Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS18811.roa
File: AS18811.roa (raw, json)
Hash identifier: cZ/wIxT4Y5IooxSzrpPrdhK25XZK0WzLmhb9mu9EKMs=
Subject key identifier: E9:40:E4:62:32:26:A2:E0:CA:F2:F9:22:B0:9B:55:39:07:BA:97:FE
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 4989AE8101BBF9EA7C88882E1198C4F3348621FF
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS18811.roa
Signing time: Tue 06 May 2025 12:00:59 +0000
ROA not before: Tue 06 May 2025 11:55:59 +0000
ROA not after: Tue 05 May 2026 12:00:59 +0000
asID: 18811
IP address blocks: 143.14.36.0/22 maxlen: 24
143.14.124.0/22 maxlen: 24
143.14.140.0/22 maxlen: 24
143.14.156.0/22 maxlen: 24
143.14.216.0/22 maxlen: 24
143.14.224.0/22 maxlen: 24
143.14.230.0/24 maxlen: 24
143.14.231.0/24 maxlen: 24
143.14.244.0/24 maxlen: 24
143.14.246.0/24 maxlen: 24
143.14.248.0/22 maxlen: 24
155.117.9.0/24 maxlen: 24
155.117.12.0/22 maxlen: 24
155.117.17.0/24 maxlen: 24
155.117.20.0/22 maxlen: 24
155.117.217.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 08 May 2025 13:31:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
49:89:ae:81:01:bb:f9:ea:7c:88:88:2e:11:98:c4:f3:34:86:21:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: May 6 11:55:59 2025 GMT
Not After : May 5 12:00:59 2026 GMT
Subject: CN=E940E4623226A2E0CAF2F922B09B553907BA97FE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:27:d5:84:23:cd:fb:f9:c1:f7:0b:35:20:03:
bb:8d:5b:bc:be:11:ef:19:b4:58:f2:b9:4e:ca:e3:
5d:a6:fa:8a:c3:03:6b:79:7e:87:5a:25:50:5f:ad:
5a:a4:d2:44:37:22:7c:e1:bc:23:66:f0:d5:f7:62:
dc:b5:90:7d:cf:8f:db:3f:63:0a:83:4e:58:9e:e9:
e3:7f:d9:ff:01:eb:08:96:7d:f6:9f:28:24:16:c4:
98:de:32:2c:de:fb:e3:ac:56:4c:01:2c:8a:5a:75:
e7:29:01:3c:6d:e0:9c:28:bd:50:53:7b:2d:64:2d:
0a:00:33:56:ef:19:25:61:c3:01:5a:cd:d0:4c:1d:
22:d0:8d:cf:46:1f:54:23:bb:80:fd:60:de:84:37:
31:86:23:f7:4d:94:62:86:81:63:e7:0e:1b:2c:09:
1a:e9:4e:e3:bd:0d:dd:48:ce:ea:3f:87:4a:bf:9d:
54:4e:ad:22:0e:d6:e4:88:14:54:7f:8e:5f:08:3a:
89:60:d7:c4:67:ca:9f:8d:e2:5a:ad:3b:a4:60:65:
c5:3d:42:e6:8f:30:c3:95:64:82:2f:f4:9d:6f:4b:
b6:ff:97:89:b6:ca:0c:18:15:be:7c:97:d5:23:ad:
dd:83:55:aa:e5:86:1f:c9:c4:7a:be:0b:7c:28:38:
6e:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:40:E4:62:32:26:A2:E0:CA:F2:F9:22:B0:9B:55:39:07:BA:97:FE
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS18811.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.14.36.0/22
143.14.124.0/22
143.14.140.0/22
