Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS2914.roa
File: AS2914.roa (raw, json)
Hash identifier: PMHYk8XYYZmWFy7gmFM128P4HNP7alKbL91CuqNZoNE=
Subject key identifier: 61:A5:6A:6D:6F:10:EB:A0:F3:EA:AA:19:D1:27:CC:54:99:85:1D:D3
Certificate issuer: /CN=c2302af143c15daad50042d8455e689d0828eca9
Certificate serial: 5C2481C7A03BC1AB70C69E6E2E65F7EE6A96705A
Authority key identifier: C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS2914.roa
Signing time: Sat 07 Jun 2025 18:14:52 +0000
ROA not before: Sat 07 Jun 2025 18:09:52 +0000
ROA not after: Sat 06 Jun 2026 18:14:52 +0000
asID: 2914
IP address blocks: 141.11.39.0/24 maxlen: 24
141.11.180.0/24 maxlen: 24
141.11.196.0/24 maxlen: 24
141.11.197.0/24 maxlen: 24
141.11.198.0/24 maxlen: 24
141.11.199.0/24 maxlen: 24
141.11.243.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.crl
rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.mft
rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 04:01:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5c:24:81:c7:a0:3b:c1:ab:70:c6:9e:6e:2e:65:f7:ee:6a:96:70:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2302af143c15daad50042d8455e689d0828eca9
Validity
Not Before: Jun 7 18:09:52 2025 GMT
Not After : Jun 6 18:14:52 2026 GMT
Subject: CN=61A56A6D6F10EBA0F3EAAA19D127CC5499851DD3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:c9:dc:e2:fd:ff:52:2a:74:35:44:b7:e0:d7:
58:64:e6:f1:3c:21:ee:77:d4:7a:25:fc:0a:26:ab:
69:a6:e8:ae:60:87:1b:70:d4:d9:dd:3a:44:a5:fe:
15:25:57:d8:ed:e6:50:2f:01:f1:b8:9c:ba:b2:04:
45:8a:72:2d:7d:ca:3d:9f:7b:68:c0:72:a2:1e:5e:
d6:30:c0:cf:03:24:40:5e:96:af:54:94:2c:50:5f:
8a:48:76:22:98:7f:45:ed:7e:69:45:91:7c:8a:9b:
d2:e4:34:46:06:6b:7c:90:f3:2e:64:69:c5:fc:a6:
15:ea:ce:b0:e7:ca:15:d9:bf:25:f2:22:93:a3:a2:
d0:b4:b4:ae:c2:a9:cb:5d:ca:3f:18:a0:94:c1:94:
83:3f:2b:15:2e:f5:a3:ae:75:d9:ab:eb:67:5e:24:
ac:c3:53:82:f4:1a:27:5a:b7:36:37:bc:13:21:5b:
d5:18:a8:12:76:d7:5b:c3:ff:0f:55:77:0a:06:2e:
86:5b:12:01:a6:2c:9c:65:c8:8f:01:b0:2a:0b:d2:
23:ab:0c:b4:a1:76:ff:c9:75:25:37:83:29:48:3b:
81:6c:36:74:b4:3b:b5:b8:9e:c4:6f:d1:37:62:aa:
8c:1d:1d:33:86:c9:5d:82:fb:fe:4b:f0:15:2d:4d:
6f:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:A5:6A:6D:6F:10:EB:A0:F3:EA:AA:19:D1:27:CC:54:99:85:1D:D3
X509v3 Authority Key Identifier:
keyid:C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS2914.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.11.39.0/24
141.11.180.0/24
141.11.196.0/22
141.11.243.0/24
Signature Algorithm: sha256WithRSAEncryption
