
Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/96e4ac86-1803-494d-8a7b-c051a6310752/0/AS2914.roa
File: AS2914.roa (raw, json)
Hash identifier: dfV1EFMzi3pxms7WJkvKaavgdz5ZuW10QTrvbNTBOOs=
Subject key identifier: B9:77:B8:CB:4D:63:80:42:46:1A:EB:0B:45:88:EC:41:83:A6:BF:68
Certificate issuer: /CN=0e20ccf5083a63b9f5887e3ea39d04e2d62b3da5
Certificate serial: 3E63D4D4D60C0DD1FC9E327D48C9943E82DA5B51
Authority key identifier: 0E:20:CC:F5:08:3A:63:B9:F5:88:7E:3E:A3:9D:04:E2:D6:2B:3D:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DiDM9Qg6Y7n1iH4-o50E4tYrPaU.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/96e4ac86-1803-494d-8a7b-c051a6310752/0/AS2914.roa
Signing time: Fri 03 Jul 2026 08:39:20 +0000
ROA not before: Fri 03 Jul 2026 08:34:20 +0000
ROA not after: Fri 02 Jul 2027 08:39:20 +0000
asID: 2914
IP address blocks: 51.194.148.0/22 maxlen: 24
51.194.224.0/24 maxlen: 24
51.194.243.0/24 maxlen: 24
51.241.156.0/24 maxlen: 24
51.241.157.0/24 maxlen: 24
51.241.158.0/24 maxlen: 24
51.241.236.0/22 maxlen: 24
78.105.163.0/24 maxlen: 24
188.220.59.0/24 maxlen: 24
188.220.86.0/24 maxlen: 24
188.220.88.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/96e4ac86-1803-494d-8a7b-c051a6310752/0/0E20CCF5083A63B9F5887E3EA39D04E2D62B3DA5.crl
rsync://rsync.paas.rpki.ripe.net/repository/96e4ac86-1803-494d-8a7b-c051a6310752/0/0E20CCF5083A63B9F5887E3EA39D04E2D62B3DA5.mft
rsync://rpki.ripe.net/repository/DEFAULT/DiDM9Qg6Y7n1iH4-o50E4tYrPaU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 08 Jul 2026 14:01:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3e:63:d4:d4:d6:0c:0d:d1:fc:9e:32:7d:48:c9:94:3e:82:da:5b:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0e20ccf5083a63b9f5887e3ea39d04e2d62b3da5
Validity
Not Before: Jul 3 08:34:20 2026 GMT
Not After : Jul 2 08:39:20 2027 GMT
Subject: CN=B977B8CB4D638042461AEB0B4588EC4183A6BF68
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:09:6b:38:7e:8d:23:31:1e:57:cb:58:7e:fe:
c1:99:52:7d:41:66:92:2f:f7:2f:92:cd:91:9c:6d:
0b:46:0b:e9:81:fe:b9:2a:03:fc:dd:74:47:62:7d:
f7:ee:6a:5c:ee:9a:39:cd:10:84:35:79:4f:7b:7f:
e9:92:0b:58:6f:2e:11:9b:5a:0f:d8:ab:2c:a6:91:
25:aa:de:92:e2:69:e9:86:02:29:1d:8b:98:2b:ee:
4a:75:ae:b8:40:fc:b2:1c:2d:56:0f:06:48:50:86:
4e:f5:ac:a9:41:89:d7:e1:4e:d5:2d:66:82:c6:a5:
e1:8d:de:31:15:86:14:3d:67:c1:09:d5:78:b8:17:
73:ee:f1:a6:c5:52:f0:9d:c3:dd:59:bc:be:8d:0d:
2a:60:13:db:da:e9:0e:00:84:e3:cd:00:4a:af:87:
5d:23:3b:4c:50:f3:19:29:95:84:7c:e6:a4:7a:5c:
c1:9b:ab:10:ee:96:f3:e6:d7:a3:1c:f0:b3:63:2b:
66:1d:89:62:b5:05:54:3c:6b:90:0d:85:85:e4:5d:
db:77:20:f9:8b:9f:e1:e4:97:cc:58:53:8f:25:52:
f1:fa:62:fe:67:fd:38:44:92:75:65:5c:15:41:ad:
c9:96:fe:f8:31:93:0d:ed:9a:b6:6b:e1:cd:1d:36:
fa:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:77:B8:CB:4D:63:80:42:46:1A:EB:0B:45:88:EC:41:83:A6:BF:68
X509v3 Authority Key Identifier:
keyid:0E:20:CC:F5:08:3A:63:B9:F5:88:7E:3E:A3:9D:04:E2:D6:2B:3D:A5
