Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS14618.roa
File: AS14618.roa (raw, json)
Hash identifier: SEl6duKZRziIpnYC+FvB2DtC8cApYbsy6kcWRDcxjfg=
Subject key identifier: D4:5C:6D:6E:91:0E:3C:FE:3E:9F:AA:89:94:10:94:C2:44:DB:82:B8
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 57084829030754E51FD0B907BE7216E36F6253E6
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS14618.roa
Signing time: Sat 04 Apr 2026 04:49:28 +0000
ROA not before: Sat 04 Apr 2026 04:44:28 +0000
ROA not after: Sat 03 Apr 2027 04:49:28 +0000
asID: 14618
IP address blocks: 96.62.208.0/22 maxlen: 22
140.150.156.0/24 maxlen: 24
140.233.128.0/19 maxlen: 24
143.14.227.0/24 maxlen: 24
145.223.64.0/24 maxlen: 24
145.223.65.0/24 maxlen: 24
146.103.60.0/24 maxlen: 24
146.103.62.0/23 maxlen: 24
147.79.25.0/24 maxlen: 24
148.135.180.0/24 maxlen: 24
148.135.186.0/24 maxlen: 24
155.117.0.0/24 maxlen: 24
155.117.60.0/24 maxlen: 24
155.117.185.0/24 maxlen: 24
155.117.187.0/24 maxlen: 24
155.117.203.0/24 maxlen: 24
162.141.159.0/24 maxlen: 24
162.141.180.0/24 maxlen: 24
168.222.121.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 22:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
57:08:48:29:03:07:54:e5:1f:d0:b9:07:be:72:16:e3:6f:62:53:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Apr 4 04:44:28 2026 GMT
Not After : Apr 3 04:49:28 2027 GMT
Subject: CN=D45C6D6E910E3CFE3E9FAA89941094C244DB82B8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:c9:91:ad:0a:06:08:d8:f1:a9:64:01:f1:b1:
09:6f:1d:79:2e:64:c9:f0:b3:a8:4b:7b:f6:5f:1e:
2e:1b:45:a6:ad:c9:58:e4:1d:15:f6:33:e8:8d:c5:
aa:04:f8:f1:9f:8d:e9:40:80:4f:69:67:e8:63:40:
42:b0:99:58:6b:ec:15:d0:ff:db:bd:c0:1c:30:6a:
7c:2e:29:da:b8:3c:ab:78:f0:58:99:9b:a3:b5:24:
b7:e1:43:c6:62:b7:61:4c:3e:38:fd:8e:07:9d:ce:
d8:90:bb:7a:32:df:ad:f3:24:8c:e5:3a:4d:16:bc:
2a:3c:d3:0e:f6:41:b9:af:32:12:82:75:f5:d5:bf:
6f:26:3f:4e:c7:29:95:15:c5:4b:d6:58:97:39:0e:
e6:b4:c9:dc:da:42:ea:63:2c:44:d3:e9:71:4e:cf:
59:c7:56:87:eb:62:72:f6:ca:f2:2a:5d:02:9a:62:
15:e0:2b:09:eb:9c:ac:4a:98:5a:9a:70:25:f5:ff:
80:92:31:23:52:ab:59:e9:35:3f:7c:6c:f9:36:12:
59:e6:e1:ed:92:36:7d:7d:60:ac:0d:40:31:9d:ee:
d2:77:1d:14:2b:dc:0f:0d:bc:e1:73:47:78:68:46:
e3:d4:71:b0:47:47:9e:b1:c2:9c:d4:d8:ab:8b:14:
df:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:5C:6D:6E:91:0E:3C:FE:3E:9F:AA:89:94:10:94:C2:44:DB:82:B8
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS14618.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
96.62.208.0/22
140.150.156.0/24
140.233.128.0/19
