Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS2914.roa
File: AS2914.roa (raw, json)
Hash identifier: A/m9zPncaBiiG52gwGCACDndLCu5kUQ4mURZVGm7Cfo=
Subject key identifier: 16:B2:AD:38:23:98:C1:81:66:C9:BF:AF:E8:F7:D2:F8:46:FA:1A:9C
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 69F736D93A2F4D83C998CCAB8873FABAA69387C7
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS2914.roa
Signing time: Wed 28 May 2025 06:20:14 +0000
ROA not before: Wed 28 May 2025 06:15:14 +0000
ROA not after: Wed 27 May 2026 06:20:14 +0000
asID: 2914
IP address blocks: 82.23.248.0/23 maxlen: 24
82.23.250.0/24 maxlen: 24
82.24.16.0/24 maxlen: 24
82.26.132.0/24 maxlen: 24
82.26.133.0/24 maxlen: 24
82.26.136.0/24 maxlen: 24
82.26.137.0/24 maxlen: 24
82.26.139.0/24 maxlen: 24
82.26.142.0/24 maxlen: 24
82.26.143.0/24 maxlen: 24
82.26.144.0/24 maxlen: 24
82.26.152.0/24 maxlen: 24
82.27.116.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 06 Jun 2025 10:57:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
69:f7:36:d9:3a:2f:4d:83:c9:98:cc:ab:88:73:fa:ba:a6:93:87:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: May 28 06:15:14 2025 GMT
Not After : May 27 06:20:14 2026 GMT
Subject: CN=16B2AD382398C18166C9BFAFE8F7D2F846FA1A9C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:e8:d9:9a:ef:4b:bb:92:9a:6a:c3:94:05:28:
48:9d:b2:94:fe:1d:29:34:2d:3b:44:cc:cd:df:8a:
12:54:4a:80:03:37:4d:3b:40:bf:69:cf:5a:31:f8:
1e:fa:cd:e9:4b:a7:db:42:80:d3:f5:ba:5b:a6:dc:
6a:29:48:90:fc:08:ee:a2:7b:d0:f1:d7:69:b5:db:
ee:14:a5:d9:19:c0:ea:72:cd:f8:fe:0a:78:52:ab:
d1:37:db:96:d0:70:55:53:4f:09:20:48:05:4b:cc:
3f:eb:96:0c:fa:aa:ad:cd:03:58:b1:9d:1c:ec:f3:
ca:d8:50:4e:f9:1f:ea:bd:e6:46:9e:f9:f1:76:fe:
91:47:24:d1:d5:77:f4:aa:84:a7:81:31:0c:0e:9f:
6e:b1:94:fd:7a:43:e3:db:ab:08:2f:4e:93:1e:97:
03:ac:f8:dc:a7:c8:cd:88:e2:24:ba:ac:de:fe:1b:
a0:1d:38:0e:ec:cf:db:9f:31:ba:4e:c6:2c:ad:f7:
93:de:ef:19:a5:bc:d5:ee:4e:18:95:b4:37:8e:5e:
18:6a:2c:6c:84:52:ed:e9:fa:f0:b6:42:1f:1d:ed:
6f:1e:a9:ef:69:4e:14:d0:79:48:51:dd:9a:63:c3:
b1:70:3d:95:6f:f3:eb:66:20:f3:54:cf:52:9c:f9:
20:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:B2:AD:38:23:98:C1:81:66:C9:BF:AF:E8:F7:D2:F8:46:FA:1A:9C
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS2914.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.23.248.0-82.23.250.255
82.24.16.0/24
