Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS14618.roa
File: AS14618.roa (raw, json)
Hash identifier: 7rej6VVOI+rRxw9KPYmCr1MktwEFg/5pbdSQAErCftE=
Subject key identifier: E5:DD:34:7B:5F:1B:4F:F9:6B:46:EE:50:EF:1E:D3:B8:2F:3F:55:7A
Certificate issuer: /CN=c2302af143c15daad50042d8455e689d0828eca9
Certificate serial: 24D8DBEEC0A88A3CC95BD4C89D1ABAB1A35A1FF4
Authority key identifier: C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS14618.roa
Signing time: Mon 20 Oct 2025 15:24:32 +0000
ROA not before: Mon 20 Oct 2025 15:19:32 +0000
ROA not after: Mon 19 Oct 2026 15:24:32 +0000
asID: 14618
IP address blocks: 141.11.12.0/22 maxlen: 24
141.11.112.0/24 maxlen: 24
141.11.115.0/24 maxlen: 24
194.60.94.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.crl
rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.mft
rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 15:28:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
24:d8:db:ee:c0:a8:8a:3c:c9:5b:d4:c8:9d:1a:ba:b1:a3:5a:1f:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2302af143c15daad50042d8455e689d0828eca9
Validity
Not Before: Oct 20 15:19:32 2025 GMT
Not After : Oct 19 15:24:32 2026 GMT
Subject: CN=E5DD347B5F1B4FF96B46EE50EF1ED3B82F3F557A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:10:5b:3b:eb:9a:60:00:f9:ce:89:21:5e:19:
0f:be:82:d9:6e:21:c7:ee:8f:8e:31:0d:c3:67:73:
dd:e6:97:9d:0e:d6:53:76:0d:9b:6e:d2:e0:c0:03:
25:6b:b6:f3:61:52:85:ad:c7:25:9e:b0:0a:c5:ae:
4f:8d:8e:e6:4c:af:60:55:33:14:1d:09:f8:2d:3f:
14:de:89:71:d8:1f:1f:f3:74:39:f5:8c:46:48:c0:
80:6b:0c:3c:f1:44:f6:1d:4c:5e:ba:9f:12:53:c8:
a4:99:b7:39:bf:0e:74:63:48:ea:77:da:a2:e2:d6:
ae:19:10:3e:38:f4:2b:9a:8a:de:57:95:f2:11:1e:
e3:76:ce:42:03:db:90:6d:2a:4f:33:42:b3:e6:29:
2a:a7:70:0b:e5:1d:59:0e:2d:ef:14:00:f7:c1:17:
a1:19:e0:a6:cc:db:b3:5a:57:86:a9:e1:99:0e:0b:
d6:3d:e4:16:90:51:44:92:dd:9f:28:d4:5a:d0:95:
79:40:7b:9c:85:27:ea:f0:37:90:3f:43:f6:6b:4f:
13:83:67:24:4e:8f:9d:e4:a8:cc:28:c2:2e:9d:88:
d0:c9:52:4c:d1:7e:ba:7e:fd:0e:72:9f:33:ca:d9:
72:58:be:f5:ae:21:72:5b:8d:ab:3c:d5:73:ca:08:
f2:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:DD:34:7B:5F:1B:4F:F9:6B:46:EE:50:EF:1E:D3:B8:2F:3F:55:7A
X509v3 Authority Key Identifier:
keyid:C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS14618.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.11.12.0/22
141.11.112.0/24
141.11.115.0/24
194.60.94.0/24
Signature Algorithm: sha256WithRSAEncryption
06:85:0f:37:bb:54:2d:b7:2f:ed:4d:a1:4f:cf:a6:42:89:3a:
