Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS14618.roa
File: AS14618.roa (raw, json)
Hash identifier: yq7S37jziTjublfpT7OXWeGP3liwm9CQCdF0oB6W298=
Subject key identifier: DD:36:BF:01:96:AA:B8:48:A9:4E:C9:1D:12:FE:DE:94:24:D1:4E:FD
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 6E7333B3C95ECD51220ED3595595919BF1EA1D8A
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS14618.roa
Signing time: Sun 15 Jun 2025 00:00:22 +0000
ROA not before: Sat 14 Jun 2025 23:55:22 +0000
ROA not after: Sun 14 Jun 2026 00:00:22 +0000
asID: 14618
IP address blocks: 181.214.110.0/24 maxlen: 24
181.214.236.0/23 maxlen: 24
181.215.206.0/23 maxlen: 24
185.135.159.0/24 maxlen: 24
185.137.12.0/24 maxlen: 24
185.137.13.0/24 maxlen: 24
185.141.166.0/24 maxlen: 24
191.96.204.0/24 maxlen: 24
191.101.111.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 01:56:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6e:73:33:b3:c9:5e:cd:51:22:0e:d3:59:55:95:91:9b:f1:ea:1d:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Jun 14 23:55:22 2025 GMT
Not After : Jun 14 00:00:22 2026 GMT
Subject: CN=DD36BF0196AAB848A94EC91D12FEDE9424D14EFD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:8a:53:7f:88:93:41:d6:48:96:14:fc:08:8f:
0f:5a:e5:82:b1:bc:01:8b:a7:24:04:ad:ce:15:e3:
b5:ec:91:4a:a5:d4:bd:40:7a:cc:f3:c7:b3:5d:c9:
46:b0:34:1c:e4:4f:09:3f:6d:b9:03:b1:24:df:0d:
a1:f7:cd:34:8b:61:e3:32:76:12:1e:e1:f4:94:c5:
a1:63:20:a1:83:53:2a:6a:ca:7b:08:4f:87:ea:84:
5b:43:00:cf:8d:7c:51:76:18:36:8e:81:15:89:b4:
f2:55:30:15:a5:f4:ae:ce:1c:6d:cc:da:17:15:98:
9b:b7:9c:38:74:99:af:37:5a:06:c7:84:34:66:eb:
68:3b:f0:71:45:ea:c5:21:57:9a:2c:43:da:9c:08:
ac:50:fb:91:82:fd:ee:cb:45:26:0d:b3:49:9f:77:
c5:28:bf:ae:c9:6d:39:3d:93:42:3e:ae:67:db:6c:
5e:82:b9:49:72:23:a6:23:e1:cb:a6:a1:e5:30:28:
db:80:44:29:2c:4b:3c:b8:30:ee:60:7e:0b:8b:9a:
19:d9:a6:98:94:89:5d:99:55:a7:08:77:1d:8a:76:
cf:25:b6:35:d8:34:f2:87:d4:29:a1:2b:03:c2:57:
b4:a8:a2:f1:b4:b7:38:f8:9d:16:28:42:f1:c9:9b:
c3:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:36:BF:01:96:AA:B8:48:A9:4E:C9:1D:12:FE:DE:94:24:D1:4E:FD
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS14618.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
181.214.110.0/24
181.214.236.0/23
181.215.206.0/23
185.135.159.0/24
