Route Origin Authorization
$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/AS214323.roa
File: AS214323.roa (raw, json)
Hash identifier: MFbm60uURwPXAEAJQBZLqw08cKdmeZAHtF9q9p9OfpQ=
Subject key identifier: 03:C2:55:19:71:F7:FA:9C:80:E4:15:1B:69:FE:44:3A:50:38:D8:1E
Certificate issuer: /CN=d14b6fcf2b2c69be085e9f959872dcbe8ea54177
Certificate serial: 24599BAADE2EF78028F295AAF8999213D1114E50
Authority key identifier: D1:4B:6F:CF:2B:2C:69:BE:08:5E:9F:95:98:72:DC:BE:8E:A5:41:77
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
Subject info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/AS214323.roa
Signing time: Thu 03 Jul 2025 15:52:09 +0000
ROA not before: Thu 03 Jul 2025 15:47:09 +0000
ROA not after: Thu 02 Jul 2026 15:52:09 +0000
asID: 214323
IP address blocks: 194.58.64.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl
rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.mft
rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Jul 2025 17:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
24:59:9b:aa:de:2e:f7:80:28:f2:95:aa:f8:99:92:13:d1:11:4e:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d14b6fcf2b2c69be085e9f959872dcbe8ea54177
Validity
Not Before: Jul 3 15:47:09 2025 GMT
Not After : Jul 2 15:52:09 2026 GMT
Subject: CN=03C2551971F7FA9C80E4151B69FE443A5038D81E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:6a:ba:ca:5b:9f:eb:e5:ae:cf:a2:bd:89:92:
02:10:9a:6d:69:e8:df:d3:66:db:07:0a:d2:04:78:
87:f2:35:2d:90:d9:d4:c3:4a:c8:85:56:f3:29:ad:
ab:c4:5b:a7:2b:a4:a4:87:15:9a:76:14:dd:88:a3:
f1:6c:d6:a4:8b:95:a7:bc:f9:85:aa:c6:75:d1:53:
a1:ae:e3:20:35:c2:68:36:12:81:a9:5c:fe:d4:68:
42:cd:07:72:29:39:32:93:38:a1:f2:00:f2:54:eb:
76:28:fd:ff:3a:96:2e:f4:47:c1:e3:23:6d:d4:9d:
de:d3:cb:0c:a3:62:7f:63:34:1b:d0:07:a2:8d:4b:
50:7e:eb:bd:0a:5d:6a:4c:43:05:9c:81:55:56:07:
51:77:1e:4a:8e:40:42:2c:62:25:b2:85:4d:ea:24:
ff:3a:f1:02:2a:8e:2c:30:b5:65:e6:ae:42:08:4a:
d7:f5:8e:82:83:8a:79:bb:18:d4:1b:11:db:72:2a:
54:b9:91:df:dd:71:b6:c4:01:2c:09:3c:71:83:6e:
4d:57:5e:b8:03:4c:8a:6e:72:dc:af:8d:4a:21:ca:
49:02:bb:b5:f6:4c:71:44:81:d0:b8:a6:b2:2d:7c:
03:19:a8:e3:54:68:20:5f:94:75:39:74:e2:ca:92:
76:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:C2:55:19:71:F7:FA:9C:80:E4:15:1B:69:FE:44:3A:50:38:D8:1E
X509v3 Authority Key Identifier:
keyid:D1:4B:6F:CF:2B:2C:69:BE:08:5E:9F:95:98:72:DC:BE:8E:A5:41:77
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/AS214323.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.58.64.0/24
