Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS14618.roa
File: AS14618.roa (raw, json)
Hash identifier: YDFp6hPZlPxfI9/KMcrGhxZrr+oNFhsP8a3fNMMQy0o=
Subject key identifier: 86:5C:69:CA:61:82:8A:BF:10:F3:F6:72:D3:3E:C5:94:32:FE:97:8B
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 34DCC509EA1C2CE8809AB7371A0D83902E1B9522
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS14618.roa
Signing time: Fri 05 Jun 2026 14:15:20 +0000
ROA not before: Fri 05 Jun 2026 14:10:20 +0000
ROA not after: Fri 04 Jun 2027 14:15:20 +0000
asID: 14618
IP address blocks: 181.214.94.0/24 maxlen: 24
181.214.110.0/24 maxlen: 24
181.215.206.0/23 maxlen: 24
185.137.13.0/24 maxlen: 24
191.96.204.0/24 maxlen: 24
191.101.111.0/24 maxlen: 24
2a00:d1a0:10::/48 maxlen: 48
2a00:d1a0:11::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
34:dc:c5:09:ea:1c:2c:e8:80:9a:b7:37:1a:0d:83:90:2e:1b:95:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Jun 5 14:10:20 2026 GMT
Not After : Jun 4 14:15:20 2027 GMT
Subject: CN=865C69CA61828ABF10F3F672D33EC59432FE978B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f9:0a:2e:0d:5c:e2:34:7b:31:0e:79:8c:5c:4a:
0f:69:d4:41:ca:95:ff:3a:a2:f5:2a:a2:8b:49:ac:
89:82:48:ca:4d:b9:e6:78:29:c7:7b:94:96:e4:ab:
e7:c7:95:48:46:1d:aa:d6:f7:fc:1a:2f:94:96:b6:
f9:26:0d:3c:24:8d:23:8d:22:b3:79:12:ec:ed:ca:
1f:49:20:cf:8c:70:69:93:ef:8a:fd:85:bd:78:26:
36:ae:a4:dc:9a:2a:46:bb:7d:5e:88:74:c5:ae:ff:
b5:e7:9d:88:db:5b:55:a6:3d:98:06:60:30:01:64:
19:33:c6:1e:ca:67:2e:c2:35:19:d6:db:22:59:fa:
68:a2:47:42:eb:92:74:9f:b8:9b:25:4f:36:9d:44:
4a:b2:8f:6e:97:d7:41:ec:7b:0c:59:ba:85:d2:fb:
ac:1e:ea:00:4a:c3:5f:5e:37:db:e1:c8:d6:0c:6b:
17:16:00:a7:ed:f3:d8:2c:f7:ae:89:94:77:0e:f0:
93:7f:1a:2b:56:a9:e5:57:be:d2:09:49:d6:41:5e:
47:1e:57:3a:3e:24:1f:ff:c5:e1:b2:9d:b9:c5:80:
d1:7f:e5:b1:1f:85:74:53:97:41:a7:54:28:bc:6b:
36:45:7c:af:ab:d6:ce:d9:e0:19:38:58:cc:e1:e3:
20:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:5C:69:CA:61:82:8A:BF:10:F3:F6:72:D3:3E:C5:94:32:FE:97:8B
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS14618.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
181.214.94.0/24
181.214.110.0/24
181.215.206.0/23
185.137.13.0/24
191.96.204.0/24
191.101.111.0/24
IPv6:
