Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS214154.roa
File: AS214154.roa (raw, json)
Hash identifier: mAL5tdeINcKcfoBtR8bIgSE7AtZ/eyNaepi5iDCXlyw=
Subject key identifier: 31:C6:DD:99:1F:CD:83:11:D1:21:81:9D:79:75:1E:E7:28:09:E6:7C
Certificate issuer: /CN=c2302af143c15daad50042d8455e689d0828eca9
Certificate serial: 0B1218AEF263AC9CFE2CA45E1D81981929829B0C
Authority key identifier: C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS214154.roa
Signing time: Thu 28 Aug 2025 14:54:58 +0000
ROA not before: Thu 28 Aug 2025 14:49:58 +0000
ROA not after: Thu 27 Aug 2026 14:54:58 +0000
asID: 214154
IP address blocks: 141.11.114.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.crl
rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.mft
rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 08 Sep 2025 07:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0b:12:18:ae:f2:63:ac:9c:fe:2c:a4:5e:1d:81:98:19:29:82:9b:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2302af143c15daad50042d8455e689d0828eca9
Validity
Not Before: Aug 28 14:49:58 2025 GMT
Not After : Aug 27 14:54:58 2026 GMT
Subject: CN=31C6DD991FCD8311D121819D79751EE72809E67C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:fb:4e:53:03:70:67:d6:fd:4d:60:7c:84:73:
46:67:16:af:7f:fa:df:f2:04:b8:00:ce:f9:9c:b3:
db:98:2c:a3:b4:94:81:f8:b1:ab:96:0e:9d:36:83:
22:20:84:a6:4d:73:27:8f:cd:81:c0:0d:d5:e0:ef:
52:f3:a5:e9:07:78:bf:bd:0a:90:97:a1:1a:38:38:
c1:ce:6a:97:cf:94:25:47:e9:f2:9c:3d:ad:82:55:
e3:f0:82:aa:33:ff:d5:9a:9d:09:ba:23:8a:3a:7c:
9c:8c:76:99:8e:50:5a:b4:16:fa:cf:8f:a5:9a:46:
16:a1:11:0a:e8:ee:d8:9c:9b:3f:c8:d3:09:f2:7a:
12:dc:73:80:e1:e9:c5:c9:f9:ab:95:ea:ec:76:ac:
79:e6:84:f9:7d:27:b8:d4:29:dc:d4:4c:52:0a:10:
9b:11:95:bc:80:f7:70:1e:94:d6:ba:92:eb:31:05:
ff:35:dd:2e:30:d1:6f:ae:e8:38:f0:50:a7:73:73:
56:f8:9a:fb:0e:e2:5d:b0:65:25:bf:66:18:c7:bc:
48:95:da:94:38:ac:0c:c9:ed:6d:28:fd:8c:2c:21:
35:f9:fe:8d:5a:e9:d6:5b:f9:e5:d7:b3:33:1f:98:
05:98:16:6f:b3:c4:69:91:74:86:e1:0e:ce:99:61:
00:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:C6:DD:99:1F:CD:83:11:D1:21:81:9D:79:75:1E:E7:28:09:E6:7C
X509v3 Authority Key Identifier:
keyid:C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS214154.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.11.114.0/24
Signature Algorithm: sha256WithRSAEncryption
c3:a8:53:62:de:61:9f:a7:7a:eb:12:f2:b6:62:60:ee:ae:4a:
b1:a5:a3:cf:2f:31:fa:2c:fa:b5:ff:ca:58:ed:cc:e5:e3:39:
14:15:b0:01:11:0a:bb:60:b9:4d:53:b1:91:4a:67:a6:42:77:
75:a6:84:46:7f:f6:55:7f:d2:bc:9f:74:bf:5d:52:d9:07:6e:
d8:e7:58:6e:63:27:76:07:ee:39:80:5e:c9:05:77:be:20:3d:
75:78:ae:7b:60:8c:91:12:ed:2a:90:b4:de:3a:c7:3c:e7:02:
f7:7a:66:2c:49:25:f6:95:1f:56:a6:3b:5c:54:48:bc:53:1c:
82:e0:01:23:80:9d:9a:28:7d:b4:09:4e:69:6a:95:55:a3:34:
fe:66:15:62:f6:99:54:0b:cd:75:36:42:3a:1a:e2:37:7d:4f:
14:63:6e:99:95:bb:8a:95:86:60:7a:c8:e8:d7:38:6e:8d:57:
c8:c1:0f:f4:91:b4:65:57:27:b3:de:64:e8:c1:28:fa:91:e0:
ca:4c:24:c9:ee:b2:f9:3f:36:b0:36:42:f2:e2:1b:62:b9:33:
22:3c:8c:11:34:71:94:45:5d:57:e4:0a:8e:12:98:9d:53:ff:
f6:32:9b:da:80:20:e1:ed:ff:18:d5:cd:af:b3:c5:41:e8:6d:
35:35:98:19
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIUCxIYrvJjrJz+LKReHYGYGSmCmwwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYzIzMDJhZjE0M2MxNWRhYWQ1MDA0MmQ4NDU1ZTY4OWQw
ODI4ZWNhOTAeFw0yNTA4MjgxNDQ5NThaFw0yNjA4MjcxNDU0NThaMDMxMTAvBgNV
BAMTKDMxQzZERDk5MUZDRDgzMTFEMTIxODE5RDc5NzUxRUU3MjgwOUU2N0MwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCh+05TA3Bn1v1NYHyEc0ZnFq9/
+t/yBLgAzvmcs9uYLKO0lIH4sauWDp02gyIghKZNcyePzYHADdXg71LzpekHeL+9
CpCXoRo4OMHOapfPlCVH6fKcPa2CVePwgqoz/9WanQm6I4o6fJyMdpmOUFq0FvrP
j6WaRhahEQro7ticmz/I0wnyehLcc4Dh6cXJ+auV6ux2rHnmhPl9J7jUKdzUTFIK
EJsRlbyA93AelNa6kusxBf813S4w0W+u6DjwUKdzc1b4mvsO4l2wZSW/ZhjHvEiV
2pQ4rAzJ7W0o/YwsITX5/o1a6dZb+eXXszMfmAWYFm+zxGmRdIbhDs6ZYQBtAgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQUMcbdmR/NgxHRIYGdeXUe5ygJ5nwwHwYDVR0j
BBgwFoAUwjAq8UPBXarVAELYRV5onQgo7KkwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYTkzY2I1NWMtOTU3MS00NGM4LTkwZTEtOTY1YjkyNzY5
ZTRlLzAvQzIzMDJBRjE0M0MxNURBQUQ1MDA0MkQ4NDU1RTY4OUQwODI4RUNBOS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3dqQXE4VVBCWGFyVkFFTFlSVjVvblFn
bzdLay5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2E5M2NiNTVjLTk1NzEt
NDRjOC05MGUxLTk2NWI5Mjc2OWU0ZS8wL0FTMjE0MTU0LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAjQty
MA0GCSqGSIb3DQEBCwUAA4IBAQDDqFNi3mGfp3rrEvK2YmDurkqxpaPPLzH6LPq1
/8pY7czl4zkUFbABEQq7YLlNU7GRSmemQnd1poRGf/ZVf9K8n3S/XVLZB27Y51hu
Yyd2B+45gF7JBXe+ID11eK57YIyREu0qkLTeOsc85wL3emYsSSX2lR9WpjtcVEi8
UxyC4AEjgJ2aKH20CU5papVVozT+ZhVi9plUC811NkI6GuI3fU8UY26ZlbuKlYZg
esjo1zhujVfIwQ/0kbRlVyez3mTowSj6keDKTCTJ7rL5PzawNkLy4htiuTMiPIwR
NHGURV1X5AqOEpidU//2MpvagCDh7f8Y1c2vs8VB6G01NZgZ
-----END CERTIFICATE-----
Generated at Sun Sep 7 15:17:00 2025 by rpki-client