Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS14618.roa
File: AS14618.roa (raw, json)
Hash identifier: wTPL4eNQQL6aD+H7ac3nHDTFXcCr+U+zTFyG1FIDJJQ=
Subject key identifier: 55:6F:A8:47:D6:AB:0A:84:7D:BC:55:9A:B7:4D:97:C8:27:80:F5:8A
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 7FC09F2041C917834B842B69DA5B275FEA736A14
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS14618.roa
Signing time: Wed 13 Aug 2025 15:46:46 +0000
ROA not before: Wed 13 Aug 2025 15:41:46 +0000
ROA not after: Wed 12 Aug 2026 15:46:46 +0000
asID: 14618
IP address blocks: 181.214.94.0/24 maxlen: 24
181.214.110.0/24 maxlen: 24
181.215.206.0/23 maxlen: 24
185.135.159.0/24 maxlen: 24
185.137.12.0/24 maxlen: 24
185.137.13.0/24 maxlen: 24
185.141.166.0/24 maxlen: 24
191.96.204.0/24 maxlen: 24
191.101.111.0/24 maxlen: 24
191.101.223.0/24 maxlen: 24
213.109.169.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7f:c0:9f:20:41:c9:17:83:4b:84:2b:69:da:5b:27:5f:ea:73:6a:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Aug 13 15:41:46 2025 GMT
Not After : Aug 12 15:46:46 2026 GMT
Subject: CN=556FA847D6AB0A847DBC559AB74D97C82780F58A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:74:7f:5a:21:89:28:81:fc:b4:b1:c2:52:e5:
bb:ed:7b:c3:d3:8a:b5:0d:30:56:11:26:76:f7:1b:
b8:de:36:90:87:b6:f5:50:7a:c2:00:d9:63:e3:cc:
55:2e:46:d2:11:b7:b3:21:08:e5:44:7f:07:7c:ef:
a0:d8:ae:63:9b:18:6d:af:d3:7f:6c:75:71:22:ca:
bf:22:50:a8:e1:81:21:52:9a:97:3b:13:a5:7b:22:
25:14:23:87:89:ac:d5:c9:5e:42:14:7c:ba:17:ff:
4d:f1:8b:74:3e:79:8b:bb:b3:61:13:3f:7b:74:e9:
a4:a5:19:44:63:43:dc:bc:61:3c:2b:e4:84:7f:c1:
34:92:b9:76:e8:dc:02:a2:79:ba:5c:6f:67:22:78:
81:5e:c9:32:fd:c2:71:9c:6d:fc:59:2a:1c:9f:5f:
e7:ee:28:d7:fd:36:f7:4c:ca:f9:9e:a6:d3:24:0a:
1c:3a:4c:e7:a9:b6:0b:65:6c:5c:42:e5:35:60:c5:
66:78:08:d2:8c:70:50:8f:bc:5f:c6:d7:fd:af:b7:
05:a2:11:29:7b:a8:c3:55:81:56:62:73:ba:1b:aa:
48:06:d3:03:00:47:88:bd:6e:9a:04:0d:8c:6a:87:
f8:49:c2:ad:2b:07:1f:9d:c6:22:8e:2e:11:bd:68:
48:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:6F:A8:47:D6:AB:0A:84:7D:BC:55:9A:B7:4D:97:C8:27:80:F5:8A
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS14618.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
181.214.94.0/24
181.214.110.0/24
181.215.206.0/23
185.135.159.0/24
185.137.12.0/23
185.141.166.0/24
