Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS14618.roa
File: AS14618.roa (raw, json)
Hash identifier: bX8+h58ehIZ2jyWaPjWRPtOXN0b0IkSYjG9d6+yeVRw=
Subject key identifier: DD:8E:4F:D1:F4:9C:F4:22:F1:A5:98:6B:6A:86:3C:B7:6D:AD:8E:12
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 3DE73F06E8C259F89AC689CA753E9BD93ACEBD6A
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS14618.roa
Signing time: Fri 30 May 2025 19:30:57 +0000
ROA not before: Fri 30 May 2025 19:25:57 +0000
ROA not after: Fri 29 May 2026 19:30:57 +0000
asID: 14618
IP address blocks: 96.62.208.0/22 maxlen: 22
140.233.128.0/19 maxlen: 24
145.223.64.0/24 maxlen: 24
145.223.65.0/24 maxlen: 24
146.103.60.0/24 maxlen: 24
146.103.62.0/23 maxlen: 24
148.135.180.0/24 maxlen: 24
148.135.186.0/24 maxlen: 24
167.148.144.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Jun 2025 11:38:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3d:e7:3f:06:e8:c2:59:f8:9a:c6:89:ca:75:3e:9b:d9:3a:ce:bd:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: May 30 19:25:57 2025 GMT
Not After : May 29 19:30:57 2026 GMT
Subject: CN=DD8E4FD1F49CF422F1A5986B6A863CB76DAD8E12
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:cf:7c:33:d8:bc:a7:b8:f2:26:cf:57:77:01:
90:91:9c:51:4f:52:2d:5a:a5:e9:99:e1:4a:48:cd:
48:ba:5b:35:6b:18:6c:d2:3e:23:c5:c5:d1:a0:2a:
f0:0e:e9:54:4b:24:7c:d7:b0:d8:80:e1:6a:86:d6:
a7:38:d4:7b:bd:f6:a3:05:87:25:cf:db:5b:6f:42:
a5:09:1e:e1:3c:91:e8:2e:46:80:87:fb:83:7a:d2:
87:03:2b:54:56:97:56:ca:32:d0:51:bf:57:22:1c:
00:7c:1b:80:a7:11:bd:45:21:25:64:7b:96:41:dc:
c4:7f:37:e8:02:a6:5c:51:1b:a9:66:a0:56:58:82:
1b:e1:b1:45:61:ec:2f:b6:b9:38:92:9a:b2:2e:72:
24:0a:ea:42:86:cc:25:67:f4:d9:83:3b:0e:5e:b4:
68:2a:9e:50:0e:1e:83:83:a4:96:67:0e:69:c2:2d:
c6:85:20:37:2d:b8:34:6c:a1:c3:c0:7b:9b:37:75:
90:0b:6c:86:49:33:5f:98:26:f8:75:e2:53:6d:6c:
a0:42:82:1f:f9:17:cf:40:0b:54:57:39:90:62:23:
5b:6e:9b:62:f8:40:71:8d:6e:c7:d1:c5:2e:c2:89:
25:63:c6:0c:3b:90:7e:d4:a3:9f:6a:a8:61:86:0a:
c7:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:8E:4F:D1:F4:9C:F4:22:F1:A5:98:6B:6A:86:3C:B7:6D:AD:8E:12
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS14618.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
96.62.208.0/22
140.233.128.0/19
145.223.64.0/23
146.103.60.0/24
