
Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS214669.roa
File: AS214669.roa (raw, json)
Hash identifier: jJBOz60BGXEzQtBDf9XzfnpZzcUw607rcLYutin6s+Y=
Subject key identifier: 0A:4F:09:01:5B:4D:A9:61:60:C3:AE:49:06:E0:36:76:11:35:A1:15
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 5DE47449400AEBCFEBAB4F30CAD90DA8A66631CC
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS214669.roa
Signing time: Wed 01 Oct 2025 09:47:27 +0000
ROA not before: Wed 01 Oct 2025 09:42:27 +0000
ROA not after: Wed 30 Sep 2026 09:47:27 +0000
asID: 214669
IP address blocks: 143.14.151.0/24 maxlen: 24
150.241.237.0/24 maxlen: 24
155.117.163.0/24 maxlen: 24
167.148.117.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 18:49:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5d:e4:74:49:40:0a:eb:cf:eb:ab:4f:30:ca:d9:0d:a8:a6:66:31:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Oct 1 09:42:27 2025 GMT
Not After : Sep 30 09:47:27 2026 GMT
Subject: CN=0A4F09015B4DA96160C3AE4906E036761135A115
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:49:9b:42:3f:f7:51:5c:31:42:0b:72:3a:a3:
b6:f3:30:b2:2a:4f:49:6d:98:fd:59:99:d9:c5:c4:
34:24:1d:ba:6e:3e:6a:f7:fe:11:6c:c6:aa:50:91:
7b:90:7b:7e:91:2c:54:a4:5d:45:11:ea:43:b2:b3:
1a:4f:b7:b4:66:29:bf:32:ce:fc:86:d6:15:14:8b:
b8:bd:97:50:75:1b:5b:90:00:a4:1c:ab:08:1b:03:
2c:cf:0f:83:82:b3:a1:ae:08:c9:3a:0a:3d:ae:2c:
57:a2:4f:24:97:22:f3:ef:98:46:99:58:46:a9:5f:
09:16:f5:f8:d8:fe:55:c2:f4:2f:69:8d:0f:64:08:
66:11:5f:5f:ac:f3:ff:9a:04:34:2d:58:47:b3:eb:
70:69:b7:0e:e9:36:53:5f:43:50:58:db:eb:dd:99:
a7:28:ec:29:83:e6:8f:e5:fa:f1:17:c9:19:12:7a:
a1:2b:e5:f9:0a:06:f1:3e:0c:63:27:a0:dc:48:cd:
b2:fa:c7:0b:bb:98:d3:fd:13:86:b1:45:ea:3f:e5:
fc:05:20:ed:77:19:26:c0:dc:66:57:d6:2e:cb:16:
7d:62:81:e5:e0:13:28:97:35:98:4d:81:91:16:4a:
22:51:be:31:fe:87:d3:37:9d:7e:c3:6c:fd:bf:40:
1c:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:4F:09:01:5B:4D:A9:61:60:C3:AE:49:06:E0:36:76:11:35:A1:15
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS214669.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.14.151.0/24
150.241.237.0/24
155.117.163.0/24
167.148.117.0/24
Signature Algorithm: sha256WithRSAEncryption
95:4a:8e:2a:63:d2:a2:0b:00:a2:48:f2:b4:63:da:4a:65:64:
09:31:6d:8f:0c:21:52:11:a7:fb:c3:1e:28:1f:6f:26:97:75:
5c:9a:6b:93:8b:f0:50:7f:4a:b5:34:a1:e6:f0:d4:e5:ef:83:
d3:f3:c4:e8:1e:37:83:2d:c7:6c:57:e0:52:ce:ff:b8:3f:ff:
16:ca:82:b1:de:cb:9f:46:d8:e3:ae:e2:c1:b1:1f:65:cf:1a:
aa:a7:a1:82:c1:ea:a4:b9:d6:16:b7:ad:1d:7e:a6:e5:f6:c8:
0f:c4:46:d0:6f:d8:3a:f6:ac:b5:c9:bf:a6:b8:88:ed:59:ea:
3c:89:7a:e2:d7:86:5c:d2:43:7d:d6:d5:83:a1:95:9e:12:5a:
de:cf:84:9b:18:ff:cb:ef:3a:75:e2:2a:c2:e9:97:1c:2d:e8:
50:32:de:5d:24:ad:ce:d4:99:de:aa:89:62:46:f7:26:f8:55:
0b:a2:a5:4c:75:a7:69:9e:0d:08:40:b3:68:3d:1a:ab:e6:75:
e0:0c:b5:28:ac:c5:d3:5f:c3:74:b1:cf:ae:20:30:fa:43:5e:
e8:61:33:05:55:55:8e:f9:9d:5d:23:14:64:82:0d:b3:7c:28:
72:2b:71:e8:c2:9b:f9:cf:96:16:77:da:38:d7:4b:6a:c8:3d:
b2:fc:5c:2d
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgIUXeR0SUAK68/rq08wytkNqKZmMcwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTEwMDEwOTQyMjdaFw0yNjA5MzAwOTQ3MjdaMDMxMTAvBgNV
BAMTKDBBNEYwOTAxNUI0REE5NjE2MEMzQUU0OTA2RTAzNjc2MTEzNUExMTUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDWSZtCP/dRXDFCC3I6o7bzMLIq
T0ltmP1ZmdnFxDQkHbpuPmr3/hFsxqpQkXuQe36RLFSkXUUR6kOysxpPt7RmKb8y
zvyG1hUUi7i9l1B1G1uQAKQcqwgbAyzPD4OCs6GuCMk6Cj2uLFeiTySXIvPvmEaZ
WEapXwkW9fjY/lXC9C9pjQ9kCGYRX1+s8/+aBDQtWEez63Bptw7pNlNfQ1BY2+vd
maco7CmD5o/l+vEXyRkSeqEr5fkKBvE+DGMnoNxIzbL6xwu7mNP9E4axReo/5fwF
IO13GSbA3GZX1i7LFn1igeXgEyiXNZhNgZEWSiJRvjH+h9M3nX7DbP2/QBwLAgMB
AAGjggIcMIICGDAdBgNVHQ4EFgQUCk8JAVtNqWFgw65JBuA2dhE1oRUwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMjE0NjY5LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAjw6X
AwQAlvHtAwQAm3WjAwQAp5R1MA0GCSqGSIb3DQEBCwUAA4IBAQCVSo4qY9KiCwCi
SPK0Y9pKZWQJMW2PDCFSEaf7wx4oH28ml3VcmmuTi/BQf0q1NKHm8NTl74PT88To
HjeDLcdsV+BSzv+4P/8WyoKx3sufRtjjruLBsR9lzxqqp6GCweqkudYWt60dfqbl
9sgPxEbQb9g69qy1yb+muIjtWeo8iXri14Zc0kN91tWDoZWeElrez4SbGP/L7zp1
4irC6ZccLehQMt5dJK3O1JneqoliRvcm+FULoqVMdadpng0IQLNoPRqr5nXgDLUo
rMXTX8N0sc+uIDD6Q17oYTMFVVWO+Z1dIxRkgg2zfChyK3Howpv5z5YWd9o410tq
yD2y/Fwt
-----END CERTIFICATE-----
Generated at Tue Oct 21 11:01:42 2025 by rpki-client