Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS14618.roa
File: AS14618.roa (raw, json)
Hash identifier: 7plJKXoytwd6djGPYNCj8gVHYOyWZizfhGW9UnEykY0=
Subject key identifier: 41:17:A0:78:CD:49:F2:75:11:97:B7:C4:BA:F1:63:21:1A:E1:BF:98
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 1631CE85BC625CA25EF6239428AD59CA30BB9945
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS14618.roa
Signing time: Tue 26 May 2026 08:40:14 +0000
ROA not before: Tue 26 May 2026 08:35:14 +0000
ROA not after: Tue 25 May 2027 08:40:14 +0000
asID: 14618
IP address blocks: 96.62.208.0/22 maxlen: 22
140.150.156.0/24 maxlen: 24
140.233.128.0/19 maxlen: 24
143.14.81.0/24 maxlen: 24
143.14.227.0/24 maxlen: 24
145.223.64.0/24 maxlen: 24
145.223.65.0/24 maxlen: 24
146.103.60.0/24 maxlen: 24
146.103.62.0/23 maxlen: 24
147.79.25.0/24 maxlen: 24
147.79.26.0/24 maxlen: 24
148.135.180.0/24 maxlen: 24
148.135.186.0/24 maxlen: 24
155.117.0.0/24 maxlen: 24
155.117.60.0/24 maxlen: 24
155.117.185.0/24 maxlen: 24
155.117.187.0/24 maxlen: 24
155.117.203.0/24 maxlen: 24
162.141.159.0/24 maxlen: 24
162.141.180.0/24 maxlen: 24
168.222.121.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 04 Jun 2026 15:08:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
16:31:ce:85:bc:62:5c:a2:5e:f6:23:94:28:ad:59:ca:30:bb:99:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: May 26 08:35:14 2026 GMT
Not After : May 25 08:40:14 2027 GMT
Subject: CN=4117A078CD49F2751197B7C4BAF163211AE1BF98
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:c4:cd:4e:d1:4c:7a:db:de:f1:1e:d5:0a:6c:
7a:40:82:5c:e8:c3:d9:b2:07:7c:b8:41:a2:b7:c6:
85:5e:37:48:78:1b:27:c7:a6:a8:47:4d:77:38:d1:
62:8a:5b:55:95:d6:2d:14:09:b9:c5:50:e5:23:80:
c0:46:9d:3d:28:ea:f4:6a:93:27:66:8e:15:bf:e2:
34:bf:ed:f7:17:d1:37:13:3f:14:1b:a3:9b:11:9a:
fb:2c:b0:a5:34:68:68:5e:41:0e:55:cf:59:f5:74:
ec:1c:0e:82:94:12:f5:e3:b1:2a:93:c6:23:46:74:
0d:a8:fa:b8:1d:6d:51:bb:3b:a4:92:46:6b:d5:9b:
a5:a2:44:e8:8e:96:9c:1b:7f:3f:d8:ad:97:09:30:
26:df:3c:f3:8a:41:8b:31:44:e1:c0:81:e0:fe:8f:
60:9a:dc:bf:65:3b:ab:04:5f:f1:71:f2:52:23:23:
24:f8:c7:bf:85:1f:c9:2f:9d:1e:12:93:29:bd:08:
b3:44:3c:7a:5d:67:4c:80:2b:ec:07:c2:bc:37:ba:
ef:7f:07:3b:58:d8:1f:27:b7:b7:7c:53:f1:85:0b:
41:1c:e4:ae:89:dc:7b:ad:3a:b3:78:b0:bb:9c:c9:
d1:7a:8e:ec:df:1d:8f:de:d8:84:e3:dd:f4:3c:bb:
d2:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:17:A0:78:CD:49:F2:75:11:97:B7:C4:BA:F1:63:21:1A:E1:BF:98
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS14618.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
96.62.208.0/22
140.150.156.0/24
140.233.128.0/19
