Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS18811.roa
File: AS18811.roa (raw, json)
Hash identifier: 5yhxS+90mcRfNf1ZDHgCi3CchkWTpfdPQ3EeCGy0B4Y=
Subject key identifier: 61:49:03:2A:49:23:A0:C0:F9:48:70:DC:02:1B:D2:B4:CF:A6:F3:85
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 4A88E4375FBEB2FDD08037A84A69E31BB3FFF163
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS18811.roa
Signing time: Sun 20 Jul 2025 00:00:19 +0000
ROA not before: Sat 19 Jul 2025 23:55:19 +0000
ROA not after: Sun 19 Jul 2026 00:00:19 +0000
asID: 18811
IP address blocks: 96.62.71.0/24 maxlen: 24
96.62.73.0/24 maxlen: 24
96.62.74.0/24 maxlen: 24
96.62.100.0/24 maxlen: 24
155.117.12.0/22 maxlen: 24
155.117.20.0/22 maxlen: 24
162.141.55.0/24 maxlen: 24
162.141.153.0/24 maxlen: 24
162.141.166.0/24 maxlen: 24
167.148.0.0/24 maxlen: 24
167.148.6.0/24 maxlen: 24
167.148.28.0/24 maxlen: 24
167.148.43.0/24 maxlen: 24
167.148.68.0/24 maxlen: 24
167.148.96.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Jul 2025 16:21:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4a:88:e4:37:5f:be:b2:fd:d0:80:37:a8:4a:69:e3:1b:b3:ff:f1:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Jul 19 23:55:19 2025 GMT
Not After : Jul 19 00:00:19 2026 GMT
Subject: CN=6149032A4923A0C0F94870DC021BD2B4CFA6F385
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:81:bc:54:c8:78:29:b0:bb:c6:fe:88:de:f7:
8a:dc:92:fe:2a:94:b0:9f:1b:54:e0:ff:5a:96:34:
35:a4:1d:32:51:96:65:aa:e4:03:92:39:89:46:0b:
2a:8b:15:c0:6d:da:55:1a:f1:c5:c2:d9:d3:11:d7:
d7:6d:27:64:e5:39:a8:43:c0:ed:b5:ee:b6:e8:32:
4b:c8:42:f4:f5:15:ed:2b:c8:7c:e8:fb:20:f3:ff:
0c:a8:27:67:53:34:f2:56:93:7b:7f:cf:2b:87:d9:
97:c4:2d:78:4a:d4:7a:b2:6f:6b:fd:aa:35:0b:00:
5f:e9:9e:c0:e9:92:cd:04:45:38:ad:9a:8b:39:c4:
cd:14:0f:aa:73:bf:b6:1e:e4:32:fe:45:a5:f3:6e:
08:78:2a:71:52:3f:ba:82:fe:53:c2:62:ee:d3:6c:
e7:c8:49:5c:30:73:e9:c5:bd:95:5c:a4:eb:ce:3f:
cb:02:b4:98:5a:46:af:54:2e:1f:02:86:c7:ac:f6:
af:42:fc:b5:31:bd:64:23:0f:74:47:c3:ec:ae:ad:
11:da:7c:3b:9a:27:43:85:30:84:da:39:b5:24:c2:
81:cd:cd:95:cc:5b:0c:20:47:ee:c6:a8:9d:08:77:
0c:4b:ef:3e:37:cd:f6:e0:c2:fc:f3:db:50:db:18:
3e:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:49:03:2A:49:23:A0:C0:F9:48:70:DC:02:1B:D2:B4:CF:A6:F3:85
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS18811.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
96.62.71.0/24
96.62.73.0-96.62.74.255
96.62.100.0/24
155.117.12.0/22