b7:d8:4d:49:d9:23:0e:4c:ab:e3:66:e2:6a:ab:92:04:6e:09:
d5:98:b1:c6:06:f7:27:f5:40:96:75:15:b5:00:4b:54:a6:d8:
29:c4:6b:0b:0f:a1:fb:15:b0:76:ac:f2:75:2e:4a:eb:93:b4:
7b:49:cb:83:34:bb:15:b6:06:2c:ee:82:44:cf:95:5a:a0:ae:
35:b4:14:2b:41:57:80:21:ed:27:df:a0:af:49:26:6c:e7:72:
a5:cd:e6:bd:52:24:a7:c7:17:57:60:e4:d6:f0:0d:38:1e:d3:
fb:69:ac:0a:52:1b:8a:6a:03:91:15:e0:ea:e3:2f:21:44:bf:
d0:5a:73:38:a9:87:af:d0:49:5b:0b:37:16:74:af:03:0e:5b:
66:08:ba:32:aa:6e:14:0b:c4:6b:11:89:95:4e:a5:75:0b:a8:
4b:07:d7:a5:33:8d:ac:8e:c8:79:ce:e6:5b:fc:c2:1b:78:1b:
8e:3e:2a:35:e9:d0:2f:2b:97:e1:7d:0c:96:6b:fd:cf:43:c2:
64:7d:60:de:d0:99:89:d0:db:38:b3:86:cc:4a:19:f3:02:e4:
4b:80:b5:50:5b:e4:b2:96:a6:3d:6b:72:81:5d:a7:cb:01:e0:
c2:5a:d0:7e
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgIUJNjb7sCoijzJW9TInRq6saNaH/QwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYzIzMDJhZjE0M2MxNWRhYWQ1MDA0MmQ4NDU1ZTY4OWQw
ODI4ZWNhOTAeFw0yNTEwMjAxNTE5MzJaFw0yNjEwMTkxNTI0MzJaMDMxMTAvBgNV
BAMTKEU1REQzNDdCNUYxQjRGRjk2QjQ2RUU1MEVGMUVEM0I4MkYzRjU1N0EwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDGEFs765pgAPnOiSFeGQ++gtlu
Icfuj44xDcNnc93ml50O1lN2DZtu0uDAAyVrtvNhUoWtxyWesArFrk+NjuZMr2BV
MxQdCfgtPxTeiXHYHx/zdDn1jEZIwIBrDDzxRPYdTF66nxJTyKSZtzm/DnRjSOp3
2qLi1q4ZED449Cuait5XlfIRHuN2zkID25BtKk8zQrPmKSqncAvlHVkOLe8UAPfB
F6EZ4KbM27NaV4ap4ZkOC9Y95BaQUUSS3Z8o1FrQlXlAe5yFJ+rwN5A/Q/ZrTxOD
ZyROj53kqMwowi6diNDJUkzRfrp+/Q5ynzPK2XJYvvWuIXJbjas81XPKCPI5AgMB
AAGjggIbMIICFzAdBgNVHQ4EFgQU5d00e18bT/lrRu5Q7x7TuC8/VXowHwYDVR0j
BBgwFoAUwjAq8UPBXarVAELYRV5onQgo7KkwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYTkzY2I1NWMtOTU3MS00NGM4LTkwZTEtOTY1YjkyNzY5
ZTRlLzAvQzIzMDJBRjE0M0MxNURBQUQ1MDA0MkQ4NDU1RTY4OUQwODI4RUNBOS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3dqQXE4VVBCWGFyVkFFTFlSVjVvblFn
bzdLay5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2E5M2NiNTVjLTk1NzEt
NDRjOC05MGUxLTk2NWI5Mjc2OWU0ZS8wL0FTMTQ2MTgucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwMQYIKwYBBQUHAQcBAf8EIjAgMB4EAgABMBgDBAKNCwwD
BACNC3ADBACNC3MDBADCPF4wDQYJKoZIhvcNAQELBQADggEBAAaFDze7VC23L+1N
oU/PpkKJOrfYTUnZIw5Mq+Nm4mqrkgRuCdWYscYG9yf1QJZ1FbUAS1Sm2CnEawsP
ofsVsHas8nUuSuuTtHtJy4M0uxW2BizugkTPlVqgrjW0FCtBV4Ah7SffoK9JJmzn
cqXN5r1SJKfHF1dg5NbwDTge0/tprApSG4pqA5EV4OrjLyFEv9Bacziph6/QSVsL
NxZ0rwMOW2YIujKqbhQLxGsRiZVOpXULqEsH16UzjayOyHnO5lv8wht4G44+KjXp
0C8rl+F9DJZr/c9DwmR9YN7QmYnQ2zizhsxKGfMC5EuAtVBb5LKWpj1rcoFdp8sB
4MJa0H4=
-----END CERTIFICATE-----
Generated at Tue Nov 4 23:32:53 2025 by rpki-client