Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS14618.roa
File: AS14618.roa (raw, json)
Hash identifier: lidzNZ/qx4XjFlN5JuCJOreYGhuUIjwuQCK79juV8uY=
Subject key identifier: B2:9A:21:3A:60:3F:7A:22:7D:E1:29:50:75:C4:82:13:20:C2:48:00
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 2EAF90971449CD6C6E452727FA43A289C0BB9CA1
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS14618.roa
Signing time: Sat 21 Feb 2026 06:01:55 +0000
ROA not before: Sat 21 Feb 2026 05:56:55 +0000
ROA not after: Sat 20 Feb 2027 06:01:55 +0000
asID: 14618
IP address blocks: 96.62.208.0/22 maxlen: 22
140.233.128.0/19 maxlen: 24
143.14.82.0/23 maxlen: 24
143.14.187.0/24 maxlen: 24
143.14.194.0/24 maxlen: 24
143.14.227.0/24 maxlen: 24
145.223.64.0/24 maxlen: 24
145.223.65.0/24 maxlen: 24
146.103.60.0/24 maxlen: 24
146.103.62.0/23 maxlen: 24
147.79.25.0/24 maxlen: 24
148.135.180.0/24 maxlen: 24
148.135.186.0/24 maxlen: 24
155.117.0.0/24 maxlen: 24
155.117.13.0/24 maxlen: 24
155.117.60.0/24 maxlen: 24
155.117.185.0/24 maxlen: 24
155.117.187.0/24 maxlen: 24
155.117.203.0/24 maxlen: 24
162.141.159.0/24 maxlen: 24
162.141.180.0/24 maxlen: 24
168.222.64.0/20 maxlen: 24
168.222.121.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 12:54:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2e:af:90:97:14:49:cd:6c:6e:45:27:27:fa:43:a2:89:c0:bb:9c:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Feb 21 05:56:55 2026 GMT
Not After : Feb 20 06:01:55 2027 GMT
Subject: CN=B29A213A603F7A227DE1295075C4821320C24800
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:1e:79:46:d8:ec:0a:49:f5:cf:77:2b:21:67:
f0:59:c6:e2:c9:1b:0f:de:7f:3e:ca:06:72:ec:f3:
19:89:b7:8a:8e:00:b0:86:5a:4a:4f:43:77:c1:36:
99:c1:c5:84:b4:3b:23:e5:a6:88:a7:16:77:15:e6:
00:8d:05:65:92:4f:9f:5c:f0:13:3b:cb:78:c9:92:
52:32:9b:cc:e4:4a:5b:12:b7:ab:4e:52:66:8a:00:
bb:63:cf:e8:bc:d0:9f:d2:80:e2:e2:20:db:cb:22:
65:b8:74:db:80:74:46:55:e7:bf:7a:d0:f2:40:17:
2d:3e:22:a2:c4:23:5c:cf:eb:35:77:bb:2e:b0:6b:
09:36:da:96:31:95:c9:5d:18:cf:38:91:7d:a8:b3:
36:80:a1:6f:42:9b:1c:b4:7e:e1:52:90:48:1a:cb:
50:ca:4c:58:f4:83:59:2c:62:4d:43:e0:28:2d:7c:
9c:cf:70:79:ee:a8:a9:ec:da:1d:07:46:18:18:7d:
0b:21:75:53:03:a1:68:2a:ff:bc:06:51:48:a6:89:
70:b6:f4:ae:ff:7a:84:5b:95:90:ac:fe:c5:c3:fa:
3c:dc:10:d8:13:30:54:c1:77:be:b9:b9:8d:ec:a2:
93:ad:59:f6:4b:8c:2c:82:42:62:a9:ce:5e:53:99:
74:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:9A:21:3A:60:3F:7A:22:7D:E1:29:50:75:C4:82:13:20:C2:48:00
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS14618.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
96.62.208.0/22
140.233.128.0/19
143.14.82.0/23
