Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS214025.roa
File: AS214025.roa (raw, json)
Hash identifier: uoAagMjiEjgKRgiMTHmi+ew8gKdl3YfbK7qDLNLXJB4=
Subject key identifier: 36:E8:D7:5A:06:4D:15:1D:37:E2:47:A0:2F:AC:73:30:CE:63:14:03
Certificate issuer: /CN=c2302af143c15daad50042d8455e689d0828eca9
Certificate serial: 58569CF1D9ABDFB89755C58F882F9AA553F51B53
Authority key identifier: C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS214025.roa
Signing time: Fri 17 Apr 2026 11:19:18 +0000
ROA not before: Fri 17 Apr 2026 11:14:18 +0000
ROA not after: Fri 16 Apr 2027 11:19:18 +0000
asID: 214025
IP address blocks: 141.11.79.0/24 maxlen: 24
141.11.240.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.crl
rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.mft
rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Apr 2026 18:09:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
58:56:9c:f1:d9:ab:df:b8:97:55:c5:8f:88:2f:9a:a5:53:f5:1b:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2302af143c15daad50042d8455e689d0828eca9
Validity
Not Before: Apr 17 11:14:18 2026 GMT
Not After : Apr 16 11:19:18 2027 GMT
Subject: CN=36E8D75A064D151D37E247A02FAC7330CE631403
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:c3:20:84:1d:5e:67:bf:40:84:85:3c:c7:dc:
43:35:b1:81:79:35:df:05:43:a7:8a:3a:7b:66:31:
23:fc:5f:90:be:31:67:a7:7b:a0:ea:7b:e3:b2:b6:
5c:32:94:cf:55:f7:f9:f3:f7:a7:8a:6d:b8:51:17:
23:09:81:97:99:c8:4f:db:f2:34:57:3b:e0:48:88:
62:fb:97:69:cf:8b:d2:98:84:12:18:35:a2:09:e0:
29:28:1e:fc:cb:90:ea:c3:93:e0:63:e6:ec:38:45:
15:87:12:78:86:ad:bd:12:34:d4:50:72:5e:d5:a5:
22:ac:95:b6:66:47:00:79:94:af:e2:26:c9:21:c1:
6b:8a:2b:7d:72:a0:65:c8:13:f7:52:df:d0:43:58:
ec:c8:e9:de:7d:69:42:78:7e:f0:c5:13:f7:7f:20:
9c:0b:85:36:fe:46:ae:5c:fc:d6:0b:dd:1e:96:8b:
a6:24:b2:70:cd:cd:73:bd:be:49:6f:0e:61:72:d0:
05:3a:09:6b:ee:91:b6:29:5d:b2:ff:9a:a8:ad:75:
b0:bc:45:a4:91:78:f2:ab:bc:83:7a:0c:9c:57:02:
1e:3d:51:c0:4f:c5:2e:d0:66:43:83:7c:c4:6d:22:
ff:e3:82:ae:cf:06:0b:b7:67:b2:8a:c6:81:c4:98:
6c:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:E8:D7:5A:06:4D:15:1D:37:E2:47:A0:2F:AC:73:30:CE:63:14:03
X509v3 Authority Key Identifier:
keyid:C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS214025.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.11.79.0/24
141.11.240.0/24
Signature Algorithm: sha256WithRSAEncryption
81:64:d4:17:a1:aa:5d:1f:cc:3b:df:fa:f0:4f:c4:c8:7b:55:
