Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS14618.roa
File: AS14618.roa (raw, json)
Hash identifier: TNmf1jlDk63iDERglhpB7n3LRFRb+sRSVk7bFpfsWYI=
Subject key identifier: 9D:FE:BE:14:70:15:7C:79:14:A1:DD:79:58:BE:EF:D2:65:07:E4:0D
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 3F6A875ECC738F8D9191045DC28BFC0A6FD35689
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS14618.roa
Signing time: Mon 02 Jun 2025 00:01:10 +0000
ROA not before: Sun 01 Jun 2025 23:56:10 +0000
ROA not after: Mon 01 Jun 2026 00:01:10 +0000
asID: 14618
IP address blocks: 181.214.110.0/24 maxlen: 24
181.214.236.0/23 maxlen: 24
181.215.206.0/23 maxlen: 24
185.135.159.0/24 maxlen: 24
185.137.12.0/24 maxlen: 24
185.137.13.0/24 maxlen: 24
185.141.166.0/24 maxlen: 24
185.151.58.0/24 maxlen: 24
191.96.204.0/24 maxlen: 24
191.101.111.0/24 maxlen: 24
191.101.223.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 05 Jun 2025 00:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3f:6a:87:5e:cc:73:8f:8d:91:91:04:5d:c2:8b:fc:0a:6f:d3:56:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Jun 1 23:56:10 2025 GMT
Not After : Jun 1 00:01:10 2026 GMT
Subject: CN=9DFEBE1470157C7914A1DD7958BEEFD26507E40D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:ae:4a:3e:78:10:f1:bc:1d:88:23:11:f1:5f:
96:24:b9:dd:c3:51:b4:1a:15:e6:15:9d:24:98:f8:
51:6a:4f:8e:ed:99:28:f9:e8:4e:f5:15:9d:39:e1:
34:88:b0:73:fd:f4:30:5c:14:f4:c9:bc:65:0e:cd:
7a:5a:b4:0f:02:f2:07:d5:05:67:e2:56:c9:26:dc:
0d:68:fe:4e:d1:63:3a:7a:ba:b7:6a:8b:17:9a:36:
c2:9d:40:b5:6d:2f:bd:20:48:23:56:63:82:4f:3d:
9c:07:d5:af:1f:45:11:e2:88:60:ce:af:06:02:7b:
cf:ea:5a:ec:81:3b:57:fa:45:f0:3b:ef:5c:20:43:
97:92:d9:72:07:da:3d:95:c3:d3:89:2b:78:7a:62:
06:5b:d5:25:c0:97:29:63:5d:fd:d9:d8:08:06:b8:
62:a4:0d:d1:c1:ef:44:29:e1:2a:ea:cd:41:00:38:
4d:dc:10:86:b0:94:b3:2a:95:0f:fa:28:e7:41:78:
bf:50:a9:66:5d:6f:e8:f8:d9:9c:bd:7c:a9:43:28:
b2:2d:03:54:8e:27:cc:11:9e:09:c1:b8:22:fa:a7:
fe:12:94:8f:b4:48:49:2f:e2:d7:66:5f:de:85:14:
69:b2:1b:5d:3f:89:1e:2c:97:98:20:26:22:26:3c:
7d:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:FE:BE:14:70:15:7C:79:14:A1:DD:79:58:BE:EF:D2:65:07:E4:0D
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS14618.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
181.214.110.0/24
181.214.236.0/23
181.215.206.0/23
185.135.159.0/24
