Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS7018.roa
File: AS7018.roa (raw, json)
Hash identifier: h7ej8jvBPLFJUl7tizn8CkzZQgTByPKfNyqDh0FebBE=
Subject key identifier: BA:51:DF:2B:AB:B2:86:EE:D3:03:F0:30:43:54:B0:97:2A:C7:13:AE
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 6FC408B0A154075A999F99985F9BAB8F4D5D12B4
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS7018.roa
Signing time: Mon 02 Jun 2025 00:00:23 +0000
ROA not before: Sun 01 Jun 2025 23:55:23 +0000
ROA not after: Mon 01 Jun 2026 00:00:23 +0000
asID: 7018
IP address blocks: 96.62.0.0/19 maxlen: 24
96.62.33.0/24 maxlen: 24
96.62.34.0/24 maxlen: 24
96.62.35.0/24 maxlen: 24
96.62.36.0/24 maxlen: 24
96.62.37.0/24 maxlen: 24
96.62.45.0/24 maxlen: 24
96.62.47.0/24 maxlen: 24
96.62.48.0/23 maxlen: 24
96.62.50.0/23 maxlen: 24
96.62.52.0/23 maxlen: 24
96.62.54.0/24 maxlen: 24
96.62.55.0/24 maxlen: 24
96.62.56.0/24 maxlen: 24
96.62.57.0/24 maxlen: 24
96.62.58.0/24 maxlen: 24
96.62.60.0/23 maxlen: 24
96.62.62.0/23 maxlen: 24
96.62.64.0/24 maxlen: 24
96.62.65.0/24 maxlen: 24
96.62.66.0/24 maxlen: 24
96.62.67.0/24 maxlen: 24
96.62.79.0/24 maxlen: 24
96.62.80.0/23 maxlen: 24
96.62.82.0/23 maxlen: 24
96.62.85.0/24 maxlen: 24
96.62.86.0/23 maxlen: 24
96.62.88.0/24 maxlen: 24
96.62.90.0/23 maxlen: 24
96.62.92.0/23 maxlen: 24
96.62.94.0/23 maxlen: 24
96.62.98.0/23 maxlen: 24
96.62.135.0/24 maxlen: 24
96.62.149.0/24 maxlen: 24
96.62.150.0/24 maxlen: 24
96.62.151.0/24 maxlen: 24
140.233.192.0/18 maxlen: 24
148.135.216.0/23 maxlen: 23
148.135.218.0/23 maxlen: 23
148.135.224.0/23 maxlen: 23
148.135.226.0/23 maxlen: 23
148.135.232.0/23 maxlen: 23
148.135.234.0/23 maxlen: 23
148.135.240.0/23 maxlen: 23
148.135.242.0/23 maxlen: 23
148.135.248.0/23 maxlen: 23
148.135.250.0/23 maxlen: 23
150.241.146.0/23 maxlen: 24
150.241.148.0/23 maxlen: 24
150.241.150.0/23 maxlen: 24
150.241.152.0/23 maxlen: 24
150.241.154.0/23 maxlen: 24
150.241.156.0/23 maxlen: 24
150.241.158.0/23 maxlen: 24
150.241.160.0/23 maxlen: 24
150.241.162.0/23 maxlen: 24
150.241.164.0/23 maxlen: 24
150.241.166.0/23 maxlen: 24
150.241.168.0/23 maxlen: 24
150.241.170.0/23 maxlen: 24
150.241.172.0/23 maxlen: 24
150.241.176.0/23 maxlen: 24
150.241.178.0/23 maxlen: 24
150.241.180.0/23 maxlen: 24
150.241.182.0/23 maxlen: 24
150.241.184.0/23 maxlen: 24
150.241.186.0/23 maxlen: 24
150.241.188.0/23 maxlen: 24
150.241.190.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 06 Jun 2025 12:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6f:c4:08:b0:a1:54:07:5a:99:9f:99:98:5f:9b:ab:8f:4d:5d:12:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Jun 1 23:55:23 2025 GMT
Not After : Jun 1 00:00:23 2026 GMT
Subject: CN=BA51DF2BABB286EED303F0304354B0972AC713AE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:60:4d:b0:c5:9d:8e:22:cc:6e:d7:eb:ab:77:
ab:ed:d1:f9:1c:5c:8d:a0:08:5a:0c:7d:55:ae:b0:
ca:4b:a1:8d:8e:ad:90:58:69:35:70:49:74:f4:2b:
fe:69:7c:f7:6f:aa:3a:9c:30:25:20:8e:38:ad:8b:
94:91:28:08:89:09:b2:9a:30:58:70:dc:3f:27:12:
b9:8d:38:96:f5:06:7a:ef:c5:c1:ed:54:08:1e:b7:
71:7a:be:52:26:3b:13:ff:7e:e5:5c:2a:dd:a6:d9:
71:2b:d9:37:bd:6d:03:48:01:92:6e:ad:e5:19:cd:
7e:ed:da:18:7a:99:ad:93:ca:2d:c1:34:8c:bf:5a:
d5:e3:87:90:ae:2b:e5:58:99:c5:cc:66:13:c1:d9:
a8:51:15:03:06:55:22:b7:46:ce:24:26:ed:d5:cb:
3b:d2:f9:e0:28:52:a8:1f:6c:c9:09:6a:3f:72:76:
57:c4:a9:4d:21:69:2c:33:a8:80:fc:b6:3e:b4:27:
1d:57:f9:0a:e5:e4:2e:f3:10:bf:cf:c3:e9:89:e3:
b1:19:d1:78:cb:b7:0e:6c:e7:76:10:de:a7:c0:1d:
31:7f:02:54:91:ff:01:6c:2b:eb:3f:2f:a6:fc:21:
87:56:3d:fe:66:5b:55:f1:1a:4c:92:28:e7:b9:29:
10:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:51:DF:2B:AB:B2:86:EE:D3:03:F0:30:43:54:B0:97:2A:C7:13:AE
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS7018.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
96.62.0.0/19
96.62.33.0-96.62.37.255
96.62.45.0/24
96.62.47.0-96.62.58.255
96.62.60.0-96.62.67.255
96.62.79.0-96.62.83.255
96.62.85.0-96.62.88.255
96.62.90.0-96.62.95.255
96.62.98.0/23
96.62.135.0/24
96.62.149.0-96.62.151.255
140.233.192.0/18
148.135.216.0/22
148.135.224.0/22
148.135.232.0/22
148.135.240.0/22
148.135.248.0/22
150.241.146.0-150.241.173.255
150.241.176.0/20
Signature Algorithm: sha256WithRSAEncryption
3d:1b:af:09:d9:3f:55:61:4f:b7:36:99:47:ee:68:a9:e2:75:
9e:2f:fe:ac:e0:82:b7:49:05:21:97:c8:61:c8:7f:99:23:4f:
8e:5a:58:8c:3f:70:89:bc:c1:a7:8e:8b:c4:0b:31:29:be:a5:
13:15:d3:70:ce:1f:ca:c6:75:f5:5d:e9:39:d2:00:f0:b3:68:
a7:f5:29:2e:82:bd:b2:56:f0:5f:38:23:bd:ae:06:a5:6a:d8:
80:95:a2:2c:bf:7d:91:2b:cf:8f:3e:49:85:fa:9b:05:52:01:
a0:18:1b:dc:03:61:50:73:98:82:e2:fe:b2:e7:bf:18:63:fd:
c4:48:05:d4:83:2f:94:52:49:61:67:14:86:22:f8:8c:b7:f0:
35:95:06:12:74:55:2d:f3:76:9a:ec:26:e3:d7:5e:9d:b4:4a:
3d:e6:b1:d9:ce:91:4b:b7:01:4c:68:52:63:9f:e9:4e:2c:d0:
42:e9:93:6d:c5:da:0e:e5:c5:35:79:f2:dd:ea:1d:2f:8e:87:
23:86:7b:b5:fc:36:4c:6a:81:02:d7:ec:0a:0f:54:57:80:fe:
13:db:3b:7a:4f:77:11:22:37:f2:cd:a3:99:f5:d1:8a:1f:fd:
35:e1:cc:d3:3e:59:d2:36:34:22:e0:14:77:5b:ec:3a:6f:b0:
87:42:2e:ce
-----BEGIN CERTIFICATE-----
MIIFrzCCBJegAwIBAgIUb8QIsKFUB1qZn5mYX5urj01dErQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTA2MDEyMzU1MjNaFw0yNjA2MDEwMDAwMjNaMDMxMTAvBgNV
BAMTKEJBNTFERjJCQUJCMjg2RUVEMzAzRjAzMDQzNTRCMDk3MkFDNzEzQUUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDqYE2wxZ2OIsxu1+urd6vt0fkc
XI2gCFoMfVWusMpLoY2OrZBYaTVwSXT0K/5pfPdvqjqcMCUgjjiti5SRKAiJCbKa
MFhw3D8nErmNOJb1BnrvxcHtVAget3F6vlImOxP/fuVcKt2m2XEr2Te9bQNIAZJu
reUZzX7t2hh6ma2Tyi3BNIy/WtXjh5CuK+VYmcXMZhPB2ahRFQMGVSK3Rs4kJu3V
yzvS+eAoUqgfbMkJaj9ydlfEqU0haSwzqID8tj60Jx1X+Qrl5C7zEL/Pw+mJ47EZ
0XjLtw5s53YQ3qfAHTF/AlSR/wFsK+s/L6b8IYdWPf5mW1XxGkySKOe5KRCtAgMB
AAGjggK5MIICtTAdBgNVHQ4EFgQUulHfK6uyhu7TA/AwQ1SwlyrHE64wHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTNzAxOC5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCBzwYIKwYBBQUHAQcBAf8Egb8wgbwwgbkEAgABMIGyAwQF
YD4AMAwDBABgPiEDBAFgPiQDBABgPi0wDAMEAGA+LwMEAGA+OjAMAwQCYD48AwQC
YD5AMAwDBABgPk8DBAJgPlAwDAMEAGA+VQMEAGA+WDAMAwQBYD5aAwQFYD5AAwQB
YD5iAwQAYD6HMAwDBABgPpUDBANgPpADBAaM6cADBAKUh9gDBAKUh+ADBAKUh+gD
BAKUh/ADBAKUh/gwDAMEAZbxkgMEAZbxrAMEBJbxsDANBgkqhkiG9w0BAQsFAAOC
AQEAPRuvCdk/VWFPtzaZR+5oqeJ1ni/+rOCCt0kFIZfIYch/mSNPjlpYjD9wibzB
p46LxAsxKb6lExXTcM4fysZ19V3pOdIA8LNop/UpLoK9slbwXzgjva4GpWrYgJWi
LL99kSvPjz5JhfqbBVIBoBgb3ANhUHOYguL+sue/GGP9xEgF1IMvlFJJYWcUhiL4
jLfwNZUGEnRVLfN2muwm49denbRKPeax2c6RS7cBTGhSY5/pTizQQumTbcXaDuXF
NXny3eodL46HI4Z7tfw2TGqBAtfsCg9UV4D+E9s7ek93ESI38s2jmfXRih/9NeHM
0z5Z0jY0IuAUd1vsOm+wh0Iuzg==
-----END CERTIFICATE-----
Generated at Thu Jun 5 18:17:15 2025 by rpki-client