Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS18811.roa
File: AS18811.roa (raw, json)
Hash identifier: ztaUYZvG5I82MwNcIAPHcj4zrrRNQ0gk8YRpFVRmssY=
Subject key identifier: 73:D1:6F:07:14:51:26:BA:D6:BF:A8:2A:98:C8:B6:F4:41:08:5F:3E
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 57829675878E4DE7B00A0308C31324504357CA1C
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS18811.roa
Signing time: Fri 20 Jun 2025 09:35:19 +0000
ROA not before: Fri 20 Jun 2025 09:30:19 +0000
ROA not after: Fri 19 Jun 2026 09:35:19 +0000
asID: 18811
IP address blocks: 96.62.71.0/24 maxlen: 24
96.62.73.0/24 maxlen: 24
96.62.74.0/24 maxlen: 24
96.62.100.0/24 maxlen: 24
155.117.12.0/22 maxlen: 24
155.117.20.0/22 maxlen: 24
162.141.55.0/24 maxlen: 24
162.141.91.0/24 maxlen: 24
162.141.153.0/24 maxlen: 24
162.141.166.0/24 maxlen: 24
167.148.0.0/24 maxlen: 24
167.148.6.0/24 maxlen: 24
167.148.28.0/24 maxlen: 24
167.148.43.0/24 maxlen: 24
167.148.68.0/24 maxlen: 24
167.148.96.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Jun 2025 00:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
57:82:96:75:87:8e:4d:e7:b0:0a:03:08:c3:13:24:50:43:57:ca:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Jun 20 09:30:19 2025 GMT
Not After : Jun 19 09:35:19 2026 GMT
Subject: CN=73D16F07145126BAD6BFA82A98C8B6F441085F3E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:df:ec:f9:3b:64:c9:5e:96:69:f0:c3:f3:c4:
84:ed:5a:2a:f3:a8:c7:40:b7:d1:4a:ff:97:30:dd:
6e:9e:e3:d6:29:ed:42:d4:d3:57:55:9a:b9:88:1b:
80:1f:2c:4f:db:88:38:97:31:74:33:0c:0a:d5:d5:
d2:9a:64:48:50:7e:b4:d1:92:0e:71:d7:17:07:58:
6b:0b:24:8d:25:3e:96:71:c8:ad:9d:7a:59:1f:12:
a0:d2:a1:49:06:7d:4c:10:5d:df:3b:f9:46:18:87:
a8:df:a0:28:20:f0:43:4e:48:5e:a6:54:72:8f:73:
e1:71:00:ff:c1:5e:4b:60:dc:55:8e:b7:48:45:7c:
88:0a:6d:79:cb:27:95:f6:a4:0b:23:ea:3c:a3:0a:
5f:2f:9e:b9:1b:a7:55:20:25:a4:01:ec:58:73:b1:
44:09:46:5e:fa:a5:b7:0c:cf:47:74:bf:3f:81:c1:
67:9d:0e:df:79:b7:5a:98:7b:9f:07:89:d7:9f:1a:
cb:27:12:78:a9:26:37:dd:b9:94:06:fd:9a:b0:95:
8e:c1:e0:88:f0:eb:21:23:a8:d9:34:8a:b0:2d:64:
89:77:3b:fa:f1:40:46:66:08:0b:f3:74:73:62:a6:
5a:f1:6b:ce:12:d0:4e:bb:5d:5a:c4:d0:4f:83:2d:
c2:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:D1:6F:07:14:51:26:BA:D6:BF:A8:2A:98:C8:B6:F4:41:08:5F:3E
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS18811.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
96.62.71.0/24
96.62.73.0-96.62.74.255
96.62.100.0/24
155.117.12.0/22
