Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS2914.roa
File: AS2914.roa (raw, json)
Hash identifier: z2RWPgPwBW4X0UHLr+QGobTTxTnIbFpZLM2Ncz892JQ=
Subject key identifier: 46:E0:C0:88:DA:51:09:23:2F:36:1E:B3:89:62:DA:73:C3:33:BB:A1
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 5DAC3CE4CAF04D76CD3DD635C31008A911B43D56
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS2914.roa
Signing time: Sat 22 Mar 2025 18:55:52 +0000
ROA not before: Sat 22 Mar 2025 18:50:52 +0000
ROA not after: Sat 21 Mar 2026 18:55:52 +0000
asID: 2914
IP address blocks: 91.124.20.0/22 maxlen: 22
91.124.52.0/24 maxlen: 24
91.124.55.0/24 maxlen: 24
91.124.57.0/24 maxlen: 24
91.124.58.0/24 maxlen: 24
91.124.62.0/24 maxlen: 24
91.124.67.0/24 maxlen: 24
91.124.83.0/24 maxlen: 24
92.112.240.0/24 maxlen: 24
92.112.241.0/24 maxlen: 24
92.112.242.0/24 maxlen: 24
92.112.243.0/24 maxlen: 24
92.112.244.0/24 maxlen: 24
92.112.245.0/24 maxlen: 24
92.112.246.0/24 maxlen: 24
92.112.247.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 03:24:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5d:ac:3c:e4:ca:f0:4d:76:cd:3d:d6:35:c3:10:08:a9:11:b4:3d:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Mar 22 18:50:52 2025 GMT
Not After : Mar 21 18:55:52 2026 GMT
Subject: CN=46E0C088DA5109232F361EB38962DA73C333BBA1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:45:26:01:d7:ae:65:14:a5:9a:3d:bd:ba:77:
eb:f1:22:53:fa:b5:20:a0:4b:57:bf:a4:b3:06:eb:
1f:5f:85:86:c1:9e:61:da:0b:82:2f:d5:41:03:b6:
d2:6c:1b:97:78:87:f0:b7:6c:3f:63:80:e9:1b:70:
fd:21:db:16:80:cc:cb:8b:f8:19:60:34:8f:7c:30:
57:20:6a:5d:50:ec:be:f1:24:f6:b7:34:e1:fb:9d:
b1:52:f6:64:89:bf:1b:23:57:83:30:db:15:00:09:
95:d8:e2:4c:80:de:b5:eb:4f:96:e1:1e:51:a8:64:
0a:a9:eb:22:86:70:00:57:ee:28:50:7e:d3:5a:46:
9f:19:11:cb:d8:0c:5e:44:c7:8e:ac:8b:a8:46:0b:
b1:9c:1c:21:54:1a:6a:c1:ae:91:78:08:13:09:30:
f8:7d:55:7b:48:4e:4a:b1:3a:c9:10:c3:3a:72:fb:
0c:11:36:1c:95:7e:f6:c5:f7:2e:55:ef:f2:00:c4:
e0:0c:d1:a3:62:1b:8d:7e:2f:f9:fc:f2:82:98:8d:
95:c9:58:ea:12:11:32:96:02:f0:71:fa:f8:c8:d6:
d8:d5:5e:9a:2d:04:13:88:7a:a4:58:83:df:48:3f:
23:b6:14:dc:36:a2:7a:35:20:05:f1:8a:85:1f:6d:
a2:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:E0:C0:88:DA:51:09:23:2F:36:1E:B3:89:62:DA:73:C3:33:BB:A1
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS2914.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.124.20.0/22
