Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS14618.roa
File: AS14618.roa (raw, json)
Hash identifier: Vqyu46dZ5uuDgSHmU2AIZYgfXIXbfymPBQcEioYenrY=
Subject key identifier: 6E:FB:37:BC:6C:56:C7:C1:38:DB:79:0A:5A:8A:43:10:81:09:4D:0C
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 303A6FD2222E0F5BBCBA2DD743D4601406759CE3
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS14618.roa
Signing time: Thu 19 Mar 2026 17:04:27 +0000
ROA not before: Thu 19 Mar 2026 16:59:27 +0000
ROA not after: Thu 18 Mar 2027 17:04:27 +0000
asID: 14618
IP address blocks: 96.62.208.0/22 maxlen: 22
140.233.128.0/19 maxlen: 24
143.14.187.0/24 maxlen: 24
143.14.194.0/24 maxlen: 24
143.14.227.0/24 maxlen: 24
145.223.64.0/24 maxlen: 24
145.223.65.0/24 maxlen: 24
146.103.60.0/24 maxlen: 24
146.103.62.0/23 maxlen: 24
147.79.25.0/24 maxlen: 24
148.135.180.0/24 maxlen: 24
148.135.186.0/24 maxlen: 24
155.117.0.0/24 maxlen: 24
155.117.13.0/24 maxlen: 24
155.117.60.0/24 maxlen: 24
155.117.185.0/24 maxlen: 24
155.117.187.0/24 maxlen: 24
155.117.203.0/24 maxlen: 24
162.141.159.0/24 maxlen: 24
162.141.180.0/24 maxlen: 24
168.222.64.0/20 maxlen: 24
168.222.121.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
30:3a:6f:d2:22:2e:0f:5b:bc:ba:2d:d7:43:d4:60:14:06:75:9c:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Mar 19 16:59:27 2026 GMT
Not After : Mar 18 17:04:27 2027 GMT
Subject: CN=6EFB37BC6C56C7C138DB790A5A8A431081094D0C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:ef:f8:a3:c5:58:ac:64:18:ca:88:e4:92:a6:
f3:f8:39:3b:4b:a6:77:9d:38:47:dd:d6:f6:a3:54:
b6:fb:9f:e3:a4:5c:0a:80:f8:55:85:1e:d3:df:11:
b2:c2:8a:ab:ee:c5:db:19:76:55:15:8d:2f:f4:07:
b4:f7:75:8e:7c:9e:b5:e5:16:b6:7d:fa:b5:81:09:
c6:ff:e6:69:f7:0f:4c:ec:bd:ee:f3:e5:df:bf:b2:
d3:e2:c4:1b:40:24:14:bb:fb:5c:0e:98:59:5e:ac:
db:87:e7:35:62:93:c4:03:15:bd:80:80:3a:b4:1d:
95:be:44:2b:45:ad:5b:23:2c:61:fd:d0:46:09:9e:
02:2a:53:3a:ce:fa:97:38:34:4e:31:c4:53:d5:74:
3e:6f:54:da:b5:98:4d:26:76:21:9a:3b:3e:f1:4f:
06:94:b2:38:58:37:fa:3a:cf:ef:4a:47:27:34:a7:
e1:38:45:99:89:13:d7:3e:c4:81:4a:d2:e1:4f:3b:
e4:6c:6c:72:38:b0:0e:70:d7:64:4c:2a:ca:5a:31:
61:33:b3:66:5f:63:41:78:9f:06:c4:fc:21:f7:a3:
22:0a:c7:f6:73:1f:c7:6e:6a:0c:34:5b:34:d3:3e:
0b:3b:2b:16:94:77:c5:59:8b:f6:91:07:fe:da:87:
81:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:FB:37:BC:6C:56:C7:C1:38:DB:79:0A:5A:8A:43:10:81:09:4D:0C
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS14618.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
96.62.208.0/22
140.233.128.0/19
143.14.187.0/24
143.14.194.0/24
143.14.227.0/24
