Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS214025.roa
File: AS214025.roa (raw, json)
Hash identifier: MgXD9k1oxwQ82Lv/8i8ZFXwA8kRSV7JJtUirnN8GHOs=
Subject key identifier: 88:1A:2E:B8:2C:11:50:8A:92:67:09:BD:71:B4:29:02:62:8B:04:07
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 08A6CA3928656C994CCE6B5E565DEA6FB9D3B80E
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS214025.roa
Signing time: Sun 19 Apr 2026 11:55:41 +0000
ROA not before: Sun 19 Apr 2026 11:50:41 +0000
ROA not after: Sun 18 Apr 2027 11:55:41 +0000
asID: 214025
IP address blocks: 103.141.69.0/24 maxlen: 24
179.61.248.0/24 maxlen: 24
181.41.219.0/24 maxlen: 24
181.214.7.0/24 maxlen: 24
181.214.254.0/24 maxlen: 24
181.215.3.0/24 maxlen: 24
181.215.62.0/24 maxlen: 24
181.215.64.0/24 maxlen: 24
181.215.88.0/24 maxlen: 24
181.215.147.0/24 maxlen: 24
181.215.237.0/24 maxlen: 24
181.215.240.0/24 maxlen: 24
185.137.93.0/24 maxlen: 24
185.145.37.0/24 maxlen: 24
185.151.58.0/24 maxlen: 24
191.96.4.0/24 maxlen: 24
191.96.143.0/24 maxlen: 24
191.96.145.0/24 maxlen: 24
191.96.164.0/24 maxlen: 24
191.96.182.0/24 maxlen: 24
191.96.230.0/24 maxlen: 24
191.101.82.0/24 maxlen: 24
191.101.123.0/24 maxlen: 24
191.101.135.0/24 maxlen: 24
191.101.136.0/24 maxlen: 24
191.101.145.0/24 maxlen: 24
191.101.171.0/24 maxlen: 24
191.101.180.0/24 maxlen: 24
191.101.206.0/24 maxlen: 24
191.101.218.0/24 maxlen: 24
191.101.219.0/24 maxlen: 24
191.101.223.0/24 maxlen: 24
191.101.247.0/24 maxlen: 24
2a0a:9a00::/29 maxlen: 48
2a0a:9e00::/29 maxlen: 48
2a0b:8700::/29 maxlen: 48
2a0d:4c40::/29 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Apr 2026 13:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
08:a6:ca:39:28:65:6c:99:4c:ce:6b:5e:56:5d:ea:6f:b9:d3:b8:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Apr 19 11:50:41 2026 GMT
Not After : Apr 18 11:55:41 2027 GMT
Subject: CN=881A2EB82C11508A926709BD71B42902628B0407
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:bb:1a:53:b8:fd:35:d0:35:47:ff:99:04:00:
04:91:ea:d3:b6:3c:0b:ed:44:13:b0:0f:33:4f:a3:
18:fc:be:72:e8:bf:2c:be:ae:cc:15:bc:f3:5e:e0:
84:e2:14:ae:37:ac:0a:e8:89:38:1d:7d:21:f4:7e:
8f:35:bb:4c:59:12:eb:fb:11:3c:8c:83:d3:35:5e:
e4:a2:cb:a5:7b:6d:36:31:8c:aa:90:d9:fa:25:ce:
62:b7:e4:30:da:34:ab:bd:c0:ad:9c:03:aa:60:49:
18:78:f4:ee:b3:a9:b7:60:09:c7:ba:3a:3b:19:f5:
56:08:f6:8f:74:a5:b4:66:e0:44:09:45:6c:15:53:
dc:18:ff:74:94:a9:a7:b3:07:e0:35:05:3c:04:f5:
73:ed:da:45:28:08:94:67:90:da:f1:28:e5:8d:ea:
ce:a9:8d:c8:79:79:37:e2:5d:72:f5:1f:eb:af:2a:
da:75:1a:95:aa:ca:f3:96:87:35:d6:79:21:2c:45:
00:03:d5:c5:11:b7:58:82:7e:43:7b:f6:3c:ae:01:
9b:87:d9:a1:36:13:d9:b1:c8:a4:7b:02:06:09:a0:
73:81:da:26:de:87:63:7f:59:f8:c7:d9:37:11:db:
c1:e8:a0:cf:20:d1:f8:f0:c7:25:2c:3c:6f:b6:ab:
b6:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:1A:2E:B8:2C:11:50:8A:92:67:09:BD:71:B4:29:02:62:8B:04:07
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS214025.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.141.69.0/24
179.61.248.0/24
