Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS14618.roa
File: AS14618.roa (raw, json)
Hash identifier: mhHVoMkPnTXU8FEaD9Vz0ZsHTCKX36X3C9yEXrhk7sY=
Subject key identifier: 90:55:8B:34:3C:70:48:48:F2:7B:94:78:21:FE:8B:72:BD:1A:78:79
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 4E1F09E161BAD2C4907968CDE837C97347427020
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS14618.roa
Signing time: Mon 08 Apr 2024 10:40:09 +0000
ROA not before: Mon 08 Apr 2024 10:35:09 +0000
ROA not after: Mon 07 Apr 2025 10:40:09 +0000
asID: 14618
IP address blocks: 191.101.94.0/24 maxlen: 24
191.101.242.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 02 May 2024 14:46:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4e:1f:09:e1:61:ba:d2:c4:90:79:68:cd:e8:37:c9:73:47:42:70:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Apr 8 10:35:09 2024 GMT
Not After : Apr 7 10:40:09 2025 GMT
Subject: CN=90558B343C704848F27B947821FE8B72BD1A7879
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:d7:10:b1:84:e1:4c:6e:b3:9f:a6:5a:b1:04:
4a:ac:de:6a:9a:5d:35:93:90:19:33:c6:f1:74:1b:
09:bd:09:36:33:66:c0:37:d9:01:ae:dc:90:9c:eb:
56:a6:b9:a4:8f:c8:64:19:d1:33:08:8a:f4:80:54:
63:17:2f:b4:ce:69:ff:1f:82:a2:d1:36:89:ad:33:
e2:11:08:ac:fb:87:39:fc:f0:08:c5:b2:dc:e7:91:
23:8e:7b:05:e2:84:3d:e8:b5:a8:9b:26:80:2f:19:
b3:d1:b6:43:04:f7:b4:a7:d7:b8:5d:6a:ca:8e:8c:
20:7b:59:7a:b1:bb:1c:b6:9d:d7:14:2a:3d:7d:3f:
41:8e:00:01:14:48:93:6e:4e:8e:5a:d3:48:77:17:
cf:14:b2:89:df:98:f9:ad:a4:21:36:0b:19:5c:f4:
6a:b5:54:1b:08:50:41:14:b8:ae:07:68:51:ba:14:
9d:47:68:21:82:88:9b:83:74:a4:06:88:07:cc:cc:
16:46:ad:1a:c6:07:99:76:19:81:46:e3:f4:1f:a0:
96:11:88:21:7f:3f:19:09:ba:f3:9c:6d:33:e6:a9:
24:64:1b:bb:1d:ba:3f:0d:ef:38:4e:9d:8b:ee:5e:
cd:ac:df:78:05:10:97:e8:74:76:78:97:43:6f:86:
5d:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:55:8B:34:3C:70:48:48:F2:7B:94:78:21:FE:8B:72:BD:1A:78:79
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS14618.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
191.101.94.0/24
191.101.242.0/24
Signature Algorithm: sha256WithRSAEncryption
a5:81:c2:a5:25:7f:d0:36:33:01:0c:77:13:45:2a:4d:07:86:
80:7f:df:22:e1:12:bb:1f:3f:f4:50:c6:dd:5d:28:e6:dd:2a:
5f:87:53:5a:d8:49:19:3b:bd:ad:50:22:df:36:7e:c1:e9:3c:
b8:ed:7d:c4:33:2c:a1:c3:57:c5:40:b4:05:1a:be:12:a3:ef:
49:db:02:6d:5b:0c:d9:0a:9b:a1:0b:58:95:ec:18:18:de:8c:
e1:c4:26:a1:5b:3b:13:12:c4:ad:85:29:42:30:1e:8f:8b:36:
90:56:bd:37:33:7e:c4:0f:f0:8b:f2:b3:9a:39:9a:eb:71:f4:
eb:0d:c4:10:0a:5e:7b:d3:27:8b:45:14:48:6d:0a:45:56:80:
29:a3:a6:bb:ad:ee:93:ea:e6:2f:76:84:28:81:af:38:a5:8c:
e8:d3:c4:33:02:03:ca:3e:ec:3d:a7:f5:4e:43:97:e3:e2:88:
6b:93:41:99:f7:4c:8e:e2:a5:9f:04:bf:05:e7:29:ad:d5:f0:
61:b7:9b:eb:fe:da:49:67:59:c6:a2:31:02:7a:e0:35:c1:12:
85:10:49:bf:a3:ff:f6:02:fc:3a:ee:62:3a:04:10:f2:2f:b4:
17:de:8f:8b:ac:46:51:f7:ab:fc:ee:3f:6e:b5:02:0d:af:dd:
1b:88:5a:d9
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgIUTh8J4WG60sSQeWjN6DfJc0dCcCAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNDA0MDgxMDM1MDlaFw0yNTA0MDcxMDQwMDlaMDMxMTAvBgNV
BAMTKDkwNTU4QjM0M0M3MDQ4NDhGMjdCOTQ3ODIxRkU4QjcyQkQxQTc4NzkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCt1xCxhOFMbrOfplqxBEqs3mqa
XTWTkBkzxvF0Gwm9CTYzZsA32QGu3JCc61amuaSPyGQZ0TMIivSAVGMXL7TOaf8f
gqLRNomtM+IRCKz7hzn88AjFstznkSOOewXihD3otaibJoAvGbPRtkME97Sn17hd
asqOjCB7WXqxuxy2ndcUKj19P0GOAAEUSJNuTo5a00h3F88UsonfmPmtpCE2Cxlc
9Gq1VBsIUEEUuK4HaFG6FJ1HaCGCiJuDdKQGiAfMzBZGrRrGB5l2GYFG4/QfoJYR
iCF/PxkJuvOcbTPmqSRkG7sduj8N7zhOnYvuXs2s33gFEJfodHZ4l0Nvhl0RAgMB
AAGjggIPMIICCzAdBgNVHQ4EFgQUkFWLNDxwSEjye5R4If6Lcr0aeHkwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMTQ2MTgucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwDBAC/ZV4D
BAC/ZfIwDQYJKoZIhvcNAQELBQADggEBAKWBwqUlf9A2MwEMdxNFKk0HhoB/3yLh
ErsfP/RQxt1dKObdKl+HU1rYSRk7va1QIt82fsHpPLjtfcQzLKHDV8VAtAUavhKj
70nbAm1bDNkKm6ELWJXsGBjejOHEJqFbOxMSxK2FKUIwHo+LNpBWvTczfsQP8Ivy
s5o5mutx9OsNxBAKXnvTJ4tFFEhtCkVWgCmjprut7pPq5i92hCiBrziljOjTxDMC
A8o+7D2n9U5Dl+PiiGuTQZn3TI7ipZ8EvwXnKa3V8GG3m+v+2klnWcaiMQJ64DXB
EoUQSb+j//YC/DruYjoEEPIvtBfej4usRlH3q/zuP261Ag2v3RuIWtk=
-----END CERTIFICATE-----
Generated at Thu May 2 00:23:42 2024 by rpki-client on console-fra.rpki-client.org