Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS14618.roa
File: AS14618.roa (raw, json)
Hash identifier: Djr4AtWjuy4smdAgOzTeDiKbIAEPs68Cs2DKBBPJKeY=
Subject key identifier: 11:89:E4:57:8E:73:51:49:67:E6:6C:80:4F:98:E0:92:67:51:F9:3F
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 27B21F20FA620445FE6DF055274FA691B75E8B8C
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS14618.roa
Signing time: Tue 12 May 2026 02:11:08 +0000
ROA not before: Tue 12 May 2026 02:06:08 +0000
ROA not after: Tue 11 May 2027 02:11:08 +0000
asID: 14618
IP address blocks: 96.62.208.0/22 maxlen: 22
140.150.156.0/24 maxlen: 24
140.233.128.0/19 maxlen: 24
143.14.227.0/24 maxlen: 24
145.223.64.0/24 maxlen: 24
145.223.65.0/24 maxlen: 24
146.103.60.0/24 maxlen: 24
146.103.62.0/23 maxlen: 24
147.79.25.0/24 maxlen: 24
147.79.26.0/24 maxlen: 24
148.135.180.0/24 maxlen: 24
148.135.186.0/24 maxlen: 24
155.117.0.0/24 maxlen: 24
155.117.60.0/24 maxlen: 24
155.117.185.0/24 maxlen: 24
155.117.187.0/24 maxlen: 24
155.117.203.0/24 maxlen: 24
162.141.159.0/24 maxlen: 24
162.141.180.0/24 maxlen: 24
168.222.121.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
27:b2:1f:20:fa:62:04:45:fe:6d:f0:55:27:4f:a6:91:b7:5e:8b:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: May 12 02:06:08 2026 GMT
Not After : May 11 02:11:08 2027 GMT
Subject: CN=1189E4578E73514967E66C804F98E0926751F93F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:7d:e2:d4:8c:3e:e8:43:55:47:2c:9c:cd:ff:
85:b6:82:75:8d:c9:08:fc:9a:74:41:c0:24:74:6b:
59:c7:6b:11:c5:b9:1f:a8:2d:e0:e9:2c:06:72:45:
cb:56:bd:96:80:03:68:60:a8:94:0c:70:72:08:3a:
4f:65:f2:42:4b:07:b4:7a:1b:c8:5a:46:11:7a:26:
9d:0e:63:65:e8:24:fd:7e:4f:5d:85:10:65:0c:d0:
ca:a0:09:b6:ab:29:7e:6f:dc:08:ae:b3:1a:24:ef:
15:4c:95:90:3f:ef:67:dc:a1:6a:73:47:60:fb:f0:
b4:f1:70:bb:74:52:06:1d:d2:79:eb:28:e7:d1:66:
4f:1a:8d:44:af:8f:bf:a9:23:25:96:66:99:21:d0:
43:c7:b1:31:0c:40:79:f3:e4:91:1f:70:4c:16:64:
82:69:ee:7e:61:a2:ef:75:53:12:df:05:50:e2:eb:
e3:78:af:cc:34:8e:d7:e2:1c:61:7f:95:ad:e3:ec:
99:d0:4b:76:a4:53:b0:5c:4a:8a:97:cc:3a:f9:a6:
2e:7b:62:c5:e1:ce:40:61:2b:d8:ae:2a:54:bd:ce:
35:30:80:d2:e6:07:9c:69:06:5f:7c:cd:89:75:77:
5f:4d:85:d5:bd:8b:ab:c2:2a:e1:a9:2d:96:14:8f:
d9:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:89:E4:57:8E:73:51:49:67:E6:6C:80:4F:98:E0:92:67:51:F9:3F
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS14618.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
96.62.208.0/22
140.150.156.0/24
140.233.128.0/19
143.14.227.0/24
145.223.64.0/23
