Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS14618.roa
File: AS14618.roa (raw, json)
Hash identifier: KeIIQujUNPLKR82L7xQ+ZguglVOoOSGDYaA7YDgH+zY=
Subject key identifier: BE:8D:68:6D:51:A9:46:18:02:29:08:6A:9E:C1:A6:F3:80:8B:B6:55
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 117861642A33C4220B83055C870C363EFA1B52FA
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS14618.roa
Signing time: Mon 05 May 2025 09:44:13 +0000
ROA not before: Mon 05 May 2025 09:39:13 +0000
ROA not after: Mon 04 May 2026 09:44:13 +0000
asID: 14618
IP address blocks: 181.214.110.0/24 maxlen: 24
181.214.236.0/23 maxlen: 24
181.215.206.0/23 maxlen: 24
185.135.159.0/24 maxlen: 24
185.137.12.0/24 maxlen: 24
185.137.13.0/24 maxlen: 24
185.141.166.0/24 maxlen: 24
185.151.58.0/24 maxlen: 24
191.96.204.0/24 maxlen: 24
191.101.111.0/24 maxlen: 24
191.101.223.0/24 maxlen: 24
213.109.169.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 06 May 2025 10:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
11:78:61:64:2a:33:c4:22:0b:83:05:5c:87:0c:36:3e:fa:1b:52:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: May 5 09:39:13 2025 GMT
Not After : May 4 09:44:13 2026 GMT
Subject: CN=BE8D686D51A946180229086A9EC1A6F3808BB655
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:db:f1:55:ef:fc:e5:40:61:a0:d1:db:95:78:
ca:0d:b6:b7:b0:4d:b7:51:0a:17:b4:30:bd:e7:4a:
2b:6e:d2:5b:f8:42:18:a7:1f:2e:ca:b1:9d:47:87:
f9:09:a3:7d:70:31:4b:b7:ce:93:3e:89:86:07:4e:
8f:63:07:8d:1d:88:ca:31:d8:6a:35:44:50:37:90:
95:5c:f7:a1:d3:fd:a8:fe:9c:ba:ec:68:38:07:e1:
f1:cf:94:80:45:5e:aa:e7:b3:e3:81:f0:db:44:cf:
c9:75:6a:5d:96:c1:81:61:db:3e:dd:b3:96:72:1a:
ee:43:7a:5d:3f:6e:96:ba:36:08:00:a4:85:67:17:
61:48:2b:b8:b7:95:94:be:ff:96:4d:a4:e6:29:47:
65:0c:87:cf:39:3c:f5:1e:e4:5a:96:77:f9:50:f6:
2e:f8:38:fe:35:41:fe:39:16:f6:69:0c:3d:f9:4d:
84:47:05:26:0a:4b:bd:71:c9:2f:88:1a:8e:10:ca:
56:c7:fc:76:f8:16:12:fc:e8:cd:f8:99:47:78:7c:
c8:aa:a4:f2:20:7a:96:de:15:33:11:65:f3:45:17:
3f:8a:de:8d:c0:e4:89:66:4e:8f:ec:2b:ca:74:18:
97:ed:ec:4f:bd:b3:f6:81:1d:10:d5:3e:48:f3:d3:
4e:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:8D:68:6D:51:A9:46:18:02:29:08:6A:9E:C1:A6:F3:80:8B:B6:55
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS14618.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
181.214.110.0/24
181.214.236.0/23
181.215.206.0/23
