Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS214432.roa
File: AS214432.roa (raw, json)
Hash identifier: 4JVViAt2b/x5hsiOlm/1+vsTctOaVBZ6PZRrGfDuVow=
Subject key identifier: 4F:7E:CC:0F:F6:6F:2C:D4:E1:FC:6E:91:16:03:B5:62:88:A5:04:28
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 0A6A7D919D6ACDA7597DF37751A6842725C4886D
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS214432.roa
Signing time: Wed 04 Mar 2026 08:29:26 +0000
ROA not before: Wed 04 Mar 2026 08:24:26 +0000
ROA not after: Wed 03 Mar 2027 08:29:26 +0000
asID: 214432
IP address blocks: 155.117.108.0/24 maxlen: 24
168.222.5.0/24 maxlen: 24
168.222.15.0/24 maxlen: 24
168.222.24.0/24 maxlen: 24
168.222.25.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 06 Mar 2026 07:19:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0a:6a:7d:91:9d:6a:cd:a7:59:7d:f3:77:51:a6:84:27:25:c4:88:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Mar 4 08:24:26 2026 GMT
Not After : Mar 3 08:29:26 2027 GMT
Subject: CN=4F7ECC0FF66F2CD4E1FC6E911603B56288A50428
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:79:53:78:c7:1d:55:3a:da:4d:d4:77:98:91:
d2:a5:2b:7e:11:95:ab:88:d7:0d:50:19:62:5e:fa:
16:3c:99:42:30:d0:3d:4a:2c:bf:2f:d1:de:27:27:
6d:02:d5:58:c8:31:fc:c6:ef:ca:a9:89:91:6a:6f:
ed:fb:5b:03:b9:76:54:d8:fd:49:04:b5:65:0e:f1:
43:59:7b:ef:c2:cf:f1:80:bd:c0:a3:7f:9e:38:31:
1c:93:9c:1e:94:da:0a:fa:fc:f1:e6:7c:85:38:17:
9b:34:c2:6f:09:2f:1a:1c:3b:1d:cb:21:b0:6a:8d:
f0:75:06:9b:b7:3c:32:0a:0f:8a:93:5f:60:39:27:
69:44:3d:b5:64:46:ba:c0:25:72:6f:6e:eb:54:29:
39:36:57:13:43:ce:61:b7:1e:0e:34:70:22:23:0c:
1c:9c:9f:5c:a1:e7:16:d5:2d:70:a2:a8:33:3b:f1:
ca:10:58:b8:34:56:88:a9:e7:c5:46:54:db:2f:31:
d5:81:bf:8d:0b:98:03:77:1f:2c:8a:2e:9a:9f:a0:
03:9c:55:0a:f6:2e:3e:43:ae:2d:a3:7d:33:09:24:
cf:44:85:e8:e2:1a:d9:ca:86:b5:bf:bf:5f:fc:9f:
12:09:6f:46:68:11:91:80:18:9f:40:38:0b:89:4d:
e3:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:7E:CC:0F:F6:6F:2C:D4:E1:FC:6E:91:16:03:B5:62:88:A5:04:28
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS214432.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
155.117.108.0/24
168.222.5.0/24
168.222.15.0/24
168.222.24.0/23
Signature Algorithm: sha256WithRSAEncryption
6c:47:03:86:09:de:e6:90:df:88:7a:b0:7e:92:45:71:a0:ff:
ff:43:05:14:b5:1d:25:eb:e0:2e:2d:0d:3a:8f:ad:aa:98:a3:
6f:7f:69:cc:1b:38:68:df:de:39:ed:fc:8a:ce:be:30:bd:94:
d3:85:5d:34:23:09:8f:25:75:b8:a1:ca:f8:3d:56:ca:a1:8c:
f7:a4:e5:83:08:1b:d2:ff:e2:12:e7:34:c8:f2:ad:32:7f:33:
02:1b:7b:9d:70:62:2e:e4:a7:31:3c:83:93:bc:79:03:db:c1:
7d:df:0a:ad:23:56:72:ae:2d:03:20:ce:8c:9e:b1:5d:a4:9d:
8b:90:11:dc:ab:fa:1d:4c:d7:cb:08:c3:ff:d0:6f:d4:ea:41:
37:7b:92:86:37:76:60:74:33:4f:b1:74:8d:63:f7:2f:71:0b:
f5:d5:00:71:24:0c:96:fd:dd:2f:52:bb:90:08:49:76:ae:98:
64:a4:67:9d:74:37:0a:0d:dc:5d:5d:78:ee:97:5a:19:a4:49:
b5:0b:77:1f:fb:83:60:f9:9f:f1:56:8e:52:81:1d:60:6e:45:
44:61:17:f9:a9:44:aa:a9:c7:b7:c0:a7:be:59:34:d1:d7:e1:
2d:52:49:a4:39:17:fb:82:d4:0f:02:27:f9:34:0b:41:b8:6c:
12:c3:8c:31
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgIUCmp9kZ1qzadZffN3UaaEJyXEiG0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNjAzMDQwODI0MjZaFw0yNzAzMDMwODI5MjZaMDMxMTAvBgNV
BAMTKDRGN0VDQzBGRjY2RjJDRDRFMUZDNkU5MTE2MDNCNTYyODhBNTA0MjgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDAeVN4xx1VOtpN1HeYkdKlK34R
lauI1w1QGWJe+hY8mUIw0D1KLL8v0d4nJ20C1VjIMfzG78qpiZFqb+37WwO5dlTY
/UkEtWUO8UNZe+/Cz/GAvcCjf544MRyTnB6U2gr6/PHmfIU4F5s0wm8JLxocOx3L
IbBqjfB1Bpu3PDIKD4qTX2A5J2lEPbVkRrrAJXJvbutUKTk2VxNDzmG3Hg40cCIj
DBycn1yh5xbVLXCiqDM78coQWLg0Voip58VGVNsvMdWBv40LmAN3HyyKLpqfoAOc
VQr2Lj5Dri2jfTMJJM9EhejiGtnKhrW/v1/8nxIJb0ZoEZGAGJ9AOAuJTeNBAgMB
AAGjggIcMIICGDAdBgNVHQ4EFgQUT37MD/ZvLNTh/G6RFgO1YoilBCgwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMjE0NDMyLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAm3Vs
AwQAqN4FAwQAqN4PAwQBqN4YMA0GCSqGSIb3DQEBCwUAA4IBAQBsRwOGCd7mkN+I
erB+kkVxoP//QwUUtR0l6+AuLQ06j62qmKNvf2nMGzho39457fyKzr4wvZTThV00
IwmPJXW4ocr4PVbKoYz3pOWDCBvS/+IS5zTI8q0yfzMCG3udcGIu5KcxPIOTvHkD
28F93wqtI1Zyri0DIM6MnrFdpJ2LkBHcq/odTNfLCMP/0G/U6kE3e5KGN3ZgdDNP
sXSNY/cvcQv11QBxJAyW/d0vUruQCEl2rphkpGeddDcKDdxdXXjul1oZpEm1C3cf
+4Ng+Z/xVo5SgR1gbkVEYRf5qUSqqce3wKe+WTTR1+EtUkmkORf7gtQPAif5NAtB
uGwSw4wx
-----END CERTIFICATE-----
Generated at Thu Mar 5 10:44:09 2026 by rpki-client