155.117.20.0/22
162.141.55.0/24
162.141.91.0/24
162.141.153.0/24
162.141.166.0/24
167.148.0.0/24
167.148.6.0/24
167.148.28.0/24
167.148.43.0/24
167.148.68.0/24
167.148.96.0/24
Signature Algorithm: sha256WithRSAEncryption
5a:1f:16:2f:d3:26:74:42:d2:5f:70:8b:23:52:6b:a4:82:f2:
11:2f:4c:0e:5e:53:1e:1e:78:be:90:1c:6e:b1:84:6a:be:42:
1b:d5:55:6a:5b:63:77:c4:5d:9b:76:56:00:cc:85:4a:22:2c:
62:a9:be:ce:6e:9b:f9:7b:7d:0f:57:55:3f:4f:bc:70:55:8f:
27:f2:65:50:fc:a3:53:ee:60:0d:8d:b1:dd:03:0d:38:69:81:
6f:5a:94:58:82:bf:b4:a3:5e:49:23:03:31:16:42:30:76:ad:
b3:4d:80:43:89:f2:9b:31:ca:38:25:34:9e:d7:0a:50:ed:a6:
34:15:64:6e:bc:1e:87:ef:4e:52:17:c7:3c:19:bf:bb:f5:ec:
49:5c:fc:aa:55:e5:da:ea:09:6b:fc:10:52:e8:02:e6:82:eb:
20:43:11:aa:e8:6a:3c:95:76:7c:51:4a:64:14:a6:42:3a:61:
34:49:37:38:a7:1c:34:56:8a:e4:cf:74:39:1b:55:83:05:57:
f8:51:b9:8c:d0:f3:09:fa:14:0b:94:50:ea:eb:f7:09:8f:07:
76:0b:8a:d3:a4:0d:69:c5:ed:ef:03:21:11:13:45:f4:d8:e8:
5c:17:00:79:4e:80:26:37:c1:07:b6:fb:fb:f5:1b:8f:76:7f:
9a:b0:da:d3
-----BEGIN CERTIFICATE-----
MIIFWzCCBEOgAwIBAgIUV4KWdYeOTeewCgMIwxMkUENXyhwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTA2MjAwOTMwMTlaFw0yNjA2MTkwOTM1MTlaMDMxMTAvBgNV
BAMTKDczRDE2RjA3MTQ1MTI2QkFENkJGQTgyQTk4QzhCNkY0NDEwODVGM0UwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDL3+z5O2TJXpZp8MPzxITtWirz
qMdAt9FK/5cw3W6e49Yp7ULU01dVmrmIG4AfLE/biDiXMXQzDArV1dKaZEhQfrTR
kg5x1xcHWGsLJI0lPpZxyK2delkfEqDSoUkGfUwQXd87+UYYh6jfoCgg8ENOSF6m
VHKPc+FxAP/BXktg3FWOt0hFfIgKbXnLJ5X2pAsj6jyjCl8vnrkbp1UgJaQB7Fhz
sUQJRl76pbcMz0d0vz+BwWedDt95t1qYe58HidefGssnEnipJjfduZQG/ZqwlY7B
4Ijw6yEjqNk0irAtZIl3O/rxQEZmCAvzdHNiplrxa84S0E67XVrE0E+DLcKJAgMB
AAGjggJlMIICYTAdBgNVHQ4EFgQUc9FvBxRRJrrWv6gqmMi29EEIXz4wHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMTg4MTEucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwewYIKwYBBQUHAQcBAf8EbDBqMGgEAgABMGIDBABgPkcw
DAMEAGA+SQMEAGA+SgMEAGA+ZAMEApt1DAMEApt1FAMEAKKNNwMEAKKNWwMEAKKN
mQMEAKKNpgMEAKeUAAMEAKeUBgMEAKeUHAMEAKeUKwMEAKeURAMEAKeUYDANBgkq
hkiG9w0BAQsFAAOCAQEAWh8WL9MmdELSX3CLI1JrpILyES9MDl5THh54vpAcbrGE
ar5CG9VValtjd8Rdm3ZWAMyFSiIsYqm+zm6b+Xt9D1dVP0+8cFWPJ/JlUPyjU+5g
DY2x3QMNOGmBb1qUWIK/tKNeSSMDMRZCMHats02AQ4nymzHKOCU0ntcKUO2mNBVk
brweh+9OUhfHPBm/u/XsSVz8qlXl2uoJa/wQUugC5oLrIEMRquhqPJV2fFFKZBSm
QjphNEk3OKccNFaK5M90ORtVgwVX+FG5jNDzCfoUC5RQ6uv3CY8HdguK06QNacXt
7wMhERNF9NjoXBcAeU6AJjfBB7b7+/Ubj3Z/mrDa0w==
-----END CERTIFICATE-----
Generated at Sun Jun 29 07:27:04 2025 by rpki-client