2a00:d1a0:10::/47
Signature Algorithm: sha256WithRSAEncryption
6f:d5:13:b1:96:81:40:f0:4c:3b:5b:04:66:f1:74:fa:7f:ee:
0d:00:84:db:45:a4:72:c1:02:8c:d0:6e:c4:a3:4c:17:12:5b:
33:c9:38:08:6c:e4:e8:55:2e:95:68:1b:2d:89:b2:af:5a:73:
cd:be:2a:8b:76:42:f2:f1:a3:61:e7:95:c4:22:0a:74:f1:68:
ee:8e:69:8f:9c:bb:95:35:65:e1:cb:3b:9d:22:dc:38:34:4d:
29:be:70:13:39:94:25:30:34:89:ea:8c:02:76:93:67:2d:a1:
96:bf:3b:89:c3:01:43:11:20:86:0c:07:bd:fa:e1:99:81:be:
8d:94:b5:82:1e:b1:e0:22:fe:79:1b:63:bb:08:11:30:99:ba:
f3:c4:14:68:5d:29:62:9a:2d:66:0b:fd:bc:4b:21:c2:87:55:
fb:92:7f:f0:43:5a:ca:af:27:54:3b:37:83:fd:19:99:96:82:
4a:86:87:59:0f:ed:81:3c:8b:46:f0:90:70:01:18:6b:9b:2c:
e5:8c:c9:f4:b9:1f:ae:b3:d2:e8:37:c2:6e:21:7e:41:37:11:
91:2c:23:d7:3d:6b:e0:9d:c9:c8:97:99:50:6c:cd:ee:a9:32:
f4:ca:4e:07:46:f4:54:1f:79:b0:2d:b1:69:c5:b8:16:e7:16:
1b:fb:6d:82
-----BEGIN CERTIFICATE-----
MIIFLjCCBBagAwIBAgIUNNzFCeocLOiAmrc3Gg2DkC4blSIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNjA2MDUxNDEwMjBaFw0yNzA2MDQxNDE1MjBaMDMxMTAvBgNV
BAMTKDg2NUM2OUNBNjE4MjhBQkYxMEYzRjY3MkQzM0VDNTk0MzJGRTk3OEIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQD5Ci4NXOI0ezEOeYxcSg9p1EHK
lf86ovUqootJrImCSMpNueZ4Kcd7lJbkq+fHlUhGHarW9/waL5SWtvkmDTwkjSON
IrN5Euztyh9JIM+McGmT74r9hb14JjaupNyaKka7fV6IdMWu/7XnnYjbW1WmPZgG
YDABZBkzxh7KZy7CNRnW2yJZ+miiR0LrknSfuJslTzadREqyj26X10HsewxZuoXS
+6we6gBKw19eN9vhyNYMaxcWAKft89gs966JlHcO8JN/GitWqeVXvtIJSdZBXkce
Vzo+JB//xeGynbnFgNF/5bEfhXRTl0GnVCi8azZFfK+r1s7Z4Bk4WMzh4yDvAgMB
AAGjggI4MIICNDAdBgNVHQ4EFgQUhlxpymGCir8Q8/Zy0z7FlDL+l4swHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMTQ2MTgucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwTgYIKwYBBQUHAQcBAf8EPzA9MCoEAgABMCQDBAC11l4D
BAC11m4DBAG1184DBAC5iQ0DBAC/YMwDBAC/ZW8wDwQCAAIwCQMHASoA0aAAEDAN
BgkqhkiG9w0BAQsFAAOCAQEAb9UTsZaBQPBMO1sEZvF0+n/uDQCE20WkcsECjNBu
xKNMFxJbM8k4CGzk6FUulWgbLYmyr1pzzb4qi3ZC8vGjYeeVxCIKdPFo7o5pj5y7
lTVl4cs7nSLcODRNKb5wEzmUJTA0ieqMAnaTZy2hlr87icMBQxEghgwHvfrhmYG+
jZS1gh6x4CL+eRtjuwgRMJm688QUaF0pYpotZgv9vEshwodV+5J/8ENayq8nVDs3
g/0ZmZaCSoaHWQ/tgTyLRvCQcAEYa5ss5YzJ9LkfrrPS6DfCbiF+QTcRkSwj1z1r
4J3JyJeZUGzN7qky9MpOB0b0VB95sC2xacW4FucWG/ttgg==
-----END CERTIFICATE-----
Generated at Sat Jun 13 08:13:55 2026 by rpki-client