Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/AS2914.roa
File: AS2914.roa (raw, json)
Hash identifier: BGvR+2jhWldBcHSxJlxiaJmWpcNlwQQTwk4tTM0lTpQ=
Subject key identifier: A9:A8:E8:38:B6:71:EB:8D:0B:8A:F8:91:16:E6:D0:21:D4:44:E5:37
Certificate issuer: /CN=88c14ec02adbf083138eddd47871176ddeb93d9d
Certificate serial: 2FFBD65AFDA2C39AC3148B2AF534771BD45C53C1
Authority key identifier: 88:C1:4E:C0:2A:DB:F0:83:13:8E:DD:D4:78:71:17:6D:DE:B9:3D:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/AS2914.roa
Signing time: Tue 03 Mar 2026 14:01:03 +0000
ROA not before: Tue 03 Mar 2026 13:56:03 +0000
ROA not after: Tue 02 Mar 2027 14:01:03 +0000
asID: 2914
IP address blocks: 143.20.212.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.crl
rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.mft
rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 06 Mar 2026 16:05:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2f:fb:d6:5a:fd:a2:c3:9a:c3:14:8b:2a:f5:34:77:1b:d4:5c:53:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88c14ec02adbf083138eddd47871176ddeb93d9d
Validity
Not Before: Mar 3 13:56:03 2026 GMT
Not After : Mar 2 14:01:03 2027 GMT
Subject: CN=A9A8E838B671EB8D0B8AF89116E6D021D444E537
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:d7:e9:1b:b3:ac:cd:0e:f2:fe:15:38:8d:1b:
07:d3:6e:a7:12:d8:69:87:da:19:85:26:91:67:0f:
19:61:74:00:4e:6d:1b:70:7b:f3:21:b2:3e:58:3a:
96:2b:89:e7:47:9d:8d:40:40:8c:94:bd:11:83:43:
0e:bf:78:1d:8b:77:9c:04:24:78:dd:e7:a5:fc:a2:
26:e2:91:94:b1:21:a0:47:69:72:66:1e:eb:18:4a:
aa:fe:02:65:3e:d4:6c:0e:f7:76:d8:14:fa:f4:1e:
14:fb:d1:40:71:8d:34:3a:cc:94:4a:36:bd:70:44:
e4:38:0e:50:6a:5e:4c:56:d1:82:92:11:4b:27:e5:
24:57:6b:38:2d:fc:b9:c6:80:3a:d9:37:7c:91:3a:
c9:ea:77:68:6b:61:59:75:07:22:4f:b4:ca:7b:c3:
09:2c:ee:94:f0:ff:88:47:f1:31:3d:f8:3e:37:db:
04:f8:77:37:e4:03:f0:a5:c6:31:c4:d9:cf:ea:b4:
b3:51:2d:6a:f9:47:34:fe:99:65:ef:9f:0d:c7:cd:
7b:45:8a:48:9d:52:ac:05:cc:c9:6e:bb:2b:ef:a0:
37:ab:22:e3:be:13:9e:72:5d:a8:c8:73:99:8a:3c:
dc:3d:2c:46:92:eb:88:0f:92:c1:96:5a:cd:16:77:
42:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:A8:E8:38:B6:71:EB:8D:0B:8A:F8:91:16:E6:D0:21:D4:44:E5:37
X509v3 Authority Key Identifier:
keyid:88:C1:4E:C0:2A:DB:F0:83:13:8E:DD:D4:78:71:17:6D:DE:B9:3D:9D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/AS2914.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.20.212.0/24
Signature Algorithm: sha256WithRSAEncryption
