Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS2914.roa
File: AS2914.roa (raw, json)
Hash identifier: w7fYJ5s4C5/ujtSrOL/KibpqNO0/Xjdk7WFvCFfGRXs=
Subject key identifier: 4C:B6:40:5B:7B:B3:19:EF:1D:1A:41:F9:50:EF:2F:C0:34:21:B3:27
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 738851C3A715E9B376C4D6101CC3F6289F76BCA1
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS2914.roa
Signing time: Mon 17 Feb 2025 06:45:36 +0000
ROA not before: Mon 17 Feb 2025 06:40:36 +0000
ROA not after: Mon 16 Feb 2026 06:45:36 +0000
asID: 2914
IP address blocks: 82.21.0.0/24 maxlen: 24
82.21.2.0/24 maxlen: 24
82.21.6.0/24 maxlen: 24
82.22.170.0/24 maxlen: 24
82.22.174.0/24 maxlen: 24
82.22.184.0/24 maxlen: 24
82.22.196.0/24 maxlen: 24
82.24.40.0/24 maxlen: 24
82.24.64.0/24 maxlen: 24
82.24.76.0/24 maxlen: 24
82.24.84.0/24 maxlen: 24
82.25.142.0/24 maxlen: 24
82.25.143.0/24 maxlen: 24
82.25.181.0/24 maxlen: 24
82.25.200.0/24 maxlen: 24
82.26.122.0/24 maxlen: 24
82.26.132.0/24 maxlen: 24
82.26.133.0/24 maxlen: 24
82.26.136.0/24 maxlen: 24
82.26.137.0/24 maxlen: 24
82.26.139.0/24 maxlen: 24
82.26.140.0/24 maxlen: 24
82.26.142.0/24 maxlen: 24
82.26.143.0/24 maxlen: 24
82.26.144.0/24 maxlen: 24
82.26.160.0/24 maxlen: 24
82.27.118.0/24 maxlen: 24
82.29.48.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 12 Apr 2025 20:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
73:88:51:c3:a7:15:e9:b3:76:c4:d6:10:1c:c3:f6:28:9f:76:bc:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Feb 17 06:40:36 2025 GMT
Not After : Feb 16 06:45:36 2026 GMT
Subject: CN=4CB6405B7BB319EF1D1A41F950EF2FC03421B327
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:21:1c:e6:14:09:de:4b:74:3d:0e:2b:81:52:
0d:23:e0:22:ee:88:da:bb:c4:60:0a:4b:82:44:cb:
5f:f1:91:9b:ee:e5:a5:88:cf:bf:c4:e9:91:ff:ee:
0b:b6:42:91:ca:ea:72:02:9a:bf:14:72:fa:5e:a3:
57:1a:b2:6b:f1:ad:b8:7f:5b:7b:13:da:cb:78:e6:
c7:cb:2f:ab:5e:72:1c:50:46:ac:98:24:13:2d:08:
71:98:2c:71:39:21:69:65:9e:8e:fb:e1:a8:7c:62:
d8:73:60:fd:60:e0:e3:a8:96:9c:cb:0f:61:64:45:
4d:c1:fa:56:f7:ef:ed:2a:64:ee:bf:2a:51:27:dc:
9b:cb:a0:58:e4:6c:6f:fa:b9:90:3e:75:c2:2b:3a:
f7:f1:e7:87:27:e3:e8:51:1c:3a:2c:02:53:85:db:
e8:fe:ae:cf:00:56:69:3e:99:02:cc:3a:ca:b0:e0:
48:c7:ec:01:0f:64:fe:8d:10:17:8b:75:6e:8e:60:
39:9e:94:0b:14:43:0a:66:3c:dc:07:e7:bd:8d:f5:
b2:6a:bf:a9:cc:68:5c:f6:2e:a0:36:2d:f5:58:1d:
8f:c9:96:93:12:71:ec:b8:5f:b0:df:ca:9a:a9:c9:
46:b0:0e:06:f5:10:df:de:3d:2a:bc:65:b5:1e:88:
6b:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:B6:40:5B:7B:B3:19:EF:1D:1A:41:F9:50:EF:2F:C0:34:21:B3:27
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS2914.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.0.0/24
