Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS14618.roa
File: AS14618.roa (raw, json)
Hash identifier: pXa8/HcHsZ8Rxj0Bf8MLpcnq5rFyNfsKvYHYdNDlsoo=
Subject key identifier: 84:2A:79:4A:2C:A2:C5:C6:EA:42:B8:01:81:70:9E:9D:14:CB:F7:65
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 78B764F815D445DFE2897A2810BDB6EF38936F4C
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS14618.roa
Signing time: Mon 28 Oct 2024 07:29:25 +0000
ROA not before: Mon 28 Oct 2024 07:24:25 +0000
ROA not after: Mon 27 Oct 2025 07:29:25 +0000
asID: 14618
IP address blocks: 140.150.232.0/22 maxlen: 22
140.233.128.0/19 maxlen: 24
145.223.64.0/24 maxlen: 24
145.223.65.0/24 maxlen: 24
146.103.60.0/24 maxlen: 24
146.103.62.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 12:48:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
78:b7:64:f8:15:d4:45:df:e2:89:7a:28:10:bd:b6:ef:38:93:6f:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Oct 28 07:24:25 2024 GMT
Not After : Oct 27 07:29:25 2025 GMT
Subject: CN=842A794A2CA2C5C6EA42B80181709E9D14CBF765
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:b4:79:23:f6:99:5c:03:28:72:6a:7e:98:a3:
61:94:fb:2e:f1:22:ff:25:bc:86:b3:dc:ea:6e:fe:
59:6c:a5:46:69:9e:ba:f8:55:c5:ae:43:83:35:37:
be:d6:d6:30:5e:84:19:b1:2d:5b:b4:78:35:b2:b7:
6b:5d:7f:d4:3e:6e:15:c5:4e:1c:d6:f9:ba:cc:9b:
b9:0b:8f:16:8f:fd:a8:59:2a:fa:e9:00:e3:c6:75:
5c:e8:02:a9:34:85:09:13:c8:02:2f:77:95:b9:ff:
14:d5:3c:80:5b:18:78:45:f3:28:5c:34:a7:be:73:
44:84:3c:3e:32:b9:dd:f7:a0:2a:3e:e7:24:04:62:
76:a0:8f:e0:b5:ae:ca:09:ea:91:69:65:9b:6e:1d:
57:e8:86:2d:35:87:f7:f8:b8:0e:8c:54:07:7a:5e:
24:3b:32:c3:19:0b:da:db:24:d7:33:4a:73:c7:b7:
cf:eb:a4:76:6a:a7:07:32:69:10:30:6c:67:44:9e:
8c:68:55:f0:4f:c6:cf:74:0e:f1:9c:a0:91:be:7b:
22:46:9d:39:a3:30:df:1a:5b:02:34:d6:db:73:8d:
f0:34:18:27:c5:e0:30:9d:87:5d:bf:81:65:4a:cc:
6c:92:a3:de:d8:72:b1:18:0e:74:f0:10:87:ba:09:
e7:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:2A:79:4A:2C:A2:C5:C6:EA:42:B8:01:81:70:9E:9D:14:CB:F7:65
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS14618.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
140.150.232.0/22
140.233.128.0/19
145.223.64.0/23
146.103.60.0/24
146.103.62.0/23
Signature Algorithm: sha256WithRSAEncryption
3a:7c:92:ef:57:17:9b:e2:9b:a7:2f:44:f7:fc:b3:87:cc:48:
7e:23:e0:fc:0d:d1:2e:58:c8:00:3e:22:ca:13:0a:e7:4c:7d:
83:62:0d:00:91:30:f0:b1:f9:3a:b6:3c:01:79:32:51:f9:19:
64:80:98:31:33:f0:ef:72:29:59:2d:41:21:00:30:f5:9a:7b:
8a:cb:ae:a9:8d:49:a8:75:ce:8b:35:59:a0:f1:ca:2a:97:eb:
47:04:26:91:58:b6:ef:62:a4:ab:49:39:e3:7a:3c:cc:5e:4f:
39:79:a3:fc:09:be:95:ee:3b:8d:c5:9c:50:a4:5c:eb:3b:4d:
b4:9b:87:58:d0:ec:f5:4a:ca:ca:9f:0d:3a:d0:91:cc:6a:d8:
1c:ca:82:a2:a9:83:de:3b:d0:f7:86:2a:2c:a3:20:21:6f:cc:
66:21:bd:b8:7f:7a:6c:68:be:db:82:5d:4b:1b:87:ff:91:48:
16:3e:2f:23:1e:7b:fa:be:26:8c:80:33:e6:7e:c4:d8:a5:7b:
46:6b:9a:f1:bc:ed:02:70:3c:a4:77:97:d7:fa:d3:b8:6f:0a:
8f:c5:dd:9f:54:31:56:f9:0b:3e:39:72:2e:f0:c4:0d:f5:75:
37:9f:49:8d:a9:9b:5f:6d:c8:49:9b:e3:cf:e9:9c:5b:b4:d3:
23:bd:7c:6d
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgIUeLdk+BXURd/iiXooEL227ziTb0wwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNDEwMjgwNzI0MjVaFw0yNTEwMjcwNzI5MjVaMDMxMTAvBgNV
BAMTKDg0MkE3OTRBMkNBMkM1QzZFQTQyQjgwMTgxNzA5RTlEMTRDQkY3NjUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCstHkj9plcAyhyan6Yo2GU+y7x
Iv8lvIaz3Opu/llspUZpnrr4VcWuQ4M1N77W1jBehBmxLVu0eDWyt2tdf9Q+bhXF
ThzW+brMm7kLjxaP/ahZKvrpAOPGdVzoAqk0hQkTyAIvd5W5/xTVPIBbGHhF8yhc
NKe+c0SEPD4yud33oCo+5yQEYnagj+C1rsoJ6pFpZZtuHVfohi01h/f4uA6MVAd6
XiQ7MsMZC9rbJNczSnPHt8/rpHZqpwcyaRAwbGdEnoxoVfBPxs90DvGcoJG+eyJG
nTmjMN8aWwI01ttzjfA0GCfF4DCdh12/gWVKzGySo97YcrEYDnTwEIe6CecTAgMB
AAGjggIhMIICHTAdBgNVHQ4EFgQUhCp5SiyixcbqQrgBgXCenRTL92UwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMTQ2MTgucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwNwYIKwYBBQUHAQcBAf8EKDAmMCQEAgABMB4DBAKMlugD
BAWM6YADBAGR30ADBACSZzwDBAGSZz4wDQYJKoZIhvcNAQELBQADggEBADp8ku9X
F5vim6cvRPf8s4fMSH4j4PwN0S5YyAA+IsoTCudMfYNiDQCRMPCx+Tq2PAF5MlH5
GWSAmDEz8O9yKVktQSEAMPWae4rLrqmNSah1zos1WaDxyiqX60cEJpFYtu9ipKtJ
OeN6PMxeTzl5o/wJvpXuO43FnFCkXOs7TbSbh1jQ7PVKysqfDTrQkcxq2BzKgqKp
g9470PeGKiyjICFvzGYhvbh/emxovtuCXUsbh/+RSBY+LyMee/q+JoyAM+Z+xNil
e0ZrmvG87QJwPKR3l9f607hvCo/F3Z9UMVb5Cz45ci7wxA31dTefSY2pm19tyEmb
48/pnFu00yO9fG0=
-----END CERTIFICATE-----
Generated at Sun Nov 24 21:02:12 2024 by rpki-client on console-fra.rpki-client.org