6a:ba:cc:03:50:7a:28:e0:13:d5:bc:62:9e:fe:9d:c0:49:00:
cb:35:29:a1:12:c5:d5:3a:14:a8:10:08:d8:59:a5:97:64:ae:
c9:f8:06:75:c4:16:d5:fc:8b:0e:9f:5e:3c:67:34:dc:a6:92:
68:52:8f:b7:da:56:4d:8d:84:80:10:c0:04:e4:f7:a0:c0:73:
ad:79:fa:58:c3:56:57:b1:6f:05:c1:63:45:a6:bb:31:2c:ca:
0f:26:31:58:ad:ef:0e:98:36:96:d1:0a:bd:3a:ab:26:61:83:
92:40:d9:14:8d:f2:b4:c5:5f:60:1c:f1:99:c0:18:ab:7b:d7:
fe:46:3a:57:a1:24:a9:71:c2:a1:9d:81:68:3a:f9:2c:78:2e:
14:28:33:58:3e:10:9e:0f:8f:40:22:9a:c7:c7:28:96:12:c4:
db:68:06:d8:dc:03:f2:5c:88:69:a6:89:38:54:a1:24:19:46:
fe:5f:7b:19:f9:b4:64:a3:28:09:1b:b0:78:6a:5b:d4:7b:f0:
a7:a1:05:61:dc:f0:f8:7b:bd:b9:72:b2:9d:22:0b:fa:1f:41:
bf:f6:e2:5e:32:2a:f0:dc:ec:c4:ea:34:7b:a0:a1:ad:97:d8:
85:90:35:6b:dd:c0:40:8a:90:05:ed:a3:48:fd:01:34:8d:e6:
cb:0d:83:2a
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgIUXCSBx6A7watwxp5uLmX37mqWcFowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYzIzMDJhZjE0M2MxNWRhYWQ1MDA0MmQ4NDU1ZTY4OWQw
ODI4ZWNhOTAeFw0yNTA2MDcxODA5NTJaFw0yNjA2MDYxODE0NTJaMDMxMTAvBgNV
BAMTKDYxQTU2QTZENkYxMEVCQTBGM0VBQUExOUQxMjdDQzU0OTk4NTFERDMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQChydzi/f9SKnQ1RLfg11hk5vE8
Ie531Hol/Aomq2mm6K5ghxtw1NndOkSl/hUlV9jt5lAvAfG4nLqyBEWKci19yj2f
e2jAcqIeXtYwwM8DJEBelq9UlCxQX4pIdiKYf0XtfmlFkXyKm9LkNEYGa3yQ8y5k
acX8phXqzrDnyhXZvyXyIpOjotC0tK7Cqctdyj8YoJTBlIM/KxUu9aOuddmr62de
JKzDU4L0GidatzY3vBMhW9UYqBJ211vD/w9VdwoGLoZbEgGmLJxlyI8BsCoL0iOr
DLShdv/JdSU3gylIO4FsNnS0O7W4nsRv0TdiqowdHTOGyV2C+/5L8BUtTW+nAgMB
AAGjggIaMIICFjAdBgNVHQ4EFgQUYaVqbW8Q66Dz6qoZ0SfMVJmFHdMwHwYDVR0j
BBgwFoAUwjAq8UPBXarVAELYRV5onQgo7KkwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYTkzY2I1NWMtOTU3MS00NGM4LTkwZTEtOTY1YjkyNzY5
ZTRlLzAvQzIzMDJBRjE0M0MxNURBQUQ1MDA0MkQ4NDU1RTY4OUQwODI4RUNBOS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3dqQXE4VVBCWGFyVkFFTFlSVjVvblFn
bzdLay5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2E5M2NiNTVjLTk1NzEt
NDRjOC05MGUxLTk2NWI5Mjc2OWU0ZS8wL0FTMjkxNC5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAxBggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEAI0LJwME
AI0LtAMEAo0LxAMEAI0L8zANBgkqhkiG9w0BAQsFAAOCAQEAarrMA1B6KOAT1bxi
nv6dwEkAyzUpoRLF1ToUqBAI2Fmll2SuyfgGdcQW1fyLDp9ePGc03KaSaFKPt9pW
TY2EgBDABOT3oMBzrXn6WMNWV7FvBcFjRaa7MSzKDyYxWK3vDpg2ltEKvTqrJmGD
kkDZFI3ytMVfYBzxmcAYq3vX/kY6V6EkqXHCoZ2BaDr5LHguFCgzWD4Qng+PQCKa
x8colhLE22gG2NwD8lyIaaaJOFShJBlG/l97Gfm0ZKMoCRuweGpb1Hvwp6EFYdzw
+Hu9uXKynSIL+h9Bv/biXjIq8NzsxOo0e6ChrZfYhZA1a93AQIqQBe2jSP0BNI3m
yw2DKg==
-----END CERTIFICATE-----
Generated at Sat Jun 14 21:41:13 2025 by rpki-client