Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS14618.roa
File: AS14618.roa (raw, json)
Hash identifier: DJuqXcmnFLNBw8kkKV/5H10q1VnRsCmBF+YvgURwjW4=
Subject key identifier: 78:61:9D:84:DF:88:68:92:CC:33:46:67:2D:FE:AB:9A:A1:85:5D:36
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 417F6C06B654DB1E099BB2C30093677719AC3FB0
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS14618.roa
Signing time: Mon 28 Apr 2025 07:02:46 +0000
ROA not before: Mon 28 Apr 2025 06:57:46 +0000
ROA not after: Mon 27 Apr 2026 07:02:46 +0000
asID: 14618
IP address blocks: 140.233.128.0/19 maxlen: 24
145.223.64.0/24 maxlen: 24
145.223.65.0/24 maxlen: 24
146.103.60.0/24 maxlen: 24
146.103.62.0/23 maxlen: 24
148.135.180.0/24 maxlen: 24
148.135.186.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 07 May 2025 23:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
41:7f:6c:06:b6:54:db:1e:09:9b:b2:c3:00:93:67:77:19:ac:3f:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Apr 28 06:57:46 2025 GMT
Not After : Apr 27 07:02:46 2026 GMT
Subject: CN=78619D84DF886892CC3346672DFEAB9AA1855D36
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:41:16:cb:7a:14:bb:8d:2e:b1:b3:39:aa:e8:
35:51:b6:77:4a:e9:4a:32:e6:be:94:82:e8:fd:e1:
19:fd:97:fe:85:9d:47:82:aa:7d:e6:86:fb:28:9f:
7c:d2:5d:42:18:dd:43:4a:a3:1e:31:63:66:27:28:
be:f7:4d:de:9d:b5:26:32:7d:7c:ba:d8:44:df:7f:
cb:7f:19:13:ae:b8:fd:45:63:4e:02:18:73:53:01:
0b:41:09:3e:48:d5:4b:ec:f1:c8:5f:97:63:cf:b9:
14:27:5c:09:5a:13:7b:c8:61:fd:2c:8c:68:13:b4:
7b:fb:5f:88:34:ba:fa:65:c7:1b:90:55:5a:26:38:
c8:f2:db:e1:24:1e:36:5c:65:f3:b5:18:5f:69:a4:
a2:94:68:2d:64:c5:e7:ca:9d:01:23:3e:58:21:a3:
c6:b3:04:83:17:f6:ec:8f:03:bc:2b:de:a8:67:2e:
7b:64:3c:92:2e:19:0d:81:58:c6:a6:1a:b8:da:8d:
7f:a7:f9:b5:3b:27:96:fc:55:31:d1:50:a8:ef:40:
79:52:b1:f2:9e:64:c7:16:28:6d:ab:5a:cd:22:59:
90:b0:5e:b3:b0:d2:f3:ea:de:20:ae:f6:1b:8b:c5:
00:b0:08:9c:1a:21:1c:c5:df:40:10:fb:07:e1:1d:
22:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:61:9D:84:DF:88:68:92:CC:33:46:67:2D:FE:AB:9A:A1:85:5D:36
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS14618.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
140.233.128.0/19
145.223.64.0/23
146.103.60.0/24
146.103.62.0/23
148.135.180.0/24
148.135.186.0/24
Signature Algorithm: sha256WithRSAEncryption
1c:9e:54:ad:a5:64:f4:02:94:1e:68:85:98:3b:13:cb:66:c0:
48:66:aa:21:2f:53:70:5d:09:00:fa:1f:31:d9:c7:12:3f:9c:
23:f3:6f:20:97:8d:db:3b:1e:bb:a4:ec:b5:60:46:d0:bb:eb:
d1:91:96:44:58:10:d4:74:d4:2c:e0:75:98:f1:a8:9c:e0:51:
11:a9:a2:4d:42:68:87:ac:b2:ea:d9:83:88:14:36:81:cc:1a:
30:04:b9:ca:d1:44:1e:e5:02:30:3b:50:3f:54:28:80:79:72:
cc:63:a7:e3:6e:f3:3c:56:05:67:2d:b1:d7:7c:8f:8d:09:e7:
7e:0a:1a:ef:4f:21:61:88:32:5f:15:fb:41:53:fd:86:77:64:
6e:af:71:f1:79:8d:b2:15:3d:57:05:88:d0:5e:18:9c:df:4d:
4f:ee:2e:6e:fc:a7:e5:17:7d:4f:be:1f:fb:f0:d3:e9:81:f7:
84:bb:a8:27:bb:af:4c:39:9c:83:d2:4a:de:7d:f2:ee:b1:cc:
28:36:d0:d7:d1:0c:8e:05:b6:17:8e:eb:2f:99:42:8e:70:8c:
be:9d:16:8c:ca:5c:26:5a:9f:17:5f:ea:18:e1:4d:84:4a:53:
13:54:2e:ff:0a:2b:56:d0:6e:4d:5a:71:86:48:30:1a:43:fe:
30:56:5d:22
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgIUQX9sBrZU2x4Jm7LDAJNndxmsP7AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTA0MjgwNjU3NDZaFw0yNjA0MjcwNzAyNDZaMDMxMTAvBgNV
BAMTKDc4NjE5RDg0REY4ODY4OTJDQzMzNDY2NzJERkVBQjlBQTE4NTVEMzYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDWQRbLehS7jS6xszmq6DVRtndK
6Uoy5r6Uguj94Rn9l/6FnUeCqn3mhvson3zSXUIY3UNKox4xY2YnKL73Td6dtSYy
fXy62ETff8t/GROuuP1FY04CGHNTAQtBCT5I1Uvs8chfl2PPuRQnXAlaE3vIYf0s
jGgTtHv7X4g0uvplxxuQVVomOMjy2+EkHjZcZfO1GF9ppKKUaC1kxefKnQEjPlgh
o8azBIMX9uyPA7wr3qhnLntkPJIuGQ2BWMamGrjajX+n+bU7J5b8VTHRUKjvQHlS
sfKeZMcWKG2rWs0iWZCwXrOw0vPq3iCu9huLxQCwCJwaIRzF30AQ+wfhHSKlAgMB
AAGjggInMIICIzAdBgNVHQ4EFgQUeGGdhN+IaJLMM0ZnLf6rmqGFXTYwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMTQ2MTgucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwPQYIKwYBBQUHAQcBAf8ELjAsMCoEAgABMCQDBAWM6YAD
BAGR30ADBACSZzwDBAGSZz4DBACUh7QDBACUh7owDQYJKoZIhvcNAQELBQADggEB
AByeVK2lZPQClB5ohZg7E8tmwEhmqiEvU3BdCQD6HzHZxxI/nCPzbyCXjds7Hruk
7LVgRtC769GRlkRYENR01CzgdZjxqJzgURGpok1CaIessurZg4gUNoHMGjAEucrR
RB7lAjA7UD9UKIB5csxjp+Nu8zxWBWctsdd8j40J534KGu9PIWGIMl8V+0FT/YZ3
ZG6vcfF5jbIVPVcFiNBeGJzfTU/uLm78p+UXfU++H/vw0+mB94S7qCe7r0w5nIPS
St598u6xzCg20NfRDI4FtheO6y+ZQo5wjL6dFozKXCZanxdf6hjhTYRKUxNULv8K
K1bQbk1acYZIMBpD/jBWXSI=
-----END CERTIFICATE-----
Generated at Wed May 7 05:00:41 2025 by rpki-client