Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS2914.roa
File: AS2914.roa (raw, json)
Hash identifier: bEVhId4aacR1rQzPvR+hhMt8qF2QRUbOBDyD9r3ZUPY=
Subject key identifier: 0E:18:3F:0A:ED:5F:06:42:52:C7:E9:40:FA:24:5B:73:E2:91:4B:98
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 545EA56E34D772AA0D0E56EEFBC81F53E7E08642
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS2914.roa
Signing time: Tue 28 Oct 2025 00:05:13 +0000
ROA not before: Tue 28 Oct 2025 00:00:13 +0000
ROA not after: Tue 27 Oct 2026 00:05:13 +0000
asID: 2914
IP address blocks: 82.26.139.0/24 maxlen: 24
82.26.142.0/24 maxlen: 24
82.26.143.0/24 maxlen: 24
82.26.144.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 12:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
54:5e:a5:6e:34:d7:72:aa:0d:0e:56:ee:fb:c8:1f:53:e7:e0:86:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Oct 28 00:00:13 2025 GMT
Not After : Oct 27 00:05:13 2026 GMT
Subject: CN=0E183F0AED5F064252C7E940FA245B73E2914B98
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:ab:a2:3b:67:da:46:70:08:d5:b7:29:05:b7:
5e:3b:20:df:58:40:22:cc:f2:24:21:b4:e6:9f:99:
14:91:ab:d9:78:c8:1e:c1:6a:25:51:f1:1d:e1:38:
a7:5a:ab:03:1a:16:cf:ed:cf:2a:d4:ad:9c:25:5c:
4d:65:3a:33:d9:db:ef:2c:c8:ac:43:d9:37:17:e8:
d8:d2:9a:4d:17:25:16:f1:25:14:29:89:bc:22:15:
93:a1:99:fc:04:9e:ab:af:fd:fd:0c:54:07:e8:00:
67:38:61:d8:80:dc:69:5a:c8:c5:26:d2:47:45:5a:
01:c1:1c:40:c1:0c:12:f8:21:ca:80:08:68:1f:21:
cb:e7:b5:5c:c3:22:73:cd:e6:d6:6f:7e:ab:33:e9:
2f:0e:12:5e:2e:a6:4e:0b:ac:85:41:d7:56:b1:9a:
8d:13:f0:06:ba:aa:5b:50:51:4f:43:21:d0:ef:f7:
50:6f:a2:fe:65:55:49:d5:62:1f:5a:4a:a2:03:7f:
cc:23:40:5c:30:e7:4f:c2:d1:e2:a8:c9:f6:6b:c8:
e7:ba:1c:d2:a8:4a:ea:41:e2:96:df:59:90:09:8a:
ff:10:3b:ae:ed:4f:04:3a:74:80:81:a2:6f:18:d6:
41:ff:9e:83:11:b2:20:5d:8f:69:e1:47:53:37:e1:
ef:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:18:3F:0A:ED:5F:06:42:52:C7:E9:40:FA:24:5B:73:E2:91:4B:98
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS2914.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.26.139.0/24
82.26.142.0-82.26.144.255
Signature Algorithm: sha256WithRSAEncryption
33:85:f5:fd:99:f8:fd:f7:96:3b:69:49:94:56:ab:b3:8e:7b:
20:86:c0:c9:d2:54:45:62:0e:93:b1:05:21:69:86:49:1b:f8:
6d:64:db:b3:aa:13:25:da:6b:11:79:01:dc:82:99:8f:2a:89:
af:61:9b:b7:db:31:80:95:0e:52:da:77:1a:6a:09:d0:d2:96:
9d:e0:5f:33:7a:af:09:fc:3d:d5:d2:f7:2d:3e:de:08:e2:8e:
94:73:a6:b1:f8:96:d8:62:97:f0:28:c5:e7:80:64:c9:e3:95:
cf:9a:cd:06:4c:ed:c6:8f:47:87:0b:bc:7a:d7:49:f2:54:94:
6b:f0:80:46:b5:46:02:3b:ed:d4:fd:32:cf:fc:cc:6a:fc:e6:
e8:45:ea:f9:2d:72:5b:8c:14:c4:a9:7c:1f:43:60:61:03:fe:
c5:4f:70:45:d1:cc:9c:7c:a6:5f:f6:bd:d1:e3:ec:63:a3:76:
91:0d:23:e0:3f:27:94:ef:aa:cc:d7:4c:f9:48:29:dd:07:65:
85:d7:6d:90:3e:e5:d6:b9:c8:f7:b5:d4:3c:b3:e8:63:58:e6:
e9:bb:1d:f4:f0:f5:12:ff:85:6b:0d:23:07:79:ca:0f:9f:eb:
34:b7:59:49:09:21:78:54:15:99:d1:89:19:2b:93:08:be:c3:
db:18:d9:93
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgIUVF6lbjTXcqoNDlbu+8gfU+fghkIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTEwMjgwMDAwMTNaFw0yNjEwMjcwMDA1MTNaMDMxMTAvBgNV
BAMTKDBFMTgzRjBBRUQ1RjA2NDI1MkM3RTk0MEZBMjQ1QjczRTI5MTRCOTgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDLq6I7Z9pGcAjVtykFt147IN9Y
QCLM8iQhtOafmRSRq9l4yB7BaiVR8R3hOKdaqwMaFs/tzyrUrZwlXE1lOjPZ2+8s
yKxD2TcX6NjSmk0XJRbxJRQpibwiFZOhmfwEnquv/f0MVAfoAGc4YdiA3GlayMUm
0kdFWgHBHEDBDBL4IcqACGgfIcvntVzDInPN5tZvfqsz6S8OEl4upk4LrIVB11ax
mo0T8Aa6qltQUU9DIdDv91Bvov5lVUnVYh9aSqIDf8wjQFww50/C0eKoyfZryOe6
HNKoSupB4pbfWZAJiv8QO67tTwQ6dICBom8Y1kH/noMRsiBdj2nhR1M34e/3AgMB
AAGjggIWMIICEjAdBgNVHQ4EFgQUDhg/Cu1fBkJSx+lA+iRbc+KRS5gwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMjkxNC5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAtBggrBgEFBQcBBwEB/wQeMBwwGgQCAAEwFAMEAFIaizAM
AwQBUhqOAwQAUhqQMA0GCSqGSIb3DQEBCwUAA4IBAQAzhfX9mfj995Y7aUmUVquz
jnsghsDJ0lRFYg6TsQUhaYZJG/htZNuzqhMl2msReQHcgpmPKomvYZu32zGAlQ5S
2ncaagnQ0pad4F8zeq8J/D3V0vctPt4I4o6Uc6ax+JbYYpfwKMXngGTJ45XPms0G
TO3Gj0eHC7x610nyVJRr8IBGtUYCO+3U/TLP/Mxq/OboRer5LXJbjBTEqXwfQ2Bh
A/7FT3BF0cycfKZf9r3R4+xjo3aRDSPgPyeU76rM10z5SCndB2WF122QPuXWucj3
tdQ8s+hjWObpux308PUS/4VrDSMHecoPn+s0t1lJCSF4VBWZ0YkZK5MIvsPbGNmT
-----END CERTIFICATE-----
Generated at Wed Nov 5 20:29:45 2025 by rpki-client