145.223.64.0/23
146.103.60.0/24
146.103.62.0/23
147.79.25.0/24
148.135.180.0/24
148.135.186.0/24
155.117.0.0/24
155.117.13.0/24
155.117.60.0/24
155.117.185.0/24
155.117.187.0/24
155.117.203.0/24
162.141.159.0/24
162.141.180.0/24
168.222.64.0/20
168.222.121.0/24
Signature Algorithm: sha256WithRSAEncryption
b7:16:5b:7c:f1:a8:21:25:87:cc:4f:30:4a:4c:31:28:75:5f:
ef:9c:b6:83:6e:9f:4b:fb:ab:cc:23:de:ea:f0:69:cf:ba:f2:
84:41:cd:8f:fd:7e:44:fc:cd:2c:09:70:05:80:29:72:6f:b8:
94:3b:94:e1:ee:b5:8e:14:78:a0:13:ae:5a:09:f7:17:79:80:
75:a6:5f:bf:7a:74:05:11:a4:76:e4:92:9e:86:25:16:4f:3c:
b7:05:a2:c3:6a:a3:2e:c5:f6:c0:c3:1b:85:b1:23:e3:54:5d:
99:ca:f5:3e:8d:5e:25:86:b0:5f:07:75:40:e7:53:dc:27:53:
ac:11:88:0b:c5:40:b2:bb:cb:35:73:67:7b:40:74:f7:61:2e:
df:7e:f1:d2:4d:8d:bd:ee:58:05:84:ee:7e:14:40:eb:35:88:
47:98:f8:70:9d:ee:f9:64:d0:01:ef:43:99:5e:5b:b3:22:be:
97:a8:e4:ad:fc:1c:ee:2d:b0:25:1f:88:7b:97:fd:d1:a5:26:
4e:f9:f0:f6:2e:e5:c6:c1:3d:3b:3f:30:cc:98:3d:00:ec:21:
e8:c5:1d:ca:78:ec:d2:1d:35:18:3f:85:f8:ec:09:12:e0:90:
a3:3b:41:93:8e:13:b4:44:2e:37:99:35:91:ba:cd:3b:ff:e6:
15:2d:d9:a3
-----BEGIN CERTIFICATE-----
MIIFezCCBGOgAwIBAgIUMDpv0iIuD1u8ui3XQ9RgFAZ1nOMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNjAzMTkxNjU5MjdaFw0yNzAzMTgxNzA0MjdaMDMxMTAvBgNV
BAMTKDZFRkIzN0JDNkM1NkM3QzEzOERCNzkwQTVBOEE0MzEwODEwOTREMEMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCy7/ijxVisZBjKiOSSpvP4OTtL
pnedOEfd1vajVLb7n+OkXAqA+FWFHtPfEbLCiqvuxdsZdlUVjS/0B7T3dY58nrXl
FrZ9+rWBCcb/5mn3D0zsve7z5d+/stPixBtAJBS7+1wOmFlerNuH5zVik8QDFb2A
gDq0HZW+RCtFrVsjLGH90EYJngIqUzrO+pc4NE4xxFPVdD5vVNq1mE0mdiGaOz7x
TwaUsjhYN/o6z+9KRyc0p+E4RZmJE9c+xIFK0uFPO+RsbHI4sA5w12RMKspaMWEz
s2ZfY0F4nwbE/CH3oyIKx/ZzH8duagw0WzTTPgs7KxaUd8VZi/aRB/7ah4GbAgMB
AAGjggKFMIICgTAdBgNVHQ4EFgQUbvs3vGxWx8E423kKWopDEIEJTQwwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMTQ2MTgucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwgZoGCCsGAQUFBwEHAQH/BIGKMIGHMIGEBAIAATB+AwQC
YD7QAwQFjOmAAwQAjw67AwQAjw7CAwQAjw7jAwQBkd9AAwQAkmc8AwQBkmc+AwQA
k08ZAwQAlIe0AwQAlIe6AwQAm3UAAwQAm3UNAwQAm3U8AwQAm3W5AwQAm3W7AwQA
m3XLAwQAoo2fAwQAoo20AwQEqN5AAwQAqN55MA0GCSqGSIb3DQEBCwUAA4IBAQC3
Flt88aghJYfMTzBKTDEodV/vnLaDbp9L+6vMI97q8GnPuvKEQc2P/X5E/M0sCXAF
gClyb7iUO5Th7rWOFHigE65aCfcXeYB1pl+/enQFEaR25JKehiUWTzy3BaLDaqMu
xfbAwxuFsSPjVF2ZyvU+jV4lhrBfB3VA51PcJ1OsEYgLxUCyu8s1c2d7QHT3YS7f
fvHSTY297lgFhO5+FEDrNYhHmPhwne75ZNAB70OZXluzIr6XqOSt/BzuLbAlH4h7
l/3RpSZO+fD2LuXGwT07PzDMmD0A7CHoxR3KeOzSHTUYP4X47AkS4JCjO0GTjhO0
RC43mTWRus07/+YVLdmj
-----END CERTIFICATE-----
Generated at Thu Mar 26 05:31:06 2026 by rpki-client