Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS14618.roa
File: AS14618.roa (raw, json)
Hash identifier: OY/AdwM5fsDgCq6dDoBIK2rNE/wiXs4FpCiDB0vUol4=
Subject key identifier: 96:42:4D:5D:3A:60:34:F7:E9:1A:10:71:1F:21:4A:D3:CC:9D:4D:BA
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 6D94B6FB31D8D984E07B63F5D2709413279B562F
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS14618.roa
Signing time: Wed 12 Mar 2025 05:23:20 +0000
ROA not before: Wed 12 Mar 2025 05:18:20 +0000
ROA not after: Wed 11 Mar 2026 05:23:20 +0000
asID: 14618
IP address blocks: 140.233.128.0/19 maxlen: 24
145.223.64.0/24 maxlen: 24
145.223.65.0/24 maxlen: 24
146.103.60.0/24 maxlen: 24
146.103.62.0/23 maxlen: 24
148.135.180.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6d:94:b6:fb:31:d8:d9:84:e0:7b:63:f5:d2:70:94:13:27:9b:56:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Mar 12 05:18:20 2025 GMT
Not After : Mar 11 05:23:20 2026 GMT
Subject: CN=96424D5D3A6034F7E91A10711F214AD3CC9D4DBA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:ad:78:a8:ae:17:6f:b2:c6:ef:b5:99:30:8b:
97:e1:01:bd:d6:cf:b8:85:10:04:7b:d9:a3:d8:d6:
6f:5a:97:a1:9e:e5:42:d3:31:13:c2:51:87:3c:47:
d2:47:c1:3f:90:2b:07:be:55:56:cb:05:82:83:f8:
46:41:5b:29:fc:ed:6f:24:83:72:29:ba:2a:b9:f5:
b0:31:c8:46:df:3b:71:39:81:a1:05:9c:35:2c:9f:
f8:0c:50:f7:d4:00:bf:75:41:2b:0c:d9:8b:47:88:
b1:13:0e:8b:0b:0d:46:d4:cf:45:79:24:f5:da:7b:
a4:82:4e:9d:32:8f:7a:77:71:09:a7:6b:42:79:80:
71:f8:40:19:1a:39:1d:27:54:1a:9d:c0:92:af:ba:
88:8e:a1:0d:01:3f:9f:bb:ef:15:27:ca:56:e5:e8:
34:29:2f:b9:f0:33:a5:f4:bc:1a:12:f6:fe:72:33:
77:3e:fe:e2:1f:45:7e:48:e9:56:07:02:45:41:6f:
64:fc:f4:4d:0e:5c:5d:1e:c9:e9:d5:be:13:48:99:
a2:9a:c0:32:53:f5:ff:f6:f9:bc:a8:60:49:2a:db:
20:de:bb:98:d0:24:20:e6:0f:91:9c:db:86:0d:67:
52:95:83:80:70:2e:30:87:be:42:86:03:89:64:ff:
32:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:42:4D:5D:3A:60:34:F7:E9:1A:10:71:1F:21:4A:D3:CC:9D:4D:BA
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS14618.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
140.233.128.0/19
145.223.64.0/23
146.103.60.0/24
146.103.62.0/23
148.135.180.0/24
Signature Algorithm: sha256WithRSAEncryption
81:81:b8:f0:51:6d:f5:4b:f3:08:73:33:1c:c6:d0:f1:cf:f2:
a9:78:b3:fa:94:7e:6c:7d:2b:94:bc:79:16:16:47:7d:e0:0c:
42:3a:11:5f:f7:68:f8:16:25:c8:3f:a3:1a:08:77:2a:f2:3b:
76:2a:73:20:93:4a:69:cf:1a:0f:9e:e5:ea:23:f7:27:4e:2b:
a7:02:db:e8:b5:30:9e:fd:9d:52:4b:f2:42:be:9b:a8:73:20:
44:d3:5a:eb:91:fd:4f:16:a8:55:25:b7:cd:59:81:12:d2:52:
96:aa:c7:8c:2a:8c:53:17:fe:a5:14:eb:0f:db:00:83:a4:4b:
da:62:d9:67:17:24:2c:3b:4d:d7:1e:8f:1e:9c:21:65:2f:d6:
c7:7e:42:6d:8f:e6:69:23:f2:72:50:de:64:2e:7f:ae:4c:52:
ce:d0:aa:0f:40:fc:b3:44:2f:47:dc:f6:78:f4:b5:a3:bf:68:
85:c2:35:1d:f3:72:f0:9e:a6:6b:3e:f4:45:55:1f:54:8a:3b:
d8:42:60:94:69:f5:32:e4:42:5a:67:53:e8:b0:16:2c:82:6e:
37:91:da:32:48:2f:93:a1:9d:14:f1:d3:d0:a2:3f:c7:16:4e:
00:33:c1:54:4c:7c:62:ca:e5:74:f0:6d:ff:d6:78:f8:5d:2f:
70:31:89:60
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgIUbZS2+zHY2YTge2P10nCUEyebVi8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTAzMTIwNTE4MjBaFw0yNjAzMTEwNTIzMjBaMDMxMTAvBgNV
BAMTKDk2NDI0RDVEM0E2MDM0RjdFOTFBMTA3MTFGMjE0QUQzQ0M5RDREQkEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCprXiorhdvssbvtZkwi5fhAb3W
z7iFEAR72aPY1m9al6Ge5ULTMRPCUYc8R9JHwT+QKwe+VVbLBYKD+EZBWyn87W8k
g3Ipuiq59bAxyEbfO3E5gaEFnDUsn/gMUPfUAL91QSsM2YtHiLETDosLDUbUz0V5
JPXae6SCTp0yj3p3cQmna0J5gHH4QBkaOR0nVBqdwJKvuoiOoQ0BP5+77xUnylbl
6DQpL7nwM6X0vBoS9v5yM3c+/uIfRX5I6VYHAkVBb2T89E0OXF0eyenVvhNImaKa
wDJT9f/2+byoYEkq2yDeu5jQJCDmD5Gc24YNZ1KVg4BwLjCHvkKGA4lk/zJlAgMB
AAGjggIhMIICHTAdBgNVHQ4EFgQUlkJNXTpgNPfpGhBxHyFK08ydTbowHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMTQ2MTgucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwNwYIKwYBBQUHAQcBAf8EKDAmMCQEAgABMB4DBAWM6YAD
BAGR30ADBACSZzwDBAGSZz4DBACUh7QwDQYJKoZIhvcNAQELBQADggEBAIGBuPBR
bfVL8whzMxzG0PHP8ql4s/qUfmx9K5S8eRYWR33gDEI6EV/3aPgWJcg/oxoIdyry
O3YqcyCTSmnPGg+e5eoj9ydOK6cC2+i1MJ79nVJL8kK+m6hzIETTWuuR/U8WqFUl
t81ZgRLSUpaqx4wqjFMX/qUU6w/bAIOkS9pi2WcXJCw7Tdcejx6cIWUv1sd+Qm2P
5mkj8nJQ3mQuf65MUs7Qqg9A/LNEL0fc9nj0taO/aIXCNR3zcvCepms+9EVVH1SK
O9hCYJRp9TLkQlpnU+iwFiyCbjeR2jJIL5OhnRTx09CiP8cWTgAzwVRMfGLK5XTw
bf/WePhdL3AxiWA=
-----END CERTIFICATE-----
Generated at Fri Apr 4 23:28:02 2025 by rpki-client