Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS214639.roa
File: AS214639.roa (raw, json)
Hash identifier: D0u9WS7Pgt1Rruj8tQYBGGvv5zQ3XZ9+OdL8uKpyO14=
Subject key identifier: 4D:ED:03:D8:60:AA:50:5B:C8:95:29:E4:3E:05:AF:54:ED:29:90:31
Certificate issuer: /CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Certificate serial: 06422B102522A8FB6BC78680F74C40A2CF7ABF42
Authority key identifier: A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS214639.roa
Signing time: Mon 06 Apr 2026 15:34:24 +0000
ROA not before: Mon 06 Apr 2026 15:29:24 +0000
ROA not after: Mon 05 Apr 2027 15:34:24 +0000
asID: 214639
IP address blocks: 2a14:7580:b000::/36 maxlen: 36
2a14:7583:9000::/36 maxlen: 48
2a14:7583:fa00::/40 maxlen: 48
2a14:7584:d000::/36 maxlen: 48
2a14:7586:4000::/36 maxlen: 36
2a14:7586:8000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft
rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 18:07:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
06:42:2b:10:25:22:a8:fb:6b:c7:86:80:f7:4c:40:a2:cf:7a:bf:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Validity
Not Before: Apr 6 15:29:24 2026 GMT
Not After : Apr 5 15:34:24 2027 GMT
Subject: CN=4DED03D860AA505BC89529E43E05AF54ED299031
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:73:c2:a2:65:f5:3c:ea:1c:11:e1:80:fd:d7:
9a:6a:3a:53:66:7b:46:90:d5:13:83:05:65:0d:32:
b5:a3:ef:f5:98:5c:45:e9:28:5e:10:7f:e7:a5:f5:
ad:b6:05:93:31:e0:41:ff:c6:54:30:8e:38:41:4b:
08:30:16:ce:b2:50:e7:f8:2f:e9:d0:e3:e6:f3:30:
06:79:47:35:d5:ed:1e:c5:9a:2e:cc:51:d0:2c:8e:
e5:27:c3:7a:1c:0b:6a:b5:76:e9:fb:32:7a:7b:80:
5e:f9:1f:2a:5a:f9:72:9f:37:38:5c:f2:ad:c8:c8:
ea:ed:8c:17:6e:9f:ca:2a:4f:bc:5c:28:c7:9c:d5:
ea:3a:51:dc:2c:6e:15:f1:17:05:50:10:d7:40:70:
45:73:94:f6:f1:43:4a:fa:2c:15:4a:f3:26:36:14:
fb:b2:cc:ba:91:de:30:6d:ea:58:ba:d9:fc:75:be:
40:67:4e:17:d0:eb:c3:2d:82:c9:03:ed:ca:c9:84:
42:67:9e:12:98:0b:5c:50:3f:47:7b:25:25:32:74:
d0:cb:cf:4b:f4:74:bf:eb:85:24:91:49:59:17:07:
eb:7f:59:a1:50:f8:1d:3b:66:90:ff:23:55:44:4d:
3d:14:d3:47:b9:49:13:c2:f0:a7:2f:ab:83:12:30:
91:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:ED:03:D8:60:AA:50:5B:C8:95:29:E4:3E:05:AF:54:ED:29:90:31
X509v3 Authority Key Identifier:
keyid:A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS214639.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:7580:b000::/36
2a14:7583:9000::/36
2a14:7583:fa00::/40
2a14:7584:d000::/36
2a14:7586:4000::/36
2a14:7586:8000::/40
Signature Algorithm: sha256WithRSAEncryption
72:8b:56:4c:19:3e:ef:31:91:46:b3:b5:9a:87:3f:7f:64:01:
