Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS14618.roa
File: AS14618.roa (raw, json)
Hash identifier: qwRhAjubR4x1xngmYeXxa6gNiilRu3uScPeGskxvh1k=
Subject key identifier: E4:1C:11:AC:1E:AE:AA:D1:A6:B2:C3:05:75:EF:47:E8:11:9D:56:B6
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 36E5B5B89831717A72D875880F4E00FCF2175B51
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS14618.roa
Signing time: Fri 06 Jun 2025 05:38:57 +0000
ROA not before: Fri 06 Jun 2025 05:33:57 +0000
ROA not after: Fri 05 Jun 2026 05:38:57 +0000
asID: 14618
IP address blocks: 96.62.208.0/22 maxlen: 22
140.233.128.0/19 maxlen: 24
145.223.64.0/24 maxlen: 24
145.223.65.0/24 maxlen: 24
146.103.60.0/24 maxlen: 24
146.103.62.0/23 maxlen: 24
148.135.180.0/24 maxlen: 24
148.135.186.0/24 maxlen: 24
155.117.187.0/24 maxlen: 24
167.148.144.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 19:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
36:e5:b5:b8:98:31:71:7a:72:d8:75:88:0f:4e:00:fc:f2:17:5b:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Jun 6 05:33:57 2025 GMT
Not After : Jun 5 05:38:57 2026 GMT
Subject: CN=E41C11AC1EAEAAD1A6B2C30575EF47E8119D56B6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:8a:c1:28:c1:ee:06:69:51:b1:c5:73:3c:7d:
8b:27:94:ad:58:0d:f8:74:78:7f:7a:5b:8a:9c:24:
c3:6c:15:6e:34:3a:2f:d5:f4:ac:9f:d5:e5:25:f0:
47:69:02:76:d8:12:f6:19:e0:1f:3a:42:86:f3:5e:
aa:19:18:6a:d0:fb:43:09:ed:f8:ae:12:9c:4c:18:
12:f8:93:ce:3a:6d:89:7f:01:ff:47:46:9d:93:1f:
20:23:52:e7:67:c0:08:86:e0:11:0e:5f:fd:6d:b4:
ac:96:e1:6d:24:b4:69:76:76:eb:5e:15:f1:8a:10:
24:a1:b3:7d:63:f7:a5:f4:c8:56:c1:a5:fa:14:dd:
8b:5a:79:3d:01:0a:4c:71:4b:29:54:76:89:25:a9:
6b:59:e9:a5:38:9f:49:14:14:3a:c7:ee:b6:70:a9:
81:86:f6:ec:65:11:c2:cf:6e:e6:6d:14:64:9e:cc:
a5:e5:d5:58:90:29:ae:43:18:80:88:b4:cd:d9:f3:
02:71:fc:b6:73:ec:64:49:c5:17:30:2a:24:09:e8:
8c:6f:51:08:78:1c:6e:35:07:8f:c3:c3:c7:5b:13:
54:6f:26:2c:e0:1f:73:bb:72:b4:c8:77:0d:b0:ac:
05:20:74:8f:e0:c0:71:a5:9d:37:5e:80:5e:55:6f:
b5:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:1C:11:AC:1E:AE:AA:D1:A6:B2:C3:05:75:EF:47:E8:11:9D:56:B6
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS14618.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
96.62.208.0/22
140.233.128.0/19
145.223.64.0/23
146.103.60.0/24
146.103.62.0/23