185.137.12.0/23
185.141.166.0/24
191.96.204.0/24
191.101.111.0/24
Signature Algorithm: sha256WithRSAEncryption
97:81:93:d7:00:6c:cb:50:8e:aa:60:49:79:1d:42:79:78:ee:
f1:db:e5:f4:ca:2a:37:61:7a:13:76:9f:d8:72:ab:b8:11:17:
9d:b2:ba:84:01:bb:6c:26:87:64:cc:fe:01:51:4d:08:52:35:
1b:a2:e4:3d:e5:60:1a:f3:ba:e6:68:07:79:b1:96:aa:22:ca:
da:58:c3:fe:12:30:54:1b:ca:53:46:9c:62:0e:fd:d7:a4:c7:
67:8b:b2:6c:ae:aa:f9:08:87:68:d8:40:c0:ad:9d:d2:59:53:
7b:11:8c:50:59:64:e1:f1:12:47:77:1c:54:19:6f:ac:a7:9d:
4a:4b:4a:d2:7b:93:17:03:c6:90:52:36:0e:07:7d:52:3b:0b:
69:ad:fc:9f:6a:5a:04:4d:29:11:03:f7:16:bf:be:e4:65:6d:
48:70:eb:5d:e7:86:e0:ed:fa:b1:3f:de:62:1c:cb:12:a9:1a:
50:13:46:b8:a4:b4:cb:7a:87:0e:86:3e:68:ca:6a:97:ee:7c:
02:33:53:d0:be:6c:4e:1c:4f:ed:70:b3:98:ae:23:ab:78:da:
ad:1f:58:6d:8e:a0:d8:29:26:06:4a:f1:48:c3:f2:ef:f1:63:
fb:ae:87:4f:51:8e:7e:38:fb:89:71:19:e7:f3:b6:0e:ad:33:
24:45:d6:72
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgIUbnMzs8lezVEiDtNZVZWRm/HqHYowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNTA2MTQyMzU1MjJaFw0yNjA2MTQwMDAwMjJaMDMxMTAvBgNV
BAMTKEREMzZCRjAxOTZBQUI4NDhBOTRFQzkxRDEyRkVERTk0MjREMTRFRkQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDLilN/iJNB1kiWFPwIjw9a5YKx
vAGLpyQErc4V47XskUql1L1Aeszzx7NdyUawNBzkTwk/bbkDsSTfDaH3zTSLYeMy
dhIe4fSUxaFjIKGDUypqynsIT4fqhFtDAM+NfFF2GDaOgRWJtPJVMBWl9K7OHG3M
2hcVmJu3nDh0ma83WgbHhDRm62g78HFF6sUhV5osQ9qcCKxQ+5GC/e7LRSYNs0mf
d8Uov67JbTk9k0I+rmfbbF6CuUlyI6Yj4cumoeUwKNuARCksSzy4MO5gfguLmhnZ
ppiUiV2ZVacIdx2Kds8ltjXYNPKH1CmhKwPCV7SoovG0tzj4nRYoQvHJm8MRAgMB
AAGjggIzMIICLzAdBgNVHQ4EFgQU3Ta/AZaquEipTskdEv7elCTRTv0wHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMTQ2MTgucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwSQYIKwYBBQUHAQcBAf8EOjA4MDYEAgABMDADBAC11m4D
BAG11uwDBAG1184DBAC5h58DBAG5iQwDBAC5jaYDBAC/YMwDBAC/ZW8wDQYJKoZI
hvcNAQELBQADggEBAJeBk9cAbMtQjqpgSXkdQnl47vHb5fTKKjdhehN2n9hyq7gR
F52yuoQBu2wmh2TM/gFRTQhSNRui5D3lYBrzuuZoB3mxlqoiytpYw/4SMFQbylNG
nGIO/dekx2eLsmyuqvkIh2jYQMCtndJZU3sRjFBZZOHxEkd3HFQZb6ynnUpLStJ7
kxcDxpBSNg4HfVI7C2mt/J9qWgRNKRED9xa/vuRlbUhw613nhuDt+rE/3mIcyxKp
GlATRriktMt6hw6GPmjKapfufAIzU9C+bE4cT+1ws5iuI6t42q0fWG2OoNgpJgZK
8UjD8u/xY/uuh09Rjn44+4lxGefztg6tMyRF1nI=
-----END CERTIFICATE-----
Generated at Sat Jun 28 14:06:51 2025 by rpki-client