Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS2914.roa
File: AS2914.roa (raw, json)
Hash identifier: O34eAw6PYXu/2mIFOxZhQGryHtubYjdItrWpGrHtPhY=
Subject key identifier: 6C:22:A8:BF:58:3E:EE:D3:8A:F1:35:1F:BF:50:9D:68:7A:62:CB:3C
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 0B92FD32BCA6014B6486CDA146A31DCA99B537A6
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS2914.roa
Signing time: Sun 20 Jul 2025 00:02:04 +0000
ROA not before: Sat 19 Jul 2025 23:57:04 +0000
ROA not after: Sun 19 Jul 2026 00:02:04 +0000
asID: 2914
IP address blocks: 91.124.20.0/22 maxlen: 22
92.112.240.0/24 maxlen: 24
92.112.241.0/24 maxlen: 24
92.112.242.0/24 maxlen: 24
92.112.243.0/24 maxlen: 24
92.112.244.0/24 maxlen: 24
92.112.245.0/24 maxlen: 24
92.112.246.0/24 maxlen: 24
92.112.247.0/24 maxlen: 24
95.134.48.0/24 maxlen: 24
95.134.168.0/23 maxlen: 24
95.134.170.0/23 maxlen: 24
95.134.172.0/23 maxlen: 24
95.134.174.0/24 maxlen: 24
95.134.195.0/24 maxlen: 24
95.134.213.0/24 maxlen: 24
95.135.50.0/24 maxlen: 24
178.92.0.0/22 maxlen: 24
178.92.8.0/22 maxlen: 24
178.92.16.0/22 maxlen: 24
178.92.24.0/22 maxlen: 24
178.92.36.0/22 maxlen: 24
178.92.64.0/22 maxlen: 24
178.92.72.0/22 maxlen: 24
178.92.80.0/22 maxlen: 24
178.92.120.0/22 maxlen: 24
178.93.0.0/22 maxlen: 24
178.93.100.0/22 maxlen: 24
178.94.176.0/22 maxlen: 24
178.94.196.0/22 maxlen: 24
178.95.0.0/22 maxlen: 24
178.95.20.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0b:92:fd:32:bc:a6:01:4b:64:86:cd:a1:46:a3:1d:ca:99:b5:37:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Jul 19 23:57:04 2025 GMT
Not After : Jul 19 00:02:04 2026 GMT
Subject: CN=6C22A8BF583EEED38AF1351FBF509D687A62CB3C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:03:4f:86:37:25:94:e4:10:70:8e:58:3d:39:
27:bc:59:ef:71:df:e2:17:a3:7c:ea:c9:0f:21:4b:
f7:8f:1d:7e:09:48:c2:0b:9c:8b:b9:35:00:e6:ae:
50:91:6d:83:eb:fb:f0:67:7e:19:d0:39:1a:2e:36:
66:d6:d1:c3:c8:b7:93:8e:10:01:dc:92:11:d8:fd:
3a:61:7e:f7:e3:a1:8b:8f:93:7c:da:8d:06:e8:a9:
3b:41:93:b8:50:6f:c4:90:b7:66:3f:f7:9c:76:d7:
4c:60:17:bd:17:8b:b6:06:33:87:af:17:ae:a2:b0:
9b:25:ae:65:89:c8:df:61:9b:aa:2c:9b:ff:4f:0e:
ef:03:69:d9:67:e9:e4:df:6f:cf:d2:c5:f6:ee:2f:
d9:e3:0c:02:78:27:36:cd:74:fc:da:49:cf:a8:a0:
c9:f5:0f:39:09:66:db:8e:f1:3c:a4:76:f6:f4:5c:
e0:a6:2a:3c:7a:83:45:22:bb:95:bf:3d:9d:43:a4:
9f:f1:16:25:93:10:18:42:47:b7:6e:e1:ba:da:43:
6a:4d:fe:96:97:1f:4d:9d:06:40:7d:52:cb:ba:a0:
27:41:21:fc:a5:d6:91:62:5d:a4:d4:26:07:b1:58:
91:74:7d:d1:cf:57:10:0a:cb:1a:db:08:6f:33:d4:
78:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:22:A8:BF:58:3E:EE:D3:8A:F1:35:1F:BF:50:9D:68:7A:62:CB:3C
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS2914.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.124.20.0/22
