Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS14618.roa
File: AS14618.roa (raw, json)
Hash identifier: gdxsVgaXYZRE7wd+6zImkJWHYOeHgsVawEbT4Rjh5pQ=
Subject key identifier: 8A:69:D1:E5:A0:25:B9:CB:C6:28:08:E6:3F:7C:A9:83:AD:DA:E1:C2
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 1FDFA06FAEA555B0B3AC6E613E198D5DF104CE57
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS14618.roa
Signing time: Tue 30 Apr 2024 00:01:18 +0000
ROA not before: Mon 29 Apr 2024 23:56:18 +0000
ROA not after: Tue 29 Apr 2025 00:01:18 +0000
asID: 14618
IP address blocks: 140.150.232.0/22 maxlen: 22
140.233.128.0/19 maxlen: 24
146.103.60.0/22 maxlen: 22
147.79.80.0/20 maxlen: 20
147.79.112.0/20 maxlen: 20
148.135.128.0/17 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 02 May 2024 14:46:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1f:df:a0:6f:ae:a5:55:b0:b3:ac:6e:61:3e:19:8d:5d:f1:04:ce:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Apr 29 23:56:18 2024 GMT
Not After : Apr 29 00:01:18 2025 GMT
Subject: CN=8A69D1E5A025B9CBC62808E63F7CA983ADDAE1C2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:9e:c5:d4:00:5a:a2:e3:0d:c9:c2:f5:bc:83:
9d:a2:12:7b:cc:5f:5f:89:92:5a:ac:61:d0:3e:4b:
5b:6b:a1:3f:d3:8c:06:d3:dd:d7:05:72:00:c2:80:
f8:2b:91:f1:db:91:09:2b:c0:e0:cd:bf:4c:74:59:
29:aa:c2:93:57:5a:44:da:42:4a:e0:e5:44:8a:a1:
b1:6d:5b:cd:4d:3c:0b:4b:fb:34:0c:1b:6f:ee:af:
58:05:65:20:68:e0:7d:87:f0:28:4e:84:2a:46:fa:
00:21:2d:4a:8c:c3:69:46:a0:56:fc:2a:cd:df:4b:
4d:ac:74:78:f9:5b:1f:4c:22:fd:70:e8:66:3b:5c:
9b:fd:7b:dd:c6:50:41:78:ad:a1:04:ca:b4:6a:f8:
d8:a0:1e:2b:c8:09:de:1e:14:64:b7:4c:46:e6:de:
57:a5:d3:13:a3:1f:77:f3:84:d0:5d:99:d8:a9:fb:
11:4e:0b:1c:a2:93:5d:88:33:c3:43:c4:0b:18:9c:
3c:99:06:6d:23:a5:cc:f1:67:0c:5c:fc:64:1f:05:
69:26:ba:9e:94:cb:84:de:27:ee:6a:2e:3d:bd:2f:
8a:81:6a:25:e2:67:00:b8:00:f8:70:d9:4c:c1:c1:
89:73:d2:0b:54:72:ce:cd:f3:3d:b4:da:4a:f3:10:
fb:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:69:D1:E5:A0:25:B9:CB:C6:28:08:E6:3F:7C:A9:83:AD:DA:E1:C2
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS14618.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
140.150.232.0/22
140.233.128.0/19
146.103.60.0/22
147.79.80.0/20
147.79.112.0/20
148.135.128.0/17
Signature Algorithm: sha256WithRSAEncryption
ae:2f:e2:08:90:2b:b7:13:4f:7d:21:0c:fb:53:31:83:fe:f8:
32:d1:63:6e:14:91:1a:da:60:11:c3:d5:38:ea:81:f7:02:ff:
7c:9d:d0:3f:08:87:a0:5b:56:09:ae:85:ee:75:83:58:c7:1c:
fb:85:70:7c:47:4a:11:d1:0c:eb:fd:48:64:cf:9d:b7:6c:2d:
e0:35:6c:ce:03:15:3b:82:76:54:6e:e1:71:1f:ec:d5:40:65:
95:fc:2c:dd:70:38:70:fc:e3:fc:a0:fb:c2:0f:27:b7:61:63:
30:07:cd:5c:68:e4:86:fd:10:bd:41:dc:93:78:d4:a4:3d:32:
3e:1c:07:3b:2b:93:62:6e:be:2e:0c:91:b0:0f:d7:88:78:3c:
d9:24:41:6c:14:00:4a:8c:1d:c2:a2:34:06:82:25:35:30:c2:
5b:26:95:aa:60:20:e0:cb:5d:e6:b7:17:7d:e9:17:04:19:35:
b4:90:0a:77:f5:6a:17:02:d3:71:fb:c8:c6:a3:0d:99:c1:d1:
42:7e:6f:28:cc:7d:e6:6a:47:7b:f4:18:77:5d:a4:e1:b0:54:
a9:d6:bf:86:b8:4d:6a:20:80:46:05:23:97:0c:7f:ba:07:e6:
d4:f2:b2:d9:33:94:6f:e3:85:bb:93:31:95:33:90:a8:7c:69:
77:03:c8:a6
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgIUH9+gb66lVbCzrG5hPhmNXfEEzlcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNDA0MjkyMzU2MThaFw0yNTA0MjkwMDAxMThaMDMxMTAvBgNV
BAMTKDhBNjlEMUU1QTAyNUI5Q0JDNjI4MDhFNjNGN0NBOTgzQUREQUUxQzIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC7nsXUAFqi4w3JwvW8g52iEnvM
X1+JklqsYdA+S1troT/TjAbT3dcFcgDCgPgrkfHbkQkrwODNv0x0WSmqwpNXWkTa
Qkrg5USKobFtW81NPAtL+zQMG2/ur1gFZSBo4H2H8ChOhCpG+gAhLUqMw2lGoFb8
Ks3fS02sdHj5Wx9MIv1w6GY7XJv9e93GUEF4raEEyrRq+NigHivICd4eFGS3TEbm
3lel0xOjH3fzhNBdmdip+xFOCxyik12IM8NDxAsYnDyZBm0jpczxZwxc/GQfBWkm
up6Uy4TeJ+5qLj29L4qBaiXiZwC4APhw2UzBwYlz0gtUcs7N8z202krzEPtRAgMB
AAGjggInMIICIzAdBgNVHQ4EFgQUimnR5aAlucvGKAjmP3ypg63a4cIwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMTQ2MTgucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwPQYIKwYBBQUHAQcBAf8ELjAsMCoEAgABMCQDBAKMlugD
BAWM6YADBAKSZzwDBASTT1ADBASTT3ADBAeUh4AwDQYJKoZIhvcNAQELBQADggEB
AK4v4giQK7cTT30hDPtTMYP++DLRY24UkRraYBHD1TjqgfcC/3yd0D8Ih6BbVgmu
he51g1jHHPuFcHxHShHRDOv9SGTPnbdsLeA1bM4DFTuCdlRu4XEf7NVAZZX8LN1w
OHD84/yg+8IPJ7dhYzAHzVxo5Ib9EL1B3JN41KQ9Mj4cBzsrk2Juvi4MkbAP14h4
PNkkQWwUAEqMHcKiNAaCJTUwwlsmlapgIODLXea3F33pFwQZNbSQCnf1ahcC03H7
yMajDZnB0UJ+byjMfeZqR3v0GHddpOGwVKnWv4a4TWoggEYFI5cMf7oH5tTystkz
lG/jhbuTMZUzkKh8aXcDyKY=
-----END CERTIFICATE-----
Generated at Wed May 1 22:10:29 2024 by rpki-client on console-ams.rpki-client.org