181.41.219.0/24
181.214.7.0/24
181.214.254.0/24
181.215.3.0/24
181.215.62.0/24
181.215.64.0/24
181.215.88.0/24
181.215.147.0/24
181.215.237.0/24
181.215.240.0/24
185.137.93.0/24
185.145.37.0/24
185.151.58.0/24
191.96.4.0/24
191.96.143.0/24
191.96.145.0/24
191.96.164.0/24
191.96.182.0/24
191.96.230.0/24
191.101.82.0/24
191.101.123.0/24
191.101.135.0-191.101.136.255
191.101.145.0/24
191.101.171.0/24
191.101.180.0/24
191.101.206.0/24
191.101.218.0/23
191.101.223.0/24
191.101.247.0/24
IPv6:
2a0a:9a00::/29
2a0a:9e00::/29
2a0b:8700::/29
2a0d:4c40::/29
Signature Algorithm: sha256WithRSAEncryption
4a:d7:61:ed:34:3c:47:ba:e8:15:dd:97:0f:3d:a3:38:1c:39:
fe:ea:c2:e4:e3:62:8a:4e:60:aa:c5:c5:55:93:92:db:ad:bf:
c7:41:69:58:a1:e6:22:25:84:bb:ea:19:81:44:65:3c:78:4b:
76:fe:21:6d:d0:b2:55:63:c0:6f:f9:0a:71:2d:21:83:9f:09:
f6:f0:6b:da:f9:5b:03:15:f2:22:0a:5e:77:76:df:b3:ec:8c:
67:b8:fd:56:ff:ef:b2:d3:ba:48:68:72:1e:03:7a:e7:27:59:
e4:49:63:83:51:a0:68:69:29:df:b5:e6:ef:88:46:72:ea:43:
0f:82:09:d7:d5:f6:c6:cf:1d:50:df:4d:b5:24:2e:34:3a:38:
b1:fc:96:5b:1f:e0:e9:34:31:8d:37:40:97:30:a7:68:ca:a8:
1c:c7:3e:f2:f2:cd:7c:ab:b0:39:f5:b2:16:3c:46:49:f9:db:
86:78:ec:ee:9c:8d:95:51:11:7f:74:71:64:08:6c:c4:e1:d2:
c9:9f:fd:ed:e9:7f:5f:1a:06:a7:97:25:a7:4c:7c:70:64:52:
a6:ca:69:6f:04:4c:01:00:57:4a:6c:10:e6:6a:4d:f5:93:f6:
b8:49:27:f4:43:84:90:7f:63:4c:03:5e:03:ab:5f:ec:d7:f7:
e5:bb:ba:9d
-----BEGIN CERTIFICATE-----
MIIF5jCCBM6gAwIBAgIUCKbKOShlbJlMzmteVl3qb7nTuA4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNjA0MTkxMTUwNDFaFw0yNzA0MTgxMTU1NDFaMDMxMTAvBgNV
BAMTKDg4MUEyRUI4MkMxMTUwOEE5MjY3MDlCRDcxQjQyOTAyNjI4QjA0MDcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCWuxpTuP010DVH/5kEAASR6tO2
PAvtRBOwDzNPoxj8vnLovyy+rswVvPNe4ITiFK43rAroiTgdfSH0fo81u0xZEuv7
ETyMg9M1XuSiy6V7bTYxjKqQ2folzmK35DDaNKu9wK2cA6pgSRh49O6zqbdgCce6
OjsZ9VYI9o90pbRm4EQJRWwVU9wY/3SUqaezB+A1BTwE9XPt2kUoCJRnkNrxKOWN
6s6pjch5eTfiXXL1H+uvKtp1GpWqyvOWhzXWeSEsRQAD1cURt1iCfkN79jyuAZuH
2aE2E9mxyKR7AgYJoHOB2ibeh2N/WfjH2TcR28HooM8g0fjwxyUsPG+2q7bnAgMB
AAGjggLwMIIC7DAdBgNVHQ4EFgQUiBouuCwRUIqSZwm9cbQpAmKLBAcwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMjE0MDI1LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMIIBAwYIKwYBBQUHAQcBAf8EgfMwgfAwgckEAgABMIHC
AwQAZ41FAwQAsz34AwQAtSnbAwQAtdYHAwQAtdb+AwQAtdcDAwQAtdc+AwQAtddA
AwQAtddYAwQAtdeTAwQAtdftAwQAtdfwAwQAuYldAwQAuZElAwQAuZc6AwQAv2AE
AwQAv2CPAwQAv2CRAwQAv2CkAwQAv2C2AwQAv2DmAwQAv2VSAwQAv2V7MAwDBAC/
ZYcDBAC/ZYgDBAC/ZZEDBAC/ZasDBAC/ZbQDBAC/Zc4DBAG/ZdoDBAC/Zd8DBAC/
ZfcwIgQCAAIwHAMFAyoKmgADBQMqCp4AAwUDKguHAAMFAyoNTEAwDQYJKoZIhvcN
AQELBQADggEBAErXYe00PEe66BXdlw89ozgcOf7qwuTjYopOYKrFxVWTktutv8dB
aVih5iIlhLvqGYFEZTx4S3b+IW3QslVjwG/5CnEtIYOfCfbwa9r5WwMV8iIKXnd2
37PsjGe4/Vb/77LTukhoch4DeucnWeRJY4NRoGhpKd+15u+IRnLqQw+CCdfV9sbP
HVDfTbUkLjQ6OLH8llsf4Ok0MY03QJcwp2jKqBzHPvLyzXyrsDn1shY8Rkn524Z4
7O6cjZVREX90cWQIbMTh0smf/e3pf18aBqeXJadMfHBkUqbKaW8ETAEAV0psEOZq
TfWT9rhJJ/RDhJB/Y0wDXgOrX+zX9+W7up0=
-----END CERTIFICATE-----
Generated at Sun Apr 19 23:01:57 2026 by rpki-client