Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS14618.roa
File:                     AS14618.roa (raw, json)
Hash identifier:          BQE0sb6fpYbLRmL4gvGmEjNaZDzIBumS32fh80MDpNM=
Subject key identifier:   7C:D0:36:B0:8A:D5:F4:D0:5A:1D:F1:06:AC:F2:E3:CA:57:17:13:6D
Certificate issuer:       /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial:       2E7B7114AA1126DA5C9CFD8AAAE516C1601DF375
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS14618.roa
Signing time:             Thu 16 Jul 2026 08:32:20 +0000
ROA not before:           Thu 16 Jul 2026 08:27:20 +0000
ROA not after:            Thu 15 Jul 2027 08:32:20 +0000
asID:                     14618
IP address blocks:        181.214.94.0/24 maxlen: 24
                          181.214.110.0/24 maxlen: 24
                          181.215.206.0/23 maxlen: 24
                          185.137.13.0/24 maxlen: 24
                          191.96.204.0/24 maxlen: 24
                          191.101.111.0/24 maxlen: 24
                          2a00:d1a0:10::/48 maxlen: 48
                          2a00:d1a0:11::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Jul 2026 07:32:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2e:7b:71:14:aa:11:26:da:5c:9c:fd:8a:aa:e5:16:c1:60:1d:f3:75
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
        Validity
            Not Before: Jul 16 08:27:20 2026 GMT
            Not After : Jul 15 08:32:20 2027 GMT
        Subject: CN=7CD036B08AD5F4D05A1DF106ACF2E3CA5717136D
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:4b:a3:3c:ef:20:6c:d6:5b:93:85:e4:35:e1:
                    54:01:7a:ec:36:f2:fc:14:13:e8:2c:45:b0:2d:70:
                    62:f9:6a:ca:08:d8:e2:c2:54:14:7e:6d:99:36:09:
                    8e:76:1e:6c:81:fa:c9:5d:cd:81:05:4b:51:31:0f:
                    0d:a5:de:c1:bc:be:19:8b:0d:29:7d:a7:6a:ba:f0:
                    bb:d0:d1:9b:35:bb:63:aa:90:d1:4d:fd:13:ed:ef:
                    ef:54:e7:00:28:ad:bf:78:20:42:8c:00:e3:de:57:
                    0f:18:77:75:e8:9d:2b:22:cc:e7:1a:ed:40:b8:78:
                    29:3b:61:8e:b1:8c:4e:5d:d3:51:59:fb:e8:22:32:
                    0d:4b:7c:6b:aa:5c:34:cb:f1:7d:2a:41:10:c2:f4:
                    12:7b:e2:8a:88:eb:41:88:db:26:00:80:92:a6:5b:
                    cc:4d:49:79:12:3d:ee:ce:16:ab:88:a0:05:8f:91:
                    af:4e:91:2c:0d:ef:7a:a8:66:11:8d:89:08:87:a6:
                    f4:fe:42:d8:8d:b7:28:37:0f:b6:e9:21:25:d3:ba:
                    7b:b2:ac:38:3e:59:75:23:26:92:a8:b4:7b:af:e7:
                    83:1a:4b:46:46:2e:69:d1:44:fb:64:e3:f9:df:74:
                    67:69:8c:45:da:a3:6f:63:35:4d:8f:d5:00:c5:3b:
                    ee:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7C:D0:36:B0:8A:D5:F4:D0:5A:1D:F1:06:AC:F2:E3:CA:57:17:13:6D
