Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/AS14618.roa
File: AS14618.roa (raw, json)
Hash identifier: 6KpnqePINCLQO5DQ4eMTRk5hEa7gWDrVpyOXWm2btcU=
Subject key identifier: 31:2A:09:04:CE:44:AA:D1:D3:26:E1:7C:90:D6:65:D4:45:5A:86:38
Certificate issuer: /CN=03b1ba3fdb91d8d9ea76c5776320eb7eb2d6ed9d
Certificate serial: 42A7F4D3E858E24500FA15BBCC400BFF570D39E6
Authority key identifier: 03:B1:BA:3F:DB:91:D8:D9:EA:76:C5:77:63:20:EB:7E:B2:D6:ED:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/A7G6P9uR2NnqdsV3YyDrfrLW7Z0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/AS14618.roa
Signing time: Wed 18 Mar 2026 05:14:02 +0000
ROA not before: Wed 18 Mar 2026 05:09:02 +0000
ROA not after: Wed 17 Mar 2027 05:14:02 +0000
asID: 14618
IP address blocks: 45.149.101.0/24 maxlen: 24
45.155.17.0/24 maxlen: 24
192.166.114.0/24 maxlen: 24
193.164.10.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/03B1BA3FDB91D8D9EA76C5776320EB7EB2D6ED9D.crl
rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/03B1BA3FDB91D8D9EA76C5776320EB7EB2D6ED9D.mft
rsync://rpki.ripe.net/repository/DEFAULT/A7G6P9uR2NnqdsV3YyDrfrLW7Z0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 13:03:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
42:a7:f4:d3:e8:58:e2:45:00:fa:15:bb:cc:40:0b:ff:57:0d:39:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=03b1ba3fdb91d8d9ea76c5776320eb7eb2d6ed9d
Validity
Not Before: Mar 18 05:09:02 2026 GMT
Not After : Mar 17 05:14:02 2027 GMT
Subject: CN=312A0904CE44AAD1D326E17C90D665D4455A8638
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:bb:8a:64:65:a0:82:85:c5:c8:3c:56:2f:9b:
55:52:45:c5:92:be:5b:ed:62:5f:56:64:2a:1a:65:
82:91:4c:a4:19:c0:db:80:1a:ce:99:61:bc:48:8e:
9f:69:6b:56:52:19:84:94:ba:0b:4b:d2:86:08:46:
a0:a9:fc:c4:53:ad:0f:67:d2:fe:55:5b:a9:73:24:
bc:be:ef:e7:24:9d:c9:66:76:bd:0a:24:b9:a5:84:
c3:19:9b:94:c4:c2:6a:79:82:72:b3:f3:c2:fb:91:
6b:da:60:c1:ab:c3:18:78:9c:e4:fb:12:cf:3c:99:
cb:9f:52:d2:76:da:13:b0:bf:e0:01:69:af:1b:97:
3d:2b:1b:95:14:32:63:97:b4:a6:e0:57:23:87:ba:
5d:fe:17:b3:9d:28:ab:76:a2:db:55:b1:c0:07:14:
ca:83:41:17:b3:4a:ad:96:a1:33:64:09:f6:67:96:
93:4b:40:c5:c2:b7:41:d6:eb:a0:5c:85:b8:39:36:
8b:87:e3:d2:9c:21:4d:e9:b4:36:8a:f6:22:cf:85:
c7:b2:93:5d:71:bd:6b:33:e2:43:f1:75:e1:43:ce:
b7:a5:d7:c1:d0:14:67:f6:19:e5:d9:b0:5a:08:b4:
8b:cd:8c:89:ec:64:2c:68:db:5f:6a:3d:8f:79:c1:
33:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:2A:09:04:CE:44:AA:D1:D3:26:E1:7C:90:D6:65:D4:45:5A:86:38
X509v3 Authority Key Identifier:
keyid:03:B1:BA:3F:DB:91:D8:D9:EA:76:C5:77:63:20:EB:7E:B2:D6:ED:9D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/03B1BA3FDB91D8D9EA76C5776320EB7EB2D6ED9D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A7G6P9uR2NnqdsV3YyDrfrLW7Z0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/AS14618.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.149.101.0/24