185.137.12.0/23
185.141.166.0/24
185.151.58.0/24
191.96.204.0/24
191.101.111.0/24
191.101.223.0/24
Signature Algorithm: sha256WithRSAEncryption
11:b2:70:4c:6c:e0:c1:b7:e6:aa:36:92:98:2d:2b:6a:a5:c0:
d5:bc:1b:cf:ec:31:39:7c:27:b7:76:a0:19:99:10:52:a4:f1:
31:3f:aa:b3:29:dd:bf:95:e6:43:8c:80:63:44:9e:20:f6:58:
02:f0:66:ca:18:3e:ec:41:be:ec:17:b4:09:ec:63:b8:33:c6:
bd:73:a2:0e:62:70:45:b8:d5:0e:9a:db:1e:7c:99:48:0f:f9:
d7:d9:a2:b7:d6:90:4a:65:f0:0a:a3:16:fb:46:15:1b:6d:31:
86:c2:a7:31:50:02:e2:1d:98:50:af:57:56:9e:b0:8b:04:6d:
60:d3:fe:5b:10:92:5a:ff:ee:ba:1f:76:2b:84:5a:b0:f7:c3:
62:61:48:7a:79:a7:65:6a:76:d8:34:5d:59:db:22:54:fd:0a:
60:4c:e1:6c:d3:49:14:a9:d1:17:ea:20:83:d8:9d:3b:c3:ad:
c7:e0:ec:ec:22:fd:02:52:25:84:7d:df:48:07:d2:79:c8:ce:
5b:75:56:b9:0a:2d:db:4f:83:d4:fd:82:e9:22:4b:85:3e:8e:
c7:3e:c9:22:d4:8b:cb:0c:38:10:01:a0:c4:51:05:01:e7:3d:
ea:51:ee:86:8f:c2:21:20:55:f6:e1:99:bd:9e:fb:c7:93:35:
41:0f:72:b8
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUP2qHXsxzj42RkQRdwov8Cm/TVokwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNTA2MDEyMzU2MTBaFw0yNjA2MDEwMDAxMTBaMDMxMTAvBgNV
BAMTKDlERkVCRTE0NzAxNTdDNzkxNEExREQ3OTU4QkVFRkQyNjUwN0U0MEQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCirko+eBDxvB2IIxHxX5Ykud3D
UbQaFeYVnSSY+FFqT47tmSj56E71FZ054TSIsHP99DBcFPTJvGUOzXpatA8C8gfV
BWfiVskm3A1o/k7RYzp6urdqixeaNsKdQLVtL70gSCNWY4JPPZwH1a8fRRHiiGDO
rwYCe8/qWuyBO1f6RfA771wgQ5eS2XIH2j2Vw9OJK3h6YgZb1SXAlyljXf3Z2AgG
uGKkDdHB70Qp4SrqzUEAOE3cEIawlLMqlQ/6KOdBeL9QqWZdb+j42Zy9fKlDKLIt
A1SOJ8wRngnBuCL6p/4SlI+0SEkv4tdmX96FFGmyG10/iR4sl5ggJiImPH3vAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUnf6+FHAVfHkUod15WL7v0mUH5A0wHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMTQ2MTgucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwVQYIKwYBBQUHAQcBAf8ERjBEMEIEAgABMDwDBAC11m4D
BAG11uwDBAG1184DBAC5h58DBAG5iQwDBAC5jaYDBAC5lzoDBAC/YMwDBAC/ZW8D
BAC/Zd8wDQYJKoZIhvcNAQELBQADggEBABGycExs4MG35qo2kpgtK2qlwNW8G8/s
MTl8J7d2oBmZEFKk8TE/qrMp3b+V5kOMgGNEniD2WALwZsoYPuxBvuwXtAnsY7gz
xr1zog5icEW41Q6a2x58mUgP+dfZorfWkEpl8AqjFvtGFRttMYbCpzFQAuIdmFCv
V1aesIsEbWDT/lsQklr/7rofdiuEWrD3w2JhSHp5p2Vqdtg0XVnbIlT9CmBM4WzT
SRSp0RfqIIPYnTvDrcfg7Owi/QJSJYR930gH0nnIzlt1VrkKLdtPg9T9gukiS4U+
jsc+ySLUi8sMOBABoMRRBQHnPepR7oaPwiEgVfbhmb2e+8eTNUEPcrg=
-----END CERTIFICATE-----
Generated at Wed Jun 4 10:24:20 2025 by rpki-client