Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS18811.roa
File: AS18811.roa (raw, json)
Hash identifier: 6Hz1BaYL/PWDEuSW3FZSUchtmpoK1ZOnXLiPzLA60KM=
Subject key identifier: 72:19:92:38:86:D5:C8:C4:9E:0D:C0:AE:F5:47:73:9D:74:90:B3:CC
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 288CAC2FA308ABBB116AAE9090A41E39E60EB1BC
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS18811.roa
Signing time: Wed 20 Aug 2025 00:00:08 +0000
ROA not before: Tue 19 Aug 2025 23:55:08 +0000
ROA not after: Wed 19 Aug 2026 00:00:08 +0000
asID: 18811
IP address blocks: 96.62.71.0/24 maxlen: 24
96.62.73.0/24 maxlen: 24
96.62.74.0/24 maxlen: 24
96.62.100.0/24 maxlen: 24
162.141.55.0/24 maxlen: 24
162.141.153.0/24 maxlen: 24
167.148.0.0/24 maxlen: 24
167.148.6.0/24 maxlen: 24
167.148.28.0/24 maxlen: 24
167.148.43.0/24 maxlen: 24
167.148.96.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
28:8c:ac:2f:a3:08:ab:bb:11:6a:ae:90:90:a4:1e:39:e6:0e:b1:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Aug 19 23:55:08 2025 GMT
Not After : Aug 19 00:00:08 2026 GMT
Subject: CN=7219923886D5C8C49E0DC0AEF547739D7490B3CC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:f7:0d:4c:c2:83:1d:1b:84:76:ef:6f:c7:9c:
74:99:79:fe:d7:23:11:20:02:31:94:0e:c7:d8:65:
22:d8:1d:ca:47:58:fb:67:a4:ca:f9:c5:b7:30:2d:
ad:dc:62:76:06:e3:2f:f3:65:19:2f:f8:cb:a9:5d:
19:a9:b6:1a:e6:50:1f:9e:ac:d2:5d:7e:3f:f0:d2:
81:c8:50:6b:9f:64:51:3a:cc:0a:2d:a5:9c:8b:df:
47:c2:15:26:93:15:9f:7c:ea:36:3b:3f:2c:8d:46:
8b:8a:25:2e:17:56:fa:f7:63:a4:82:0d:9d:3c:00:
70:93:0d:5c:07:fe:0c:8a:07:c2:74:5a:6a:a0:56:
39:a8:60:af:22:be:b3:01:f6:bd:27:45:bf:41:99:
3a:7c:e9:27:98:eb:da:44:78:4e:ca:78:be:54:b4:
29:af:ef:1d:ba:ba:77:eb:0b:c3:b8:bd:c1:f4:eb:
e9:4f:6f:99:5b:fa:a5:5c:8f:b0:60:32:11:0d:99:
60:67:3f:28:ad:f3:ee:e8:3a:95:8f:07:68:12:ab:
1b:d6:cb:61:cc:85:ef:d3:d3:4a:c8:04:f0:4f:59:
a3:4a:c6:44:c2:74:33:1a:58:9f:34:d3:9e:eb:30:
7a:5b:1c:69:06:cf:6c:20:38:ab:67:00:57:03:f8:
e4:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:19:92:38:86:D5:C8:C4:9E:0D:C0:AE:F5:47:73:9D:74:90:B3:CC
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS18811.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
96.62.71.0/24
96.62.73.0-96.62.74.255
96.62.100.0/24
162.141.55.0/24
162.141.153.0/24
167.148.0.0/24
167.148.6.0/24
