Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS2914.roa
File: AS2914.roa (raw, json)
Hash identifier: RBdVh3eBKbcGr0BJKWxC6Y+3AfkHML37p0algZk4d+0=
Subject key identifier: C0:4F:9A:25:9F:8D:62:24:58:7E:52:48:2F:8D:6A:F2:B7:A0:DA:3C
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 129D1B53836E97A4F7CE396989F0D68B72299A86
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS2914.roa
Signing time: Fri 30 May 2025 09:57:42 +0000
ROA not before: Fri 30 May 2025 09:52:42 +0000
ROA not after: Fri 29 May 2026 09:57:42 +0000
asID: 2914
IP address blocks: 91.124.20.0/22 maxlen: 22
91.124.52.0/24 maxlen: 24
91.124.55.0/24 maxlen: 24
91.124.57.0/24 maxlen: 24
91.124.58.0/24 maxlen: 24
91.124.62.0/24 maxlen: 24
91.124.67.0/24 maxlen: 24
91.124.83.0/24 maxlen: 24
92.112.240.0/24 maxlen: 24
92.112.241.0/24 maxlen: 24
92.112.242.0/24 maxlen: 24
92.112.243.0/24 maxlen: 24
92.112.244.0/24 maxlen: 24
92.112.245.0/24 maxlen: 24
92.112.246.0/24 maxlen: 24
92.112.247.0/24 maxlen: 24
95.134.48.0/24 maxlen: 24
95.134.168.0/23 maxlen: 24
95.134.170.0/23 maxlen: 24
95.134.172.0/23 maxlen: 24
95.134.174.0/24 maxlen: 24
95.134.195.0/24 maxlen: 24
95.134.213.0/24 maxlen: 24
95.135.50.0/24 maxlen: 24
178.92.0.0/22 maxlen: 24
178.92.8.0/22 maxlen: 24
178.92.16.0/22 maxlen: 24
178.92.24.0/22 maxlen: 24
178.92.36.0/22 maxlen: 24
178.92.64.0/22 maxlen: 24
178.92.72.0/22 maxlen: 24
178.92.80.0/22 maxlen: 24
178.92.120.0/22 maxlen: 24
178.93.0.0/22 maxlen: 24
178.93.100.0/22 maxlen: 24
178.94.176.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 04 Jun 2025 20:17:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
12:9d:1b:53:83:6e:97:a4:f7:ce:39:69:89:f0:d6:8b:72:29:9a:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: May 30 09:52:42 2025 GMT
Not After : May 29 09:57:42 2026 GMT
Subject: CN=C04F9A259F8D6224587E52482F8D6AF2B7A0DA3C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:83:ba:17:36:c4:c2:ef:43:85:36:9f:6c:3a:
0a:be:6f:0d:8e:c1:27:e0:f3:b7:c3:33:0c:5d:bc:
82:27:f9:8a:a8:6d:87:63:90:43:d5:94:46:2f:39:
90:16:9f:27:ad:1e:1d:60:77:73:16:7b:74:90:e2:
6d:d6:23:69:79:01:4d:65:89:52:02:3f:33:83:a4:
93:51:1c:37:0e:de:01:a2:2c:3d:9d:58:f5:8e:3e:
8e:d4:f4:5a:f6:0a:ae:55:63:26:76:26:b5:4f:d2:
2d:b6:1c:6d:03:01:d4:b4:e9:74:00:dc:53:70:00:
b1:19:af:d5:be:d1:6a:80:12:1d:76:e1:d0:2f:c9:
fe:64:20:9d:ff:2d:9e:37:da:c9:51:fe:33:5c:98:
cd:10:c5:31:71:b4:5e:cb:c0:ee:25:63:7a:99:18:
c3:7d:5b:b5:fd:67:f8:fb:c5:be:aa:39:1e:0c:7e:
a6:05:54:e0:e7:87:91:6c:b0:4e:c5:a0:74:0d:d9:
89:c8:7f:b7:f9:88:19:8f:ed:1e:c6:09:1b:ba:e5:
5d:29:62:96:27:5b:05:6e:ac:cc:c9:c5:8d:1d:65:
d8:c9:38:65:d1:07:c2:f7:f9:ab:5f:ed:29:b8:5c:
dd:16:bf:10:e3:2e:3b:50:8e:cd:8f:06:27:fd:62:
56:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:4F:9A:25:9F:8D:62:24:58:7E:52:48:2F:8D:6A:F2:B7:A0:DA:3C
