Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS14618.roa
File: AS14618.roa (raw, json)
Hash identifier: b3WF3DYGVk+dIOCgKDjF8d3vMrdpNrYfR+fm5NxjWrE=
Subject key identifier: 36:D4:91:D8:91:60:36:BB:81:F6:DE:11:18:7E:B6:84:21:81:26:9E
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 59D3614D5DDE1910B44D29F18F6E7299B5B11F9C
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS14618.roa
Signing time: Fri 05 Sep 2025 11:22:06 +0000
ROA not before: Fri 05 Sep 2025 11:17:06 +0000
ROA not after: Fri 04 Sep 2026 11:22:06 +0000
asID: 14618
IP address blocks: 96.62.208.0/22 maxlen: 22
140.233.128.0/19 maxlen: 24
143.14.132.0/24 maxlen: 24
145.223.64.0/24 maxlen: 24
145.223.65.0/24 maxlen: 24
146.103.60.0/24 maxlen: 24
146.103.62.0/23 maxlen: 24
147.79.25.0/24 maxlen: 24
148.135.180.0/24 maxlen: 24
148.135.186.0/24 maxlen: 24
155.117.0.0/24 maxlen: 24
155.117.60.0/24 maxlen: 24
155.117.185.0/24 maxlen: 24
155.117.187.0/24 maxlen: 24
162.141.159.0/24 maxlen: 24
162.141.180.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 09 Oct 2025 13:21:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
59:d3:61:4d:5d:de:19:10:b4:4d:29:f1:8f:6e:72:99:b5:b1:1f:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Sep 5 11:17:06 2025 GMT
Not After : Sep 4 11:22:06 2026 GMT
Subject: CN=36D491D8916036BB81F6DE11187EB6842181269E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:e7:0c:82:2d:d9:c1:d3:3c:00:2e:a5:d6:c0:
c2:e9:54:d6:d5:91:81:41:93:53:61:fb:cb:06:64:
4e:8f:24:6a:17:b4:dd:f4:de:3b:85:dd:8e:03:e8:
e5:79:1d:19:b3:15:4f:f6:19:05:5c:99:8a:81:9a:
a5:4c:7e:75:9e:5e:c9:a6:39:f6:59:1b:15:49:53:
29:4d:79:71:b4:e4:03:49:b1:93:22:b2:54:77:a2:
88:02:b8:6e:e7:c1:2d:29:31:57:c4:a6:b0:b5:b5:
ef:f6:20:bf:d5:27:6d:e9:9d:43:c1:72:76:09:82:
95:1a:e9:66:a1:29:e7:68:f8:24:09:ed:c8:78:27:
10:ae:a1:b4:b5:ca:5a:5b:b6:9e:2c:df:9f:eb:ec:
56:9d:85:de:d0:39:c9:bd:5c:f3:ad:5f:63:b4:36:
73:0a:ab:02:c2:64:b4:ee:6e:db:a0:f3:f0:c7:25:
e5:e8:65:85:fd:b3:40:c7:92:bf:b8:00:30:9e:6c:
53:9b:b9:26:76:87:08:ae:d9:8f:88:bf:f7:ea:36:
a2:44:13:dd:29:a8:74:38:28:b2:a6:47:1c:72:76:
cf:bb:ae:c1:e3:f9:1d:b8:fb:da:69:4e:20:b2:eb:
b5:fe:cd:d6:f5:9c:5a:9e:cf:8d:89:cc:52:13:de:
60:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:D4:91:D8:91:60:36:BB:81:F6:DE:11:18:7E:B6:84:21:81:26:9E
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS14618.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
96.62.208.0/22
140.233.128.0/19
143.14.132.0/24
