Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS214572.roa
File: AS214572.roa (raw, json)
Hash identifier: BwTyOBLDSVolrsVgREsDqrH5B8cPSbJkRHKS0cb4r+8=
Subject key identifier: C8:F5:59:4E:CA:26:17:BA:9D:A5:DB:7E:C9:0F:B2:6F:08:A0:BB:A1
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 160E6EBCF9D6712B9A9F2CA6B281E868F1037A6F
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS214572.roa
Signing time: Thu 28 Aug 2025 07:13:51 +0000
ROA not before: Thu 28 Aug 2025 07:08:51 +0000
ROA not after: Thu 27 Aug 2026 07:13:51 +0000
asID: 214572
IP address blocks: 95.134.141.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 16 Sep 2025 13:46:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
16:0e:6e:bc:f9:d6:71:2b:9a:9f:2c:a6:b2:81:e8:68:f1:03:7a:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Aug 28 07:08:51 2025 GMT
Not After : Aug 27 07:13:51 2026 GMT
Subject: CN=C8F5594ECA2617BA9DA5DB7EC90FB26F08A0BBA1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:1a:13:a7:5f:c5:84:e2:9a:fa:9c:bd:d0:03:
22:8b:d9:5a:6a:4b:6c:7f:99:d0:7e:f0:b3:4b:f7:
07:bd:46:be:f0:d9:e2:0c:82:2b:28:29:49:d7:4d:
6e:9e:33:49:10:4c:0c:d1:3c:95:50:0f:3a:06:1e:
17:03:f8:9c:ef:66:31:40:dd:71:b7:ab:ef:bb:23:
95:b8:4a:7f:4f:4c:59:31:a4:70:26:6a:a8:8f:db:
e3:1b:72:d2:3a:8f:1c:ee:dc:74:11:f6:ad:48:32:
52:de:9e:05:df:79:92:45:9a:59:ee:46:f0:eb:21:
d5:e9:b6:9f:2f:08:52:ae:df:78:90:61:6a:e3:ae:
a6:48:81:b4:f1:e8:ec:e3:90:65:b5:96:2d:a5:b9:
3b:74:67:d1:48:42:ea:bf:0a:72:61:96:4f:d4:c8:
4c:1c:8f:4c:0b:8c:b4:d9:d2:46:45:41:f8:b2:5c:
5e:bf:32:0f:a2:03:79:30:61:9e:12:57:e4:bb:61:
ba:76:86:33:fc:72:e5:c6:58:9f:e5:27:e7:b6:bd:
4d:77:f9:b9:0d:2f:dc:35:9e:f9:89:63:84:4a:f9:
ef:74:ce:be:e6:62:03:ca:dc:13:c3:57:78:0c:e5:
3b:9f:a9:09:b8:2b:cd:99:46:b7:d8:5d:43:f8:6f:
8d:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:F5:59:4E:CA:26:17:BA:9D:A5:DB:7E:C9:0F:B2:6F:08:A0:BB:A1
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS214572.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.134.141.0/24
Signature Algorithm: sha256WithRSAEncryption
3a:d4:13:60:0e:74:0b:d6:bf:ba:4a:65:ca:8a:eb:d6:05:d1:
2b:10:38:c4:e7:ba:1a:6b:42:32:2d:6a:5d:f7:98:cc:b7:95:
41:e5:6b:88:b5:c8:3f:0a:62:02:8d:d6:fb:47:86:ed:e9:bf:
fd:8d:17:f9:ef:91:5e:49:f4:8e:b0:34:75:63:65:f2:1b:38:
ce:90:d7:4e:ef:36:b5:d8:f7:ec:b3:e9:24:e8:48:72:26:ff:
16:5d:87:39:64:36:4d:3a:f6:e8:10:a5:48:44:19:45:84:6e:
00:05:00:03:e8:f4:19:64:5d:a7:94:6d:ca:48:46:86:87:34:
dc:47:29:2d:83:18:15:59:c9:49:52:3f:b9:b0:ec:de:37:58:
cb:fe:41:82:b9:13:5b:ad:74:8a:99:7c:23:ee:e8:6c:a0:c8:
6f:7c:1a:84:f3:c0:a1:f8:6e:68:e2:2a:a2:1e:dc:fa:fe:b7:
58:07:22:f0:3e:93:00:62:6c:01:1e:89:11:59:b2:41:b8:aa:
33:f5:5f:7b:28:21:10:78:fd:74:48:a9:03:77:bb:b7:a6:47:
57:fe:4d:f2:c7:ad:af:13:fd:70:50:7d:af:eb:a7:03:c1:db:
43:c6:cf:1c:8d:13:fd:4b:d1:e3:35:31:37:c7:99:07:a3:a7:
d4:41:4b:63
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIUFg5uvPnWcSuanyymsoHoaPEDem8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNTA4MjgwNzA4NTFaFw0yNjA4MjcwNzEzNTFaMDMxMTAvBgNV
BAMTKEM4RjU1OTRFQ0EyNjE3QkE5REE1REI3RUM5MEZCMjZGMDhBMEJCQTEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC3GhOnX8WE4pr6nL3QAyKL2Vpq
S2x/mdB+8LNL9we9Rr7w2eIMgisoKUnXTW6eM0kQTAzRPJVQDzoGHhcD+JzvZjFA
3XG3q++7I5W4Sn9PTFkxpHAmaqiP2+MbctI6jxzu3HQR9q1IMlLengXfeZJFmlnu
RvDrIdXptp8vCFKu33iQYWrjrqZIgbTx6OzjkGW1li2luTt0Z9FIQuq/CnJhlk/U
yEwcj0wLjLTZ0kZFQfiyXF6/Mg+iA3kwYZ4SV+S7Ybp2hjP8cuXGWJ/lJ+e2vU13
+bkNL9w1nvmJY4RK+e90zr7mYgPK3BPDV3gM5TufqQm4K82ZRrfYXUP4b43FAgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQUyPVZTsomF7qdpdt+yQ+ybwigu6EwHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTMjE0NTcyLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAX4aN
MA0GCSqGSIb3DQEBCwUAA4IBAQA61BNgDnQL1r+6SmXKiuvWBdErEDjE57oaa0Iy
LWpd95jMt5VB5WuItcg/CmICjdb7R4bt6b/9jRf575FeSfSOsDR1Y2XyGzjOkNdO
7za12Pfss+kk6EhyJv8WXYc5ZDZNOvboEKVIRBlFhG4ABQAD6PQZZF2nlG3KSEaG
hzTcRyktgxgVWclJUj+5sOzeN1jL/kGCuRNbrXSKmXwj7uhsoMhvfBqE88Ch+G5o
4iqiHtz6/rdYByLwPpMAYmwBHokRWbJBuKoz9V97KCEQeP10SKkDd7u3pkdX/k3y
x62vE/1wUH2v66cDwdtDxs8cjRP9S9HjNTE3x5kHo6fUQUtj
-----END CERTIFICATE-----
Generated at Mon Sep 15 20:35:46 2025 by rpki-client