Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS214025.roa
File: AS214025.roa (raw, json)
Hash identifier: +L926LYsj/30nt9Z1J80K/KOYtn1wPn1jbIYSTIFxys=
Subject key identifier: 11:7D:BA:30:EA:47:D7:32:2F:17:EA:3E:54:6D:F3:6F:71:21:23:58
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 664F085E6323A4824D959024613C85EEE184974C
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS214025.roa
Signing time: Sat 28 Mar 2026 00:56:49 +0000
ROA not before: Sat 28 Mar 2026 00:51:49 +0000
ROA not after: Sat 27 Mar 2027 00:56:49 +0000
asID: 214025
IP address blocks: 46.202.51.0/24 maxlen: 24
46.202.66.0/24 maxlen: 24
46.202.70.0/24 maxlen: 24
46.202.75.0/24 maxlen: 24
46.203.37.0/24 maxlen: 24
46.203.98.0/24 maxlen: 24
46.203.203.0/24 maxlen: 24
92.112.36.0/24 maxlen: 24
92.113.73.0/24 maxlen: 24
92.113.101.0/24 maxlen: 24
92.113.102.0/24 maxlen: 24
92.113.104.0/24 maxlen: 24
92.113.105.0/24 maxlen: 24
92.113.112.0/23 maxlen: 24
92.113.124.0/23 maxlen: 24
92.113.142.0/23 maxlen: 24
92.113.159.0/24 maxlen: 24
95.134.120.0/24 maxlen: 24
95.135.201.0/24 maxlen: 24
178.95.5.0/24 maxlen: 24
178.95.190.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 28 Mar 2026 19:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
66:4f:08:5e:63:23:a4:82:4d:95:90:24:61:3c:85:ee:e1:84:97:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Mar 28 00:51:49 2026 GMT
Not After : Mar 27 00:56:49 2027 GMT
Subject: CN=117DBA30EA47D7322F17EA3E546DF36F71212358
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:a0:93:9d:97:f8:f2:80:62:0e:52:8e:73:62:
f3:e1:80:23:ed:15:04:7a:1d:b6:ba:a6:b9:e8:8a:
02:8b:04:95:1a:82:77:06:43:f3:39:44:a9:5c:f8:
54:91:f5:fd:62:f7:b8:7f:a5:81:4c:ef:41:51:74:
c4:37:d0:5b:58:57:43:0b:5f:d7:ba:b6:8e:af:40:
eb:e6:be:1a:bc:6f:6f:74:91:d5:06:44:6e:2b:98:
d3:53:d5:6b:74:9d:26:67:f6:49:3a:02:26:3b:18:
ff:8a:60:0d:98:d7:53:dc:d0:9e:f7:fd:ac:95:c4:
80:94:c6:26:d6:de:5c:31:3f:0b:45:82:fb:8d:5b:
1b:b5:b8:10:a1:2d:66:9f:b0:d0:59:f6:7c:20:f8:
b9:f4:81:5f:d7:15:23:05:6c:41:48:fc:27:49:18:
f1:99:0e:44:9a:aa:98:ec:9d:a4:79:b8:e2:40:56:
16:97:da:ac:47:e7:fa:b4:de:30:3b:7b:c1:8b:57:
0a:f3:7b:9c:e4:8a:02:87:bd:73:89:9d:d4:d7:0a:
18:cc:7a:9b:55:8b:54:ff:74:a5:47:f6:d4:f5:36:
fc:20:77:3d:c1:fe:7f:e8:91:57:de:c1:a2:19:a1:
7b:4c:8c:77:61:ba:2e:93:2f:59:a6:b0:cf:ca:9d:
d0:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:7D:BA:30:EA:47:D7:32:2F:17:EA:3E:54:6D:F3:6F:71:21:23:58
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS214025.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.202.51.0/24
46.202.66.0/24
46.202.70.0/24
