Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS14618.roa
File: AS14618.roa (raw, json)
Hash identifier: ftMIx9wlLNYNKqTyyOZjI3mM/ZubmVaqLkfTlH+2T7w=
Subject key identifier: D2:C5:06:A4:05:C8:65:4B:DD:A4:6B:39:37:71:DE:AC:BD:82:B0:42
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 264A36DF44923C1CCE6CB23EFCA213EFFA66241C
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS14618.roa
Signing time: Thu 16 Apr 2026 09:09:19 +0000
ROA not before: Thu 16 Apr 2026 09:04:19 +0000
ROA not after: Thu 15 Apr 2027 09:09:19 +0000
asID: 14618
IP address blocks: 45.139.182.0/24 maxlen: 24
181.214.94.0/24 maxlen: 24
181.214.110.0/24 maxlen: 24
181.215.206.0/23 maxlen: 24
185.137.13.0/24 maxlen: 24
191.96.204.0/24 maxlen: 24
191.101.111.0/24 maxlen: 24
2a00:d1a0:10::/48 maxlen: 48
2a00:d1a0:11::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 15:58:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
26:4a:36:df:44:92:3c:1c:ce:6c:b2:3e:fc:a2:13:ef:fa:66:24:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Apr 16 09:04:19 2026 GMT
Not After : Apr 15 09:09:19 2027 GMT
Subject: CN=D2C506A405C8654BDDA46B393771DEACBD82B042
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:77:9c:a5:37:04:17:bc:00:76:9e:3e:4f:f3:
c0:fd:f1:3b:3a:cc:fe:8f:1b:c3:02:92:5e:ec:b7:
05:31:e4:15:f4:3a:a1:2a:a3:a7:da:b5:91:d5:e8:
7a:a9:60:a5:59:38:87:94:d1:da:f6:ee:44:a5:7e:
e0:8d:15:3e:cd:2c:c3:b1:73:2c:ab:93:e2:31:5f:
96:92:93:b3:5a:b5:b0:b7:24:60:4a:4c:4a:5c:54:
60:b3:df:19:6a:02:8a:fc:80:b1:d9:7f:01:52:8b:
35:bf:a0:60:68:82:ab:2d:d2:0c:28:24:70:4c:90:
87:d3:b5:c7:bf:71:96:d5:37:b2:f5:c3:fc:f7:20:
87:ed:f9:2f:48:e4:b6:96:6b:68:52:8d:b6:1f:96:
68:0d:ef:e9:91:1f:6d:74:57:fa:4b:10:83:87:ac:
0c:e4:b3:c0:76:d9:bc:a7:6a:34:ec:46:06:54:f6:
8b:b1:09:0f:53:45:98:64:09:5c:73:9a:33:de:c1:
61:79:61:60:8d:76:eb:04:01:1e:ba:8a:16:6d:c1:
47:0b:cb:d8:8e:2c:d3:5b:8b:1e:47:30:cf:fc:f6:
de:18:f5:47:de:aa:0c:ff:2b:f0:35:85:83:2c:72:
b5:15:80:cc:e7:f7:cf:82:18:21:e8:2b:30:5d:85:
fe:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:C5:06:A4:05:C8:65:4B:DD:A4:6B:39:37:71:DE:AC:BD:82:B0:42
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS14618.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.139.182.0/24
181.214.94.0/24
181.214.110.0/24
181.215.206.0/23
185.137.13.0/24
