Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS14618.roa
File: AS14618.roa (raw, json)
Hash identifier: VFoQse3k0rlgiYU9mRJWZ1C03m9fyIj5CWpBHogvoyU=
Subject key identifier: 8F:25:BD:7B:6D:02:58:F9:8C:75:05:CC:8E:D5:46:0C:C2:1F:83:C3
Certificate issuer: /CN=c2302af143c15daad50042d8455e689d0828eca9
Certificate serial: 14C3F14420607EF5289CD33F20787E73B6F6D7CA
Authority key identifier: C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS14618.roa
Signing time: Sat 15 Mar 2025 03:11:18 +0000
ROA not before: Sat 15 Mar 2025 03:06:18 +0000
ROA not after: Sat 14 Mar 2026 03:11:18 +0000
asID: 14618
IP address blocks: 141.11.12.0/22 maxlen: 24
141.11.112.0/24 maxlen: 24
194.60.94.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.crl
rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.mft
rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
14:c3:f1:44:20:60:7e:f5:28:9c:d3:3f:20:78:7e:73:b6:f6:d7:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2302af143c15daad50042d8455e689d0828eca9
Validity
Not Before: Mar 15 03:06:18 2025 GMT
Not After : Mar 14 03:11:18 2026 GMT
Subject: CN=8F25BD7B6D0258F98C7505CC8ED5460CC21F83C3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:65:42:8b:7f:b4:4d:2f:99:b4:19:af:1d:17:
0e:f7:c5:69:6c:27:50:5b:2f:c3:88:d6:f8:60:26:
74:af:63:46:7f:f1:6f:bc:ed:48:3d:6e:53:92:d9:
12:16:f8:a2:32:0e:4b:ef:48:fb:c8:ec:49:12:b2:
21:d9:da:94:51:fc:4a:14:08:0b:68:ed:d6:f9:bb:
43:d0:13:9b:c2:bc:5c:40:63:9f:46:29:f2:e1:a9:
4e:ad:35:e0:e4:2f:4a:39:ba:e7:ce:3b:91:af:b3:
d3:5d:10:35:1d:1b:9e:51:d6:ad:36:0c:27:a7:99:
60:fe:bb:ca:21:01:13:6f:bc:fa:b6:11:82:2d:be:
36:21:d2:97:13:af:18:b8:ad:67:a1:59:78:bf:09:
73:5f:88:0b:3d:9b:06:6b:dc:a4:a6:c9:1c:30:ed:
49:20:65:31:e4:99:8b:70:a7:9a:41:6a:a8:83:cd:
64:09:5b:85:07:c4:46:2a:67:d6:5a:b5:7f:c8:9d:
83:42:8a:15:53:56:e1:e0:ca:bf:41:e2:f1:b9:c5:
c5:a0:6a:48:01:97:8c:d7:da:5a:29:15:b2:6c:63:
af:0f:38:dd:d4:fa:6a:cc:e9:33:83:1b:01:03:9e:
0a:62:9e:c5:bb:b3:e7:a3:9b:6a:8a:c8:75:0a:6d:
d6:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:25:BD:7B:6D:02:58:F9:8C:75:05:CC:8E:D5:46:0C:C2:1F:83:C3
X509v3 Authority Key Identifier:
keyid:C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS14618.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.11.12.0/22
141.11.112.0/24
194.60.94.0/24
Signature Algorithm: sha256WithRSAEncryption
8f:c3:74:63:36:ae:35:a2:4f:3d:88:a1:2e:f1:13:7a:01:90:
e6:a5:67:71:1e:ee:2b:8d:4d:2e:36:ad:87:60:ab:3e:e7:60:
e4:36:8e:83:ad:c1:6e:a8:c5:34:cd:46:75:17:84:83:d5:d3:
e8:13:98:5a:2b:c1:d8:b8:dc:3a:ee:c5:d9:53:16:3c:6e:ae:
b0:86:81:f8:ac:ab:95:84:b3:05:99:1f:e7:ba:8f:19:56:55:
cf:fa:17:97:a1:2e:b0:2d:a9:ad:7a:11:98:27:ce:66:a7:d2:
3e:61:d8:3d:a1:3b:09:1c:7a:77:88:b4:ce:49:77:2f:63:e2:
27:16:48:1a:1a:5f:e7:38:2f:99:0d:6f:35:6f:eb:8f:5e:9c:
b3:50:a1:6e:15:d0:c4:f2:95:c7:6f:83:81:3b:3c:5b:f8:a9:
80:6d:fe:09:4f:a7:9e:e5:44:f2:f2:d9:4e:4d:a7:45:45:a3:
76:06:77:45:e8:71:38:a2:67:d2:be:10:bd:85:ee:f5:e3:14:
d6:25:5c:15:70:18:3e:5f:17:16:70:99:16:c8:9a:7a:06:f1:
fc:54:66:60:34:9f:7c:bb:3c:99:a6:1a:82:15:08:5c:2b:73:
96:e1:9b:05:ce:d5:a9:f7:7e:e6:66:61:66:ed:61:0b:6d:f6:
8d:ed:9f:82
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgIUFMPxRCBgfvUonNM/IHh+c7b218owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYzIzMDJhZjE0M2MxNWRhYWQ1MDA0MmQ4NDU1ZTY4OWQw
ODI4ZWNhOTAeFw0yNTAzMTUwMzA2MThaFw0yNjAzMTQwMzExMThaMDMxMTAvBgNV
BAMTKDhGMjVCRDdCNkQwMjU4Rjk4Qzc1MDVDQzhFRDU0NjBDQzIxRjgzQzMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCfZUKLf7RNL5m0Ga8dFw73xWls
J1BbL8OI1vhgJnSvY0Z/8W+87Ug9blOS2RIW+KIyDkvvSPvI7EkSsiHZ2pRR/EoU
CAto7db5u0PQE5vCvFxAY59GKfLhqU6tNeDkL0o5uufOO5Gvs9NdEDUdG55R1q02
DCenmWD+u8ohARNvvPq2EYItvjYh0pcTrxi4rWehWXi/CXNfiAs9mwZr3KSmyRww
7UkgZTHkmYtwp5pBaqiDzWQJW4UHxEYqZ9ZatX/InYNCihVTVuHgyr9B4vG5xcWg
akgBl4zX2lopFbJsY68PON3U+mrM6TODGwEDngpinsW7s+ejm2qKyHUKbdYzAgMB
AAGjggIVMIICETAdBgNVHQ4EFgQUjyW9e20CWPmMdQXMjtVGDMIfg8MwHwYDVR0j
BBgwFoAUwjAq8UPBXarVAELYRV5onQgo7KkwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYTkzY2I1NWMtOTU3MS00NGM4LTkwZTEtOTY1YjkyNzY5
ZTRlLzAvQzIzMDJBRjE0M0MxNURBQUQ1MDA0MkQ4NDU1RTY4OUQwODI4RUNBOS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3dqQXE4VVBCWGFyVkFFTFlSVjVvblFn
bzdLay5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2E5M2NiNTVjLTk1NzEt
NDRjOC05MGUxLTk2NWI5Mjc2OWU0ZS8wL0FTMTQ2MTgucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBIDBAKNCwwD
BACNC3ADBADCPF4wDQYJKoZIhvcNAQELBQADggEBAI/DdGM2rjWiTz2IoS7xE3oB
kOalZ3Ee7iuNTS42rYdgqz7nYOQ2joOtwW6oxTTNRnUXhIPV0+gTmForwdi43Dru
xdlTFjxurrCGgfisq5WEswWZH+e6jxlWVc/6F5ehLrAtqa16EZgnzman0j5h2D2h
OwkceneItM5Jdy9j4icWSBoaX+c4L5kNbzVv649enLNQoW4V0MTylcdvg4E7PFv4
qYBt/glPp57lRPLy2U5Np0VFo3YGd0XocTiiZ9K+EL2F7vXjFNYlXBVwGD5fFxZw
mRbImnoG8fxUZmA0n3y7PJmmGoIVCFwrc5bhmwXO1an3fuZmYWbtYQtt9o3tn4I=
-----END CERTIFICATE-----
Generated at Sat Apr 26 13:15:53 2025 by rpki-client