145.223.64.0/23
146.103.60.0/24
146.103.62.0/23
147.79.25.0/24
148.135.180.0/24
148.135.186.0/24
155.117.0.0/24
155.117.60.0/24
155.117.185.0/24
155.117.187.0/24
162.141.159.0/24
162.141.180.0/24
Signature Algorithm: sha256WithRSAEncryption
9e:03:85:b1:eb:ff:1e:da:4a:5b:f8:6d:c8:4a:94:de:69:6d:
8a:de:d3:83:14:91:f2:9d:bf:83:6c:56:31:1e:ef:47:9e:c1:
06:2c:01:a0:53:2a:a7:85:c5:1a:40:ee:a4:0f:55:24:6f:98:
d3:cb:db:07:38:8c:15:85:4a:8e:59:d9:30:95:d4:6b:0a:2a:
aa:57:e5:8d:80:ea:89:a1:6a:49:82:39:cb:40:4d:73:b8:9b:
07:82:ec:de:08:8d:bc:d0:81:88:01:97:72:07:18:c5:3c:d1:
eb:b0:58:ef:7a:d9:87:0e:7b:b4:a4:ca:0e:e0:9d:6e:dc:8c:
cc:49:b8:d9:24:b0:25:f7:d1:6e:7b:eb:b6:d4:4a:a1:e0:3a:
8f:8b:76:12:fe:4c:40:e4:c0:b1:0b:4a:7d:a7:0c:bf:3d:9e:
70:e6:86:06:cd:96:80:22:2b:7f:97:a1:30:19:ba:5a:9d:68:
7e:b6:b5:63:fc:9b:56:12:7c:9b:f8:0c:0c:21:e4:3c:70:2d:
3c:6c:6c:cd:d6:a7:73:5e:d2:61:11:c5:b6:85:62:cf:a7:1b:
f1:ce:9f:ef:44:b5:96:37:5d:da:bf:41:91:74:45:33:d3:9e:
fd:d7:f2:1f:1a:55:7a:be:ed:4e:31:3d:67:cb:4d:c4:ab:ea:
61:7c:97:2f
-----BEGIN CERTIFICATE-----
MIIFUzCCBDugAwIBAgIUWdNhTV3eGRC0TSnxj25ymbWxH5wwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTA5MDUxMTE3MDZaFw0yNjA5MDQxMTIyMDZaMDMxMTAvBgNV
BAMTKDM2RDQ5MUQ4OTE2MDM2QkI4MUY2REUxMTE4N0VCNjg0MjE4MTI2OUUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCv5wyCLdnB0zwALqXWwMLpVNbV
kYFBk1Nh+8sGZE6PJGoXtN303juF3Y4D6OV5HRmzFU/2GQVcmYqBmqVMfnWeXsmm
OfZZGxVJUylNeXG05ANJsZMislR3oogCuG7nwS0pMVfEprC1te/2IL/VJ23pnUPB
cnYJgpUa6WahKedo+CQJ7ch4JxCuobS1ylpbtp4s35/r7Fadhd7QOcm9XPOtX2O0
NnMKqwLCZLTubtug8/DHJeXoZYX9s0DHkr+4ADCebFObuSZ2hwiu2Y+Iv/fqNqJE
E90pqHQ4KLKmRxxyds+7rsHj+R24+9ppTiCy67X+zdb1nFqez42JzFIT3mD9AgMB
AAGjggJdMIICWTAdBgNVHQ4EFgQUNtSR2JFgNruB9t4RGH62hCGBJp4wHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMTQ2MTgucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwcwYIKwYBBQUHAQcBAf8EZDBiMGAEAgABMFoDBAJgPtAD
BAWM6YADBACPDoQDBAGR30ADBACSZzwDBAGSZz4DBACTTxkDBACUh7QDBACUh7oD
BACbdQADBACbdTwDBACbdbkDBACbdbsDBACijZ8DBACijbQwDQYJKoZIhvcNAQEL
BQADggEBAJ4DhbHr/x7aSlv4bchKlN5pbYre04MUkfKdv4NsVjEe70eewQYsAaBT
KqeFxRpA7qQPVSRvmNPL2wc4jBWFSo5Z2TCV1GsKKqpX5Y2A6omhakmCOctATXO4
mweC7N4IjbzQgYgBl3IHGMU80euwWO962YcOe7Skyg7gnW7cjMxJuNkksCX30W57
67bUSqHgOo+LdhL+TEDkwLELSn2nDL89nnDmhgbNloAiK3+XoTAZulqdaH62tWP8
m1YSfJv4DAwh5DxwLTxsbM3Wp3Ne0mERxbaFYs+nG/HOn+9EtZY3Xdq/QZF0RTPT
nv3X8h8aVXq+7U4xPWfLTcSr6mF8ly8=
-----END CERTIFICATE-----
Generated at Wed Oct 8 19:42:08 2025 by rpki-client