143.14.187.0/24
143.14.194.0/24
143.14.227.0/24
145.223.64.0/23
146.103.60.0/24
146.103.62.0/23
147.79.25.0/24
148.135.180.0/24
148.135.186.0/24
155.117.0.0/24
155.117.13.0/24
155.117.60.0/24
155.117.185.0/24
155.117.187.0/24
155.117.203.0/24
162.141.159.0/24
162.141.180.0/24
168.222.64.0/20
168.222.121.0/24
Signature Algorithm: sha256WithRSAEncryption
9d:53:a3:0e:7f:7f:fe:d8:d7:4a:e0:5e:80:c2:b3:eb:7c:f4:
79:ec:de:9c:5c:5a:10:75:15:c1:fd:45:e3:1f:77:40:75:d6:
13:48:bb:92:eb:60:b4:db:8a:92:ad:ea:5f:f6:94:ba:10:ee:
14:e5:83:1c:fd:0b:74:a4:5a:db:f7:57:5c:d4:8a:8b:09:22:
9e:6f:eb:ae:f2:6b:1e:7e:38:4b:6f:b9:13:b9:22:b6:da:70:
ac:8b:33:7e:8f:81:fe:1b:1d:ce:d9:e1:bd:83:ed:fe:08:6b:
5f:3a:0b:81:15:eb:bf:d2:e4:0e:0b:71:81:4c:b2:90:36:32:
39:2c:9c:53:b3:a6:29:c6:b6:fe:0e:65:a0:52:b9:55:62:48:
91:78:2e:f0:c7:20:7e:a5:57:53:56:8f:db:04:66:c6:09:d3:
de:78:f9:b0:fa:cb:6b:55:cc:c5:2e:07:2b:a4:8b:73:18:84:
a4:17:be:f5:d9:40:b9:45:d5:20:9f:e0:60:83:aa:12:33:29:
d4:93:82:9e:b5:dc:6c:8a:4f:e7:ad:55:3b:b8:6a:d9:18:ea:
0e:0a:05:4a:cd:7e:47:69:f0:76:20:4c:2a:50:71:ac:f9:65:
ba:ce:cc:18:b5:3c:0f:51:68:96:01:54:c1:9d:27:df:be:ef:
03:e7:44:54
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIULq+QlxRJzWxuRScn+kOiicC7nKEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNjAyMjEwNTU2NTVaFw0yNzAyMjAwNjAxNTVaMDMxMTAvBgNV
BAMTKEIyOUEyMTNBNjAzRjdBMjI3REUxMjk1MDc1QzQ4MjEzMjBDMjQ4MDAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCyHnlG2OwKSfXPdyshZ/BZxuLJ
Gw/efz7KBnLs8xmJt4qOALCGWkpPQ3fBNpnBxYS0OyPlpoinFncV5gCNBWWST59c
8BM7y3jJklIym8zkSlsSt6tOUmaKALtjz+i80J/SgOLiINvLImW4dNuAdEZV5796
0PJAFy0+IqLEI1zP6zV3uy6wawk22pYxlcldGM84kX2oszaAoW9Cmxy0fuFSkEga
y1DKTFj0g1ksYk1D4CgtfJzPcHnuqKns2h0HRhgYfQshdVMDoWgq/7wGUUimiXC2
9K7/eoRblZCs/sXD+jzcENgTMFTBd765uY3sopOtWfZLjCyCQmKpzl5TmXTNAgMB
AAGjggKMMIICiDAdBgNVHQ4EFgQUspohOmA/eiJ94SlQdcSCEyDCSAAwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMTQ2MTgucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwgaEGCCsGAQUFBwEHAQH/BIGRMIGOMIGLBAIAATCBhAME
AmA+0AMEBYzpgAMEAY8OUgMEAI8OuwMEAI8OwgMEAI8O4wMEAZHfQAMEAJJnPAME
AZJnPgMEAJNPGQMEAJSHtAMEAJSHugMEAJt1AAMEAJt1DQMEAJt1PAMEAJt1uQME
AJt1uwMEAJt1ywMEAKKNnwMEAKKNtAMEBKjeQAMEAKjeeTANBgkqhkiG9w0BAQsF
AAOCAQEAnVOjDn9//tjXSuBegMKz63z0eezenFxaEHUVwf1F4x93QHXWE0i7kutg
tNuKkq3qX/aUuhDuFOWDHP0LdKRa2/dXXNSKiwkinm/rrvJrHn44S2+5E7kittpw
rIszfo+B/hsdztnhvYPt/ghrXzoLgRXrv9LkDgtxgUyykDYyOSycU7OmKca2/g5l
oFK5VWJIkXgu8McgfqVXU1aP2wRmxgnT3nj5sPrLa1XMxS4HK6SLcxiEpBe+9dlA
uUXVIJ/gYIOqEjMp1JOCnrXcbIpP561VO7hq2RjqDgoFSs1+R2nwdiBMKlBxrPll
us7MGLU8D1FolgFUwZ0n377vA+dEVA==
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:51:57 2026 by rpki-client