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/96e4ac86-1803-494d-8a7b-c051a6310752/0/0E20CCF5083A63B9F5887E3EA39D04E2D62B3DA5.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DiDM9Qg6Y7n1iH4-o50E4tYrPaU.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/96e4ac86-1803-494d-8a7b-c051a6310752/0/AS2914.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.194.148.0/22
51.194.224.0/24
51.194.243.0/24
51.241.156.0-51.241.158.255
51.241.236.0/22
78.105.163.0/24
188.220.59.0/24
188.220.86.0/24
188.220.88.0/24
Signature Algorithm: sha256WithRSAEncryption
1d:0e:a8:33:3d:a3:6f:17:60:9a:b7:4a:d1:e9:d9:cd:d5:1d:
31:0b:ff:22:4b:01:1c:bb:90:84:73:43:96:98:f2:e5:f0:c7:
76:f7:46:eb:21:9b:34:95:ed:15:cc:9c:a1:d1:f7:90:ca:10:
d3:94:8c:40:60:c5:a7:bd:b2:49:fc:e1:01:45:a0:9c:44:37:
af:b8:34:ad:88:ab:8d:c3:ff:df:d6:a1:2b:2d:f0:77:fd:6b:
cb:42:f2:9f:0d:9a:1e:f9:08:09:b6:e1:96:b0:94:77:ac:6d:
88:34:9b:ab:ea:8c:11:b8:a1:ae:f0:6a:da:3a:f3:86:c0:7c:
21:e7:18:81:d6:20:56:86:5f:4c:0d:5f:bd:28:cf:3f:96:5c:
e5:1d:af:66:ce:c1:61:e8:94:28:8b:35:59:4b:03:68:47:8c:
3c:b1:35:48:b1:f5:29:65:30:2b:a2:a5:a2:0b:3a:a1:87:f7:
eb:bc:c2:a1:e0:ee:ef:c4:64:fe:80:95:9f:b0:7a:34:96:d1:
50:ea:79:19:fb:df:a9:2e:94:7c:af:2d:95:53:d7:88:58:7b:
0f:98:0c:36:ab:34:0e:7d:bf:93:46:83:37:22:9c:61:43:9f:
2b:1c:c9:6f:8c:2a:fa:3d:50:82:0b:92:04:eb:32:83:7b:f5:
13:ad:58:94
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgIUPmPU1NYMDdH8njJ9SMmUPoLaW1EwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMGUyMGNjZjUwODNhNjNiOWY1ODg3ZTNlYTM5ZDA0ZTJk
NjJiM2RhNTAeFw0yNjA3MDMwODM0MjBaFw0yNzA3MDIwODM5MjBaMDMxMTAvBgNV
BAMTKEI5NzdCOENCNEQ2MzgwNDI0NjFBRUIwQjQ1ODhFQzQxODNBNkJGNjgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCiCWs4fo0jMR5Xy1h+/sGZUn1B
ZpIv9y+SzZGcbQtGC+mB/rkqA/zddEdifffualzumjnNEIQ1eU97f+mSC1hvLhGb
Wg/YqyymkSWq3pLiaemGAikdi5gr7kp1rrhA/LIcLVYPBkhQhk71rKlBidfhTtUt
ZoLGpeGN3jEVhhQ9Z8EJ1Xi4F3Pu8abFUvCdw91ZvL6NDSpgE9va6Q4AhOPNAEqv
h10jO0xQ8xkplYR85qR6XMGbqxDulvPm16Mc8LNjK2YdiWK1BVQ8a5ANhYXkXdt3
IPmLn+Hkl8xYU48lUvH6Yv5n/ThEknVlXBVBrcmW/vgxkw3tmrZr4c0dNvqPAgMB
AAGjggJAMIICPDAdBgNVHQ4EFgQUuXe4y01jgEJGGusLRYjsQYOmv2gwHwYDVR0j
BBgwFoAUDiDM9Qg6Y7n1iH4+o50E4tYrPaUwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOTZlNGFjODYtMTgwMy00OTRkLThhN2ItYzA1MWE2MzEw
NzUyLzAvMEUyMENDRjUwODNBNjNCOUY1ODg3RTNFQTM5RDA0RTJENjJCM0RBNS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0RpRE05UWc2WTduMWlINC1vNTBFNHRZ
clBhVS5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5Lzk2ZTRhYzg2LTE4MDMt
NDk0ZC04YTdiLWMwNTFhNjMxMDc1Mi8wL0FTMjkxNC5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBXBggrBgEFBQcBBwEB/wRIMEYwRAQCAAEwPgMEAjPClAME
ADPC4AMEADPC8zAMAwQCM/GcAwQAM/GeAwQCM/HsAwQATmmjAwQAvNw7AwQAvNxW
AwQAvNxYMA0GCSqGSIb3DQEBCwUAA4IBAQAdDqgzPaNvF2Cat0rR6dnN1R0xC/8i
SwEcu5CEc0OWmPLl8Md290brIZs0le0VzJyh0feQyhDTlIxAYMWnvbJJ/OEBRaCc
RDevuDStiKuNw//f1qErLfB3/WvLQvKfDZoe+QgJtuGWsJR3rG2INJur6owRuKGu
8GraOvOGwHwh5xiB1iBWhl9MDV+9KM8/llzlHa9mzsFh6JQoizVZSwNoR4w8sTVI
sfUpZTAroqWiCzqhh/frvMKh4O7vxGT+gJWfsHo0ltFQ6nkZ+9+pLpR8ry2VU9eI
WHsPmAw2qzQOfb+TRoM3IpxhQ58rHMlvjCr6PVCCC5IE6zKDe/UTrViU
-----END CERTIFICATE-----
Generated at Tue Jul 7 22:11:35 2026 by rpki-client