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS2914.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.124.20.0/22
91.124.52.0/24
91.124.55.0/24
91.124.57.0-91.124.58.255
91.124.62.0/24
91.124.67.0/24
91.124.83.0/24
92.112.240.0/21
95.134.48.0/24
95.134.168.0-95.134.174.255
95.134.195.0/24
95.134.213.0/24
95.135.50.0/24
178.92.0.0/22
178.92.8.0/22
178.92.16.0/22
178.92.24.0/22
178.92.36.0/22
178.92.64.0/22
178.92.72.0/22
178.92.80.0/22
178.92.120.0/22
178.93.0.0/22
178.93.100.0/22
178.94.176.0/22
Signature Algorithm: sha256WithRSAEncryption
ab:49:1c:4a:fb:56:d8:78:d5:48:0c:2b:2c:7b:f6:f4:28:4a:
ea:91:e9:e1:1b:e1:ce:41:61:79:e5:5d:96:69:23:79:90:15:
2a:1e:02:ba:e6:0e:ef:7c:8f:4d:39:48:a8:07:d3:8d:18:6a:
8a:ba:15:16:67:d0:68:80:8e:2f:b0:23:8a:76:00:15:1f:76:
d4:d3:2e:e9:0d:56:ef:5c:c2:75:0e:90:60:4c:7e:45:d8:63:
4b:54:51:da:92:5f:b0:29:76:f8:93:8b:d6:09:81:fe:62:49:
f1:06:97:64:83:ff:4e:15:f1:e8:28:d6:0e:f9:ef:b3:2e:fa:
8a:7c:57:ed:2d:78:ef:74:ae:fb:35:ff:e5:bb:85:31:70:f6:
94:02:de:4d:12:f1:c5:15:48:ed:4b:ed:57:44:66:4b:63:c0:
39:32:4b:fd:7d:37:b2:31:bc:7f:fd:7a:95:43:fc:92:ad:00:
62:ef:31:da:12:f9:0c:99:ae:61:75:17:06:c2:12:86:67:90:
3a:12:f4:ab:05:ee:8d:37:a1:72:06:57:a1:95:63:a7:32:0b:
8b:94:83:e5:70:78:cc:cc:23:99:19:03:5e:d8:bf:a1:48:8e:
19:c6:28:cb:88:75:2e:dc:09:ba:50:30:29:4f:13:d0:8a:37:
a3:61:08:7f
-----BEGIN CERTIFICATE-----
MIIFozCCBIugAwIBAgIUEp0bU4Nul6T3zjlpifDWi3IpmoYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNTA1MzAwOTUyNDJaFw0yNjA1MjkwOTU3NDJaMDMxMTAvBgNV
BAMTKEMwNEY5QTI1OUY4RDYyMjQ1ODdFNTI0ODJGOEQ2QUYyQjdBMERBM0MwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDgg7oXNsTC70OFNp9sOgq+bw2O
wSfg87fDMwxdvIIn+YqobYdjkEPVlEYvOZAWnyetHh1gd3MWe3SQ4m3WI2l5AU1l
iVICPzODpJNRHDcO3gGiLD2dWPWOPo7U9Fr2Cq5VYyZ2JrVP0i22HG0DAdS06XQA
3FNwALEZr9W+0WqAEh124dAvyf5kIJ3/LZ432slR/jNcmM0QxTFxtF7LwO4lY3qZ
GMN9W7X9Z/j7xb6qOR4MfqYFVODnh5FssE7FoHQN2YnIf7f5iBmP7R7GCRu65V0p
YpYnWwVurMzJxY0dZdjJOGXRB8L3+atf7Sm4XN0WvxDjLjtQjs2PBif9YlYVAgMB
AAGjggKtMIICqTAdBgNVHQ4EFgQUwE+aJZ+NYiRYflJIL41q8reg2jwwHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTMjkxNC5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCBwwYIKwYBBQUHAQcBAf8EgbMwgbAwga0EAgABMIGmAwQC
W3wUAwQAW3w0AwQAW3w3MAwDBABbfDkDBABbfDoDBABbfD4DBABbfEMDBABbfFMD
BANccPADBABfhjAwDAMEA1+GqAMEAF+GrgMEAF+GwwMEAF+G1QMEAF+HMgMEArJc
AAMEArJcCAMEArJcEAMEArJcGAMEArJcJAMEArJcQAMEArJcSAMEArJcUAMEArJc
eAMEArJdAAMEArJdZAMEArJesDANBgkqhkiG9w0BAQsFAAOCAQEAq0kcSvtW2HjV
SAwrLHv29ChK6pHp4RvhzkFheeVdlmkjeZAVKh4CuuYO73yPTTlIqAfTjRhqiroV
FmfQaICOL7AjinYAFR921NMu6Q1W71zCdQ6QYEx+RdhjS1RR2pJfsCl2+JOL1gmB
/mJJ8QaXZIP/ThXx6CjWDvnvsy76inxX7S1473Su+zX/5buFMXD2lALeTRLxxRVI
7UvtV0RmS2PAOTJL/X03sjG8f/16lUP8kq0AYu8x2hL5DJmuYXUXBsIShmeQOhL0
qwXujTehcgZXoZVjpzILi5SD5XB4zMwjmRkDXti/oUiOGcYoy4h1LtwJulAwKU8T
0Io3o2EIfw==
-----END CERTIFICATE-----
Generated at Wed Jun 4 10:10:42 2025 by rpki-client