Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS214483.roa
File:                     AS214483.roa (raw, json)
Hash identifier:          JKVk9RMHlusu/76kSd4BoHhisnQQcJccg/bMasuczcU=
Subject key identifier:   C6:42:58:30:91:91:05:E6:DC:7D:35:A5:7C:B4:87:12:57:2B:BF:5B
Certificate issuer:       /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial:       26DCDE50708F0CC03C84A0EC3B92CA754BCBA2BF
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS214483.roa
Signing time:             Fri 10 Jul 2026 09:04:30 +0000
ROA not before:           Fri 10 Jul 2026 08:59:30 +0000
ROA not after:            Fri 09 Jul 2027 09:04:30 +0000
asID:                     214483
IP address blocks:        181.214.2.0/24 maxlen: 24
                          181.214.33.0/24 maxlen: 24
                          181.214.132.0/24 maxlen: 24
                          181.214.205.0/24 maxlen: 24
                          2a0e:1c00::/29 maxlen: 48
Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Jul 2026 07:32:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            26:dc:de:50:70:8f:0c:c0:3c:84:a0:ec:3b:92:ca:75:4b:cb:a2:bf
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
        Validity
            Not Before: Jul 10 08:59:30 2026 GMT
            Not After : Jul  9 09:04:30 2027 GMT
        Subject: CN=C6425830919105E6DC7D35A57CB48712572BBF5B
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:de:34:1c:00:93:36:19:42:5a:f0:70:83:2e:
                    e5:e2:57:f2:de:5e:91:1a:0a:cc:1a:13:cf:79:74:
                    0c:ef:3c:7c:af:1a:7f:d2:ca:92:2b:cb:26:0a:37:
                    2a:63:0b:a4:f9:af:59:26:d8:5c:1d:b4:ed:3a:13:
                    eb:2d:2e:cf:23:7e:b0:6a:b0:82:2a:c3:4b:86:e8:
                    1c:37:4c:f7:12:ae:97:04:49:82:0f:b7:bf:17:c5:
                    0f:f4:bb:9a:74:7e:60:f5:bf:8a:fd:cf:b4:86:54:
                    21:cb:3e:70:18:b2:1b:e2:57:bc:5d:24:21:d0:70:
                    75:a9:4d:7c:97:6f:74:91:43:ff:75:9a:97:b1:b2:
                    8d:9b:9f:89:d9:25:2a:b7:c3:13:3a:a8:30:32:b8:
                    54:f4:aa:13:f9:4f:72:0f:44:c6:ec:73:74:ee:4a:
                    bb:05:dc:86:9c:a3:b3:37:0b:c7:85:29:eb:36:76:
                    d5:3d:0a:00:28:2c:69:f2:b0:3c:76:66:d9:1c:46:
                    0a:d9:4b:73:b9:cd:38:c3:51:22:12:ee:ae:7a:3f:
                    1e:f2:b5:e2:43:b3:28:2e:05:63:a9:5b:e9:4a:4a:
                    57:f4:e5:46:e1:8c:9f:bb:5b:a2:71:ec:29:34:9b:
                    77:66:5a:b0:1f:90:b3:53:b9:88:cb:33:9d:96:70:
                    b8:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C6:42:58:30:91:91:05:E6:DC:7D:35:A5:7C:B4:87:12:57:2B:BF:5B