cb:e0:e0:fd:55:d7:27:ea:c3:40:7b:0b:f4:4b:0e:98:88:37:
e3:0d:be:3d:af:ad:71:d7:be:65:8c:fc:07:97:60:c1:3b:69:
5f:8a:34:9b:89:09:09:14:54:bc:89:56:0d:11:1f:a1:ce:44:
d5:cc:2a:79:cd:04:6d:9d:4f:a6:69:35:61:cb:bc:c9:3f:4d:
45:a1:52:cc:d0:c2:74:35:f1:91:61:0a:dc:ac:fe:ff:d5:26:
35:c3:81:d8:83:05:37:b0:50:5f:2f:e9:88:0e:7f:06:98:9f:
06:d1:f0:7d:85:20:95:95:cd:7f:8b:83:2d:50:2c:29:34:b0:
13:2c:bb:0e:58:06:44:3f:9a:59:26:bb:c3:18:6d:85:ef:d9:
08:8a:c1:01:f3:4f:ed:47:10:41:13:11:c3:e1:54:b5:4b:76:
a0:30:dc:03:26:f0:1a:be:69:e3:d6:91:d1:ce:08:28:7f:e4:
81:54:b5:6e:fc:54:bd:45:95:07:df:4a:3e:38:bf:7f:67:e6:
d6:8b:1a:1a:39:c4:79:0c:83:02:6c:d8:3b:4b:7e:12:0a:fd:
9a:94:2e:e2:bd:72:5a:8c:f4:41:4e:13:5b:24:6d:a0:67:65:
c2:63:b3:83
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgIUBkIrECUiqPtrx4aA90xAos96v0IwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTgzZDQ4NjUyZjNiMmRmNzRmNmJmOWJhYThhOWMxNzRj
Y2ZkMzc3MjAeFw0yNjA0MDYxNTI5MjRaFw0yNzA0MDUxNTM0MjRaMDMxMTAvBgNV
BAMTKDRERUQwM0Q4NjBBQTUwNUJDODk1MjlFNDNFMDVBRjU0RUQyOTkwMzEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDhc8KiZfU86hwR4YD915pqOlNm
e0aQ1RODBWUNMrWj7/WYXEXpKF4Qf+el9a22BZMx4EH/xlQwjjhBSwgwFs6yUOf4
L+nQ4+bzMAZ5RzXV7R7Fmi7MUdAsjuUnw3ocC2q1dun7Mnp7gF75Hypa+XKfNzhc
8q3IyOrtjBdun8oqT7xcKMec1eo6UdwsbhXxFwVQENdAcEVzlPbxQ0r6LBVK8yY2
FPuyzLqR3jBt6li62fx1vkBnThfQ68MtgskD7crJhEJnnhKYC1xQP0d7JSUydNDL
z0v0dL/rhSSRSVkXB+t/WaFQ+B07ZpD/I1VETT0U00e5SRPC8Kcvq4MSMJEZAgMB
AAGjggI0MIICMDAdBgNVHQ4EFgQUTe0D2GCqUFvIlSnkPgWvVO0pkDEwHwYDVR0j
BBgwFoAUqD1IZS87LfdPa/m6qKnBdMz9N3IwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODkyNzBmNmMtYTNmZS00Mjk5LWIwNzktMzA5ZWQ5N2Yz
ODI0LzAvQTgzRDQ4NjUyRjNCMkRGNzRGNkJGOUJBQThBOUMxNzRDQ0ZEMzc3Mi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FEMUlaUzg3TGZkUGFfbTZxS25CZE16
OU4zSS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5Lzg5MjcwZjZjLWEzZmUt
NDI5OS1iMDc5LTMwOWVkOTdmMzgyNC8wL0FTMjE0NjM5LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAAjAwAwYEKhR1
gLADBgQqFHWDkAMGACoUdYP6AwYEKhR1hNADBgQqFHWGQAMGACoUdYaAMA0GCSqG
SIb3DQEBCwUAA4IBAQByi1ZMGT7vMZFGs7Wahz9/ZAHL4OD9Vdcn6sNAewv0Sw6Y
iDfjDb49r61x175ljPwHl2DBO2lfijSbiQkJFFS8iVYNER+hzkTVzCp5zQRtnU+m
aTVhy7zJP01FoVLM0MJ0NfGRYQrcrP7/1SY1w4HYgwU3sFBfL+mIDn8GmJ8G0fB9
hSCVlc1/i4MtUCwpNLATLLsOWAZEP5pZJrvDGG2F79kIisEB80/tRxBBExHD4VS1
S3agMNwDJvAavmnj1pHRzggof+SBVLVu/FS9RZUH30o+OL9/Z+bWixoaOcR5DIMC
bNg7S34SCv2alC7ivXJajPRBThNbJG2gZ2XCY7OD
-----END CERTIFICATE-----
Generated at Fri Apr 17 03:59:48 2026 by rpki-client