143.14.81.0/24
143.14.227.0/24
145.223.64.0/23
146.103.60.0/24
146.103.62.0/23
147.79.25.0-147.79.26.255
148.135.180.0/24
148.135.186.0/24
155.117.0.0/24
155.117.60.0/24
155.117.185.0/24
155.117.187.0/24
155.117.203.0/24
162.141.159.0/24
162.141.180.0/24
168.222.121.0/24
Signature Algorithm: sha256WithRSAEncryption
0b:20:ca:f7:20:a9:9b:43:05:bb:9a:ff:39:1a:13:27:8d:0a:
76:2a:ec:3d:80:ca:61:64:05:d4:a2:6e:6a:27:cb:79:06:da:
12:30:c4:08:01:3d:a3:f2:3a:52:ce:c9:c3:5a:55:a7:d4:22:
87:c4:4b:5f:26:0c:43:34:26:c6:fa:62:c8:9a:41:80:bd:78:
04:57:8b:78:d3:63:e2:1a:56:5c:7c:b8:c5:eb:38:75:86:03:
e3:d3:eb:dd:2e:99:5c:25:ce:0d:7d:02:90:c8:a0:6b:80:41:
61:d8:17:48:70:85:59:c7:33:81:ad:66:7d:fd:5c:44:4c:5d:
a5:46:50:9d:02:31:ce:2d:b5:f1:a5:ac:0e:c7:39:52:20:f3:
8d:f3:68:c5:b1:7c:c6:fd:f1:ab:e4:29:0d:9d:34:8a:fc:2d:
72:81:26:78:15:a6:2d:ac:d8:79:75:e3:cc:50:27:6a:d7:32:
af:26:6a:d0:49:80:b1:c5:58:3d:9d:19:67:4e:12:6f:1e:dd:
dd:34:fd:ed:d4:48:9b:e9:c4:29:cd:5e:3c:7d:b1:a7:4f:12:
85:ab:79:e0:4c:77:5e:08:1f:36:0c:94:8e:9b:23:bf:98:eb:
5e:48:f9:07:31:8a:c4:0b:05:1c:5d:6c:ad:16:5b:9a:1f:29:
76:5e:e7:7f
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgIUFjHOhbxiXKJe9iOUKK1ZyjC7mUUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNjA1MjYwODM1MTRaFw0yNzA1MjUwODQwMTRaMDMxMTAvBgNV
BAMTKDQxMTdBMDc4Q0Q0OUYyNzUxMTk3QjdDNEJBRjE2MzIxMUFFMUJGOTgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC8xM1O0Ux6297xHtUKbHpAglzo
w9myB3y4QaK3xoVeN0h4GyfHpqhHTXc40WKKW1WV1i0UCbnFUOUjgMBGnT0o6vRq
kydmjhW/4jS/7fcX0TcTPxQbo5sRmvsssKU0aGheQQ5Vz1n1dOwcDoKUEvXjsSqT
xiNGdA2o+rgdbVG7O6SSRmvVm6WiROiOlpwbfz/YrZcJMCbfPPOKQYsxROHAgeD+
j2Ca3L9lO6sEX/Fx8lIjIyT4x7+FH8kvnR4Skym9CLNEPHpdZ0yAK+wHwrw3uu9/
BztY2B8nt7d8U/GFC0Ec5K6J3HutOrN4sLucydF6juzfHY/e2ITj3fQ8u9LXAgMB
AAGjggKBMIICfTAdBgNVHQ4EFgQUQRegeM1J8nURl7fEuvFjIRrhv5gwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMTQ2MTgucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwgZYGCCsGAQUFBwEHAQH/BIGGMIGDMIGABAIAATB6AwQC
YD7QAwQAjJacAwQFjOmAAwQAjw5RAwQAjw7jAwQBkd9AAwQAkmc8AwQBkmc+MAwD
BACTTxkDBACTTxoDBACUh7QDBACUh7oDBACbdQADBACbdTwDBACbdbkDBACbdbsD
BACbdcsDBACijZ8DBACijbQDBACo3nkwDQYJKoZIhvcNAQELBQADggEBAAsgyvcg
qZtDBbua/zkaEyeNCnYq7D2AymFkBdSibmony3kG2hIwxAgBPaPyOlLOycNaVafU
IofES18mDEM0Jsb6YsiaQYC9eARXi3jTY+IaVlx8uMXrOHWGA+PT690umVwlzg19
ApDIoGuAQWHYF0hwhVnHM4GtZn39XERMXaVGUJ0CMc4ttfGlrA7HOVIg843zaMWx
fMb98avkKQ2dNIr8LXKBJngVpi2s2Hl148xQJ2rXMq8matBJgLHFWD2dGWdOEm8e
3d00/e3USJvpxCnNXjx9sadPEoWreeBMd14IHzYMlI6bI7+Y615I+QcxisQLBRxd
bK0WW5ofKXZe538=
-----END CERTIFICATE-----
Generated at Thu Jun 4 01:17:11 2026 by rpki-client