Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS14670.roa
File: AS14670.roa (raw, json)
Hash identifier: P30LcRkYURdtnAY8rCjuT7yvahKsWGgV9m9NvBoKOqw=
Subject key identifier: 37:8C:FD:D9:BC:AA:69:B2:37:C7:22:DD:38:7B:7E:F1:1C:91:C5:EB
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 014CA23A9A390405C7E54FF441960497A96E43EC
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS14670.roa
Signing time: Tue 14 Oct 2025 14:55:08 +0000
ROA not before: Tue 14 Oct 2025 14:50:08 +0000
ROA not after: Tue 13 Oct 2026 14:55:08 +0000
asID: 14670
IP address blocks: 179.61.137.0/24 maxlen: 24
179.61.192.0/24 maxlen: 24
179.61.232.0/24 maxlen: 24
181.214.31.0/24 maxlen: 24
181.214.83.0/24 maxlen: 24
181.214.142.0/24 maxlen: 24
181.214.156.0/24 maxlen: 24
191.96.133.0/24 maxlen: 24
191.96.151.0/24 maxlen: 24
191.96.165.0/24 maxlen: 24
191.101.33.0/24 maxlen: 24
191.101.50.0/24 maxlen: 24
191.101.241.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 15:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:4c:a2:3a:9a:39:04:05:c7:e5:4f:f4:41:96:04:97:a9:6e:43:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Oct 14 14:50:08 2025 GMT
Not After : Oct 13 14:55:08 2026 GMT
Subject: CN=378CFDD9BCAA69B237C722DD387B7EF11C91C5EB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:af:9a:9e:1d:6b:80:61:19:dd:d7:1e:17:a5:
44:33:84:cf:6f:6a:82:03:50:67:42:76:07:cd:53:
53:26:c1:f8:0c:79:36:cf:2f:34:f9:18:53:f4:90:
47:fa:1c:48:3b:06:29:36:9a:6d:98:8e:b8:8d:f4:
0b:eb:df:47:46:7b:dc:c3:24:8b:8e:8a:a7:5f:15:
2a:bb:d3:a9:0e:75:5a:a1:91:cf:c4:0e:03:44:56:
6d:16:57:5b:32:8a:79:2a:d6:64:42:92:95:6f:de:
2e:dd:ab:7c:a6:46:bc:0b:26:a1:8e:1c:3f:7d:e9:
b8:33:85:92:0e:47:68:6f:df:b9:11:8d:d7:60:de:
1a:4e:b3:f1:e2:9e:ed:19:37:cf:ed:e3:19:be:ae:
1d:81:7e:1e:40:f2:c9:60:d3:13:90:7d:34:66:bf:
f6:9d:bc:2d:c6:cb:ea:a5:32:22:a7:0f:54:d3:01:
de:ec:0b:71:5e:f5:53:51:e6:6f:70:5e:91:af:ad:
e9:b3:46:f5:32:07:0d:8d:50:22:2f:99:58:6a:2b:
9a:4e:64:45:d3:22:a8:ce:03:e3:66:c0:ab:bf:81:
bd:4c:28:c5:cd:74:68:c4:65:4d:e8:2a:70:4a:ce:
d9:1f:ca:9b:27:3e:df:aa:7e:a3:ae:d3:2d:bc:3e:
f2:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:8C:FD:D9:BC:AA:69:B2:37:C7:22:DD:38:7B:7E:F1:1C:91:C5:EB
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS14670.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
179.61.137.0/24
179.61.192.0/24
179.61.232.0/24
181.214.31.0/24
181.214.83.0/24
