Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS2914.roa
File: AS2914.roa (raw, json)
Hash identifier: l0TgreWZUHBAcB5Xn6eBm+PPc6hm6lL7eUlPRaTY94Y=
Subject key identifier: 74:91:56:6E:1A:61:87:27:B8:0D:F4:22:D8:90:75:E6:E5:64:D1:02
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 62338020A2E21A05F8872D8A0568B207723AEADA
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS2914.roa
Signing time: Sun 14 Sep 2025 12:07:45 +0000
ROA not before: Sun 14 Sep 2025 12:02:45 +0000
ROA not after: Sun 13 Sep 2026 12:07:45 +0000
asID: 2914
IP address blocks: 46.202.1.0/24 maxlen: 24
46.202.49.0/24 maxlen: 24
46.202.50.0/24 maxlen: 24
46.202.51.0/24 maxlen: 24
46.202.53.0/24 maxlen: 24
46.203.197.0/24 maxlen: 24
46.203.205.0/24 maxlen: 24
46.203.223.0/24 maxlen: 24
46.203.225.0/24 maxlen: 24
91.124.20.0/22 maxlen: 22
92.112.240.0/24 maxlen: 24
92.112.241.0/24 maxlen: 24
92.112.242.0/24 maxlen: 24
92.112.243.0/24 maxlen: 24
92.112.244.0/24 maxlen: 24
92.112.245.0/24 maxlen: 24
92.112.246.0/24 maxlen: 24
92.112.247.0/24 maxlen: 24
95.134.48.0/24 maxlen: 24
95.134.83.0/24 maxlen: 24
95.134.148.0/24 maxlen: 24
95.134.150.0/24 maxlen: 24
95.134.168.0/23 maxlen: 24
95.134.170.0/23 maxlen: 24
95.134.172.0/23 maxlen: 24
95.134.174.0/24 maxlen: 24
95.134.195.0/24 maxlen: 24
95.134.213.0/24 maxlen: 24
95.135.50.0/24 maxlen: 24
95.135.194.0/24 maxlen: 24
95.135.223.0/24 maxlen: 24
178.92.16.0/22 maxlen: 24
178.92.36.0/22 maxlen: 24
178.92.120.0/22 maxlen: 24
178.92.226.0/24 maxlen: 24
178.92.235.0/24 maxlen: 24
178.92.237.0/24 maxlen: 24
178.92.251.0/24 maxlen: 24
178.93.0.0/22 maxlen: 24
178.93.37.0/24 maxlen: 24
178.93.100.0/22 maxlen: 24
178.94.0.0/24 maxlen: 24
178.94.4.0/24 maxlen: 24
178.94.6.0/24 maxlen: 24
178.94.7.0/24 maxlen: 24
178.94.21.0/24 maxlen: 24
178.94.27.0/24 maxlen: 24
178.94.32.0/24 maxlen: 24
178.94.66.0/24 maxlen: 24
178.94.73.0/24 maxlen: 24
178.94.77.0/24 maxlen: 24
178.94.79.0/24 maxlen: 24
178.94.103.0/24 maxlen: 24
178.94.110.0/24 maxlen: 24
178.94.120.0/24 maxlen: 24
178.94.176.0/22 maxlen: 24
178.94.189.0/24 maxlen: 24
178.94.196.0/22 maxlen: 24
178.94.210.0/24 maxlen: 24
178.94.212.0/24 maxlen: 24
178.94.220.0/24 maxlen: 24
178.94.223.0/24 maxlen: 24
178.94.254.0/24 maxlen: 24
178.95.0.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 16 Sep 2025 13:46:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