191.96.204.0/24
191.101.111.0/24
191.101.223.0/24
213.109.169.0/24
Signature Algorithm: sha256WithRSAEncryption
75:74:2f:8c:17:5b:34:07:36:e8:d2:a2:53:5c:d6:73:c5:a2:
a4:88:20:b4:33:11:06:48:df:a0:de:01:42:ca:2c:77:5a:d4:
2e:21:47:1c:3f:61:5a:40:0a:41:ba:c9:62:37:b2:be:db:3e:
06:06:79:67:54:b1:d4:72:42:e3:aa:29:da:a9:d1:fc:c5:a1:
75:1b:25:32:7c:47:f6:85:92:0f:57:9d:46:3a:93:17:13:88:
82:8f:58:8b:2c:2b:82:f4:1a:70:17:fa:56:f7:b7:be:5a:ce:
82:2d:75:9e:63:6e:1f:01:6d:ac:46:67:60:6e:80:45:0e:af:
6f:ea:6e:38:70:fb:01:6f:c0:af:7a:5a:b8:b5:7a:22:fd:db:
55:d6:9a:4c:25:a2:cc:4f:2c:d4:af:0e:23:82:b1:06:21:65:
f4:87:4c:d2:c5:6f:19:3a:d1:1a:20:49:41:97:8f:c2:64:41:
70:22:77:ec:55:a0:4c:05:cd:b9:bb:1b:c0:88:dd:dc:06:40:
42:32:bf:ea:e9:94:5e:08:f0:9f:1a:e2:f0:ff:0f:85:4c:62:
ec:5f:50:2b:f9:16:5d:e8:66:58:a3:29:8d:3c:5e:eb:72:db:
22:0e:97:04:3e:4c:84:d6:6e:55:86:23:c8:1a:18:c8:2b:0c:
9d:44:92:60
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUf8CfIEHJF4NLhCtp2lsnX+pzahQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNTA4MTMxNTQxNDZaFw0yNjA4MTIxNTQ2NDZaMDMxMTAvBgNV
BAMTKDU1NkZBODQ3RDZBQjBBODQ3REJDNTU5QUI3NEQ5N0M4Mjc4MEY1OEEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDNdH9aIYkogfy0scJS5bvte8PT
irUNMFYRJnb3G7jeNpCHtvVQesIA2WPjzFUuRtIRt7MhCOVEfwd876DYrmObGG2v
039sdXEiyr8iUKjhgSFSmpc7E6V7IiUUI4eJrNXJXkIUfLoX/03xi3Q+eYu7s2ET
P3t06aSlGURjQ9y8YTwr5IR/wTSSuXbo3AKiebpcb2cieIFeyTL9wnGcbfxZKhyf
X+fuKNf9NvdMyvmeptMkChw6TOeptgtlbFxC5TVgxWZ4CNKMcFCPvF/G1/2vtwWi
ESl7qMNVgVZic7obqkgG0wMAR4i9bpoEDYxqh/hJwq0rBx+dxiKOLhG9aEi/AgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUVW+oR9arCoR9vFWat02XyCeA9YowHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMTQ2MTgucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwVQYIKwYBBQUHAQcBAf8ERjBEMEIEAgABMDwDBAC11l4D
BAC11m4DBAG1184DBAC5h58DBAG5iQwDBAC5jaYDBAC/YMwDBAC/ZW8DBAC/Zd8D
BADVbakwDQYJKoZIhvcNAQELBQADggEBAHV0L4wXWzQHNujSolNc1nPFoqSIILQz
EQZI36DeAULKLHda1C4hRxw/YVpACkG6yWI3sr7bPgYGeWdUsdRyQuOqKdqp0fzF
oXUbJTJ8R/aFkg9XnUY6kxcTiIKPWIssK4L0GnAX+lb3t75azoItdZ5jbh8BbaxG
Z2BugEUOr2/qbjhw+wFvwK96Wri1eiL921XWmkwlosxPLNSvDiOCsQYhZfSHTNLF
bxk60RogSUGXj8JkQXAid+xVoEwFzbm7G8CI3dwGQEIyv+rplF4I8J8a4vD/D4VM
YuxfUCv5Fl3oZlijKY08Xuty2yIOlwQ+TITWblWGI8gaGMgrDJ1EkmA=
-----END CERTIFICATE-----
Generated at Sat Aug 23 08:06:54 2025 by rpki-client