Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS214432.roa
File: AS214432.roa (raw, json)
Hash identifier: NG6M1JY6WKtToPH6HqGIPLtH4qc+OIKayEy1zDzDh98=
Subject key identifier: 11:5E:F7:BC:9B:00:D3:D8:39:4E:22:EE:04:14:17:45:32:E8:A0:FD
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 62D77709045EDB6314974AAA742D96B25172BBDA
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS214432.roa
Signing time: Sat 13 Sep 2025 00:00:52 +0000
ROA not before: Fri 12 Sep 2025 23:55:52 +0000
ROA not after: Sat 12 Sep 2026 00:00:52 +0000
asID: 214432
IP address blocks: 91.124.18.0/24 maxlen: 24
91.124.60.0/24 maxlen: 24
91.124.186.0/24 maxlen: 24
178.93.198.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 16 Sep 2025 13:46:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
62:d7:77:09:04:5e:db:63:14:97:4a:aa:74:2d:96:b2:51:72:bb:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Sep 12 23:55:52 2025 GMT
Not After : Sep 12 00:00:52 2026 GMT
Subject: CN=115EF7BC9B00D3D8394E22EE0414174532E8A0FD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:36:ce:c8:4c:7d:e7:32:82:38:0c:f5:da:b3:
1b:31:cd:95:b8:d3:74:8c:c8:42:d9:2b:53:dd:7f:
00:fc:c3:ab:44:8f:e3:b5:54:9a:7b:85:88:83:5e:
1a:c1:f0:02:3b:f5:6a:85:e6:67:c7:c2:fd:38:9c:
3e:cb:d2:07:06:25:85:f0:20:6b:b1:4c:a7:2a:c8:
05:1a:83:f1:19:07:91:0e:f4:0f:f1:a9:90:43:7b:
7e:67:7c:e3:85:f6:6e:5c:24:9c:e4:83:8e:37:cc:
03:89:72:1b:9d:68:f9:62:ba:e5:f6:e4:e8:f0:88:
c7:d2:eb:82:c0:0c:37:37:7a:4d:a0:80:50:5a:14:
c4:0f:57:0d:bb:13:ab:97:a3:21:14:92:94:67:b6:
6d:20:32:99:64:ee:85:d7:ee:e1:35:b1:b2:98:2e:
1c:81:5a:e9:ec:aa:e7:2c:de:8c:43:10:0b:aa:60:
3c:b5:89:2f:5c:48:98:18:40:b0:6a:f2:ba:a4:35:
1c:7e:2c:ea:56:9b:a9:ce:27:74:94:55:90:2f:05:
66:33:76:f8:a1:bb:35:23:ec:2c:bf:d4:eb:e4:47:
12:06:bc:46:95:d9:9c:75:12:9c:23:06:2f:65:55:
5b:3a:85:d6:b0:ba:21:f5:ec:04:07:54:ba:d4:1a:
1d:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:5E:F7:BC:9B:00:D3:D8:39:4E:22:EE:04:14:17:45:32:E8:A0:FD
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS214432.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.124.18.0/24
91.124.60.0/24
91.124.186.0/24
178.93.198.0/24
Signature Algorithm: sha256WithRSAEncryption
86:3f:53:d4:f3:44:c1:d1:a5:42:4a:5a:1c:74:b9:6b:7e:73:
d9:4c:78:ff:56:09:45:e1:db:27:ca:69:cc:fd:6b:96:fb:88:
99:b3:82:1c:bb:b5:3e:f7:c2:b8:32:e9:4e:d9:4d:0c:fe:aa:
2d:7a:d4:f9:4c:6d:0b:d7:c8:b8:be:49:5e:ae:e2:16:0f:2d:
5a:41:7d:9c:12:ef:c2:d3:dd:64:2a:60:f0:9b:90:8e:c3:53:
c4:05:5a:eb:50:2b:bd:71:6d:92:4b:82:0e:6b:10:ea:8b:45:
12:83:ee:ee:02:7a:43:67:b8:bd:7b:62:a3:78:e5:0c:62:26:
91:3f:49:f1:39:04:fd:68:25:b8:83:b4:58:56:64:d4:c7:e0:
34:43:ef:e8:44:ee:3c:2d:f7:d7:ad:ee:2b:9c:8b:a2:cf:51:
72:f8:6a:0a:e8:70:65:2e:89:f2:98:6b:93:20:0e:a3:22:9c:
a6:9f:40:e5:a6:df:10:8d:51:be:da:5b:e8:18:94:d6:34:77:
51:f6:fc:39:09:ea:60:6c:4e:51:f6:0f:66:07:a5:7e:95:b9:
f0:d1:a1:15:03:63:46:df:d4:f1:8d:84:31:c7:58:97:1c:b7:
7e:18:5c:01:c9:a1:b0:e0:71:7e:77:4d:ea:21:c3:23:cd:9c:
85:43:ee:c6
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgIUYtd3CQRe22MUl0qqdC2WslFyu9owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNTA5MTIyMzU1NTJaFw0yNjA5MTIwMDAwNTJaMDMxMTAvBgNV
BAMTKDExNUVGN0JDOUIwMEQzRDgzOTRFMjJFRTA0MTQxNzQ1MzJFOEEwRkQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC6Ns7ITH3nMoI4DPXasxsxzZW4
03SMyELZK1PdfwD8w6tEj+O1VJp7hYiDXhrB8AI79WqF5mfHwv04nD7L0gcGJYXw
IGuxTKcqyAUag/EZB5EO9A/xqZBDe35nfOOF9m5cJJzkg443zAOJchudaPliuuX2
5OjwiMfS64LADDc3ek2ggFBaFMQPVw27E6uXoyEUkpRntm0gMplk7oXX7uE1sbKY
LhyBWunsqucs3oxDEAuqYDy1iS9cSJgYQLBq8rqkNRx+LOpWm6nOJ3SUVZAvBWYz
dvihuzUj7Cy/1OvkRxIGvEaV2Zx1EpwjBi9lVVs6hdawuiH17AQHVLrUGh2BAgMB
AAGjggIcMIICGDAdBgNVHQ4EFgQUEV73vJsA09g5TiLuBBQXRTLooP0wHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTMjE0NDMyLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAW3wS
AwQAW3w8AwQAW3y6AwQAsl3GMA0GCSqGSIb3DQEBCwUAA4IBAQCGP1PU80TB0aVC
SlocdLlrfnPZTHj/VglF4dsnymnM/WuW+4iZs4Icu7U+98K4MulO2U0M/qotetT5
TG0L18i4vkleruIWDy1aQX2cEu/C091kKmDwm5COw1PEBVrrUCu9cW2SS4IOaxDq
i0USg+7uAnpDZ7i9e2KjeOUMYiaRP0nxOQT9aCW4g7RYVmTUx+A0Q+/oRO48LffX
re4rnIuiz1Fy+GoK6HBlLonymGuTIA6jIpymn0Dlpt8QjVG+2lvoGJTWNHdR9vw5
CepgbE5R9g9mB6V+lbnw0aEVA2NG39TxjYQxx1iXHLd+GFwByaGw4HF+d03qIcMj
zZyFQ+7G
-----END CERTIFICATE-----
Generated at Mon Sep 15 20:32:23 2025 by rpki-client