146.103.60.0/24
146.103.62.0/23
147.79.25.0-147.79.26.255
148.135.180.0/24
148.135.186.0/24
155.117.0.0/24
155.117.60.0/24
155.117.185.0/24
155.117.187.0/24
155.117.203.0/24
162.141.159.0/24
162.141.180.0/24
168.222.121.0/24
Signature Algorithm: sha256WithRSAEncryption
65:b8:49:61:89:3e:23:b2:8c:4c:e5:8f:da:ac:1a:00:d3:af:
6a:22:a5:91:c0:51:6c:a8:40:ad:c9:b3:7f:50:17:57:0c:fe:
91:95:2f:dd:ba:25:f5:59:b7:f8:dd:00:a3:fe:81:ca:65:89:
79:9e:09:af:c7:7e:66:18:58:05:c5:00:e0:ce:99:c5:3d:eb:
23:70:c8:a3:db:11:28:58:1c:ed:93:1f:70:37:d6:98:79:de:
3c:b1:c5:8d:d4:5b:3e:43:93:30:12:85:69:81:20:e3:c7:d3:
24:47:ff:69:74:6b:ec:5d:36:eb:4c:a1:7d:f4:82:83:2d:52:
cd:65:cb:25:cd:86:e3:f8:2b:48:46:0b:cc:51:d6:e6:0a:70:
89:6d:d4:7e:58:2d:78:72:39:c3:56:1e:2d:84:77:61:38:ee:
c5:a2:cc:f5:3d:6e:f7:5d:f7:66:2c:d2:54:e9:c1:ae:3a:75:
03:f3:62:d3:24:86:74:e7:60:56:7d:68:c3:c1:06:17:ba:a0:
94:8c:c1:ac:bb:84:2b:c0:34:c8:9a:56:a2:d2:85:53:30:c8:
f6:3a:ca:95:c4:22:31:30:9d:82:98:37:a8:ce:15:d6:c7:19:
4b:be:4b:43:f2:89:d9:7d:b5:ee:5c:99:fd:f6:03:7c:95:97:
1a:ab:ca:b8
-----BEGIN CERTIFICATE-----
MIIFbjCCBFagAwIBAgIUJ7IfIPpiBEX+bfBVJ0+mkbdei4wwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNjA1MTIwMjA2MDhaFw0yNzA1MTEwMjExMDhaMDMxMTAvBgNV
BAMTKDExODlFNDU3OEU3MzUxNDk2N0U2NkM4MDRGOThFMDkyNjc1MUY5M0YwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDDfeLUjD7oQ1VHLJzN/4W2gnWN
yQj8mnRBwCR0a1nHaxHFuR+oLeDpLAZyRctWvZaAA2hgqJQMcHIIOk9l8kJLB7R6
G8haRhF6Jp0OY2XoJP1+T12FEGUM0MqgCbarKX5v3Aiusxok7xVMlZA/72fcoWpz
R2D78LTxcLt0UgYd0nnrKOfRZk8ajUSvj7+pIyWWZpkh0EPHsTEMQHnz5JEfcEwW
ZIJp7n5hou91UxLfBVDi6+N4r8w0jtfiHGF/la3j7JnQS3akU7BcSoqXzDr5pi57
YsXhzkBhK9iuKlS9zjUwgNLmB5xpBl98zYl1d19NhdW9i6vCKuGpLZYUj9lFAgMB
AAGjggJ4MIICdDAdBgNVHQ4EFgQUEYnkV45zUUln5myAT5jgkmdR+T8wHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMTQ2MTgucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwgY0GCCsGAQUFBwEHAQH/BH4wfDB6BAIAATB0AwQCYD7Q
AwQAjJacAwQFjOmAAwQAjw7jAwQBkd9AAwQAkmc8AwQBkmc+MAwDBACTTxkDBACT
TxoDBACUh7QDBACUh7oDBACbdQADBACbdTwDBACbdbkDBACbdbsDBACbdcsDBACi
jZ8DBACijbQDBACo3nkwDQYJKoZIhvcNAQELBQADggEBAGW4SWGJPiOyjEzlj9qs
GgDTr2oipZHAUWyoQK3Js39QF1cM/pGVL926JfVZt/jdAKP+gcpliXmeCa/HfmYY
WAXFAODOmcU96yNwyKPbEShYHO2TH3A31ph53jyxxY3UWz5DkzAShWmBIOPH0yRH
/2l0a+xdNutMoX30goMtUs1lyyXNhuP4K0hGC8xR1uYKcIlt1H5YLXhyOcNWHi2E
d2E47sWizPU9bvdd92Ys0lTpwa46dQPzYtMkhnTnYFZ9aMPBBhe6oJSMway7hCvA
NMiaVqLShVMwyPY6ypXEIjEwnYKYN6jOFdbHGUu+S0Pyidl9te5cmf32A3yVlxqr
yrg=
-----END CERTIFICATE-----
Generated at Tue May 12 22:37:41 2026 by rpki-client