cf:c1:cb:c3:3b:59:f6:3b:ef:a9:44:e8:8e:7f:63:52:08:43:
0b:a5:67:dd:c4:d8:f3:94:15:42:e4:8a:b7:4f:d1:22:c6:6c:
3a:31:78:4e:22:09:fe:cd:0f:a7:3d:e6:81:30:d6:db:a5:d7:
84:2e:9d:2b:2c:be:c8:bc:1f:cf:11:ea:92:33:fa:dd:63:db:
4f:e7:f3:85:6f:15:42:cb:11:58:6c:c8:3d:d3:f2:bb:e1:5a:
4c:5f:59:50:01:4c:af:4d:db:d5:2b:87:d6:04:ec:36:55:85:
a0:37:b8:e1:40:e0:da:06:9a:a7:01:61:eb:85:04:b0:e1:60:
c5:26:78:18:1a:60:b5:0e:b8:5e:d0:9d:63:ed:3b:6f:6b:df:
61:9e:1a:b2:2a:ca:53:de:32:6d:0a:41:9a:22:5e:f6:ae:91:
0b:85:1b:df:6c:31:8c:3e:55:15:cb:29:79:ba:28:ad:a1:c6:
da:f1:d3:22:7b:f0:cd:6f:fb:da:7a:73:7f:96:1f:6c:aa:a0:
48:28:b7:f3:f3:bd:64:c6:8c:61:2c:3e:3c:2f:84:f7:93:ca:
09:a5:3b:8f:1f:a4:b4:c9:f0:c2:61:d2:24:f7:04:a0:77:87:
f6:ac:32:e9:b3:d6:f9:dc:2e:08:2c:e5:88:3f:9d:aa:65:a8:
21:b7:e2:9d
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIUL/vWWv2iw5rDFIsq9TR3G9RcU8EwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODhjMTRlYzAyYWRiZjA4MzEzOGVkZGQ0Nzg3MTE3NmRk
ZWI5M2Q5ZDAeFw0yNjAzMDMxMzU2MDNaFw0yNzAzMDIxNDAxMDNaMDMxMTAvBgNV
BAMTKEE5QThFODM4QjY3MUVCOEQwQjhBRjg5MTE2RTZEMDIxRDQ0NEU1MzcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCp1+kbs6zNDvL+FTiNGwfTbqcS
2GmH2hmFJpFnDxlhdABObRtwe/Mhsj5YOpYriedHnY1AQIyUvRGDQw6/eB2Ld5wE
JHjd56X8oibikZSxIaBHaXJmHusYSqr+AmU+1GwO93bYFPr0HhT70UBxjTQ6zJRK
Nr1wROQ4DlBqXkxW0YKSEUsn5SRXazgt/LnGgDrZN3yROsnqd2hrYVl1ByJPtMp7
wwks7pTw/4hH8TE9+D432wT4dzfkA/ClxjHE2c/qtLNRLWr5RzT+mWXvnw3HzXtF
ikidUqwFzMluuyvvoDerIuO+E55yXajIc5mKPNw9LEaS64gPksGWWs0Wd0J3AgMB
AAGjggIIMIICBDAdBgNVHQ4EFgQUqajoOLZx640LiviRFubQIdRE5TcwHwYDVR0j
BBgwFoAUiMFOwCrb8IMTjt3UeHEXbd65PZ0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQwOWQ3YjItZWU2NC00OWYxLWFkODEtOGU0YTEwN2Q2
MmUwLzAvODhDMTRFQzAyQURCRjA4MzEzOEVEREQ0Nzg3MTE3NkRERUI5M0Q5RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2lNRk93Q3JiOElNVGp0M1VlSEVYYmQ2
NVBaMC5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0MDlkN2IyLWVlNjQt
NDlmMS1hZDgxLThlNGExMDdkNjJlMC8wL0FTMjkxNC5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAI8U1DAN
BgkqhkiG9w0BAQsFAAOCAQEAz8HLwztZ9jvvqUTojn9jUghDC6Vn3cTY85QVQuSK
t0/RIsZsOjF4TiIJ/s0Ppz3mgTDW26XXhC6dKyy+yLwfzxHqkjP63WPbT+fzhW8V
QssRWGzIPdPyu+FaTF9ZUAFMr03b1SuH1gTsNlWFoDe44UDg2gaapwFh64UEsOFg
xSZ4GBpgtQ64XtCdY+07b2vfYZ4asirKU94ybQpBmiJe9q6RC4Ub32wxjD5VFcsp
ebooraHG2vHTInvwzW/72npzf5YfbKqgSCi38/O9ZMaMYSw+PC+E95PKCaU7jx+k
tMnwwmHSJPcEoHeH9qwy6bPW+dwuCCzliD+dqmWoIbfinQ==
-----END CERTIFICATE-----
Generated at Thu Mar 5 23:39:09 2026 by rpki-client