Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS214305.roa
File: AS214305.roa (raw, json)
Hash identifier: XRxLN/azb9kRk3xf1H4NJMpPAPGvZ5oFZlXP5fP+68Q=
Subject key identifier: 63:FC:4F:84:DA:55:35:DF:4F:0E:93:BA:62:5D:87:DD:A2:28:77:67
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 1E377D7F62054890CBD001AC8D50C33C6F111AB1
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS214305.roa
Signing time: Thu 22 May 2025 20:34:14 +0000
ROA not before: Thu 22 May 2025 20:29:14 +0000
ROA not after: Thu 21 May 2026 20:34:14 +0000
asID: 214305
IP address blocks: 143.14.88.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 05:53:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1e:37:7d:7f:62:05:48:90:cb:d0:01:ac:8d:50:c3:3c:6f:11:1a:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: May 22 20:29:14 2025 GMT
Not After : May 21 20:34:14 2026 GMT
Subject: CN=63FC4F84DA5535DF4F0E93BA625D87DDA2287767
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:12:24:9d:63:90:e5:68:6f:41:f1:c5:a9:e0:
83:ce:01:62:db:87:0d:78:e9:f5:4e:2f:5d:1b:d6:
99:06:09:c0:7f:e9:c0:37:46:f9:28:ad:00:d5:a4:
26:82:e6:dd:80:66:f3:0d:b1:a1:bf:47:e6:5c:2d:
f7:45:f5:31:64:cb:56:2e:b8:bb:75:06:f0:58:28:
39:73:12:53:0b:b9:dd:a6:29:da:b9:6d:54:ee:08:
a4:f5:d3:9c:26:a3:77:51:50:6a:0a:da:75:5f:3e:
89:03:aa:81:e2:57:76:28:7f:e3:66:f3:5d:de:0f:
36:93:65:94:1f:0b:a1:fb:4c:98:de:7a:88:4f:03:
bd:84:01:2d:ee:47:3e:eb:13:f5:ba:00:e9:45:6f:
ef:6e:46:27:e1:06:53:75:38:21:bf:d2:a8:ea:ae:
31:a5:21:52:da:2e:60:29:d2:cf:df:6f:69:b0:21:
54:74:03:86:3a:98:c3:74:25:c5:05:b2:5d:8a:d2:
d2:6b:b9:9e:82:c7:d5:ae:90:6a:b0:bd:ca:6b:20:
c4:d1:2a:8a:e6:42:26:a3:45:b8:74:b4:44:91:f6:
80:e1:9c:99:b7:ca:f1:2d:14:c1:26:91:6e:3b:55:
99:08:b3:cd:2d:5e:fa:cd:5c:ed:f8:7b:c5:04:72:
a5:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:FC:4F:84:DA:55:35:DF:4F:0E:93:BA:62:5D:87:DD:A2:28:77:67
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS214305.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.14.88.0/24
Signature Algorithm: sha256WithRSAEncryption
01:8f:6f:bf:58:cd:1c:f4:d7:ad:87:73:9f:38:34:85:7f:82:
d5:26:a4:f1:ac:82:59:f9:5d:99:dc:13:da:29:ab:4c:f3:6a:
20:30:f8:10:ee:a5:33:5f:82:3f:ad:7b:b9:d0:2a:d6:c3:6a:
14:ce:02:37:d7:3a:b6:c5:59:ef:fb:b3:af:91:04:08:e0:bc:
d9:bd:b9:bf:6d:22:b5:b6:d4:f6:fe:9b:69:38:fb:db:fd:cd:
c1:16:cb:89:e8:a3:92:dd:9c:42:ba:a6:78:5a:ca:8b:58:80:
3b:34:39:ff:e0:e4:53:bf:00:d0:f1:7d:e2:93:8d:35:d3:36:
bc:33:29:50:cf:4a:e8:c0:dc:ae:c8:2f:0a:d4:e3:eb:c5:02:
fc:ab:b1:c4:66:20:63:81:7b:0d:6d:49:5a:18:9d:f3:33:6b:
f3:43:eb:df:9b:a0:fa:a4:aa:0d:38:67:81:1b:3c:ec:91:99:
81:e6:a4:be:6d:34:f3:6d:21:d6:a6:9e:34:56:f7:7c:91:f5:
c4:7f:e7:1d:54:77:5a:8b:9f:ec:e7:3a:f4:f5:a9:85:1b:22:
78:84:9a:6d:c6:42:c9:19:9b:1a:c9:68:b5:db:d0:97:db:de:
cb:a2:8b:6d:6c:2f:2f:66:03:3f:d2:72:b4:95:39:e2:2d:ac:
28:83:5c:6a
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIUHjd9f2IFSJDL0AGsjVDDPG8RGrEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTA1MjIyMDI5MTRaFw0yNjA1MjEyMDM0MTRaMDMxMTAvBgNV
BAMTKDYzRkM0Rjg0REE1NTM1REY0RjBFOTNCQTYyNUQ4N0REQTIyODc3NjcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCeEiSdY5DlaG9B8cWp4IPOAWLb
hw146fVOL10b1pkGCcB/6cA3RvkorQDVpCaC5t2AZvMNsaG/R+ZcLfdF9TFky1Yu
uLt1BvBYKDlzElMLud2mKdq5bVTuCKT105wmo3dRUGoK2nVfPokDqoHiV3Yof+Nm
813eDzaTZZQfC6H7TJjeeohPA72EAS3uRz7rE/W6AOlFb+9uRifhBlN1OCG/0qjq
rjGlIVLaLmAp0s/fb2mwIVR0A4Y6mMN0JcUFsl2K0tJruZ6Cx9WukGqwvcprIMTR
KormQiajRbh0tESR9oDhnJm3yvEtFMEmkW47VZkIs80tXvrNXO34e8UEcqVvAgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQUY/xPhNpVNd9PDpO6Yl2H3aIod2cwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMjE0MzA1LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAjw5Y
MA0GCSqGSIb3DQEBCwUAA4IBAQABj2+/WM0c9Neth3OfODSFf4LVJqTxrIJZ+V2Z
3BPaKatM82ogMPgQ7qUzX4I/rXu50CrWw2oUzgI31zq2xVnv+7OvkQQI4LzZvbm/
bSK1ttT2/ptpOPvb/c3BFsuJ6KOS3ZxCuqZ4WsqLWIA7NDn/4ORTvwDQ8X3ik401
0za8MylQz0rowNyuyC8K1OPrxQL8q7HEZiBjgXsNbUlaGJ3zM2vzQ+vfm6D6pKoN
OGeBGzzskZmB5qS+bTTzbSHWpp40Vvd8kfXEf+cdVHdai5/s5zr09amFGyJ4hJpt
xkLJGZsayWi129CX297LoottbC8vZgM/0nK0lTniLawog1xq
-----END CERTIFICATE-----
Generated at Sat Jun 7 13:52:56 2025 by rpki-client