53:48:38:da:1d:95:54:a9:fb:a2:46:4f:dd:cb:a7:0f:3f:f6:
38:e9:4e:e0:1c:05:71:18:69:bc:9f:e6:44:e2:ef:cf:16:ae:
57:ca:07:05:8e:76:1e:4b:da:f8:0d:91:82:1e:66:1b:3e:2f:
32:ce:03:59:5a:ad:80:31:2d:8c:0e:55:65:12:b5:a3:db:08:
15:07:a7:64:c2:58:86:6e:ce:c2:dd:16:77:ca:06:f2:c0:00:
2a:30:1e:bc:29:4d:68:ae:d2:3b:71:3d:64:1c:39:47:0a:a4:
87:61:66:fa:33:79:43:94:46:0a:7e:ee:b8:f6:8e:0d:24:44:
0d:7d:51:80:37:e8:b9:2c:ad:7d:15:b0:ca:db:df:99:71:7d:
ca:d8:4d:80:e8:d2:86:30:cc:41:fb:bb:d8:41:b5:ad:07:5b:
2d:ab:46:7f:89:82:9d:dd:1e:dd:14:4c:b9:62:92:f2:6b:c3:
cf:f8:43:03:92:d9:dd:b8:1c:14:52:3d:d8:e4:af:88:7a:40:
eb:2a:49:79:b8:e8:b7:0b:cf:60:f9:e8:44:aa:37:63:3d:a2:
3b:44:e1:7d:81:09:54:ad:ce:9c:b5:d2:c9:d3:b0:22:7f:80:
e3:69:cd:54
-----BEGIN CERTIFICATE-----
MIIFBjCCA+6gAwIBAgIUWFac8dmr37iXVcWPiC+apVP1G1MwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYzIzMDJhZjE0M2MxNWRhYWQ1MDA0MmQ4NDU1ZTY4OWQw
ODI4ZWNhOTAeFw0yNjA0MTcxMTE0MThaFw0yNzA0MTYxMTE5MThaMDMxMTAvBgNV
BAMTKDM2RThENzVBMDY0RDE1MUQzN0UyNDdBMDJGQUM3MzMwQ0U2MzE0MDMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQClwyCEHV5nv0CEhTzH3EM1sYF5
Nd8FQ6eKOntmMSP8X5C+MWene6Dqe+OytlwylM9V9/nz96eKbbhRFyMJgZeZyE/b
8jRXO+BIiGL7l2nPi9KYhBIYNaIJ4CkoHvzLkOrDk+Bj5uw4RRWHEniGrb0SNNRQ
cl7VpSKslbZmRwB5lK/iJskhwWuKK31yoGXIE/dS39BDWOzI6d59aUJ4fvDFE/d/
IJwLhTb+Rq5c/NYL3R6Wi6YksnDNzXO9vklvDmFy0AU6CWvukbYpXbL/mqitdbC8
RaSRePKrvIN6DJxXAh49UcBPxS7QZkODfMRtIv/jgq7PBgu3Z7KKxoHEmGyXAgMB
AAGjggIQMIICDDAdBgNVHQ4EFgQUNujXWgZNFR034kegL6xzMM5jFAMwHwYDVR0j
BBgwFoAUwjAq8UPBXarVAELYRV5onQgo7KkwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYTkzY2I1NWMtOTU3MS00NGM4LTkwZTEtOTY1YjkyNzY5
ZTRlLzAvQzIzMDJBRjE0M0MxNURBQUQ1MDA0MkQ4NDU1RTY4OUQwODI4RUNBOS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3dqQXE4VVBCWGFyVkFFTFlSVjVvblFn
bzdLay5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2E5M2NiNTVjLTk1NzEt
NDRjOC05MGUxLTk2NWI5Mjc2OWU0ZS8wL0FTMjE0MDI1LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAjQtP
AwQAjQvwMA0GCSqGSIb3DQEBCwUAA4IBAQCBZNQXoapdH8w73/rwT8TIe1VTSDja
HZVUqfuiRk/dy6cPP/Y46U7gHAVxGGm8n+ZE4u/PFq5XygcFjnYeS9r4DZGCHmYb
Pi8yzgNZWq2AMS2MDlVlErWj2wgVB6dkwliGbs7C3RZ3ygbywAAqMB68KU1ortI7
cT1kHDlHCqSHYWb6M3lDlEYKfu649o4NJEQNfVGAN+i5LK19FbDK29+ZcX3K2E2A
6NKGMMxB+7vYQbWtB1stq0Z/iYKd3R7dFEy5YpLya8PP+EMDktnduBwUUj3Y5K+I
ekDrKkl5uOi3C89g+ehEqjdjPaI7ROF9gQlUrc6ctdLJ07Aif4Djac1U
-----END CERTIFICATE-----
Generated at Mon Apr 20 01:51:10 2026 by rpki-client