            X509v3 Authority Key Identifier:
                keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS214483.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  181.214.2.0/24
                  181.214.33.0/24
                  181.214.132.0/24
                  181.214.205.0/24
                IPv6:
                  2a0e:1c00::/29

    Signature Algorithm: sha256WithRSAEncryption
         10:4e:5d:d9:84:59:9b:e5:f9:f4:47:58:aa:ef:8b:f5:f0:a8:
         13:14:e7:ba:d2:25:1e:dd:55:fd:48:20:6b:5c:e9:2b:d0:44:
         c9:56:bf:93:36:eb:4c:ba:91:e9:e9:1d:e9:8d:9b:2f:c2:1f:
         36:70:fe:30:1f:61:fe:9f:8f:12:56:5b:51:7b:cb:b1:f7:1e:
         9e:84:d9:da:2e:f2:6f:eb:79:44:9c:5e:1e:18:b0:28:a5:e0:
         3d:cf:74:fc:17:69:aa:9d:8a:d2:7f:c7:fa:79:86:fc:54:a5:
         da:8f:5b:1e:f7:e2:4d:85:d9:ce:bc:43:15:74:60:24:23:c8:
         bc:26:44:0d:97:35:91:46:9e:d0:ad:ad:92:92:87:78:50:39:
         16:76:19:ea:d3:24:85:15:81:0d:ef:8f:35:09:fe:ab:82:86:
         40:3a:df:64:7b:d8:4e:24:2d:d3:c7:39:b0:30:97:8f:5b:8b:
         f6:de:af:7d:eb:f5:f3:be:79:d1:0c:fb:c2:79:5f:37:98:09:
         b1:51:85:06:63:ff:ec:3c:ea:48:2c:b9:64:f3:5c:e5:7b:81:
         a7:25:c7:67:c5:86:9f:58:26:b5:f8:3d:b0:d0:36:65:1e:a2:
         53:0c:18:5e:4a:3b:0a:92:42:d1:4d:37:fa:b9:19:66:5b:73:
         cb:00:e3:46
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgIUJtzeUHCPDMA8hKDsO5LKdUvLor8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNjA3MTAwODU5MzBaFw0yNzA3MDkwOTA0MzBaMDMxMTAvBgNV
BAMTKEM2NDI1ODMwOTE5MTA1RTZEQzdEMzVBNTdDQjQ4NzEyNTcyQkJGNUIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC83jQcAJM2GUJa8HCDLuXiV/Le
XpEaCswaE895dAzvPHyvGn/SypIryyYKNypjC6T5r1km2FwdtO06E+stLs8jfrBq
sIIqw0uG6Bw3TPcSrpcESYIPt78XxQ/0u5p0fmD1v4r9z7SGVCHLPnAYshviV7xd
JCHQcHWpTXyXb3SRQ/91mpexso2bn4nZJSq3wxM6qDAyuFT0qhP5T3IPRMbsc3Tu
SrsF3Iaco7M3C8eFKes2dtU9CgAoLGnysDx2ZtkcRgrZS3O5zTjDUSIS7q56Px7y
teJDsyguBWOpW+lKSlf05UbhjJ+7W6Jx7Ck0m3dmWrAfkLNTuYjLM52WcLixAgMB
AAGjggIrMIICJzAdBgNVHQ4EFgQUxkJYMJGRBebcfTWlfLSHElcrv1swHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMjE0NDgzLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQAtdYC
AwQAtdYhAwQAtdaEAwQAtdbNMA0EAgACMAcDBQMqDhwAMA0GCSqGSIb3DQEBCwUA
A4IBAQAQTl3ZhFmb5fn0R1iq74v18KgTFOe60iUe3VX9SCBrXOkr0ETJVr+TNutM
upHp6R3pjZsvwh82cP4wH2H+n48SVltRe8ux9x6ehNnaLvJv63lEnF4eGLAopeA9
z3T8F2mqnYrSf8f6eYb8VKXaj1se9+JNhdnOvEMVdGAkI8i8JkQNlzWRRp7Qra2S
kod4UDkWdhnq0ySFFYEN7481Cf6rgoZAOt9ke9hOJC3TxzmwMJePW4v23q996/Xz
vnnRDPvCeV83mAmxUYUGY//sPOpILLlk81zle4GnJcdnxYafWCa1+D2w0DZlHqJT
DBheSjsKkkLRTTf6uRlmW3PLAONG
-----END CERTIFICATE-----
Generated at Sun Jul 19 16:38:21 2026 by rpki-client