143.14.227.0/24
145.223.64.0/23
146.103.60.0/24
146.103.62.0/23
147.79.25.0/24
148.135.180.0/24
148.135.186.0/24
155.117.0.0/24
155.117.60.0/24
155.117.185.0/24
155.117.187.0/24
155.117.203.0/24
162.141.159.0/24
162.141.180.0/24
168.222.121.0/24
Signature Algorithm: sha256WithRSAEncryption
ad:f5:1d:7d:43:c8:b6:62:5f:c2:20:70:41:65:14:19:cd:5d:
68:db:ef:0a:1f:da:c0:f0:bd:95:13:bb:80:b4:25:65:3e:83:
c0:f5:8c:d8:48:ef:24:41:6a:15:24:e5:7c:71:27:fd:2d:77:
e0:32:86:0e:5f:e8:c5:fe:3b:c8:5a:ab:ae:58:35:7b:4c:74:
6e:8d:28:6f:65:ff:92:8c:52:cd:ca:b9:e3:8f:41:de:7b:70:
fa:f9:4d:9c:db:cb:c0:83:8a:5d:44:9e:22:21:bb:ce:65:e7:
3b:3e:99:6a:a1:75:f6:d8:3f:a0:c2:16:4d:ce:60:4b:9d:96:
fd:6d:37:c2:a6:7b:b9:f2:20:9c:96:bd:dc:17:61:99:d7:99:
67:46:cf:f7:fe:28:08:42:a9:9f:61:71:d9:24:92:7e:65:87:
6e:45:f8:ea:3b:1f:51:85:7f:1f:fb:f2:d9:98:b2:ab:19:aa:
47:6a:b7:83:22:da:c4:15:48:77:58:38:c8:ab:92:70:1b:87:
67:01:98:8d:37:12:5f:e2:5a:d2:61:b7:ff:a4:1f:dd:91:63:
b0:c4:dc:37:05:1a:5a:e9:40:09:50:3e:ac:b7:0a:2d:bd:18:
5a:ac:f5:62:64:8a:0a:8f:18:9f:05:d3:2d:e3:07:3b:bc:28:
3c:2c:69:b9
-----BEGIN CERTIFICATE-----
MIIFZjCCBE6gAwIBAgIUVwhIKQMHVOUf0LkHvnIW429iU+YwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNjA0MDQwNDQ0MjhaFw0yNzA0MDMwNDQ5MjhaMDMxMTAvBgNV
BAMTKEQ0NUM2RDZFOTEwRTNDRkUzRTlGQUE4OTk0MTA5NEMyNDREQjgyQjgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCGyZGtCgYI2PGpZAHxsQlvHXku
ZMnws6hLe/ZfHi4bRaatyVjkHRX2M+iNxaoE+PGfjelAgE9pZ+hjQEKwmVhr7BXQ
/9u9wBwwanwuKdq4PKt48FiZm6O1JLfhQ8Zit2FMPjj9jgedztiQu3oy363zJIzl
Ok0WvCo80w72QbmvMhKCdfXVv28mP07HKZUVxUvWWJc5Dua0ydzaQupjLETT6XFO
z1nHVofrYnL2yvIqXQKaYhXgKwnrnKxKmFqacCX1/4CSMSNSq1npNT98bPk2Elnm
4e2SNn19YKwNQDGd7tJ3HRQr3A8NvOFzR3hoRuPUcbBHR56xwpzU2KuLFN9JAgMB
AAGjggJwMIICbDAdBgNVHQ4EFgQU1FxtbpEOPP4+n6qJlBCUwkTbgrgwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMTQ2MTgucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwgYUGCCsGAQUFBwEHAQH/BHYwdDByBAIAATBsAwQCYD7Q
AwQAjJacAwQFjOmAAwQAjw7jAwQBkd9AAwQAkmc8AwQBkmc+AwQAk08ZAwQAlIe0
AwQAlIe6AwQAm3UAAwQAm3U8AwQAm3W5AwQAm3W7AwQAm3XLAwQAoo2fAwQAoo20
AwQAqN55MA0GCSqGSIb3DQEBCwUAA4IBAQCt9R19Q8i2Yl/CIHBBZRQZzV1o2+8K
H9rA8L2VE7uAtCVlPoPA9YzYSO8kQWoVJOV8cSf9LXfgMoYOX+jF/jvIWquuWDV7
THRujShvZf+SjFLNyrnjj0Hee3D6+U2c28vAg4pdRJ4iIbvOZec7PplqoXX22D+g
whZNzmBLnZb9bTfCpnu58iCclr3cF2GZ15lnRs/3/igIQqmfYXHZJJJ+ZYduRfjq
Ox9RhX8f+/LZmLKrGapHareDItrEFUh3WDjIq5JwG4dnAZiNNxJf4lrSYbf/pB/d
kWOwxNw3BRpa6UAJUD6stwotvRharPViZIoKjxifBdMt4wc7vCg8LGm5
-----END CERTIFICATE-----
Generated at Fri Apr 17 05:52:22 2026 by rpki-client