Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS14618.roa
File: AS14618.roa (raw, json)
Hash identifier: f3ynYa69ItGUDaw29GY2axnCTovCxMvHRmp77yJRi0o=
Subject key identifier: F2:81:D3:53:E7:6F:49:ED:C6:F7:18:3C:92:8E:D9:ED:94:44:39:78
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 15AB248FD16354651374774EBF1C306A42854726
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS14618.roa
Signing time: Wed 16 Jul 2025 16:13:16 +0000
ROA not before: Wed 16 Jul 2025 16:08:16 +0000
ROA not after: Wed 15 Jul 2026 16:13:16 +0000
asID: 14618
IP address blocks: 96.62.208.0/22 maxlen: 22
140.233.128.0/19 maxlen: 24
145.223.64.0/24 maxlen: 24
145.223.65.0/24 maxlen: 24
146.103.60.0/24 maxlen: 24
146.103.62.0/23 maxlen: 24
148.135.180.0/24 maxlen: 24
148.135.186.0/24 maxlen: 24
155.117.187.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
15:ab:24:8f:d1:63:54:65:13:74:77:4e:bf:1c:30:6a:42:85:47:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Jul 16 16:08:16 2025 GMT
Not After : Jul 15 16:13:16 2026 GMT
Subject: CN=F281D353E76F49EDC6F7183C928ED9ED94443978
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:32:67:fa:ab:6e:dc:02:31:54:71:31:6a:d9:
4e:00:c8:a6:68:72:b7:74:a3:9a:13:2d:dc:1d:f6:
a5:53:f6:65:e9:76:cd:2f:07:8f:bd:ee:0c:c4:38:
81:05:33:68:74:83:90:e8:8b:c3:76:54:26:10:67:
d0:cb:3b:6d:36:26:8e:b3:17:12:85:0b:6e:c0:38:
8e:96:20:dd:0e:94:21:58:c0:12:ff:3a:0d:5b:7e:
d5:7f:e8:60:10:09:26:5a:12:13:c2:a8:46:e9:6f:
55:d2:b7:c0:93:ce:fb:c2:91:4e:b1:ae:45:fd:7f:
b8:8b:e9:f9:b7:9e:75:bf:ca:55:23:25:0e:01:2d:
c9:71:6f:95:b3:90:18:36:ef:93:25:32:f1:d5:20:
97:23:d9:98:64:7b:9f:18:69:c8:9e:14:09:ab:9a:
25:eb:e4:61:fc:8f:2f:58:02:da:4f:2e:98:f4:08:
8c:30:37:c8:6d:05:62:7c:76:1c:11:cd:4a:b7:39:
b8:a9:36:2c:40:8b:fa:be:db:81:dc:b6:21:6f:0e:
1e:de:60:39:f0:8d:e5:6c:2b:ef:14:8a:1d:fc:6f:
99:a3:7a:38:45:2b:73:11:ee:7f:5b:ce:ca:00:a0:
40:fa:da:5c:c7:e8:0f:dd:f1:84:e0:bd:4a:2b:52:
56:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:81:D3:53:E7:6F:49:ED:C6:F7:18:3C:92:8E:D9:ED:94:44:39:78
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS14618.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
96.62.208.0/22
140.233.128.0/19
145.223.64.0/23
146.103.60.0/24
146.103.62.0/23
148.135.180.0/24