82.26.132.0/23
82.26.136.0/23
82.26.139.0/24
82.26.142.0-82.26.144.255
82.26.152.0/24
82.27.116.0/23
Signature Algorithm: sha256WithRSAEncryption
95:97:27:e0:97:55:9b:19:38:71:4b:99:c5:99:8c:2a:3a:c9:
35:fa:24:b1:16:16:fe:a3:e8:f6:b3:fd:94:53:cd:ad:67:74:
17:3a:47:0b:8c:66:0d:44:d6:06:fb:94:4e:61:21:d5:05:3b:
a7:ec:5a:af:2e:77:50:f0:75:64:54:e7:b1:ca:53:dd:63:21:
75:65:66:8b:38:7a:d4:42:68:4b:ef:93:d6:ba:d7:9b:5d:6f:
34:0d:b7:11:7b:c5:aa:56:df:56:14:dc:ab:c6:0f:a2:dc:4e:
e5:d4:31:9c:bc:68:de:5b:2b:5a:eb:56:9b:2f:0b:b9:45:31:
66:be:8e:e7:c8:4a:ca:2c:41:e4:4a:69:58:7c:18:70:85:4f:
31:00:4c:56:d6:bf:67:dc:28:95:c6:3d:93:0e:b3:cd:cb:2f:
ac:90:0d:1c:bb:e1:c4:98:3b:11:3f:0f:0a:20:7b:ba:c3:3e:
4f:68:6b:2e:f9:9b:f6:a8:4c:45:5b:28:24:d0:f2:98:77:a5:
e9:f0:db:51:1c:ac:a2:bf:eb:a9:60:aa:6f:2e:30:34:eb:21:
c4:61:2f:10:c9:f1:11:81:2a:a8:2e:01:3a:f5:d3:3d:8a:1f:
13:79:f6:80:4a:e6:89:68:89:7e:0a:9d:16:f8:1d:9a:19:6f:
ba:3f:16:24
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgIUafc22TovTYPJmMyriHP6uqaTh8cwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTA1MjgwNjE1MTRaFw0yNjA1MjcwNjIwMTRaMDMxMTAvBgNV
BAMTKDE2QjJBRDM4MjM5OEMxODE2NkM5QkZBRkU4RjdEMkY4NDZGQTFBOUMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCZ6Nma70u7kppqw5QFKEidspT+
HSk0LTtEzM3fihJUSoADN007QL9pz1ox+B76zelLp9tCgNP1ulum3GopSJD8CO6i
e9Dx12m12+4UpdkZwOpyzfj+CnhSq9E325bQcFVTTwkgSAVLzD/rlgz6qq3NA1ix
nRzs88rYUE75H+q95kae+fF2/pFHJNHVd/SqhKeBMQwOn26xlP16Q+PbqwgvTpMe
lwOs+NynyM2I4iS6rN7+G6AdOA7sz9ufMbpOxiyt95Pe7xmlvNXuThiVtDeOXhhq
LGyEUu3p+vC2Qh8d7W8eqe9pThTQeUhR3Zpjw7FwPZVv8+tmIPNUz1Kc+SAvAgMB
AAGjggJCMIICPjAdBgNVHQ4EFgQUFrKtOCOYwYFmyb+v6PfS+Eb6GpwwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMjkxNC5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBZBggrBgEFBQcBBwEB/wRKMEgwRgQCAAEwQDAMAwQDUhf4
AwQAUhf6AwQAUhgQAwQBUhqEAwQBUhqIAwQAUhqLMAwDBAFSGo4DBABSGpADBABS
GpgDBAFSG3QwDQYJKoZIhvcNAQELBQADggEBAJWXJ+CXVZsZOHFLmcWZjCo6yTX6
JLEWFv6j6Paz/ZRTza1ndBc6RwuMZg1E1gb7lE5hIdUFO6fsWq8ud1DwdWRU57HK
U91jIXVlZos4etRCaEvvk9a615tdbzQNtxF7xapW31YU3KvGD6LcTuXUMZy8aN5b
K1rrVpsvC7lFMWa+jufISsosQeRKaVh8GHCFTzEATFbWv2fcKJXGPZMOs83LL6yQ
DRy74cSYOxE/Dwoge7rDPk9oay75m/aoTEVbKCTQ8ph3penw21EcrKK/66lgqm8u
MDTrIcRhLxDJ8RGBKqguATr10z2KHxN59oBK5oloiX4KnRb4HZoZb7o/FiQ=
-----END CERTIFICATE-----
Generated at Thu Jun 5 18:09:59 2025 by rpki-client