Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS14618.roa
File: AS14618.roa (raw, json)
Hash identifier: cav55luoOJ2ZuIkT5U8gkOdl7bMWUIGnUO0aMct30NQ=
Subject key identifier: 0F:43:F5:49:3C:FA:3B:B7:8B:01:44:FC:60:B6:7C:00:FB:59:64:06
Certificate issuer: /CN=c2302af143c15daad50042d8455e689d0828eca9
Certificate serial: 69B6F648508C1298CF9771DACFD01B091970C741
Authority key identifier: C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS14618.roa
Signing time: Fri 13 Feb 2026 09:47:55 +0000
ROA not before: Fri 13 Feb 2026 09:42:55 +0000
ROA not after: Fri 12 Feb 2027 09:47:55 +0000
asID: 14618
IP address blocks: 141.11.12.0/22 maxlen: 24
141.11.112.0/24 maxlen: 24
141.11.115.0/24 maxlen: 24
194.60.94.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.crl
rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.mft
rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 04:42:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
69:b6:f6:48:50:8c:12:98:cf:97:71:da:cf:d0:1b:09:19:70:c7:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2302af143c15daad50042d8455e689d0828eca9
Validity
Not Before: Feb 13 09:42:55 2026 GMT
Not After : Feb 12 09:47:55 2027 GMT
Subject: CN=0F43F5493CFA3BB78B0144FC60B67C00FB596406
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:00:f6:17:ff:73:04:7a:85:74:37:38:bd:21:
38:ed:94:86:aa:a0:54:21:e8:9f:3b:11:62:f6:86:
3a:c3:b3:c7:93:f2:c1:74:66:ac:f6:6e:94:18:c7:
7a:cf:3c:b2:fe:d3:76:bc:6b:31:d5:92:9a:ab:b7:
8b:ea:8e:13:da:da:e1:5e:fe:07:a9:ce:97:6d:6d:
80:94:68:f5:4f:7b:4c:8e:c2:99:0c:33:10:47:a7:
99:02:67:5e:7b:5b:d8:b4:a7:b0:b7:e9:95:8b:95:
43:48:1d:fb:e2:0a:4c:e2:b4:c3:ed:69:48:0f:a7:
04:5a:8d:a7:4e:09:49:9a:fd:3f:a7:2b:f2:c7:8f:
b2:62:cd:b7:51:0e:91:31:48:cc:de:06:8a:b3:92:
6c:6d:a0:ca:92:28:c3:1c:d3:54:bd:e7:4f:f1:89:
23:4c:85:cb:81:84:13:58:9e:b7:4b:1e:d5:0c:b3:
25:2d:a0:11:bf:e5:b4:ae:51:8f:81:99:d7:f3:fd:
3a:e8:42:a0:e7:ea:d5:00:ad:b5:24:83:2f:78:ec:
c0:de:6a:21:2f:f5:27:96:24:de:9b:4a:36:77:a8:
58:8a:fe:fd:db:6f:1c:cd:7c:62:cc:67:b2:25:8f:
8f:ba:62:5c:aa:8e:33:25:01:50:a9:b3:c1:7f:11:
4f:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:43:F5:49:3C:FA:3B:B7:8B:01:44:FC:60:B6:7C:00:FB:59:64:06
X509v3 Authority Key Identifier:
keyid:C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS14618.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.11.12.0/22
141.11.112.0/24
141.11.115.0/24
194.60.94.0/24
Signature Algorithm: sha256WithRSAEncryption
05:61:9d:c1:69:c2:0f:46:4f:50:85:9e:bd:1f:d1:d5:f8:d4:
a2:e1:6b:fc:91:ae:86:2f:97:a8:b5:9a:22:bd:f4:98:1e:80:
fe:b9:ce:77:9f:bc:79:4e:82:9e:58:10:0a:57:e1:cf:52:0a:
b3:66:f5:72:bd:3b:20:01:aa:83:06:bf:02:a4:dc:84:8e:5c:
52:34:2f:1d:69:9d:f4:31:d8:99:66:ff:80:a0:ab:4a:f5:1a:
55:25:06:be:33:72:3d:cc:e4:95:56:b8:7d:ce:f8:fc:c3:ad:
ed:cb:b0:aa:26:79:2c:49:35:93:59:a0:23:4d:2a:dc:6c:f5:
64:16:ab:f9:32:31:8c:76:70:12:aa:7d:f6:aa:82:d1:20:75:
14:f8:7e:cd:21:8d:20:a0:a6:b4:07:f1:a7:0a:b3:18:55:6c:
75:57:56:54:7f:6a:d7:cd:c5:33:8a:1c:5c:a0:df:77:5e:a9:
01:9b:43:19:88:46:c8:1f:10:34:48:4f:7d:e4:fe:d8:c1:fc:
fa:e3:7a:74:3e:63:f5:16:ad:e7:c1:35:9b:87:2b:3d:33:ef:
a0:c8:3f:ca:44:57:0e:7e:50:fd:2b:3b:d0:81:93:57:ec:a3:
17:0b:d7:5b:48:0f:29:ec:78:84:83:1a:50:9d:58:a0:c3:8a:
7c:67:6c:6a
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgIUabb2SFCMEpjPl3Haz9AbCRlwx0EwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYzIzMDJhZjE0M2MxNWRhYWQ1MDA0MmQ4NDU1ZTY4OWQw
ODI4ZWNhOTAeFw0yNjAyMTMwOTQyNTVaFw0yNzAyMTIwOTQ3NTVaMDMxMTAvBgNV
BAMTKDBGNDNGNTQ5M0NGQTNCQjc4QjAxNDRGQzYwQjY3QzAwRkI1OTY0MDYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDbAPYX/3MEeoV0Nzi9ITjtlIaq
oFQh6J87EWL2hjrDs8eT8sF0Zqz2bpQYx3rPPLL+03a8azHVkpqrt4vqjhPa2uFe
/gepzpdtbYCUaPVPe0yOwpkMMxBHp5kCZ157W9i0p7C36ZWLlUNIHfviCkzitMPt
aUgPpwRajadOCUma/T+nK/LHj7JizbdRDpExSMzeBoqzkmxtoMqSKMMc01S950/x
iSNMhcuBhBNYnrdLHtUMsyUtoBG/5bSuUY+Bmdfz/TroQqDn6tUArbUkgy947MDe
aiEv9SeWJN6bSjZ3qFiK/v3bbxzNfGLMZ7Ilj4+6YlyqjjMlAVCps8F/EU/pAgMB
AAGjggIbMIICFzAdBgNVHQ4EFgQUD0P1STz6O7eLAUT8YLZ8APtZZAYwHwYDVR0j
BBgwFoAUwjAq8UPBXarVAELYRV5onQgo7KkwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYTkzY2I1NWMtOTU3MS00NGM4LTkwZTEtOTY1YjkyNzY5
ZTRlLzAvQzIzMDJBRjE0M0MxNURBQUQ1MDA0MkQ4NDU1RTY4OUQwODI4RUNBOS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3dqQXE4VVBCWGFyVkFFTFlSVjVvblFn
bzdLay5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2E5M2NiNTVjLTk1NzEt
NDRjOC05MGUxLTk2NWI5Mjc2OWU0ZS8wL0FTMTQ2MTgucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwMQYIKwYBBQUHAQcBAf8EIjAgMB4EAgABMBgDBAKNCwwD
BACNC3ADBACNC3MDBADCPF4wDQYJKoZIhvcNAQELBQADggEBAAVhncFpwg9GT1CF
nr0f0dX41KLha/yRroYvl6i1miK99JgegP65znefvHlOgp5YEApX4c9SCrNm9XK9
OyABqoMGvwKk3ISOXFI0Lx1pnfQx2Jlm/4Cgq0r1GlUlBr4zcj3M5JVWuH3O+PzD
re3LsKomeSxJNZNZoCNNKtxs9WQWq/kyMYx2cBKqffaqgtEgdRT4fs0hjSCgprQH
8acKsxhVbHVXVlR/atfNxTOKHFyg33deqQGbQxmIRsgfEDRIT33k/tjB/PrjenQ+
Y/UWrefBNZuHKz0z76DIP8pEVw5+UP0rO9CBk1fsoxcL11tIDynseISDGlCdWKDD
inxnbGo=
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:59:55 2026 by rpki-client