148.135.186.0/24
155.117.187.0/24
Signature Algorithm: sha256WithRSAEncryption
3c:09:66:f1:d8:33:11:21:af:03:43:88:9e:23:84:bd:68:66:
a3:15:b3:dd:f7:97:28:e5:68:63:77:ea:68:8e:e7:df:3e:ef:
20:b2:df:f1:b6:5f:1d:10:b1:2e:30:31:e1:69:d5:5f:d9:45:
bd:94:dd:aa:ec:2f:81:93:f6:5e:55:a3:54:5e:34:cd:ef:f6:
e5:55:d2:89:d1:4e:e4:06:c3:dd:26:13:a5:7c:d3:55:0a:fb:
b8:82:ac:2b:6b:a0:30:7e:3e:b6:ac:38:56:51:3a:a1:8b:67:
6c:98:3f:3e:fd:23:cb:75:2d:fc:7f:cd:2d:92:f0:c8:04:23:
28:d6:2d:90:6f:40:92:a6:c5:3e:4a:3e:99:93:dd:39:23:63:
f8:ee:f2:5d:80:dd:6b:14:19:65:5a:a5:b6:97:a6:f7:92:3b:
99:6f:af:bf:d9:60:48:1f:4d:ce:eb:e1:d8:53:f1:5d:99:d5:
c9:9f:5e:6e:c5:04:f2:5d:bd:c0:4d:74:fc:1f:98:80:3e:16:
b6:6c:05:32:ec:0e:53:e5:d0:9e:9b:8b:42:f2:18:b9:13:b9:
0e:5a:e3:d7:ac:0a:47:b0:5b:5b:9a:b4:9f:b1:60:59:35:38:
52:8c:c4:f8:fb:5e:ed:6d:80:66:ef:26:22:3b:67:30:09:11:
58:83:39:3d
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgIUFaskj9FjVGUTdHdOvxwwakKFRyYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTA3MTYxNjA4MTZaFw0yNjA3MTUxNjEzMTZaMDMxMTAvBgNV
BAMTKEYyODFEMzUzRTc2RjQ5RURDNkY3MTgzQzkyOEVEOUVEOTQ0NDM5NzgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCwMmf6q27cAjFUcTFq2U4AyKZo
crd0o5oTLdwd9qVT9mXpds0vB4+97gzEOIEFM2h0g5Doi8N2VCYQZ9DLO202Jo6z
FxKFC27AOI6WIN0OlCFYwBL/Og1bftV/6GAQCSZaEhPCqEbpb1XSt8CTzvvCkU6x
rkX9f7iL6fm3nnW/ylUjJQ4BLclxb5WzkBg275MlMvHVIJcj2Zhke58YacieFAmr
miXr5GH8jy9YAtpPLpj0CIwwN8htBWJ8dhwRzUq3ObipNixAi/q+24HctiFvDh7e
YDnwjeVsK+8Uih38b5mjejhFK3MR7n9bzsoAoED62lzH6A/d8YTgvUorUlaXAgMB
AAGjggIzMIICLzAdBgNVHQ4EFgQU8oHTU+dvSe3G9xg8ko7Z7ZREOXgwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMTQ2MTgucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwSQYIKwYBBQUHAQcBAf8EOjA4MDYEAgABMDADBAJgPtAD
BAWM6YADBAGR30ADBACSZzwDBAGSZz4DBACUh7QDBACUh7oDBACbdbswDQYJKoZI
hvcNAQELBQADggEBADwJZvHYMxEhrwNDiJ4jhL1oZqMVs933lyjlaGN36miO598+
7yCy3/G2Xx0QsS4wMeFp1V/ZRb2U3arsL4GT9l5Vo1ReNM3v9uVV0onRTuQGw90m
E6V801UK+7iCrCtroDB+PrasOFZROqGLZ2yYPz79I8t1Lfx/zS2S8MgEIyjWLZBv
QJKmxT5KPpmT3TkjY/ju8l2A3WsUGWVapbaXpveSO5lvr7/ZYEgfTc7r4dhT8V2Z
1cmfXm7FBPJdvcBNdPwfmIA+FrZsBTLsDlPl0J6bi0LyGLkTuQ5a49esCkewW1ua
tJ+xYFk1OFKMxPj7Xu1tgGbvJiI7ZzAJEViDOT0=
-----END CERTIFICATE-----
Generated at Tue Jul 22 18:57:50 2025 by rpki-client