91.124.52.0/24
91.124.55.0/24
91.124.57.0-91.124.58.255
91.124.62.0/24
91.124.67.0/24
91.124.83.0/24
92.112.240.0/21
Signature Algorithm: sha256WithRSAEncryption
9f:c7:ba:9f:0b:95:42:35:f6:e6:c6:13:49:15:1a:21:1c:d6:
cd:23:97:a0:bd:89:15:6a:d0:e7:9e:9b:46:d4:a6:82:c3:09:
fa:84:6f:c3:69:9d:1e:18:b7:93:90:b1:d9:a3:89:38:22:dd:
a9:9a:1c:52:e6:64:d4:98:0e:77:05:36:49:bf:f5:1c:61:d0:
fd:69:60:8c:06:7b:db:30:44:88:14:56:ad:62:b8:d8:9b:d3:
39:19:c8:ef:c3:f8:98:86:cb:58:6e:b5:ca:40:c5:2e:10:5b:
d7:6f:c9:ec:ec:53:66:af:2f:2f:7f:25:cb:8d:10:a7:b7:4f:
ee:63:f8:25:7e:cf:dd:47:9f:3b:85:3b:7c:c8:c4:fd:d6:59:
20:63:31:aa:42:b7:b3:70:aa:4e:f0:48:db:a9:f4:00:d8:48:
7f:c9:58:ca:17:2f:4c:61:b4:d9:e4:95:6a:fa:df:fd:1b:8c:
d9:2d:3b:2e:14:7e:62:24:1a:ac:74:cc:09:97:81:34:46:af:
a3:e5:b8:d8:a0:91:46:30:c7:07:ed:95:1a:f6:66:e3:91:57:
77:58:ff:37:fd:98:2e:47:8a:b6:3a:b7:6f:e4:1e:1b:bd:d1:
f0:b5:0e:98:8f:d7:c2:32:6b:84:ec:c4:71:af:6f:48:40:47:
e6:6f:76:80
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgIUXaw85MrwTXbNPdY1wxAIqRG0PVYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNTAzMjIxODUwNTJaFw0yNjAzMjExODU1NTJaMDMxMTAvBgNV
BAMTKDQ2RTBDMDg4REE1MTA5MjMyRjM2MUVCMzg5NjJEQTczQzMzM0JCQTEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDHRSYB165lFKWaPb26d+vxIlP6
tSCgS1e/pLMG6x9fhYbBnmHaC4Iv1UEDttJsG5d4h/C3bD9jgOkbcP0h2xaAzMuL
+BlgNI98MFcgal1Q7L7xJPa3NOH7nbFS9mSJvxsjV4Mw2xUACZXY4kyA3rXrT5bh
HlGoZAqp6yKGcABX7ihQftNaRp8ZEcvYDF5Ex46si6hGC7GcHCFUGmrBrpF4CBMJ
MPh9VXtITkqxOskQwzpy+wwRNhyVfvbF9y5V7/IAxOAM0aNiG41+L/n88oKYjZXJ
WOoSETKWAvBx+vjI1tjVXpotBBOIeqRYg99IPyO2FNw2ono1IAXxioUfbaLhAgMB
AAGjggI6MIICNjAdBgNVHQ4EFgQURuDAiNpRCSMvNh6ziWLac8Mzu6EwHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTMjkxNC5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBRBggrBgEFBQcBBwEB/wRCMEAwPgQCAAEwOAMEAlt8FAME
AFt8NAMEAFt8NzAMAwQAW3w5AwQAW3w6AwQAW3w+AwQAW3xDAwQAW3xTAwQDXHDw
MA0GCSqGSIb3DQEBCwUAA4IBAQCfx7qfC5VCNfbmxhNJFRohHNbNI5egvYkVatDn
nptG1KaCwwn6hG/DaZ0eGLeTkLHZo4k4It2pmhxS5mTUmA53BTZJv/UcYdD9aWCM
BnvbMESIFFatYrjYm9M5Gcjvw/iYhstYbrXKQMUuEFvXb8ns7FNmry8vfyXLjRCn
t0/uY/glfs/dR587hTt8yMT91lkgYzGqQrezcKpO8EjbqfQA2Eh/yVjKFy9MYbTZ
5JVq+t/9G4zZLTsuFH5iJBqsdMwJl4E0Rq+j5bjYoJFGMMcH7ZUa9mbjkVd3WP83
/ZguR4q2Ordv5B4bvdHwtQ6Yj9fCMmuE7MRxr29IQEfmb3aA
-----END CERTIFICATE-----
Generated at Sat Apr 5 15:31:21 2025 by rpki-client