143.14.156.0/22
143.14.216.0/22
143.14.224.0/22
143.14.230.0/23
143.14.244.0/24
143.14.246.0/24
143.14.248.0/22
155.117.9.0/24
155.117.12.0/22
155.117.17.0/24
155.117.20.0/22
155.117.217.0/24
Signature Algorithm: sha256WithRSAEncryption
a1:3f:73:f7:a4:ba:d3:94:1d:0d:b1:8c:8a:9c:3a:09:57:d0:
e0:69:e8:25:ab:54:c9:39:39:3e:1f:06:25:be:79:aa:6e:da:
28:e9:c0:7e:ff:5a:be:dc:a7:ff:c5:98:a3:b0:e9:36:18:c2:
b0:7b:60:2f:2b:10:37:0d:20:7b:b8:d2:5d:a8:a5:ec:c0:11:
cd:f6:bd:f1:43:f4:ea:d9:fc:aa:67:1c:ad:65:26:80:e4:eb:
5f:7b:35:97:89:bb:42:78:bb:87:80:ef:a0:05:49:78:a0:cb:
fd:79:2e:24:a1:58:ec:55:15:de:e0:8e:4e:9d:ed:cc:a3:7f:
8c:4c:54:24:b6:ae:54:96:56:24:ac:86:0e:c8:77:4f:4f:b3:
ab:53:22:5c:13:aa:cb:66:e5:55:5b:ac:3a:34:2a:0b:9f:09:
1e:bd:d5:d5:fe:d5:b2:3a:8c:1c:86:82:fa:39:de:7b:f3:e0:
30:d9:54:f4:3b:41:e3:af:0e:45:93:3d:c5:89:fe:7b:85:03:
e5:11:21:5d:90:86:fd:b7:27:bb:90:c3:6b:36:31:3e:76:9a:
9a:2b:b9:ca:1e:b4:76:4a:bd:32:45:13:38:dc:91:b0:ba:bb:
42:da:fe:bf:ab:31:a4:e0:51:e9:b4:b7:83:36:66:0f:64:98:
d6:70:58:cc
-----BEGIN CERTIFICATE-----
MIIFUzCCBDugAwIBAgIUSYmugQG7+ep8iIguEZjE8zSGIf8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTA1MDYxMTU1NTlaFw0yNjA1MDUxMjAwNTlaMDMxMTAvBgNV
BAMTKEU5NDBFNDYyMzIyNkEyRTBDQUYyRjkyMkIwOUI1NTM5MDdCQTk3RkUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCqJ9WEI837+cH3CzUgA7uNW7y+
Ee8ZtFjyuU7K412m+orDA2t5fodaJVBfrVqk0kQ3InzhvCNm8NX3Yty1kH3Pj9s/
YwqDTlie6eN/2f8B6wiWffafKCQWxJjeMize++OsVkwBLIpadecpATxt4JwovVBT
ey1kLQoAM1bvGSVhwwFazdBMHSLQjc9GH1Qju4D9YN6ENzGGI/dNlGKGgWPnDhss
CRrpTuO9Dd1Izuo/h0q/nVROrSIO1uSIFFR/jl8IOolg18Rnyp+N4lqtO6RgZcU9
QuaPMMOVZIIv9J1vS7b/l4m2ygwYFb58l9Ujrd2DVarlhh/JxHq+C3woOG53AgMB
AAGjggJdMIICWTAdBgNVHQ4EFgQU6UDkYjImouDK8vkisJtVOQe6l/4wHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMTg4MTEucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwcwYIKwYBBQUHAQcBAf8EZDBiMGAEAgABMFoDBAKPDiQD
BAKPDnwDBAKPDowDBAKPDpwDBAKPDtgDBAKPDuADBAGPDuYDBACPDvQDBACPDvYD
BAKPDvgDBACbdQkDBAKbdQwDBACbdREDBAKbdRQDBACbddkwDQYJKoZIhvcNAQEL
BQADggEBAKE/c/ekutOUHQ2xjIqcOglX0OBp6CWrVMk5OT4fBiW+eapu2ijpwH7/
Wr7cp//FmKOw6TYYwrB7YC8rEDcNIHu40l2opezAEc32vfFD9OrZ/KpnHK1lJoDk
6197NZeJu0J4u4eA76AFSXigy/15LiShWOxVFd7gjk6d7cyjf4xMVCS2rlSWViSs
hg7Id09Ps6tTIlwTqstm5VVbrDo0KgufCR691dX+1bI6jByGgvo53nvz4DDZVPQ7
QeOvDkWTPcWJ/nuFA+URIV2Qhv23J7uQw2s2MT52mporucoetHZKvTJFEzjckbC6
u0La/r+rMaTgUem0t4M2Zg9kmNZwWMw=
-----END CERTIFICATE-----
Generated at Wed May 7 17:55:19 2025 by rpki-client