191.96.204.0/24
191.101.111.0/24
IPv6:
2a00:d1a0:10::/47
Signature Algorithm: sha256WithRSAEncryption
48:f0:a2:c6:15:9b:8a:ed:b2:90:c9:8f:2f:37:68:ac:ff:f3:
95:f7:8e:46:ad:c7:3d:bc:0e:7c:7d:f0:3f:b9:7b:df:1d:de:
27:c7:25:99:a7:b2:49:50:a8:20:bb:4f:be:da:f1:bb:e1:cc:
95:4d:d8:bd:18:5e:a4:99:97:4d:3b:ca:06:10:84:ed:65:ae:
96:f5:0c:e8:98:dc:d8:f6:fa:ff:a4:1b:cb:6b:ba:d1:9a:2e:
ec:cb:87:b6:84:57:d5:f6:ba:52:d7:55:0a:c1:0f:98:f3:b0:
9d:1d:9b:a5:43:a8:9c:66:b1:f2:91:a4:c5:c8:37:bf:74:89:
49:f9:7a:6c:84:82:b6:d8:ba:94:f5:d5:dd:98:91:a8:6f:5e:
fa:c3:fd:d3:4c:0d:40:5a:2e:ad:99:7d:19:ac:90:d7:be:a9:
d9:d7:91:b6:14:e0:2d:19:d4:ba:5e:50:32:16:97:56:cf:5b:
21:f8:e6:88:b2:8d:55:5f:26:7f:91:3a:39:80:0e:61:0f:20:
30:a2:c2:5f:a2:33:c0:c5:28:fe:a4:9f:40:f0:a9:82:09:8d:
b7:20:ef:e8:28:52:1b:56:46:03:4b:e4:4a:c3:a8:fa:22:08:
ee:f4:bf:ac:ec:9f:3d:6e:3c:fd:ec:d9:e5:f4:25:20:2d:a7:
81:c1:8e:b3
-----BEGIN CERTIFICATE-----
MIIFNDCCBBygAwIBAgIUJko230SSPBzObLI+/KIT7/pmJBwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNjA0MTYwOTA0MTlaFw0yNzA0MTUwOTA5MTlaMDMxMTAvBgNV
BAMTKEQyQzUwNkE0MDVDODY1NEJEREE0NkIzOTM3NzFERUFDQkQ4MkIwNDIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCyd5ylNwQXvAB2nj5P88D98Ts6
zP6PG8MCkl7stwUx5BX0OqEqo6fatZHV6HqpYKVZOIeU0dr27kSlfuCNFT7NLMOx
cyyrk+IxX5aSk7NatbC3JGBKTEpcVGCz3xlqAor8gLHZfwFSizW/oGBogqst0gwo
JHBMkIfTtce/cZbVN7L1w/z3IIft+S9I5LaWa2hSjbYflmgN7+mRH210V/pLEIOH
rAzks8B22bynajTsRgZU9ouxCQ9TRZhkCVxzmjPewWF5YWCNdusEAR66ihZtwUcL
y9iOLNNbix5HMM/89t4Y9Ufeqgz/K/A1hYMscrUVgMzn98+CGCHoKzBdhf6BAgMB
AAGjggI+MIICOjAdBgNVHQ4EFgQU0sUGpAXIZUvdpGs5N3HerL2CsEIwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMTQ2MTgucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwVAYIKwYBBQUHAQcBAf8ERTBDMDAEAgABMCoDBAAti7YD
BAC11l4DBAC11m4DBAG1184DBAC5iQ0DBAC/YMwDBAC/ZW8wDwQCAAIwCQMHASoA
0aAAEDANBgkqhkiG9w0BAQsFAAOCAQEASPCixhWbiu2ykMmPLzdorP/zlfeORq3H
PbwOfH3wP7l73x3eJ8clmaeySVCoILtPvtrxu+HMlU3YvRhepJmXTTvKBhCE7WWu
lvUM6Jjc2Pb6/6Qby2u60Zou7MuHtoRX1fa6UtdVCsEPmPOwnR2bpUOonGax8pGk
xcg3v3SJSfl6bISCtti6lPXV3ZiRqG9e+sP900wNQFourZl9GayQ176p2deRthTg
LRnUul5QMhaXVs9bIfjmiLKNVV8mf5E6OYAOYQ8gMKLCX6IzwMUo/qSfQPCpggmN
tyDv6ChSG1ZGA0vkSsOo+iII7vS/rOyfPW48/ezZ5fQlIC2ngcGOsw==
-----END CERTIFICATE-----
Generated at Fri Apr 17 05:57:07 2026 by rpki-client