185.135.159.0/24
185.137.12.0/23
185.141.166.0/24
185.151.58.0/24
191.96.204.0/24
191.101.111.0/24
191.101.223.0/24
213.109.169.0/24
Signature Algorithm: sha256WithRSAEncryption
61:0d:ed:a9:31:18:b8:3a:97:7d:27:51:02:dc:f6:8a:3c:3f:
ec:b8:14:68:2f:55:71:f9:a9:8e:1a:61:b9:47:ff:de:70:39:
0f:10:4c:1e:bb:fb:8d:c8:92:d4:e8:53:44:42:a0:a6:13:71:
d0:62:a5:1d:3d:fd:e3:e1:ee:f7:ff:d6:eb:f1:a7:13:9b:5d:
f2:2b:4d:5f:b9:d2:93:48:8f:69:c7:3c:98:24:c6:44:80:2f:
50:9f:f2:cb:4c:11:da:bd:19:c7:95:fd:db:39:7f:48:d5:a2:
90:b6:d3:e2:4d:65:39:da:3e:9c:49:d4:3b:53:c8:77:12:7a:
e5:a7:c2:80:9d:3d:45:27:f0:5f:47:7c:32:d5:1f:30:5d:fe:
c4:17:ea:60:a4:38:70:b8:cc:53:70:3d:42:6d:f4:f5:a1:f1:
ab:0d:b2:58:7a:15:0f:79:12:92:0b:2e:85:00:c8:95:e2:93:
b3:a7:7a:93:8d:6a:e5:89:e2:07:77:6b:27:54:35:02:23:54:
cc:25:61:89:97:a3:86:93:07:63:65:cb:11:09:b4:a5:0a:16:
c2:73:52:67:69:dc:f9:4b:dd:98:06:6b:9c:54:ba:34:a9:f4:
2a:11:13:31:6c:d5:6f:da:0e:84:db:d7:4e:20:ec:73:96:43:
6d:9f:ef:76
-----BEGIN CERTIFICATE-----
MIIFOzCCBCOgAwIBAgIUEXhhZCozxCILgwVchww2PvobUvowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNTA1MDUwOTM5MTNaFw0yNjA1MDQwOTQ0MTNaMDMxMTAvBgNV
BAMTKEJFOEQ2ODZENTFBOTQ2MTgwMjI5MDg2QTlFQzFBNkYzODA4QkI2NTUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDa2/FV7/zlQGGg0duVeMoNtrew
TbdRChe0ML3nSitu0lv4QhinHy7KsZ1Hh/kJo31wMUu3zpM+iYYHTo9jB40diMox
2Go1RFA3kJVc96HT/aj+nLrsaDgH4fHPlIBFXqrns+OB8NtEz8l1al2WwYFh2z7d
s5ZyGu5Del0/bpa6NggApIVnF2FIK7i3lZS+/5ZNpOYpR2UMh885PPUe5FqWd/lQ
9i74OP41Qf45FvZpDD35TYRHBSYKS71xyS+IGo4QylbH/Hb4FhL86M34mUd4fMiq
pPIgepbeFTMRZfNFFz+K3o3A5IlmTo/sK8p0GJft7E+9s/aBHRDVPkjz005hAgMB
AAGjggJFMIICQTAdBgNVHQ4EFgQUvo1obVGpRhgCKQhqnsGm84CLtlUwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMTQ2MTgucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwWwYIKwYBBQUHAQcBAf8ETDBKMEgEAgABMEIDBAC11m4D
BAG11uwDBAG1184DBAC5h58DBAG5iQwDBAC5jaYDBAC5lzoDBAC/YMwDBAC/ZW8D
BAC/Zd8DBADVbakwDQYJKoZIhvcNAQELBQADggEBAGEN7akxGLg6l30nUQLc9oo8
P+y4FGgvVXH5qY4aYblH/95wOQ8QTB67+43IktToU0RCoKYTcdBipR09/ePh7vf/
1uvxpxObXfIrTV+50pNIj2nHPJgkxkSAL1Cf8stMEdq9GceV/ds5f0jVopC20+JN
ZTnaPpxJ1DtTyHcSeuWnwoCdPUUn8F9HfDLVHzBd/sQX6mCkOHC4zFNwPUJt9PWh
8asNslh6FQ95EpILLoUAyJXik7OnepONauWJ4gd3aydUNQIjVMwlYYmXo4aTB2Nl
yxEJtKUKFsJzUmdp3PlL3ZgGa5xUujSp9CoREzFs1W/aDoTb104g7HOWQ22f73Y=
-----END CERTIFICATE-----
Generated at Mon May 5 13:55:29 2025 by rpki-client