Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS14618.roa
File: AS14618.roa (raw, json)
Hash identifier: fPhBm4yZOkNz0+r51m/BDfAU9H04YB9SGCCwzLEX9UE=
Subject key identifier: CF:E7:89:7C:E7:1C:9B:4F:EB:39:52:A1:E0:DF:D6:B4:29:84:D4:15
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 50DAD3FD97DF52F7BC628B16E64E5B2A7E1B6B80
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS14618.roa
Signing time: Mon 18 Aug 2025 03:21:15 +0000
ROA not before: Mon 18 Aug 2025 03:16:15 +0000
ROA not after: Mon 17 Aug 2026 03:21:15 +0000
asID: 14618
IP address blocks: 96.62.208.0/22 maxlen: 22
140.233.128.0/19 maxlen: 24
143.14.132.0/24 maxlen: 24
145.223.64.0/24 maxlen: 24
145.223.65.0/24 maxlen: 24
146.103.60.0/24 maxlen: 24
146.103.62.0/23 maxlen: 24
148.135.180.0/24 maxlen: 24
148.135.186.0/24 maxlen: 24
155.117.60.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
50:da:d3:fd:97:df:52:f7:bc:62:8b:16:e6:4e:5b:2a:7e:1b:6b:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Aug 18 03:16:15 2025 GMT
Not After : Aug 17 03:21:15 2026 GMT
Subject: CN=CFE7897CE71C9B4FEB3952A1E0DFD6B42984D415
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f8:65:ff:e2:6c:37:dd:b4:55:f5:f0:d7:48:45:
d4:5b:0c:1f:12:44:7a:c1:88:91:f0:ee:f2:ec:0d:
12:b5:d8:c9:4f:75:0e:85:e5:b9:a6:c9:e7:58:53:
44:3b:02:aa:8b:38:34:6d:50:a3:05:80:a8:a0:97:
87:e2:75:65:42:a3:8d:3a:3a:f9:67:35:51:23:2f:
be:a2:a2:bb:9d:11:a5:a1:f9:6a:bd:71:2d:e9:3d:
6a:3d:06:16:f0:e8:c8:59:6a:72:de:84:39:28:c7:
e8:40:12:a9:bf:c8:bc:01:11:7c:22:c9:aa:50:6f:
5e:8d:91:3f:b0:34:14:5d:66:2f:fc:1a:6a:7b:c5:
d0:53:86:84:d0:7c:ac:45:3b:3c:89:51:b8:8f:49:
03:66:c7:db:a2:33:72:db:e1:c3:23:e6:77:ba:98:
39:be:97:4e:d3:a3:76:9f:a9:11:6c:86:7e:df:f1:
72:06:5c:c1:d3:a1:da:03:0c:34:17:76:66:45:d3:
45:75:51:63:c4:16:7f:8c:a6:bb:39:40:b0:d1:d5:
a7:82:08:8a:01:45:b6:c8:03:a3:24:ae:35:b2:0e:
77:74:f1:2c:b0:2e:2d:cd:91:df:33:12:d0:d2:85:
6c:20:ed:96:9a:9c:21:f0:f3:49:44:bb:52:5d:58:
af:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:E7:89:7C:E7:1C:9B:4F:EB:39:52:A1:E0:DF:D6:B4:29:84:D4:15
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS14618.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
96.62.208.0/22
140.233.128.0/19
143.14.132.0/24
145.223.64.0/23
146.103.60.0/24
146.103.62.0/23
148.135.180.0/24