82.21.2.0/24
82.21.6.0/24
82.22.170.0/24
82.22.174.0/24
82.22.184.0/24
82.22.196.0/24
82.24.40.0/24
82.24.64.0/24
82.24.76.0/24
82.24.84.0/24
82.25.142.0/23
82.25.181.0/24
82.25.200.0/24
82.26.122.0/24
82.26.132.0/23
82.26.136.0/23
82.26.139.0-82.26.140.255
82.26.142.0-82.26.144.255
82.26.160.0/24
82.27.118.0/24
82.29.48.0/24
Signature Algorithm: sha256WithRSAEncryption
9e:0c:fb:55:97:ee:5b:f2:c2:dc:eb:f4:9f:ee:c9:ad:1c:f9:
f8:ee:9c:08:55:13:4d:ff:50:92:fa:ef:9b:d5:93:7b:73:60:
fa:21:86:5d:69:d9:d2:91:34:10:1f:1e:92:03:2d:0e:7a:8a:
8b:fa:cb:25:84:9d:7d:1e:a5:bd:52:3f:43:06:40:c8:af:f3:
af:54:ae:66:fd:d9:00:9b:8b:15:a4:b2:c8:d7:63:40:79:29:
32:e1:68:1f:80:31:54:f1:e1:8f:62:b2:db:9f:97:f8:ff:93:
ae:3d:a4:67:f2:d2:2f:8a:3e:cc:5b:7b:26:70:a1:da:cb:b1:
82:69:ef:71:09:81:9c:0d:f9:e9:99:b3:40:6b:7f:07:39:49:
00:db:1b:a5:63:c8:9b:d5:81:8d:35:3d:80:43:76:b3:82:d1:
30:cd:e1:06:f9:8e:19:9e:69:74:63:75:4b:7a:fa:9b:d7:09:
07:e9:e9:bd:c9:85:34:ca:b1:0d:ec:bb:46:62:ce:1c:dc:4c:
51:1c:a2:a6:1d:c7:09:3a:39:4a:f6:63:0c:19:3b:ea:5a:88:
92:c8:cf:7c:2d:ab:6d:d4:2e:0e:f8:fa:55:41:85:c6:65:5f:
77:9a:65:6c:8b:53:b9:5e:74:61:05:26:bd:31:e1:7d:89:87:
f6:cb:e2:56
-----BEGIN CERTIFICATE-----
MIIFkTCCBHmgAwIBAgIUc4hRw6cV6bN2xNYQHMP2KJ92vKEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTAyMTcwNjQwMzZaFw0yNjAyMTYwNjQ1MzZaMDMxMTAvBgNV
BAMTKDRDQjY0MDVCN0JCMzE5RUYxRDFBNDFGOTUwRUYyRkMwMzQyMUIzMjcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCRIRzmFAneS3Q9DiuBUg0j4CLu
iNq7xGAKS4JEy1/xkZvu5aWIz7/E6ZH/7gu2QpHK6nICmr8Ucvpeo1casmvxrbh/
W3sT2st45sfLL6techxQRqyYJBMtCHGYLHE5IWllno774ah8YthzYP1g4OOolpzL
D2FkRU3B+lb37+0qZO6/KlEn3JvLoFjkbG/6uZA+dcIrOvfx54cn4+hRHDosAlOF
2+j+rs8AVmk+mQLMOsqw4EjH7AEPZP6NEBeLdW6OYDmelAsUQwpmPNwH572N9bJq
v6nMaFz2LqA2LfVYHY/JlpMScey4X7DfypqpyUawDgb1EN/ePSq8ZbUeiGsVAgMB
AAGjggKbMIIClzAdBgNVHQ4EFgQUTLZAW3uzGe8dGkH5UO8vwDQhsycwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMjkxNC5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCBsQYIKwYBBQUHAQcBAf8EgaEwgZ4wgZsEAgABMIGUAwQA
UhUAAwQAUhUCAwQAUhUGAwQAUhaqAwQAUhauAwQAUha4AwQAUhbEAwQAUhgoAwQA
UhhAAwQAUhhMAwQAUhhUAwQBUhmOAwQAUhm1AwQAUhnIAwQAUhp6AwQBUhqEAwQB
UhqIMAwDBABSGosDBABSGowwDAMEAVIajgMEAFIakAMEAFIaoAMEAFIbdgMEAFId
MDANBgkqhkiG9w0BAQsFAAOCAQEAngz7VZfuW/LC3Ov0n+7JrRz5+O6cCFUTTf9Q
kvrvm9WTe3Ng+iGGXWnZ0pE0EB8ekgMtDnqKi/rLJYSdfR6lvVI/QwZAyK/zr1Su
Zv3ZAJuLFaSyyNdjQHkpMuFoH4AxVPHhj2Ky25+X+P+Trj2kZ/LSL4o+zFt7JnCh
2suxgmnvcQmBnA356ZmzQGt/BzlJANsbpWPIm9WBjTU9gEN2s4LRMM3hBvmOGZ5p
dGN1S3r6m9cJB+npvcmFNMqxDey7RmLOHNxMURyiph3HCTo5SvZjDBk76lqIksjP
fC2rbdQuDvj6VUGFxmVfd5plbItTuV50YQUmvTHhfYmH9sviVg==
-----END CERTIFICATE-----
Generated at Sat Apr 12 05:13:33 2025 by rpki-client