181.214.142.0/24
181.214.156.0/24
191.96.133.0/24
191.96.151.0/24
191.96.165.0/24
191.101.33.0/24
191.101.50.0/24
191.101.241.0/24
Signature Algorithm: sha256WithRSAEncryption
62:0d:a8:59:a3:7a:cc:83:1e:53:65:af:2f:8b:4f:18:8c:19:
1c:48:20:10:86:d7:fe:14:b5:23:6c:6f:65:7b:42:85:09:44:
82:a5:58:41:6b:eb:d5:46:39:08:b1:c7:48:57:fd:44:c7:a0:
9e:f5:b4:05:24:46:fe:dd:c3:b7:e5:89:df:3c:04:8b:7d:bc:
93:ff:06:22:54:47:85:77:ec:cd:35:1a:f4:7b:5c:f8:19:a9:
48:36:a6:12:79:0d:bc:d3:ef:24:82:74:94:a7:08:6e:e2:5f:
30:6c:6d:4c:a9:1e:05:40:df:10:1d:5e:fb:cb:c6:9b:80:b8:
dd:60:92:22:2c:2f:73:d4:2a:39:0b:96:7c:93:87:c7:b2:33:
33:eb:46:79:de:76:fa:08:78:93:47:2e:a6:70:ed:4c:3d:f2:
25:54:d8:cd:d5:7b:07:71:9e:2d:d2:fa:96:12:41:6b:2e:01:
c1:5c:8d:65:ca:f5:78:52:64:1e:4d:49:ee:bc:11:5d:c9:20:
d2:2e:62:c7:e1:50:1a:12:d4:05:da:09:df:22:ee:33:79:0c:
e4:41:5c:80:df:64:1e:41:45:9b:24:5b:9c:d1:b1:54:cd:b3:
aa:4b:8c:82:b9:41:c5:09:1a:af:a9:43:37:45:37:5c:d0:1b:
8a:f7:f1:be
-----BEGIN CERTIFICATE-----
MIIFRzCCBC+gAwIBAgIUAUyiOpo5BAXH5U/0QZYEl6luQ+wwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNTEwMTQxNDUwMDhaFw0yNjEwMTMxNDU1MDhaMDMxMTAvBgNV
BAMTKDM3OENGREQ5QkNBQTY5QjIzN0M3MjJERDM4N0I3RUYxMUM5MUM1RUIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDfr5qeHWuAYRnd1x4XpUQzhM9v
aoIDUGdCdgfNU1MmwfgMeTbPLzT5GFP0kEf6HEg7Bik2mm2YjriN9Avr30dGe9zD
JIuOiqdfFSq706kOdVqhkc/EDgNEVm0WV1syinkq1mRCkpVv3i7dq3ymRrwLJqGO
HD996bgzhZIOR2hv37kRjddg3hpOs/Hinu0ZN8/t4xm+rh2Bfh5A8slg0xOQfTRm
v/advC3Gy+qlMiKnD1TTAd7sC3Fe9VNR5m9wXpGvremzRvUyBw2NUCIvmVhqK5pO
ZEXTIqjOA+NmwKu/gb1MKMXNdGjEZU3oKnBKztkfypsnPt+qfqOu0y28PvJFAgMB
AAGjggJRMIICTTAdBgNVHQ4EFgQUN4z92byqabI3xyLdOHt+8RyRxeswHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMTQ2NzAucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwZwYIKwYBBQUHAQcBAf8EWDBWMFQEAgABME4DBACzPYkD
BACzPcADBACzPegDBAC11h8DBAC11lMDBAC11o4DBAC11pwDBAC/YIUDBAC/YJcD
BAC/YKUDBAC/ZSEDBAC/ZTIDBAC/ZfEwDQYJKoZIhvcNAQELBQADggEBAGINqFmj
esyDHlNlry+LTxiMGRxIIBCG1/4UtSNsb2V7QoUJRIKlWEFr69VGOQixx0hX/UTH
oJ71tAUkRv7dw7flid88BIt9vJP/BiJUR4V37M01GvR7XPgZqUg2phJ5DbzT7ySC
dJSnCG7iXzBsbUypHgVA3xAdXvvLxpuAuN1gkiIsL3PUKjkLlnyTh8eyMzPrRnne
dvoIeJNHLqZw7Uw98iVU2M3Vewdxni3S+pYSQWsuAcFcjWXK9XhSZB5NSe68EV3J
INIuYsfhUBoS1AXaCd8i7jN5DORBXIDfZB5BRZskW5zRsVTNs6pLjIK5QcUJGq+p
QzdFN1zQG4r38b4=
-----END CERTIFICATE-----
Generated at Sun Oct 19 23:11:45 2025 by rpki-client