Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS7018.roa
File: AS7018.roa (raw, json)
Hash identifier: qsXH54qDA8eWlE28tmlsTZKQTtQ3gVA3FVBped/x5w8=
Subject key identifier: D5:B6:A2:DC:E9:1D:17:57:94:3A:48:06:2E:B1:58:AC:A7:9C:4F:8F
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 20136B0DFEEA78D15BF8DD2F6E732F3C902CD390
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS7018.roa
Signing time: Fri 14 Mar 2025 19:28:11 +0000
ROA not before: Fri 14 Mar 2025 19:23:11 +0000
ROA not after: Fri 13 Mar 2026 19:28:11 +0000
asID: 7018
IP address blocks: 96.62.33.0/24 maxlen: 24
96.62.34.0/24 maxlen: 24
96.62.35.0/24 maxlen: 24
96.62.36.0/24 maxlen: 24
96.62.37.0/24 maxlen: 24
96.62.45.0/24 maxlen: 24
96.62.47.0/24 maxlen: 24
96.62.48.0/23 maxlen: 24
96.62.50.0/23 maxlen: 24
96.62.52.0/23 maxlen: 24
96.62.54.0/24 maxlen: 24
96.62.55.0/24 maxlen: 24
96.62.56.0/24 maxlen: 24
96.62.57.0/24 maxlen: 24
96.62.58.0/24 maxlen: 24
96.62.60.0/23 maxlen: 24
96.62.62.0/23 maxlen: 24
96.62.64.0/24 maxlen: 24
96.62.65.0/24 maxlen: 24
96.62.66.0/24 maxlen: 24
96.62.67.0/24 maxlen: 24
96.62.79.0/24 maxlen: 24
96.62.80.0/23 maxlen: 24
96.62.82.0/23 maxlen: 24
96.62.85.0/24 maxlen: 24
96.62.86.0/23 maxlen: 24
96.62.88.0/24 maxlen: 24
96.62.90.0/23 maxlen: 24
96.62.92.0/23 maxlen: 24
96.62.94.0/23 maxlen: 24
96.62.98.0/23 maxlen: 24
96.62.135.0/24 maxlen: 24
96.62.149.0/24 maxlen: 24
96.62.150.0/24 maxlen: 24
96.62.151.0/24 maxlen: 24
140.233.192.0/18 maxlen: 24
148.135.216.0/23 maxlen: 23
148.135.218.0/23 maxlen: 23
148.135.224.0/23 maxlen: 23
148.135.226.0/23 maxlen: 23
148.135.232.0/23 maxlen: 23
148.135.234.0/23 maxlen: 23
148.135.240.0/23 maxlen: 23
148.135.242.0/23 maxlen: 23
148.135.248.0/23 maxlen: 23
148.135.250.0/23 maxlen: 23
150.241.146.0/23 maxlen: 24
150.241.148.0/23 maxlen: 24
150.241.150.0/23 maxlen: 24
150.241.152.0/23 maxlen: 24
150.241.154.0/23 maxlen: 24
150.241.156.0/23 maxlen: 24
150.241.158.0/23 maxlen: 24
150.241.160.0/23 maxlen: 24
150.241.162.0/23 maxlen: 24
150.241.164.0/23 maxlen: 24
150.241.166.0/23 maxlen: 24
150.241.168.0/23 maxlen: 24
150.241.170.0/23 maxlen: 24
150.241.172.0/23 maxlen: 24
150.241.176.0/23 maxlen: 24
150.241.178.0/23 maxlen: 24
150.241.180.0/23 maxlen: 24
150.241.182.0/23 maxlen: 24
150.241.184.0/23 maxlen: 24
150.241.186.0/23 maxlen: 24
150.241.188.0/23 maxlen: 24
150.241.190.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 09 Apr 2025 07:35:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
20:13:6b:0d:fe:ea:78:d1:5b:f8:dd:2f:6e:73:2f:3c:90:2c:d3:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Mar 14 19:23:11 2025 GMT
Not After : Mar 13 19:28:11 2026 GMT
Subject: CN=D5B6A2DCE91D1757943A48062EB158ACA79C4F8F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:80:c6:1d:fd:87:86:f2:86:de:cd:63:e4:bb:
2a:5f:8a:86:aa:48:7a:e4:64:0f:03:54:7d:fd:7d:
e3:a5:09:14:53:86:a7:79:8c:03:67:b7:18:9e:1f:
c6:2d:b1:07:4c:e1:86:40:ad:e6:ee:0f:88:86:62:
6a:95:da:16:cd:8b:d2:94:b5:63:6b:1c:75:8a:9b:
5d:37:94:17:de:ea:e5:08:da:c7:1c:ef:bb:c0:a8:
1b:67:bb:51:b9:cb:d4:a4:ff:1a:e9:bf:78:fc:77:
b0:f0:b2:7e:ae:e6:2f:14:a3:be:57:4a:af:1e:94:
7e:39:d2:1e:c5:93:57:84:f0:09:a3:e5:bb:04:be:
de:19:b0:e1:b8:1b:53:d4:45:df:5d:ee:62:0a:2e:
9f:51:84:89:c9:f3:3c:79:29:19:ba:d8:d7:37:0d:
