93.89.0/24
Signature Algorithm: sha256WithRSAEncryption
72:30:10:12:65:70:1e:ef:24:87:c5:73:b3:f0:38:65:80:9f:
f8:87:27:d3:cd:fb:47:19:2d:21:f2:5f:8c:58:94:d8:5d:4d:
9b:de:eb:bc:70:26:0f:a8:65:63:60:f9:72:ad:10:5f:bf:1f:
80:03:a4:79:17:91:3f:20:14:b5:e5:57:20:06:c2:c1:65:a4:
0a:c1:f9:2b:34:cc:21:99:2c:f2:5a:62:48:29:3c:f5:b5:8b:
2e:26:d2:9d:08:66:a8:b0:66:56:81:e8:0a:4c:21:cf:e0:2c:
c9:72:cf:58:41:f7:09:6a:cc:07:88:b4:94:58:0e:bf:2a:e6:
ae:fe:3a:57:6c:6f:6b:5e:79:a8:f5:8a:c8:0b:65:58:21:24:
51:ec:db:0c:cc:75:03:22:3e:c2:2a:d6:fe:be:1c:7a:9d:e9:
04:40:75:12:a5:04:b4:34:c1:45:21:53:47:43:85:2f:51:54:
52:66:1b:1a:df:d5:11:ad:53:17:93:7a:2c:b0:a8:35:f5:37:
b3:16:a7:7c:cd:8e:1c:12:ca:0b:e5:0c:2b:10:8d:e8:3d:fd:
d5:d8:77:60:22:e2:16:9a:4d:fa:eb:c3:c1:d6:5b:e1:ea:4f:
30:e9:ec:2e:4e:85:a3:f7:f5:51:d0:3d:77:61:09:3f:a8:80:
d7:48:db:0d
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgIUAzeFzIWfjt3PpQs1tJEeiShqlNkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNTA3MjEyMzU2NTlaFw0yNjA3MjEwMDAxNTlaMDMxMTAvBgNV
BAMTKDlFOTBENkY0MUNFRTA0QUVCODE0M0VCOUI1MTc2Mjk4Qzg2QUVFNjUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCNiaaHhfJPKiNbUTrK4x7a6bTN
/qeQMQs5xCPKzVGPorSi8y9hwtuSjMC+KwlrUth8sJxoUzH+zHXvtWUTsmWopuKK
FXrD2tHva5cxqVzx4NRtq865ttiBaww5LLWBFgBYW6Askt8gw3NYvIy4GpjySECv
EQtwYYkYJx/g5xgns4hb2yMN2KJTeHwkTOW8smBEsOTErwE6sVIFJJBAFevOvv5o
x9AR8uDNUeAVxml+dy/HMw+B6RUXcj9JmjooPHVZK2jlwUQf42tfToV8jWEdizNR
R7vfwI4CGTZcTm5Ezn0NGb2Le0FYF7pLEMZt2BOU9ikrhwpiIJZzbuhuYNrxAgMB
AAGjggIoMIICJDAdBgNVHQ4EFgQUnpDW9BzuBK64FD65tRdimMhq7mUwHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTMjE0NDMyLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAW3wS
AwQAW3wmAwQAW3w8AwQAW3y6AwQAslxGAwQAsl1ZMA0GCSqGSIb3DQEBCwUAA4IB
AQByMBASZXAe7ySHxXOz8DhlgJ/4hyfTzftHGS0h8l+MWJTYXU2b3uu8cCYPqGVj
YPlyrRBfvx+AA6R5F5E/IBS15VcgBsLBZaQKwfkrNMwhmSzyWmJIKTz1tYsuJtKd
CGaosGZWgegKTCHP4CzJcs9YQfcJaswHiLSUWA6/Kuau/jpXbG9rXnmo9YrIC2VY
ISRR7NsMzHUDIj7CKtb+vhx6nekEQHUSpQS0NMFFIVNHQ4UvUVRSZhsa39URrVMX
k3ossKg19TezFqd8zY4cEsoL5QwrEI3oPf3V2HdgIuIWmk3668PB1lvh6k8w6ewu
ToWj9/VR0D13YQk/qIDXSNsN
-----END CERTIFICATE-----
Generated at Tue Jul 22 19:29:31 2025 by rpki-client