167.148.28.0/24
167.148.43.0/24
167.148.96.0/24
Signature Algorithm: sha256WithRSAEncryption
a9:c3:30:48:d7:25:c2:c6:de:c3:b9:eb:95:da:0f:6c:38:41:
cb:ca:0e:d8:cd:ba:1f:bd:e1:84:c8:40:9d:2d:1e:a6:ce:20:
26:bd:cc:b3:26:a0:b6:34:3f:39:ff:df:6e:2f:17:ca:6f:3b:
66:8c:9a:7a:0f:1b:20:31:1f:66:11:58:f1:36:a6:6e:71:3f:
41:d4:6d:8f:c9:37:63:63:27:75:64:9f:72:ae:e0:1d:b7:a9:
a0:4d:4d:9b:b2:ef:53:c3:eb:cc:35:7e:c4:e9:56:e9:46:4c:
ad:79:36:2b:4e:76:f6:59:ca:1d:d3:b2:ed:74:51:2a:60:a4:
f6:ea:6b:a0:6e:6d:0f:9a:f0:88:48:93:6c:40:7f:6e:55:90:
0d:75:37:8c:6c:38:cd:bb:71:1d:dc:14:9b:13:21:16:45:58:
55:4d:0c:55:7c:eb:29:65:88:ec:63:fe:28:a0:d2:63:87:a4:
b6:c0:06:a8:0e:06:e1:6f:e4:9d:3f:1c:aa:a0:ad:54:4e:3e:
48:bc:c4:5e:ac:3d:25:14:c3:d3:c2:a4:c7:b7:37:b2:0a:74:
20:67:b7:49:6d:ed:35:0c:b0:eb:be:17:a0:d6:e1:8d:61:7f:
91:61:e4:ee:d1:a1:fb:00:2f:94:09:fa:c1:a0:9d:13:36:fc:
dc:86:24:ca
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgIUKIysL6MIq7sRaq6QkKQeOeYOsbwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTA4MTkyMzU1MDhaFw0yNjA4MTkwMDAwMDhaMDMxMTAvBgNV
BAMTKDcyMTk5MjM4ODZENUM4QzQ5RTBEQzBBRUY1NDc3MzlENzQ5MEIzQ0MwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCo9w1MwoMdG4R272/HnHSZef7X
IxEgAjGUDsfYZSLYHcpHWPtnpMr5xbcwLa3cYnYG4y/zZRkv+MupXRmpthrmUB+e
rNJdfj/w0oHIUGufZFE6zAotpZyL30fCFSaTFZ986jY7PyyNRouKJS4XVvr3Y6SC
DZ08AHCTDVwH/gyKB8J0WmqgVjmoYK8ivrMB9r0nRb9BmTp86SeY69pEeE7KeL5U
tCmv7x26unfrC8O4vcH06+lPb5lb+qVcj7BgMhENmWBnPyit8+7oOpWPB2gSqxvW
y2HMhe/T00rIBPBPWaNKxkTCdDMaWJ80057rMHpbHGkGz2wgOKtnAFcD+OQ/AgMB
AAGjggJHMIICQzAdBgNVHQ4EFgQUchmSOIbVyMSeDcCu9UdznXSQs8wwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMTg4MTEucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwXQYIKwYBBQUHAQcBAf8ETjBMMEoEAgABMEQDBABgPkcw
DAMEAGA+SQMEAGA+SgMEAGA+ZAMEAKKNNwMEAKKNmQMEAKeUAAMEAKeUBgMEAKeU
HAMEAKeUKwMEAKeUYDANBgkqhkiG9w0BAQsFAAOCAQEAqcMwSNclwsbew7nrldoP
bDhBy8oO2M26H73hhMhAnS0eps4gJr3MsyagtjQ/Of/fbi8Xym87Zoyaeg8bIDEf
ZhFY8TambnE/QdRtj8k3Y2MndWSfcq7gHbepoE1Nm7LvU8PrzDV+xOlW6UZMrXk2
K0529lnKHdOy7XRRKmCk9uproG5tD5rwiEiTbEB/blWQDXU3jGw4zbtxHdwUmxMh
FkVYVU0MVXzrKWWI7GP+KKDSY4ektsAGqA4G4W/knT8cqqCtVE4+SLzEXqw9JRTD
08Kkx7c3sgp0IGe3SW3tNQyw674XoNbhjWF/kWHk7tGh+wAvlAn6waCdEzb83IYk
yg==
-----END CERTIFICATE-----
Generated at Sat Aug 23 12:53:39 2025 by rpki-client