Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS7018.roa
File: AS7018.roa (raw, json)
Hash identifier: Duyod2N8UKzWFi8zJXXrtyUErn+W18CUHxe63d5nVPU=
Subject key identifier: B2:2E:28:AD:EA:3D:2C:C7:ED:85:70:FB:8F:12:09:38:1F:3D:09:DC
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 70F69A68A5AB96E2CD4CF0F272BED3CE7727FC3A
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS7018.roa
Signing time: Thu 17 Apr 2025 09:05:24 +0000
ROA not before: Thu 17 Apr 2025 09:00:24 +0000
ROA not after: Thu 16 Apr 2026 09:05:24 +0000
asID: 7018
IP address blocks: 46.202.1.0/24 maxlen: 24
46.202.49.0/24 maxlen: 24
46.202.50.0/24 maxlen: 24
46.202.51.0/24 maxlen: 24
46.202.53.0/24 maxlen: 24
46.202.87.0/24 maxlen: 24
46.202.96.0/24 maxlen: 24
46.202.97.0/24 maxlen: 24
46.202.98.0/24 maxlen: 24
46.202.99.0/24 maxlen: 24
46.202.124.0/24 maxlen: 24
46.202.125.0/24 maxlen: 24
46.202.126.0/24 maxlen: 24
46.202.127.0/24 maxlen: 24
46.202.201.0/24 maxlen: 24
46.202.202.0/24 maxlen: 24
46.202.203.0/24 maxlen: 24
46.202.207.0/24 maxlen: 24
46.202.216.0/24 maxlen: 24
46.202.217.0/24 maxlen: 24
46.202.219.0/24 maxlen: 24
46.202.220.0/24 maxlen: 24
46.202.221.0/24 maxlen: 24
46.202.222.0/24 maxlen: 24
46.202.223.0/24 maxlen: 24
46.203.3.0/24 maxlen: 24
46.203.5.0/24 maxlen: 24
46.203.13.0/24 maxlen: 24
46.203.14.0/24 maxlen: 24
46.203.21.0/24 maxlen: 24
46.203.22.0/24 maxlen: 24
46.203.29.0/24 maxlen: 24
46.203.32.0/24 maxlen: 24
46.203.43.0/24 maxlen: 24
46.203.44.0/24 maxlen: 24
46.203.47.0/24 maxlen: 24
46.203.54.0/24 maxlen: 24
46.203.56.0/24 maxlen: 24
46.203.58.0/24 maxlen: 24
46.203.62.0/24 maxlen: 24
46.203.74.0/24 maxlen: 24
46.203.80.0/24 maxlen: 24
46.203.91.0/24 maxlen: 24
46.203.92.0/24 maxlen: 24
46.203.104.0/24 maxlen: 24
46.203.113.0/24 maxlen: 24
46.203.121.0/24 maxlen: 24
46.203.137.0/24 maxlen: 24
46.203.150.0/24 maxlen: 24
46.203.161.0/24 maxlen: 24
46.203.214.0/24 maxlen: 24
46.203.223.0/24 maxlen: 24
46.203.225.0/24 maxlen: 24
46.203.249.0/24 maxlen: 24
91.124.0.0/24 maxlen: 24
91.124.2.0/24 maxlen: 24
91.124.3.0/24 maxlen: 24
91.124.16.0/24 maxlen: 24
91.124.59.0/24 maxlen: 24
91.124.82.0/24 maxlen: 24
91.124.90.0/24 maxlen: 24
91.124.134.0/24 maxlen: 24
91.124.208.0/24 maxlen: 24
91.124.242.0/24 maxlen: 24
92.112.56.0/24 maxlen: 24
92.112.62.0/24 maxlen: 24
92.112.111.0/24 maxlen: 24
92.112.112.0/24 maxlen: 24
92.112.113.0/24 maxlen: 24
92.112.114.0/24 maxlen: 24
92.112.115.0/24 maxlen: 24
92.112.116.0/24 maxlen: 24
92.112.117.0/24 maxlen: 24
92.112.118.0/24 maxlen: 24