148.135.186.0/24
155.117.60.0/24
Signature Algorithm: sha256WithRSAEncryption
70:81:f0:20:b2:e7:2e:12:26:69:0d:62:47:fb:61:36:f2:77:
cc:c1:7c:8b:d8:7b:b8:cc:a7:52:94:84:d1:50:56:e4:be:76:
d4:54:4a:c8:05:14:fb:6b:4d:fb:f4:b8:db:a7:c0:13:21:56:
09:34:10:42:f9:8a:2b:24:4e:7f:21:5e:34:bf:2c:70:1c:1a:
14:89:2d:3b:04:35:dc:87:09:27:f5:b2:a7:e5:ca:08:3b:8a:
f5:a9:48:88:2b:cf:c8:cc:eb:11:f9:c1:c9:59:94:47:4e:c2:
7c:b7:6b:13:a5:02:4e:84:d1:b3:29:2f:7a:13:0e:a6:fa:23:
24:fe:54:1b:52:f4:32:6f:05:08:8e:04:21:bb:54:3c:08:94:
7a:65:a0:5c:68:34:88:c4:ef:e4:16:d3:e9:a8:ca:54:5a:fc:
12:c2:b9:28:df:c4:4f:05:e1:ea:1b:2d:a5:fa:a4:c2:4a:eb:
af:52:e2:9e:ce:3a:8a:b8:c6:94:aa:45:85:1d:b3:f1:e3:21:
14:4e:5a:c3:46:ea:97:08:74:ad:42:d2:9f:44:4a:cb:26:18:
8f:c7:df:b9:3e:73:f2:69:a4:68:b4:4b:22:15:61:c7:2c:a4:
88:f1:72:1b:99:25:63:47:cd:b8:cb:37:b9:65:ec:b6:18:6a:
f3:c6:4e:a8
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIUUNrT/ZffUve8YosW5k5bKn4ba4AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTA4MTgwMzE2MTVaFw0yNjA4MTcwMzIxMTVaMDMxMTAvBgNV
BAMTKENGRTc4OTdDRTcxQzlCNEZFQjM5NTJBMUUwREZENkI0Mjk4NEQ0MTUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQD4Zf/ibDfdtFX18NdIRdRbDB8S
RHrBiJHw7vLsDRK12MlPdQ6F5bmmyedYU0Q7AqqLODRtUKMFgKigl4fidWVCo406
OvlnNVEjL76iorudEaWh+Wq9cS3pPWo9Bhbw6MhZanLehDkox+hAEqm/yLwBEXwi
yapQb16NkT+wNBRdZi/8Gmp7xdBThoTQfKxFOzyJUbiPSQNmx9uiM3Lb4cMj5ne6
mDm+l07To3afqRFshn7f8XIGXMHTodoDDDQXdmZF00V1UWPEFn+Mprs5QLDR1aeC
CIoBRbbIA6MkrjWyDnd08SywLi3Nkd8zEtDShWwg7ZaanCHw80lEu1JdWK/JAgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQUz+eJfOccm0/rOVKh4N/WtCmE1BUwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMTQ2MTgucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwTwYIKwYBBQUHAQcBAf8EQDA+MDwEAgABMDYDBAJgPtAD
BAWM6YADBACPDoQDBAGR30ADBACSZzwDBAGSZz4DBACUh7QDBACUh7oDBACbdTww
DQYJKoZIhvcNAQELBQADggEBAHCB8CCy5y4SJmkNYkf7YTbyd8zBfIvYe7jMp1KU
hNFQVuS+dtRUSsgFFPtrTfv0uNunwBMhVgk0EEL5iiskTn8hXjS/LHAcGhSJLTsE
NdyHCSf1sqflygg7ivWpSIgrz8jM6xH5wclZlEdOwny3axOlAk6E0bMpL3oTDqb6
IyT+VBtS9DJvBQiOBCG7VDwIlHploFxoNIjE7+QW0+moylRa/BLCuSjfxE8F4eob
LaX6pMJK669S4p7OOoq4xpSqRYUds/HjIRROWsNG6pcIdK1C0p9ESssmGI/H37k+
c/JppGi0SyIVYccspIjxchuZJWNHzbjLN7ll7LYYavPGTqg=
-----END CERTIFICATE-----
Generated at Sat Aug 23 12:05:12 2025 by rpki-client