Signature Algorithm: sha256WithRSAEncryption
09:68:e8:aa:4e:1f:e7:20:ba:b1:dc:89:fe:bc:21:ca:99:5d:
63:f1:6f:31:45:b6:ed:89:31:43:44:15:b4:ed:e5:5c:17:1c:
ee:59:e0:ee:b2:7e:10:90:82:21:6b:02:68:60:c5:62:5a:77:
f9:4d:fa:5c:bc:05:17:73:8c:d8:ec:a8:d9:7e:ab:57:f9:a6:
19:7c:1d:8b:ea:f7:df:be:37:9f:4f:ca:41:2f:45:b3:a4:97:
c1:54:bf:31:ba:fd:93:c0:3a:97:92:f6:b0:60:5d:82:0f:6f:
12:68:25:f9:7c:18:92:05:43:c1:0b:f3:ae:c5:e5:83:66:48:
a9:bd:0f:d4:16:6f:f4:ee:cb:55:2a:fb:0d:8a:92:cc:3e:f3:
6c:dc:64:f2:7a:60:f9:c0:54:7b:4d:c5:db:a9:51:9f:b8:fe:
39:ec:6c:8a:e0:d4:78:a0:14:94:c7:d3:2a:46:83:bc:4b:55:
cb:51:3f:d2:43:66:ce:2e:54:77:78:86:ac:6a:72:58:a8:6e:
c6:c2:42:4d:56:18:e2:7d:37:34:72:8a:7d:c4:11:3f:a6:8c:
ab:9b:fc:b0:de:95:4c:6a:83:32:28:ae:36:08:96:29:45:c5:
ee:58:ef:99:9c:e4:32:87:7a:38:54:59:a8:47:fd:b7:52:04:
0b:82:6b:21
-----BEGIN CERTIFICATE-----
MIIE5TCCA82gAwIBAgIUJFmbqt4u94Ao8pWq+JmSE9ERTlAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZDE0YjZmY2YyYjJjNjliZTA4NWU5Zjk1OTg3MmRjYmU4
ZWE1NDE3NzAeFw0yNTA3MDMxNTQ3MDlaFw0yNjA3MDIxNTUyMDlaMDMxMTAvBgNV
BAMTKDAzQzI1NTE5NzFGN0ZBOUM4MEU0MTUxQjY5RkU0NDNBNTAzOEQ4MUUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCnarrKW5/r5a7Por2JkgIQmm1p
6N/TZtsHCtIEeIfyNS2Q2dTDSsiFVvMpravEW6crpKSHFZp2FN2Io/Fs1qSLlae8
+YWqxnXRU6Gu4yA1wmg2EoGpXP7UaELNB3IpOTKTOKHyAPJU63Yo/f86li70R8Hj
I23Und7TywyjYn9jNBvQB6KNS1B+670KXWpMQwWcgVVWB1F3HkqOQEIsYiWyhU3q
JP868QIqjiwwtWXmrkIIStf1joKDinm7GNQbEdtyKlS5kd/dcbbEASwJPHGDbk1X
XrgDTIpuctyvjUohykkCu7X2THFEgdC4prItfAMZqONUaCBflHU5dOLKknYLAgMB
AAGjggHvMIIB6zAdBgNVHQ4EFgQUA8JVGXH3+pyA5BUbaf5EOlA42B4wHwYDVR0j
BBgwFoAU0Utvzyssab4IXp+VmHLcvo6lQXcwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvNy9EMTRCNkZDRjJC
MkM2OUJFMDg1RTlGOTU5ODcyRENCRThFQTU0MTc3LmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMFV0dnp5c3NhYjRJWHAtVm1ITGN2bzZsUVhjLmNlcjBwBggrBgEF
BQcBCwRkMGIwYAYIKwYBBQUHMAuGVHJzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC83L0FT
MjE0MzIzLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEH
AQH/BBAwDjAMBAIAATAGAwQAwjpAMA0GCSqGSIb3DQEBCwUAA4IBAQAJaOiqTh/n
ILqx3In+vCHKmV1j8W8xRbbtiTFDRBW07eVcFxzuWeDusn4QkIIhawJoYMViWnf5
TfpcvAUXc4zY7KjZfqtX+aYZfB2L6vffvjefT8pBL0WzpJfBVL8xuv2TwDqXkvaw
YF2CD28SaCX5fBiSBUPBC/OuxeWDZkipvQ/UFm/07stVKvsNipLMPvNs3GTyemD5
wFR7TcXbqVGfuP457GyK4NR4oBSUx9MqRoO8S1XLUT/SQ2bOLlR3eIasanJYqG7G
wkJNVhjifTc0cop9xBE/poyrm/yw3pVMaoMyKK42CJYpRcXuWO+ZnOQyh3o4VFmo
R/23UgQLgmsh
-----END CERTIFICATE-----
Generated at Fri Jul 4 21:59:46 2025 by rpki-client