62:33:80:20:a2:e2:1a:05:f8:87:2d:8a:05:68:b2:07:72:3a:ea:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Sep 14 12:02:45 2025 GMT
Not After : Sep 13 12:07:45 2026 GMT
Subject: CN=7491566E1A618727B80DF422D89075E6E564D102
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:7f:67:b4:80:89:28:37:f5:e2:b1:4a:b1:28:
c6:c6:28:25:b6:66:5c:32:03:f3:c5:ee:cc:5b:91:
66:60:99:2e:aa:5f:03:d1:c3:60:5f:4d:32:9d:24:
bf:c6:71:cd:dc:64:40:c2:33:02:e4:99:a3:8e:8d:
c9:26:9c:d2:e6:5b:75:ec:c6:8c:c0:b6:84:04:9e:
e6:a0:3b:fe:2a:cb:e8:04:cd:55:02:f2:20:12:da:
25:5d:1d:5f:5c:13:4d:08:36:64:4a:f3:33:cc:ce:
01:15:c2:9c:0a:cf:96:14:f7:f4:e2:83:ab:fe:e2:
41:58:76:80:70:9c:5c:2f:6a:5d:23:49:6a:b6:5a:
f0:e7:5d:b0:3e:6c:89:2c:6d:6a:fb:19:08:00:d2:
6f:a3:68:2b:54:b6:30:f7:f3:a7:b0:35:a0:36:b6:
47:c7:b3:2e:85:1b:20:9e:70:a9:1c:ee:7a:2e:3a:
75:e2:b2:4b:0d:fc:82:ea:cf:79:28:8d:29:4f:91:
e4:74:de:7a:55:2a:f6:6f:37:11:a7:94:6b:e9:0b:
71:28:37:b7:8a:67:c5:a0:cf:04:e4:a0:09:99:ae:
06:0d:71:bb:a3:34:ab:ff:d2:6e:e0:4e:9a:25:ee:
d8:4f:01:02:5c:c0:ec:ec:f0:f1:0a:ba:6f:e7:70:
17:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:91:56:6E:1A:61:87:27:B8:0D:F4:22:D8:90:75:E6:E5:64:D1:02
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS2914.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.202.1.0/24
46.202.49.0-46.202.51.255
46.202.53.0/24
46.203.197.0/24
46.203.205.0/24
46.203.223.0/24
46.203.225.0/24
91.124.20.0/22
92.112.240.0/21
95.134.48.0/24
95.134.83.0/24
95.134.148.0/24
95.134.150.0/24
95.134.168.0-95.134.174.255
95.134.195.0/24
95.134.213.0/24
95.135.50.0/24
95.135.194.0/24
95.135.223.0/24
178.92.16.0/22
178.92.36.0/22
178.92.120.0/22
178.92.226.0/24
178.92.235.0/24
178.92.237.0/24
178.92.251.0/24
178.93.0.0/22
178.93.37.0/24
178.93.100.0/22
178.94.0.0/24
178.94.4.0/24
178.94.6.0/23
178.94.21.0/24
178.94.27.0/24
178.94.32.0/24
178.94.66.0/24
178.94.73.0/24
178.94.77.0/24
178.94.79.0/24
178.94.103.0/24
178.94.110.0/24
178.94.120.0/24
178.94.176.0/22
178.94.189.0/24
178.94.196.0/22
178.94.210.0/24
178.94.212.0/24
178.94.220.0/24
178.94.223.0/24
178.94.254.0/24
178.95.0.0/22
Signature Algorithm: sha256WithRSAEncryption
06:6d:d3:5b:62:b5:93:06:5b:0c:31:15:be:d7:82:12:eb:2b:
77:75:ea:38:81:50:47:00:19:60:98:c2:12:13:42:29:d3:81:
3a:9e:62:68:41:86:40:39:dd:00:29:ee:66:ba:4c:67:0d:cc:
