Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS18811.roa
File: AS18811.roa (raw, json)
Hash identifier: W3uDM4mCFokXpApkC85RKEk5UA7aRUupFcQm7qAIPck=
Subject key identifier: 01:1F:FD:D5:D5:E7:D6:BB:1A:6F:37:DF:A6:0C:BB:D7:3C:A8:12:81
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 7C4D130D6487DDAEF2FB1B97967B853F19A77ED8
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS18811.roa
Signing time: Mon 20 Oct 2025 13:57:00 +0000
ROA not before: Mon 20 Oct 2025 13:52:00 +0000
ROA not after: Mon 19 Oct 2026 13:57:00 +0000
asID: 18811
IP address blocks: 167.148.0.0/24 maxlen: 24
167.148.6.0/24 maxlen: 24
167.148.28.0/24 maxlen: 24
167.148.43.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 18:49:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7c:4d:13:0d:64:87:dd:ae:f2:fb:1b:97:96:7b:85:3f:19:a7:7e:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Oct 20 13:52:00 2025 GMT
Not After : Oct 19 13:57:00 2026 GMT
Subject: CN=011FFDD5D5E7D6BB1A6F37DFA60CBBD73CA81281
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:dc:e5:2d:97:8a:84:e7:3c:15:c9:fd:3d:28:
5a:ab:b8:29:3d:fd:44:af:43:8c:99:9c:09:7f:35:
bd:38:de:9d:fe:3b:db:e2:40:96:40:16:b8:d0:da:
c9:01:dc:45:e3:6f:75:fe:05:ba:b4:7f:7b:bf:1c:
5f:46:2b:45:54:c0:85:6e:51:69:06:20:fe:b8:d9:
ff:2c:b9:5a:cd:cc:6b:53:7a:df:1f:5f:6f:09:b5:
65:9a:5d:0a:84:56:91:6d:8e:60:84:18:4b:16:5b:
10:60:8c:ab:ac:42:56:59:62:5b:56:87:9c:55:ab:
d9:ec:4f:84:ae:bf:59:3c:f0:e7:22:6d:9c:00:e0:
7c:91:d7:88:f1:a8:6d:3f:90:53:73:d5:34:07:95:
63:56:78:c1:f6:bc:1e:85:57:81:ac:8f:34:d4:1f:
ee:33:7d:aa:ca:bc:7d:75:38:f5:f1:39:63:ea:57:
d4:34:6b:e3:08:4e:bd:60:d8:eb:2f:b3:01:b9:20:
5b:72:0d:52:bd:9f:84:db:3b:11:f3:19:d9:41:13:
cf:ed:8b:8c:ae:11:5f:94:c1:18:3d:90:e2:b3:68:
50:ca:bc:0d:e2:8a:a9:fa:84:6c:fa:28:b7:db:60:
e3:c2:4a:ff:c4:46:c9:2f:12:37:2a:1d:22:e4:37:
96:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:1F:FD:D5:D5:E7:D6:BB:1A:6F:37:DF:A6:0C:BB:D7:3C:A8:12:81
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS18811.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
167.148.0.0/24
167.148.6.0/24
167.148.28.0/24
167.148.43.0/24
Signature Algorithm: sha256WithRSAEncryption
a2:ab:36:93:63:60:c0:9b:04:b9:0f:7d:26:70:d0:33:16:47:
a3:75:f9:b6:6d:62:6d:b6:e2:f7:5c:f9:f3:f2:dd:40:88:46:
97:4c:f1:33:80:ff:d4:49:ef:77:9d:d8:87:1d:1a:b1:f4:9a:
99:6a:e6:54:3c:6c:d6:51:85:19:8d:9f:cc:8a:4c:85:f7:da:
84:2a:d7:fc:b1:ec:b6:3e:ae:b6:79:20:09:f5:f1:e1:cf:6e:
0b:ea:95:b7:45:86:c8:6b:52:b8:f1:57:99:42:dc:68:a7:e5:
f4:a5:7a:20:69:e0:00:00:fc:e2:97:65:dc:49:97:51:ac:ab:
39:34:39:61:5a:f0:08:7a:73:fb:a1:d3:0d:e7:81:c0:db:09:
61:27:80:a5:eb:cb:6f:d6:1c:52:16:ee:ea:b0:13:28:81:91:
87:40:6f:64:90:a3:a9:43:20:6d:42:63:58:31:3a:17:01:19:
a4:69:1b:45:8d:e5:72:5c:9d:3b:5d:c0:7f:c1:e0:25:89:04:
62:3c:04:22:9f:a0:74:98:2e:17:79:72:f1:46:cc:cd:d1:5a:
fe:b5:11:c8:ff:ca:47:94:15:2d:d5:5a:cb:d7:99:52:f6:8e:
0e:f7:84:f9:3e:13:e2:56:08:04:37:f9:7a:0f:0a:4e:47:8a:
b2:15:8b:d9
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgIUfE0TDWSH3a7y+xuXlnuFPxmnftgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTEwMjAxMzUyMDBaFw0yNjEwMTkxMzU3MDBaMDMxMTAvBgNV
BAMTKDAxMUZGREQ1RDVFN0Q2QkIxQTZGMzdERkE2MENCQkQ3M0NBODEyODEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCe3OUtl4qE5zwVyf09KFqruCk9
/USvQ4yZnAl/Nb043p3+O9viQJZAFrjQ2skB3EXjb3X+Bbq0f3u/HF9GK0VUwIVu
UWkGIP642f8suVrNzGtTet8fX28JtWWaXQqEVpFtjmCEGEsWWxBgjKusQlZZYltW
h5xVq9nsT4Suv1k88OcibZwA4HyR14jxqG0/kFNz1TQHlWNWeMH2vB6FV4GsjzTU
H+4zfarKvH11OPXxOWPqV9Q0a+MITr1g2OsvswG5IFtyDVK9n4TbOxHzGdlBE8/t
i4yuEV+UwRg9kOKzaFDKvA3iiqn6hGz6KLfbYOPCSv/ERskvEjcqHSLkN5bZAgMB
AAGjggIbMIICFzAdBgNVHQ4EFgQUAR/91dXn1rsabzffpgy71zyoEoEwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMTg4MTEucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwMQYIKwYBBQUHAQcBAf8EIjAgMB4EAgABMBgDBACnlAAD
BACnlAYDBACnlBwDBACnlCswDQYJKoZIhvcNAQELBQADggEBAKKrNpNjYMCbBLkP
fSZw0DMWR6N1+bZtYm224vdc+fPy3UCIRpdM8TOA/9RJ73ed2IcdGrH0mplq5lQ8
bNZRhRmNn8yKTIX32oQq1/yx7LY+rrZ5IAn18eHPbgvqlbdFhshrUrjxV5lC3Gin
5fSleiBp4AAA/OKXZdxJl1Gsqzk0OWFa8Ah6c/uh0w3ngcDbCWEngKXry2/WHFIW
7uqwEyiBkYdAb2SQo6lDIG1CY1gxOhcBGaRpG0WN5XJcnTtdwH/B4CWJBGI8BCKf
oHSYLhd5cvFGzM3RWv61Ecj/ykeUFS3VWsvXmVL2jg73hPk+E+JWCAQ3+XoPCk5H
irIVi9k=
-----END CERTIFICATE-----
Generated at Tue Oct 21 10:58:45 2025 by rpki-client