155.117.20.0/22
162.141.55.0/24
162.141.153.0/24
162.141.166.0/24
167.148.0.0/24
167.148.6.0/24
167.148.28.0/24
167.148.43.0/24
167.148.68.0/24
167.148.96.0/24
Signature Algorithm: sha256WithRSAEncryption
8f:a6:c0:81:fb:38:44:12:f5:cf:2b:34:11:28:13:d4:08:3e:
cf:48:34:88:ab:18:62:6d:49:37:0b:dc:a6:75:bd:bf:73:ab:
44:4a:f0:80:3e:5e:d3:37:56:3c:03:09:32:d3:f8:d2:60:a4:
9c:e8:ac:9c:ce:0f:3c:fa:bb:46:b7:40:32:a7:16:5f:02:7c:
37:f3:d7:4e:b3:08:02:a7:23:36:43:da:cf:09:d6:b8:af:48:
f0:2c:e9:44:bc:ec:ae:cc:cd:f7:75:cb:82:27:56:83:05:e2:
5f:e5:86:5a:c0:38:41:c4:29:e2:3b:10:e7:05:b0:1f:20:68:
f8:1d:dc:78:e4:da:d6:50:67:cf:31:95:82:3f:ba:eb:dc:72:
37:8a:41:f2:61:b1:71:28:70:97:a1:9e:ff:1b:43:a8:65:4b:
1c:f9:18:72:c5:c7:79:1f:28:14:fe:a0:df:c2:f3:9f:e0:6a:
d9:b1:05:d9:fa:a7:d1:d0:5f:a8:06:b1:4d:f5:08:19:25:da:
3c:41:31:f8:92:77:82:b0:90:eb:d8:33:30:bf:3d:e8:12:d7:
59:91:07:ad:9e:f7:2a:d9:84:8f:66:22:ab:b7:f4:33:42:5c:
5e:06:a8:39:bd:4f:27:f1:34:80:38:86:c9:17:4d:fa:fb:9f:
4b:ca:2e:80
-----BEGIN CERTIFICATE-----
MIIFVTCCBD2gAwIBAgIUSojkN1++sv3QgDeoSmnjG7P/8WMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTA3MTkyMzU1MTlaFw0yNjA3MTkwMDAwMTlaMDMxMTAvBgNV
BAMTKDYxNDkwMzJBNDkyM0EwQzBGOTQ4NzBEQzAyMUJEMkI0Q0ZBNkYzODUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCkgbxUyHgpsLvG/oje94rckv4q
lLCfG1Tg/1qWNDWkHTJRlmWq5AOSOYlGCyqLFcBt2lUa8cXC2dMR19dtJ2TlOahD
wO217rboMkvIQvT1Fe0ryHzo+yDz/wyoJ2dTNPJWk3t/zyuH2ZfELXhK1Hqyb2v9
qjULAF/pnsDpks0ERTitmos5xM0UD6pzv7Ye5DL+RaXzbgh4KnFSP7qC/lPCYu7T
bOfISVwwc+nFvZVcpOvOP8sCtJhaRq9ULh8Chses9q9C/LUxvWQjD3RHw+yurRHa
fDuaJ0OFMITaObUkwoHNzZXMWwwgR+7GqJ0IdwxL7z43zfbgwvzz21DbGD6bAgMB
AAGjggJfMIICWzAdBgNVHQ4EFgQUYUkDKkkjoMD5SHDcAhvStM+m84UwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMTg4MTEucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwdQYIKwYBBQUHAQcBAf8EZjBkMGIEAgABMFwDBABgPkcw
DAMEAGA+SQMEAGA+SgMEAGA+ZAMEApt1DAMEApt1FAMEAKKNNwMEAKKNmQMEAKKN
pgMEAKeUAAMEAKeUBgMEAKeUHAMEAKeUKwMEAKeURAMEAKeUYDANBgkqhkiG9w0B
AQsFAAOCAQEAj6bAgfs4RBL1zys0ESgT1Ag+z0g0iKsYYm1JNwvcpnW9v3OrRErw
gD5e0zdWPAMJMtP40mCknOisnM4PPPq7RrdAMqcWXwJ8N/PXTrMIAqcjNkPazwnW
uK9I8CzpRLzsrszN93XLgidWgwXiX+WGWsA4QcQp4jsQ5wWwHyBo+B3ceOTa1lBn
zzGVgj+669xyN4pB8mGxcShwl6Ge/xtDqGVLHPkYcsXHeR8oFP6g38Lzn+Bq2bEF
2fqn0dBfqAaxTfUIGSXaPEEx+JJ3grCQ69gzML896BLXWZEHrZ73KtmEj2Yiq7f0
M0JcXgaoOb1PJ/E0gDiGyRdN+vufS8ougA==
-----END CERTIFICATE-----
Generated at Mon Jul 21 01:33:04 2025 by rpki-client