01:7e:4c:48:9e:2d:63:14:72:0b:61:6d:39:96:15:
f9:45:72:55:7e:de:ff:16:2d:47:2b:71:5f:00:92:
0d:bb:28:ea:84:fe:21:6a:1b:fd:77:08:ce:25:05:
ba:9f:44:99:e1:2b:44:44:0e:9e:08:5d:3f:65:30:
fa:a2:53:2c:31:c3:cf:e7:e8:23:a3:04:29:40:97:
fd:a0:72:90:5c:ab:ae:74:b1:3b:09:0f:d7:67:2e:
bb:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:B6:A2:DC:E9:1D:17:57:94:3A:48:06:2E:B1:58:AC:A7:9C:4F:8F
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS7018.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
96.62.33.0-96.62.37.255
96.62.45.0/24
96.62.47.0-96.62.58.255
96.62.60.0-96.62.67.255
96.62.79.0-96.62.83.255
96.62.85.0-96.62.88.255
96.62.90.0-96.62.95.255
96.62.98.0/23
96.62.135.0/24
96.62.149.0-96.62.151.255
140.233.192.0/18
148.135.216.0/22
148.135.224.0/22
148.135.232.0/22
148.135.240.0/22
148.135.248.0/22
150.241.146.0-150.241.173.255
150.241.176.0/20
Signature Algorithm: sha256WithRSAEncryption
5f:a3:12:26:69:c0:9f:da:01:b5:36:8c:c3:0e:a4:ea:4d:11:
ff:dc:6e:20:70:56:80:fb:ea:fe:46:36:c2:bd:a8:d3:52:3a:
dd:e9:1b:f0:c4:10:5c:de:25:4a:e1:e2:5a:c1:36:66:04:08:
75:0a:a8:e8:e7:e2:62:73:d6:8b:8a:be:9f:0e:21:ba:03:74:
82:8c:84:3d:fd:f0:0d:c3:5f:01:f3:a8:67:bd:cf:ff:b9:fb:
fa:72:77:7b:5f:b3:bc:b7:3b:86:6e:f4:5b:2e:26:86:60:0f:
ff:9d:9f:05:03:5e:f6:cd:b3:6c:27:57:43:cd:58:1c:6f:50:
dd:e0:03:ec:cf:ca:97:d0:cf:1a:67:0e:76:62:5d:47:74:c7:
9c:03:c9:63:8d:40:8c:37:da:55:e3:3e:a1:3a:75:85:7c:7d:
11:7a:68:b2:d2:61:e4:7a:9d:47:c2:ea:1e:7f:2b:1a:c8:98:
25:90:e5:cc:28:af:05:db:58:7f:95:79:7b:ae:4b:ca:cd:7f:
44:d4:09:68:e4:d6:a4:5d:1c:91:12:d7:ff:87:47:c4:55:4a:
a4:64:c2:a4:2c:b0:91:80:f7:1f:b6:a5:67:86:a0:6a:41:7c:
7c:7f:bd:e4:27:8e:7c:b8:1e:48:5c:09:18:37:c8:dc:3b:66:
32:f4:5e:52
-----BEGIN CERTIFICATE-----
MIIFqTCCBJGgAwIBAgIUIBNrDf7qeNFb+N0vbnMvPJAs05AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTAzMTQxOTIzMTFaFw0yNjAzMTMxOTI4MTFaMDMxMTAvBgNV
BAMTKEQ1QjZBMkRDRTkxRDE3NTc5NDNBNDgwNjJFQjE1OEFDQTc5QzRGOEYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCYgMYd/YeG8obezWPkuypfioaq
SHrkZA8DVH39feOlCRRThqd5jANntxieH8YtsQdM4YZArebuD4iGYmqV2hbNi9KU
tWNrHHWKm103lBfe6uUI2scc77vAqBtnu1G5y9Sk/xrpv3j8d7Dwsn6u5i8Uo75X
Sq8elH450h7Fk1eE8Amj5bsEvt4ZsOG4G1PURd9d7mIKLp9RhInJ8zx5KRm62Nc3
DQF+TEieLWMUcgthbTmWFflFclV+3v8WLUcrcV8Akg27KOqE/iFqG/13CM4lBbqf
RJnhK0REDp4IXT9lMPqiUywxw8/n6COjBClAl/2gcpBcq650sTsJD9dnLrsfAgMB
AAGjggKzMIICrzAdBgNVHQ4EFgQU1bai3OkdF1eUOkgGLrFYrKecT48wHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTNzAxOC5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCByQYIKwYBBQUHAQcBAf8EgbkwgbYwgbMEAgABMIGsMAwD
BABgPiEDBAFgPiQDBABgPi0wDAMEAGA+LwMEAGA+OjAMAwQCYD48AwQCYD5AMAwD
BABgPk8DBAJgPlAwDAMEAGA+VQMEAGA+WDAMAwQBYD5aAwQFYD5AAwQBYD5iAwQA
YD6HMAwDBABgPpUDBANgPpADBAaM6cADBAKUh9gDBAKUh+ADBAKUh+gDBAKUh/AD
BAKUh/gwDAMEAZbxkgMEAZbxrAMEBJbxsDANBgkqhkiG9w0BAQsFAAOCAQEAX6MS
JmnAn9oBtTaMww6k6k0R/9xuIHBWgPvq/kY2wr2o01I63ekb8MQQXN4lSuHiWsE2
ZgQIdQqo6OfiYnPWi4q+nw4hugN0goyEPf3wDcNfAfOoZ73P/7n7+nJ3e1+zvLc7
hm70Wy4mhmAP/52fBQNe9s2zbCdXQ81YHG9Q3eAD7M/Kl9DPGmcOdmJdR3THnAPJ
Y41AjDfaVeM+oTp1hXx9EXpostJh5HqdR8LqHn8rGsiYJZDlzCivBdtYf5V5e65L
ys1/RNQJaOTWpF0ckRLX/4dHxFVKpGTCpCywkYD3H7alZ4agakF8fH+95CeOfLge
SFwJGDfI3DtmMvReUg==
-----END CERTIFICATE-----
Generated at Tue Apr 8 18:16:59 2025 by rpki-client