            X509v3 Authority Key Identifier:
                keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS14618.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  181.214.94.0/24
                  181.214.110.0/24
                  181.215.206.0/23
                  185.137.13.0/24
                  191.96.204.0/24
                  191.101.111.0/24
                IPv6:
                  2a00:d1a0:10::/47

    Signature Algorithm: sha256WithRSAEncryption
         39:59:67:af:91:e8:be:9c:17:eb:d4:d1:c8:fc:36:3b:64:f8:
         ee:00:dd:5e:dd:a6:99:89:56:b9:4a:d7:37:91:e7:92:91:91:
         a2:89:35:44:64:d2:76:95:72:15:93:12:90:18:f6:05:d2:13:
         22:c5:b6:9d:c3:74:47:1a:de:d9:03:1c:32:98:f9:ce:e9:1b:
         bb:a5:9f:6b:df:93:ac:2f:ca:e0:3d:55:be:95:0d:19:cf:f0:
         90:26:7f:d4:39:99:60:b0:55:c8:14:62:1c:08:18:db:aa:f2:
         10:14:cc:a1:61:86:09:e9:f5:bd:db:cf:b8:fd:d6:4e:5d:ca:
         fc:ba:89:4d:28:ca:5b:d0:e8:09:0f:8c:cf:28:03:ad:e7:77:
         02:ba:c3:e4:84:20:ab:c1:5b:af:df:83:90:1e:3a:a0:8a:41:
         df:03:37:d0:d8:56:ce:10:ab:42:92:30:4f:83:55:91:fe:ec:
         c8:c2:3b:6e:30:42:10:dc:e5:b6:4a:b5:ec:c6:fb:26:32:52:
         b3:71:d0:96:09:0b:9c:ff:ee:33:06:8b:25:c1:66:65:85:90:
         fe:6b:17:4e:2d:91:b6:e5:ed:86:8a:67:dc:47:77:59:92:89:
         a6:a8:7f:15:f2:98:3b:5b:8c:f8:2b:bb:a1:f8:7f:82:e7:d0:
         2e:cc:f2:11
-----BEGIN CERTIFICATE-----
MIIFLjCCBBagAwIBAgIULntxFKoRJtpcnP2KquUWwWAd83UwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNjA3MTYwODI3MjBaFw0yNzA3MTUwODMyMjBaMDMxMTAvBgNV
BAMTKDdDRDAzNkIwOEFENUY0RDA1QTFERjEwNkFDRjJFM0NBNTcxNzEzNkQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDFS6M87yBs1luTheQ14VQBeuw2
8vwUE+gsRbAtcGL5asoI2OLCVBR+bZk2CY52HmyB+sldzYEFS1ExDw2l3sG8vhmL
DSl9p2q68LvQ0Zs1u2OqkNFN/RPt7+9U5wAorb94IEKMAOPeVw8Yd3XonSsizOca
7UC4eCk7YY6xjE5d01FZ++giMg1LfGuqXDTL8X0qQRDC9BJ74oqI60GI2yYAgJKm
W8xNSXkSPe7OFquIoAWPka9OkSwN73qoZhGNiQiHpvT+QtiNtyg3D7bpISXTunuy
rDg+WXUjJpKotHuv54MaS0ZGLmnRRPtk4/nfdGdpjEXao29jNU2P1QDFO+6bAgMB
AAGjggI4MIICNDAdBgNVHQ4EFgQUfNA2sIrV9NBaHfEGrPLjylcXE20wHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMTQ2MTgucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwTgYIKwYBBQUHAQcBAf8EPzA9MCoEAgABMCQDBAC11l4D
BAC11m4DBAG1184DBAC5iQ0DBAC/YMwDBAC/ZW8wDwQCAAIwCQMHASoA0aAAEDAN
BgkqhkiG9w0BAQsFAAOCAQEAOVlnr5HovpwX69TRyPw2O2T47gDdXt2mmYlWuUrX
N5HnkpGRook1RGTSdpVyFZMSkBj2BdITIsW2ncN0Rxre2QMcMpj5zukbu6Wfa9+T
rC/K4D1VvpUNGc/wkCZ/1DmZYLBVyBRiHAgY26ryEBTMoWGGCen1vdvPuP3WTl3K
/LqJTSjKW9DoCQ+MzygDred3ArrD5IQgq8Fbr9+DkB46oIpB3wM30NhWzhCrQpIw
T4NVkf7syMI7bjBCENzltkq17Mb7JjJSs3HQlgkLnP/uMwaLJcFmZYWQ/msXTi2R
tuXthopn3Ed3WZKJpqh/FfKYO1uM+Cu7ofh/gufQLszyEQ==
-----END CERTIFICATE-----
Generated at Sun Jul 19 16:39:00 2026 by rpki-client