38:c7:f0:19:60:e3:00:c6:24:f7:44:16:1e:67:02:e2:1a:9e:
61:e6:f6:ad:29:c4:37:d5:08:20:98:9f:f7:5d:92:37:33:a8:
03:6a:0b:03:cd:80:e9:83:01:76:bf:3c:02:ce:f0:4e:0d:52:
59:2b:18:a9:89:4b:38:16:03:c7:3c:da:bd:9f:8f:2b:a3:fe:
47:e3:c5:d5:48:c0:09:f5:92:0a:df:e6:6d:6e:07:58:6a:f9:
22:8f:1d:52:7f:69:f3:5d:6b:4e:ff:9e:fc:65:8d:76:21:09:
3c:b9:cf:8a:21:5f:95:41:8f:2a:d3:70:2c:8a:9f:ec:2f:02:
07:31:f3:7a:59:c1:79:25:64:95:fd:88:39:8c:ca:88:5a:78:
9b:f0:67:60:1b:f4:04:96:09:8a:c4:52:33:8c:60:31:8e:2b:
96:79:0d:74:8c:e8:39:31:7b:9e:6c:d8:4d:ea:34:02:79:59:
f1:ae:07:d1:53:5d:d5:2f:33:92:92:8b:cb:16:51:ec:a6:d8:
0d:42:0a:01
-----BEGIN CERTIFICATE-----
MIIGRDCCBSygAwIBAgIUYjOAIKLiGgX4hy2KBWiyB3I66towDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNTA5MTQxMjAyNDVaFw0yNjA5MTMxMjA3NDVaMDMxMTAvBgNV
BAMTKDc0OTE1NjZFMUE2MTg3MjdCODBERjQyMkQ4OTA3NUU2RTU2NEQxMDIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCbf2e0gIkoN/XisUqxKMbGKCW2
ZlwyA/PF7sxbkWZgmS6qXwPRw2BfTTKdJL/Gcc3cZEDCMwLkmaOOjckmnNLmW3Xs
xozAtoQEnuagO/4qy+gEzVUC8iAS2iVdHV9cE00INmRK8zPMzgEVwpwKz5YU9/Ti
g6v+4kFYdoBwnFwval0jSWq2WvDnXbA+bIksbWr7GQgA0m+jaCtUtjD386ewNaA2
tkfHsy6FGyCecKkc7nouOnXisksN/ILqz3kojSlPkeR03npVKvZvNxGnlGvpC3Eo
N7eKZ8WgzwTkoAmZrgYNcbujNKv/0m7gTpol7thPAQJcwOzs8PEKum/ncBfVAgMB
AAGjggNOMIIDSjAdBgNVHQ4EFgQUdJFWbhphhye4DfQi2JB15uVk0QIwHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTMjkxNC5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCCAWMGCCsGAQUFBwEHAQH/BIIBUjCCAU4wggFKBAIAATCC
AUIDBAAuygEwDAMEAC7KMQMEAi7KMAMEAC7KNQMEAC7LxQMEAC7LzQMEAC7L3wME
AC7L4QMEAlt8FAMEA1xw8AMEAF+GMAMEAF+GUwMEAF+GlAMEAF+GljAMAwQDX4ao
AwQAX4auAwQAX4bDAwQAX4bVAwQAX4cyAwQAX4fCAwQAX4ffAwQCslwQAwQCslwk
AwQCslx4AwQAslziAwQAslzrAwQAslztAwQAslz7AwQCsl0AAwQAsl0lAwQCsl1k
AwQAsl4AAwQAsl4EAwQBsl4GAwQAsl4VAwQAsl4bAwQAsl4gAwQAsl5CAwQAsl5J
AwQAsl5NAwQAsl5PAwQAsl5nAwQAsl5uAwQAsl54AwQCsl6wAwQAsl69AwQCsl7E
AwQAsl7SAwQAsl7UAwQAsl7cAwQAsl7fAwQAsl7+AwQCsl8AMA0GCSqGSIb3DQEB
CwUAA4IBAQAGbdNbYrWTBlsMMRW+14IS6yt3deo4gVBHABlgmMISE0Ip04E6nmJo
QYZAOd0AKe5mukxnDcw4x/AZYOMAxiT3RBYeZwLiGp5h5vatKcQ31QggmJ/3XZI3
M6gDagsDzYDpgwF2vzwCzvBODVJZKxipiUs4FgPHPNq9n48ro/5H48XVSMAJ9ZIK
3+ZtbgdYavkijx1Sf2nzXWtO/578ZY12IQk8uc+KIV+VQY8q03Asip/sLwIHMfN6
WcF5JWSV/Yg5jMqIWnib8GdgG/QElgmKxFIzjGAxjiuWeQ10jOg5MXuebNhN6jQC
eVnxrgfRU13VLzOSkovLFlHsptgNQgoB
-----END CERTIFICATE-----
Generated at Mon Sep 15 20:31:24 2025 by rpki-client