92.112.144.0/24 maxlen: 24
92.113.6.0/24 maxlen: 24
92.113.15.0/24 maxlen: 24
92.113.40.0/24 maxlen: 24
92.113.56.0/21 maxlen: 22
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
70:f6:9a:68:a5:ab:96:e2:cd:4c:f0:f2:72:be:d3:ce:77:27:fc:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Apr 17 09:00:24 2025 GMT
Not After : Apr 16 09:05:24 2026 GMT
Subject: CN=B22E28ADEA3D2CC7ED8570FB8F1209381F3D09DC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:58:b5:47:03:bd:83:07:12:76:cb:e1:b6:0d:
d8:37:e9:11:f2:05:b6:15:64:dc:a0:94:a5:f1:7a:
7b:9a:e3:1f:32:88:1c:9c:69:88:88:d4:5b:7b:c7:
22:3c:fa:af:f3:92:a6:91:74:c9:3c:29:67:fd:a0:
fa:c2:70:3b:d5:c3:27:cd:99:39:da:8f:ce:55:ed:
55:e6:72:c2:c7:02:c4:8f:68:d8:3f:ee:5b:e6:ac:
8e:5f:f9:be:6d:e3:f5:eb:b6:a9:08:a7:b7:96:60:
d9:da:d8:27:15:7b:82:0e:df:06:bc:e2:a3:4e:0e:
1f:15:62:2b:f3:a5:69:cd:02:aa:03:0c:56:ec:86:
19:1e:56:d8:57:85:8c:09:f1:b8:63:bd:9d:17:a0:
2d:8d:84:36:c3:f0:90:1b:55:e3:8c:a0:1d:28:94:
61:a9:cb:07:d7:15:6c:d3:8a:9f:1f:78:a3:d1:f6:
36:88:11:df:b0:74:57:ce:9f:16:2b:5c:fd:dd:cd:
46:cc:e2:ab:c4:55:1d:c0:e0:7e:fc:69:7f:56:8b:
d8:41:bd:a7:60:f3:3a:88:a0:fe:39:92:a0:b4:8b:
88:60:68:d4:26:19:97:3d:52:5a:a4:03:01:b8:bb:
60:36:93:08:0e:61:3c:39:56:17:f1:6d:6d:79:63:
3f:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:2E:28:AD:EA:3D:2C:C7:ED:85:70:FB:8F:12:09:38:1F:3D:09:DC
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS7018.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.202.1.0/24
46.202.49.0-46.202.51.255
46.202.53.0/24
46.202.87.0/24
46.202.96.0/22
46.202.124.0/22
46.202.201.0-46.202.203.255
46.202.207.0/24
46.202.216.0/23
46.202.219.0-46.202.223.255
46.203.3.0/24
46.203.5.0/24
46.203.13.0-46.203.14.255
46.203.21.0-46.203.22.255
46.203.29.0/24
46.203.32.0/24
46.203.43.0-46.203.44.255
46.203.47.0/24
46.203.54.0/24
46.203.56.0/24
46.203.58.0/24
46.203.62.0/24
46.203.74.0/24
46.203.80.0/24
46.203.91.0-46.203.92.255
46.203.104.0/24
46.203.113.0/24
46.203.121.0/24
46.203.137.0/24
46.203.150.0/24
46.203.161.0/24
46.203.214.0/24
46.203.223.0/24
46.203.225.0/24
46.203.249.0/24
91.124.0.0/24
91.124.2.0/23
91.124.16.0/24
91.124.59.0/24
91.124.82.0/24
91.124.90.0/24
91.124.134.0/24
91.124.208.0/24
91.124.242.0/24
92.112.56.0/24
92.112.62.0/24
92.112.111.0-92.112.118.255
92.112.144.0/24
92.113.6.0/24
92.113.15.0/24
92.113.40.0/24
92.113.56.0/21
Signature Algorithm: sha256WithRSAEncryption
5c:8f:d0:fa:fb:a8:26:d1:27:13:a2:89:c5:70:3b:57:ef:7f:
85:e0:1b:c3:ca:ed:f9:ce:63:05:9f:d0:7d:9c:dc:f0:a2:a2:
3c:4d:c8:32:a0:f2:30:cc:b1:10:96:e8:08:e7:ad:f5:e4:7b:
36:7d:7c:db:59:a2:3d:88:1e:ab:52:21:03:d6:eb:a2:f4:3a:
38:c4:26:20:16:95:83:8f:14:55:60:f0:d7:69:f0:84:9b:63:
0c:e2:07:5a:83:4b:e5:25:3e:bc:28:dd:66:6c:b6:f4:1d:2e:
ec:1d:ef:72:a4:a4:87:ab:60:fe:e4:82:c5:a7:4d:2b:af:c6:
9c:14:87:e3:ed:d7:22:95:e1:8a:86:43:6e:5c:5c:e6:73:ae:
8a:aa:9c:26:c7:99:12:fd:13:bc:c0:29:50:6e:e5:dc:7e:ed:
4c:c5:37:f4:07:46:0f:c5:58:3a:b2:4a:24:9c:7f:d1:54:78:
2e:c7:b8:33:87:bb:c6:56:76:7a:4f:18:bf:ab:6f:12:d0:d2:
23:66:ad:2a:90:24:9b:29:d5:de:f7:23:dc:93:8d:ed:00:50:
d6:de:59:b7:1d:d6:5c:8e:ed:89:84:bf:15:50:c5:22:9a:95:
01:a8:f7:4e:1b:35:32:e6:75:54:68:51:74:5f:b9:bb:96:01:
91:14:62:23
-----BEGIN CERTIFICATE-----
MIIGejCCBWKgAwIBAgIUcPaaaKWrluLNTPDycr7Tzncn/DowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNTA0MTcwOTAwMjRaFw0yNjA0MTYwOTA1MjRaMDMxMTAvBgNV
BAMTKEIyMkUyOEFERUEzRDJDQzdFRDg1NzBGQjhGMTIwOTM4MUYzRDA5REMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC3WLVHA72DBxJ2y+G2Ddg36RHy
BbYVZNyglKXxenua4x8yiBycaYiI1Ft7xyI8+q/zkqaRdMk8KWf9oPrCcDvVwyfN
mTnaj85V7VXmcsLHAsSPaNg/7lvmrI5f+b5t4/XrtqkIp7eWYNna2CcVe4IO3wa8
4qNODh8VYivzpWnNAqoDDFbshhkeVthXhYwJ8bhjvZ0XoC2NhDbD8JAbVeOMoB0o
lGGpywfXFWzTip8feKPR9jaIEd+wdFfOnxYrXP3dzUbM4qvEVR3A4H78aX9Wi9hB
vadg8zqIoP45kqC0i4hgaNQmGZc9UlqkAwG4u2A2kwgOYTw5VhfxbW15Yz/hAgMB
AAGjggOEMIIDgDAdBgNVHQ4EFgQUsi4oreo9LMfthXD7jxIJOB89CdwwHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTNzAxOC5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCCAZkGCCsGAQUFBwEHAQH/BIIBiDCCAYQwggGABAIAATCC
AXgDBAAuygEwDAMEAC7KMQMEAi7KMAMEAC7KNQMEAC7KVwMEAi7KYAMEAi7KfDAM
AwQALsrJAwQCLsrIAwQALsrPAwQBLsrYMAwDBAAuytsDBAUuysADBAAuywMDBAAu
ywUwDAMEAC7LDQMEAC7LDjAMAwQALssVAwQALssWAwQALssdAwQALssgMAwDBAAu
yysDBAAuyywDBAAuyy8DBAAuyzYDBAAuyzgDBAAuyzoDBAAuyz4DBAAuy0oDBAAu
y1AwDAMEAC7LWwMEAC7LXAMEAC7LaAMEAC7LcQMEAC7LeQMEAC7LiQMEAC7LlgME
AC7LoQMEAC7L1gMEAC7L3wMEAC7L4QMEAC7L+QMEAFt8AAMEAVt8AgMEAFt8EAME
AFt8OwMEAFt8UgMEAFt8WgMEAFt8hgMEAFt80AMEAFt88gMEAFxwOAMEAFxwPjAM
AwQAXHBvAwQAXHB2AwQAXHCQAwQAXHEGAwQAXHEPAwQAXHEoAwQDXHE4MA0GCSqG
SIb3DQEBCwUAA4IBAQBcj9D6+6gm0ScToonFcDtX73+F4BvDyu35zmMFn9B9nNzw
oqI8TcgyoPIwzLEQlugI56315Hs2fXzbWaI9iB6rUiED1uui9Do4xCYgFpWDjxRV
YPDXafCEm2MM4gdag0vlJT68KN1mbLb0HS7sHe9ypKSHq2D+5ILFp00rr8acFIfj
7dcileGKhkNuXFzmc66Kqpwmx5kS/RO8wClQbuXcfu1MxTf0B0YPxVg6skoknH/R
VHgux7gzh7vGVnZ6Txi/q28S0NIjZq0qkCSbKdXe9yPck43tAFDW3lm3HdZcju2J
hL8VUMUimpUBqPdOGzUy5nVUaFF0X7m7lgGRFGIj
-----END CERTIFICATE-----
Generated at Sat Apr 26 15:49:29 2025 by rpki-client