Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS214654.roa
File: AS214654.roa (raw, json)
Hash identifier: q77RRYt4GxGLyBWNaK5slMcOxaQj1CjHoTTiTCgBFXQ=
Subject key identifier: C4:11:F9:86:C9:74:DD:DA:EB:F4:B6:69:97:B0:D2:20:1D:02:E5:F8
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 4FBB7C794C65F693D65085B9CAF7091EEFAD94D2
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS214654.roa
Signing time: Tue 29 Apr 2025 13:42:22 +0000
ROA not before: Tue 29 Apr 2025 13:37:22 +0000
ROA not after: Tue 28 Apr 2026 13:42:22 +0000
asID: 214654
IP address blocks: 46.202.0.0/24 maxlen: 24
46.202.39.0/24 maxlen: 24
46.203.98.0/24 maxlen: 24
46.203.203.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 04 Jun 2025 20:17:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4f:bb:7c:79:4c:65:f6:93:d6:50:85:b9:ca:f7:09:1e:ef:ad:94:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Apr 29 13:37:22 2025 GMT
Not After : Apr 28 13:42:22 2026 GMT
Subject: CN=C411F986C974DDDAEBF4B66997B0D2201D02E5F8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:dc:8b:eb:ab:fc:f0:e4:da:16:37:96:b2:23:
a1:f8:03:24:bb:f0:14:cd:47:51:ed:b0:ba:5f:7f:
0a:dd:d9:78:7a:ae:e7:03:08:82:a5:da:b7:23:7d:
1a:ba:d8:35:ba:2c:ef:58:b6:3b:b5:a6:33:08:7d:
68:b8:52:a1:c5:b7:e5:9a:47:e2:53:40:0d:dc:59:
8f:29:3d:c4:33:0f:52:bd:5c:c6:3b:60:df:60:b8:
f9:cf:22:be:87:0f:c9:0f:c7:4e:ba:ee:70:fb:5d:
b7:3a:e0:68:9e:03:c2:ee:98:e4:aa:ec:ac:9c:90:
03:93:70:1f:ec:ca:17:25:ea:69:f3:80:a3:3c:21:
22:49:8a:51:e0:54:97:d7:90:bf:3c:74:8b:a8:b8:
b4:09:2e:02:a8:61:dc:d6:a0:61:5c:49:36:15:11:
88:7a:fe:ca:9b:ee:3a:28:98:0a:54:8d:34:ca:08:
58:23:ad:0c:e9:e3:51:88:63:35:8d:52:63:a9:9f:
cf:69:9a:98:b5:86:b1:4e:b7:92:a1:3f:51:6e:e2:
e0:c3:6e:60:11:10:17:63:9b:6e:ed:c3:fd:46:bf:
34:bf:b8:e1:64:b5:ad:e4:b1:d7:fb:34:25:45:fe:
54:0e:23:e4:8c:e5:02:97:13:02:26:db:9f:27:41:
92:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:11:F9:86:C9:74:DD:DA:EB:F4:B6:69:97:B0:D2:20:1D:02:E5:F8
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS214654.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.202.0.0/24
46.202.39.0/24
46.203.98.0/24
46.203.203.0/24
Signature Algorithm: sha256WithRSAEncryption
29:f5:9c:b2:2c:c9:37:d5:60:01:50:82:02:df:b2:1b:9d:77:
4b:04:7f:5b:e3:7c:f5:0f:51:f7:49:d8:04:88:43:d0:ca:b2:
f5:54:52:bb:65:24:07:4c:d0:d5:79:68:4a:a4:c5:c1:0f:61:
d5:af:b9:e7:12:6d:d1:42:d0:15:46:28:8e:6b:d5:03:e5:26:
d8:b2:ee:4a:71:30:83:14:6d:b9:6a:93:46:3b:79:7c:76:ab:
f5:98:7d:cc:f5:6e:d4:2d:5c:65:41:f9:18:b5:7e:32:df:90:
53:da:0c:3f:4b:e0:58:ad:47:20:d5:34:15:38:26:b7:6a:7e:
06:b5:de:8e:3b:ed:3b:dc:1c:68:04:2c:69:33:b8:1c:c5:c6:
b0:62:f9:7d:0c:b1:20:e8:00:45:8f:a3:6b:82:a1:bf:cc:4c:
25:57:e1:8a:66:ca:e9:9a:a3:8a:9c:a9:01:67:67:79:cf:db:
3e:97:79:a6:89:2b:3a:2d:d6:7c:84:8a:3b:f2:3b:51:18:2b:
fe:e5:b2:3e:6b:11:7c:de:9f:2c:ce:82:09:13:56:e4:8a:f9:
63:2b:db:86:8f:2e:ab:98:e4:98:ec:2f:b8:64:0a:7e:59:7a:
38:ea:67:aa:c6:4d:0b:64:fd:b1:99:a2:e1:e1:1c:a2:e7:63:
11:23:2c:4b
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgIUT7t8eUxl9pPWUIW5yvcJHu+tlNIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNTA0MjkxMzM3MjJaFw0yNjA0MjgxMzQyMjJaMDMxMTAvBgNV
BAMTKEM0MTFGOTg2Qzk3NEREREFFQkY0QjY2OTk3QjBEMjIwMUQwMkU1RjgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCt3Ivrq/zw5NoWN5ayI6H4AyS7
8BTNR1HtsLpffwrd2Xh6rucDCIKl2rcjfRq62DW6LO9Ytju1pjMIfWi4UqHFt+Wa
R+JTQA3cWY8pPcQzD1K9XMY7YN9guPnPIr6HD8kPx0667nD7Xbc64GieA8LumOSq
7KyckAOTcB/syhcl6mnzgKM8ISJJilHgVJfXkL88dIuouLQJLgKoYdzWoGFcSTYV
EYh6/sqb7joomApUjTTKCFgjrQzp41GIYzWNUmOpn89pmpi1hrFOt5KhP1Fu4uDD
bmAREBdjm27tw/1GvzS/uOFkta3ksdf7NCVF/lQOI+SM5QKXEwIm258nQZLNAgMB
AAGjggIcMIICGDAdBgNVHQ4EFgQUxBH5hsl03drr9LZpl7DSIB0C5fgwHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTMjE0NjU0LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALsoA
AwQALsonAwQALstiAwQALsvLMA0GCSqGSIb3DQEBCwUAA4IBAQAp9ZyyLMk31WAB
UIIC37IbnXdLBH9b43z1D1H3SdgEiEPQyrL1VFK7ZSQHTNDVeWhKpMXBD2HVr7nn
Em3RQtAVRiiOa9UD5SbYsu5KcTCDFG25apNGO3l8dqv1mH3M9W7ULVxlQfkYtX4y
35BT2gw/S+BYrUcg1TQVOCa3an4Gtd6OO+073BxoBCxpM7gcxcawYvl9DLEg6ABF
j6NrgqG/zEwlV+GKZsrpmqOKnKkBZ2d5z9s+l3mmiSs6LdZ8hIo78jtRGCv+5bI+
axF83p8szoIJE1bkivljK9uGjy6rmOSY7C+4ZAp+WXo46meqxk0LZP2xmaLh4Ryi
52MRIyxL
-----END CERTIFICATE-----
Generated at Wed Jun 4 10:15:17 2025 by rpki-client