92.112.240.0/21
95.134.48.0/24
95.134.168.0-95.134.174.255
95.134.195.0/24
95.134.213.0/24
95.135.50.0/24
178.92.0.0/22
178.92.8.0/22
178.92.16.0/22
178.92.24.0/22
178.92.36.0/22
178.92.64.0/22
178.92.72.0/22
178.92.80.0/22
178.92.120.0/22
178.93.0.0/22
178.93.100.0/22
178.94.176.0/22
178.94.196.0/22
178.95.0.0/22
178.95.20.0/22
Signature Algorithm: sha256WithRSAEncryption
6b:44:85:d0:ad:84:72:2d:66:8f:b7:06:d8:f2:b2:f2:49:3c:
07:4d:9b:30:1d:7e:1e:50:02:1a:3d:c8:81:28:89:b4:93:b1:
ab:32:8a:2c:2c:ea:f1:8a:bf:cf:2c:ce:e1:67:bd:0d:ab:ad:
28:b3:69:a1:01:21:fd:fc:85:ff:ee:21:6d:1e:9b:b9:34:a1:
71:b0:98:e1:c7:58:93:ec:d9:62:67:60:a8:e2:fa:6e:74:7e:
a6:08:13:e9:17:2f:c0:bb:5d:17:64:ea:f7:c2:a5:8b:e3:32:
4b:54:2b:80:a8:74:d8:eb:3b:2c:39:ca:bc:d9:0e:b4:d4:b4:
2c:6a:1c:1e:2e:4f:80:27:3f:15:05:b5:e5:b9:0d:4b:2e:3d:
3c:95:4f:1d:be:e7:3a:0b:cd:aa:e0:d8:8c:2c:a5:ec:7e:4b:
ba:72:f5:e5:0a:4c:cc:57:11:91:0f:34:81:4b:e7:60:c7:f1:
e6:bb:71:5e:37:6f:f4:0f:e2:04:dd:27:d1:13:7b:bd:15:43:
7a:d4:d0:39:fd:b7:da:c6:d4:f5:5f:9e:22:5f:12:1f:0a:c3:
ff:1c:8c:1e:ac:f8:9a:27:16:7a:74:a4:e1:9b:8c:38:2f:b1:
5b:14:75:bb:89:79:42:fa:06:43:41:f5:7c:23:20:4e:c0:16:
4d:79:30:e8
-----BEGIN CERTIFICATE-----
MIIFiTCCBHGgAwIBAgIUC5L9MrymAUtkhs2hRqMdypm1N6YwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNTA3MTkyMzU3MDRaFw0yNjA3MTkwMDAyMDRaMDMxMTAvBgNV
BAMTKDZDMjJBOEJGNTgzRUVFRDM4QUYxMzUxRkJGNTA5RDY4N0E2MkNCM0MwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDIA0+GNyWU5BBwjlg9OSe8We9x
3+IXo3zqyQ8hS/ePHX4JSMILnIu5NQDmrlCRbYPr+/BnfhnQORouNmbW0cPIt5OO
EAHckhHY/TphfvfjoYuPk3zajQboqTtBk7hQb8SQt2Y/95x210xgF70Xi7YGM4ev
F66isJslrmWJyN9hm6osm/9PDu8Dadln6eTfb8/SxfbuL9njDAJ4JzbNdPzaSc+o
oMn1DzkJZtuO8Tykdvb0XOCmKjx6g0Uiu5W/PZ1DpJ/xFiWTEBhCR7du4braQ2pN
/paXH02dBkB9Usu6oCdBIfyl1pFiXaTUJgexWJF0fdHPVxAKyxrbCG8z1HifAgMB
AAGjggKTMIICjzAdBgNVHQ4EFgQUbCKov1g+7tOK8TUfv1CdaHpiyzwwHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTMjkxNC5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCBqQYIKwYBBQUHAQcBAf8EgZkwgZYwgZMEAgABMIGMAwQC
W3wUAwQDXHDwAwQAX4YwMAwDBANfhqgDBABfhq4DBABfhsMDBABfhtUDBABfhzID
BAKyXAADBAKyXAgDBAKyXBADBAKyXBgDBAKyXCQDBAKyXEADBAKyXEgDBAKyXFAD
BAKyXHgDBAKyXQADBAKyXWQDBAKyXrADBAKyXsQDBAKyXwADBAKyXxQwDQYJKoZI
hvcNAQELBQADggEBAGtEhdCthHItZo+3BtjysvJJPAdNmzAdfh5QAho9yIEoibST
sasyiiws6vGKv88szuFnvQ2rrSizaaEBIf38hf/uIW0em7k0oXGwmOHHWJPs2WJn
YKji+m50fqYIE+kXL8C7XRdk6vfCpYvjMktUK4CodNjrOyw5yrzZDrTUtCxqHB4u
T4AnPxUFteW5DUsuPTyVTx2+5zoLzarg2Iwspex+S7py9eUKTMxXEZEPNIFL52DH
8ea7cV43b/QP4gTdJ9ETe70VQ3rU0Dn9t9rG1PVfniJfEh8Kw/8cjB6s+JonFnp0
pOGbjDgvsVsUdbuJeUL6BkNB9XwjIE7AFk15MOg=
-----END CERTIFICATE-----
Generated at Tue Jul 22 19:29:34 2025 by rpki-client