146.103.62.0/23
148.135.180.0/24
148.135.186.0/24
167.148.144.0/24
Signature Algorithm: sha256WithRSAEncryption
61:1e:be:a2:e1:67:ce:c8:b6:28:c0:e0:fb:e2:87:28:6d:ce:
63:29:a6:0c:b5:98:a8:4c:ae:c4:45:5c:0c:e8:ec:7c:46:93:
2c:fe:9a:3b:da:11:43:77:5b:28:24:28:65:04:fa:2e:4e:7f:
fc:05:59:e5:c7:1c:2e:79:ad:b9:67:98:d6:c5:89:62:56:a3:
17:bc:53:1e:bc:d7:30:28:b7:21:db:21:9b:b3:bf:a4:a3:c1:
d2:52:76:f9:f0:8b:5b:0c:e9:8a:d8:48:4c:4f:89:08:52:b2:
79:c1:2c:f0:b8:1e:fd:af:ec:c0:71:f7:89:4e:72:01:66:94:
6b:25:05:11:f5:54:1b:50:46:90:9f:05:4e:56:13:31:cb:8b:
a8:53:41:16:2b:20:53:d0:9e:52:66:3c:55:4c:29:df:a3:88:
16:a7:9f:c6:c1:67:ad:0d:db:df:fa:f4:25:83:14:42:5f:7a:
1e:73:04:a1:1d:0d:a7:30:b6:d0:ec:16:fc:48:e7:9d:a9:24:
6f:f5:db:69:9c:f7:9f:df:bc:0d:24:9e:09:0b:81:ec:06:38:
be:2c:07:fb:35:3c:e4:81:ed:28:36:2a:67:7b:e9:36:34:67:
7a:7e:81:73:e7:d5:df:0a:9f:74:88:b0:21:8d:c4:64:83:52:
71:32:77:de
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgIUPec/BujCWfiaxonKdT6b2TrOvWowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTA1MzAxOTI1NTdaFw0yNjA1MjkxOTMwNTdaMDMxMTAvBgNV
BAMTKEREOEU0RkQxRjQ5Q0Y0MjJGMUE1OTg2QjZBODYzQ0I3NkRBRDhFMTIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCZz3wz2LynuPImz1d3AZCRnFFP
Ui1apemZ4UpIzUi6WzVrGGzSPiPFxdGgKvAO6VRLJHzXsNiA4WqG1qc41Hu99qMF
hyXP21tvQqUJHuE8keguRoCH+4N60ocDK1RWl1bKMtBRv1ciHAB8G4CnEb1FISVk
e5ZB3MR/N+gCplxRG6lmoFZYghvhsUVh7C+2uTiSmrIuciQK6kKGzCVn9NmDOw5e
tGgqnlAOHoODpJZnDmnCLcaFIDctuDRsocPAe5s3dZALbIZJM1+YJvh14lNtbKBC
gh/5F89AC1RXOZBiI1tum2L4QHGNbsfRxS7CiSVjxgw7kH7Uo59qqGGGCscrAgMB
AAGjggIzMIICLzAdBgNVHQ4EFgQU3Y5P0fSc9CLxpZhraoY8t22tjhIwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMTQ2MTgucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwSQYIKwYBBQUHAQcBAf8EOjA4MDYEAgABMDADBAJgPtAD
BAWM6YADBAGR30ADBACSZzwDBAGSZz4DBACUh7QDBACUh7oDBACnlJAwDQYJKoZI
hvcNAQELBQADggEBAGEevqLhZ87ItijA4PvihyhtzmMppgy1mKhMrsRFXAzo7HxG
kyz+mjvaEUN3WygkKGUE+i5Of/wFWeXHHC55rblnmNbFiWJWoxe8Ux681zAotyHb
IZuzv6SjwdJSdvnwi1sM6YrYSExPiQhSsnnBLPC4Hv2v7MBx94lOcgFmlGslBRH1
VBtQRpCfBU5WEzHLi6hTQRYrIFPQnlJmPFVMKd+jiBann8bBZ60N29/69CWDFEJf
eh5zBKEdDacwttDsFvxI552pJG/122mc95/fvA0kngkLgewGOL4sB/s1POSB7Sg2
Kmd76TY0Z3p+gXPn1d8Kn3SIsCGNxGSDUnEyd94=
-----END CERTIFICATE-----
Generated at Mon Jun 2 16:32:00 2025 by rpki-client