148.135.180.0/24
148.135.186.0/24
155.117.187.0/24
167.148.144.0/24
Signature Algorithm: sha256WithRSAEncryption
43:b8:55:eb:a4:3d:cd:9a:1d:2e:82:2b:82:a7:0d:c7:9c:16:
26:9f:55:cb:b6:80:6f:8a:d3:d1:55:94:39:f1:14:b3:6b:fc:
c8:4a:c0:dd:75:f6:1f:b8:fa:bc:8a:15:f7:34:0c:cf:27:d9:
c3:fb:a1:53:e9:12:ce:5e:83:18:d3:be:8d:86:c4:fe:a2:f1:
15:1d:7b:7a:80:dc:b5:37:1a:23:84:0a:e8:d0:2a:fe:55:dc:
c1:10:d8:cd:de:60:01:36:ba:f5:87:db:ef:16:a1:24:b0:26:
c6:e2:ef:13:f6:24:9e:9f:7d:b7:cc:74:5f:27:e9:bc:63:bc:
c1:06:7d:40:a0:b9:6d:0c:23:09:63:12:fa:ad:9b:b2:9c:6a:
2c:03:81:5f:12:85:fb:43:c2:22:d4:46:a9:78:f8:0b:96:49:
86:b5:2d:13:7a:e8:88:60:49:f9:9a:6a:2b:0c:60:4b:75:2e:
cb:3e:01:91:87:74:11:63:8e:50:50:32:b3:a2:c4:0f:39:ea:
e9:64:60:3b:73:1f:37:ba:3e:51:54:2a:ba:d3:90:5a:92:ac:
a9:46:ad:bb:ce:cf:b6:aa:d2:8d:d8:af:1f:59:5c:c0:ea:e4:
62:77:a5:f7:f2:5c:52:54:24:32:6d:a6:cd:36:09:ad:1d:b5:
c2:2f:fb:09
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIUNuW1uJgxcXpy2HWID04A/PIXW1EwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTA2MDYwNTMzNTdaFw0yNjA2MDUwNTM4NTdaMDMxMTAvBgNV
BAMTKEU0MUMxMUFDMUVBRUFBRDFBNkIyQzMwNTc1RUY0N0U4MTE5RDU2QjYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCTisEowe4GaVGxxXM8fYsnlK1Y
Dfh0eH96W4qcJMNsFW40Oi/V9Kyf1eUl8EdpAnbYEvYZ4B86QobzXqoZGGrQ+0MJ
7fiuEpxMGBL4k846bYl/Af9HRp2THyAjUudnwAiG4BEOX/1ttKyW4W0ktGl2dute
FfGKECShs31j96X0yFbBpfoU3YtaeT0BCkxxSylUdoklqWtZ6aU4n0kUFDrH7rZw
qYGG9uxlEcLPbuZtFGSezKXl1ViQKa5DGICItM3Z8wJx/LZz7GRJxRcwKiQJ6Ixv
UQh4HG41B4/Dw8dbE1RvJizgH3O7crTIdw2wrAUgdI/gwHGlnTdegF5Vb7WTAgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQU5BwRrB6uqtGmssMFde9H6BGdVrYwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMTQ2MTgucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwTwYIKwYBBQUHAQcBAf8EQDA+MDwEAgABMDYDBAJgPtAD
BAWM6YADBAGR30ADBACSZzwDBAGSZz4DBACUh7QDBACUh7oDBACbdbsDBACnlJAw
DQYJKoZIhvcNAQELBQADggEBAEO4VeukPc2aHS6CK4KnDcecFiafVcu2gG+K09FV
lDnxFLNr/MhKwN119h+4+ryKFfc0DM8n2cP7oVPpEs5egxjTvo2GxP6i8RUde3qA
3LU3GiOECujQKv5V3MEQ2M3eYAE2uvWH2+8WoSSwJsbi7xP2JJ6ffbfMdF8n6bxj
vMEGfUCguW0MIwljEvqtm7KcaiwDgV8ShftDwiLURql4+AuWSYa1LRN66IhgSfma
aisMYEt1Lss+AZGHdBFjjlBQMrOixA856ulkYDtzHze6PlFUKrrTkFqSrKlGrbvO
z7aq0o3Yrx9ZXMDq5GJ3pffyXFJUJDJtps02Ca0dtcIv+wk=
-----END CERTIFICATE-----
Generated at Sat Jun 14 23:54:51 2025 by rpki-client