46.202.75.0/24
46.203.37.0/24
46.203.98.0/24
46.203.203.0/24
92.112.36.0/24
92.113.73.0/24
92.113.101.0-92.113.102.255
92.113.104.0/23
92.113.112.0/23
92.113.124.0/23
92.113.142.0/23
92.113.159.0/24
95.134.120.0/24
95.135.201.0/24
178.95.5.0/24
178.95.190.0/24
Signature Algorithm: sha256WithRSAEncryption
57:73:3e:b5:3e:01:91:bc:20:e2:e5:aa:75:b3:f2:a2:bf:09:
96:1e:74:7a:90:3a:8b:97:ce:66:f4:e4:54:49:2f:a8:68:1f:
b9:42:02:3e:96:2c:57:a4:47:0e:bc:e9:e4:39:d5:bd:22:1d:
7e:b4:a6:46:15:b0:c4:62:3f:10:95:7c:72:d6:1d:f8:14:ee:
78:fb:fd:71:de:2d:d3:ef:83:20:33:ec:6c:cf:da:77:3a:51:
df:f5:3d:b2:a5:bd:be:75:54:18:37:f8:06:9d:fc:a1:3d:ed:
23:2d:64:e3:39:d0:c4:20:a1:d2:d2:0e:24:fb:a3:4f:7f:7c:
18:81:82:4a:5f:6b:fe:35:a8:43:ba:c1:ab:ff:d6:7d:be:fe:
a5:6f:2f:cf:c3:be:2d:04:ad:07:e8:c5:7a:33:4a:f5:72:ac:
64:56:ab:30:65:34:4a:f7:fd:2a:43:3a:e9:74:a2:20:45:9b:
69:3b:ba:99:a9:50:a8:52:34:29:5a:81:48:94:ac:90:ef:f1:
ef:39:32:29:91:43:37:51:21:d1:c0:af:50:8c:7f:9d:bc:e6:
d1:bb:4e:85:77:93:76:d9:17:30:a4:87:a2:54:19:d2:46:1a:
00:f3:2b:14:8e:96:fa:9a:45:3a:e4:76:8d:c6:f0:be:39:eb:
67:b3:a4:2e
-----BEGIN CERTIFICATE-----
MIIFeDCCBGCgAwIBAgIUZk8IXmMjpIJNlZAkYTyF7uGEl0wwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNjAzMjgwMDUxNDlaFw0yNzAzMjcwMDU2NDlaMDMxMTAvBgNV
BAMTKDExN0RCQTMwRUE0N0Q3MzIyRjE3RUEzRTU0NkRGMzZGNzEyMTIzNTgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDCoJOdl/jygGIOUo5zYvPhgCPt
FQR6Hba6prnoigKLBJUagncGQ/M5RKlc+FSR9f1i97h/pYFM70FRdMQ30FtYV0ML
X9e6to6vQOvmvhq8b290kdUGRG4rmNNT1Wt0nSZn9kk6AiY7GP+KYA2Y11Pc0J73
/ayVxICUxibW3lwxPwtFgvuNWxu1uBChLWafsNBZ9nwg+Ln0gV/XFSMFbEFI/CdJ
GPGZDkSaqpjsnaR5uOJAVhaX2qxH5/q03jA7e8GLVwrze5zkigKHvXOJndTXChjM
eptVi1T/dKVH9tT1Nvwgdz3B/n/okVfewaIZoXtMjHdhui6TL1mmsM/KndBJAgMB
AAGjggKCMIICfjAdBgNVHQ4EFgQUEX26MOpH1zIvF+o+VG3zb3EhI1gwHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTMjE0MDI1LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMIGWBggrBgEFBQcBBwEB/wSBhjCBgzCBgAQCAAEwegME
AC7KMwMEAC7KQgMEAC7KRgMEAC7KSwMEAC7LJQMEAC7LYgMEAC7LywMEAFxwJAME
AFxxSTAMAwQAXHFlAwQAXHFmAwQBXHFoAwQBXHFwAwQBXHF8AwQBXHGOAwQAXHGf
AwQAX4Z4AwQAX4fJAwQAsl8FAwQAsl++MA0GCSqGSIb3DQEBCwUAA4IBAQBXcz61
PgGRvCDi5ap1s/KivwmWHnR6kDqLl85m9ORUSS+oaB+5QgI+lixXpEcOvOnkOdW9
Ih1+tKZGFbDEYj8QlXxy1h34FO54+/1x3i3T74MgM+xsz9p3OlHf9T2ypb2+dVQY
N/gGnfyhPe0jLWTjOdDEIKHS0g4k+6NPf3wYgYJKX2v+NahDusGr/9Z9vv6lby/P
w74tBK0H6MV6M0r1cqxkVqswZTRK9/0qQzrpdKIgRZtpO7qZqVCoUjQpWoFIlKyQ
7/HvOTIpkUM3USHRwK9QjH+dvObRu06Fd5N22RcwpIeiVBnSRhoA8ysUjpb6mkU6
5HaNxvC+Oetns6Qu
-----END CERTIFICATE-----
Generated at Sat Mar 28 02:34:56 2026 by rpki-client