45.155.17.0/24
192.166.114.0/24
193.164.10.0/24
Signature Algorithm: sha256WithRSAEncryption
c1:54:88:95:52:13:7f:d0:74:07:ee:07:e6:7d:de:c6:39:ee:
5e:05:0b:a6:0d:35:99:c3:be:67:74:ed:89:20:b6:6b:0c:b8:
0b:d4:ca:d4:14:25:5d:f6:17:6e:28:ec:52:3d:33:64:1e:6e:
a6:af:1e:97:6c:c5:f0:f3:a0:e3:22:77:b8:a6:4e:00:ab:18:
62:bb:4c:ee:65:55:54:5b:a7:0a:eb:b2:fa:9c:c9:3c:fa:e3:
80:17:22:96:e0:b7:67:cd:3a:df:56:2b:ed:1c:91:55:c3:b9:
ae:73:05:99:f1:31:e9:9c:63:51:59:92:f2:61:6a:49:46:62:
46:7a:89:b1:53:b6:88:8a:a6:7d:1c:a5:76:e4:ca:37:de:33:
cd:b9:91:83:d0:9e:3d:0d:09:13:04:93:c8:0a:56:77:f6:45:
6f:9c:05:0d:da:46:5a:95:37:67:21:57:5c:88:93:eb:46:24:
6b:ee:68:67:88:c0:35:51:10:5b:d7:23:4c:ad:7f:25:03:1d:
4b:66:33:de:f1:12:99:9f:84:e1:bc:12:15:55:b5:86:05:5b:
de:5d:6d:90:68:fb:e4:9e:e8:1b:25:40:58:71:98:e4:4d:98:
0d:cd:3d:9d:a7:12:41:fb:43:d5:c3:95:6a:e2:97:af:e0:9c:
53:2d:2a:e4
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgIUQqf00+hY4kUA+hW7zEAL/1cNOeYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDNiMWJhM2ZkYjkxZDhkOWVhNzZjNTc3NjMyMGViN2Vi
MmQ2ZWQ5ZDAeFw0yNjAzMTgwNTA5MDJaFw0yNzAzMTcwNTE0MDJaMDMxMTAvBgNV
BAMTKDMxMkEwOTA0Q0U0NEFBRDFEMzI2RTE3QzkwRDY2NUQ0NDU1QTg2MzgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCwu4pkZaCChcXIPFYvm1VSRcWS
vlvtYl9WZCoaZYKRTKQZwNuAGs6ZYbxIjp9pa1ZSGYSUugtL0oYIRqCp/MRTrQ9n
0v5VW6lzJLy+7+cknclmdr0KJLmlhMMZm5TEwmp5gnKz88L7kWvaYMGrwxh4nOT7
Es88mcufUtJ22hOwv+ABaa8blz0rG5UUMmOXtKbgVyOHul3+F7OdKKt2ottVscAH
FMqDQRezSq2WoTNkCfZnlpNLQMXCt0HW66Bchbg5NouH49KcIU3ptDaK9iLPhcey
k11xvWsz4kPxdeFDzrel18HQFGf2GeXZsFoItIvNjInsZCxo219qPY95wTNDAgMB
AAGjggIbMIICFzAdBgNVHQ4EFgQUMSoJBM5EqtHTJuF8kNZl1EVahjgwHwYDVR0j
BBgwFoAUA7G6P9uR2NnqdsV3YyDrfrLW7Z0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvN2ZmMGY1NTUtZGJhNy00MTkyLWEwMWQtZjY5MTZkNWJi
ODRlLzAvMDNCMUJBM0ZEQjkxRDhEOUVBNzZDNTc3NjMyMEVCN0VCMkQ2RUQ5RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0E3RzZQOXVSMk5ucWRzVjNZeURyZnJM
VzdaMC5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzdmZjBmNTU1LWRiYTct
NDE5Mi1hMDFkLWY2OTE2ZDViYjg0ZS8wL0FTMTQ2MTgucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwMQYIKwYBBQUHAQcBAf8EIjAgMB4EAgABMBgDBAAtlWUD
BAAtmxEDBADApnIDBADBpAowDQYJKoZIhvcNAQELBQADggEBAMFUiJVSE3/QdAfu
B+Z93sY57l4FC6YNNZnDvmd07YkgtmsMuAvUytQUJV32F24o7FI9M2QebqavHpds
xfDzoOMid7imTgCrGGK7TO5lVVRbpwrrsvqcyTz644AXIpbgt2fNOt9WK+0ckVXD
ua5zBZnxMemcY1FZkvJhaklGYkZ6ibFTtoiKpn0cpXbkyjfeM825kYPQnj0NCRME
k8gKVnf2RW+cBQ3aRlqVN2chV1yIk+tGJGvuaGeIwDVREFvXI0ytfyUDHUtmM97x
EpmfhOG8EhVVtYYFW95dbZBo++Se6BslQFhxmORNmA3NPZ2nEkH7Q9XDlWril6/g
nFMtKuQ=
-----END CERTIFICATE-----
Generated at Thu Mar 26 03:09:08 2026 by rpki-client