Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS14618.roa
File: AS14618.roa (raw, json)
Hash identifier: MQ18PMy+DqRhwdD1AjwLIKS4K1zduBnNK51zc/+ZsCw=
Subject key identifier: 74:7F:BD:C5:34:7A:BE:87:87:63:85:76:AC:3C:E2:54:63:5E:8D:C5
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 4A9F9F81AA41AC6B04A9F86387E523ADF6228FB8
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS14618.roa
Signing time: Thu 30 Jan 2025 08:25:46 +0000
ROA not before: Thu 30 Jan 2025 08:20:46 +0000
ROA not after: Thu 29 Jan 2026 08:25:46 +0000
asID: 14618
IP address blocks: 181.214.236.0/23 maxlen: 24
181.215.206.0/23 maxlen: 24
185.135.159.0/24 maxlen: 24
185.137.12.0/24 maxlen: 24
185.137.13.0/24 maxlen: 24
185.141.166.0/24 maxlen: 24
185.151.58.0/24 maxlen: 24
191.96.204.0/24 maxlen: 24
191.101.111.0/24 maxlen: 24
191.101.223.0/24 maxlen: 24
213.109.169.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Feb 2025 05:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4a:9f:9f:81:aa:41:ac:6b:04:a9:f8:63:87:e5:23:ad:f6:22:8f:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Jan 30 08:20:46 2025 GMT
Not After : Jan 29 08:25:46 2026 GMT
Subject: CN=747FBDC5347ABE8787638576AC3CE254635E8DC5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:ce:c5:85:1a:1b:2f:c0:88:ae:6b:7a:aa:ff:
70:b6:63:95:39:37:f3:ee:33:a3:a1:b6:b3:0f:e2:
c9:be:33:c3:16:bd:1b:f9:39:48:1b:ae:bd:2a:04:
92:9d:31:69:a2:71:fd:51:78:48:70:e7:7c:7e:c6:
f4:d5:63:11:fe:50:32:dd:b0:a7:85:78:e8:5c:3e:
51:0b:fb:7a:5a:9e:3b:83:5f:d8:85:f6:f0:2c:54:
ef:06:3f:55:9c:b1:b8:5f:4d:3d:93:9d:44:7a:4b:
74:02:07:d1:b2:56:59:5c:81:01:0c:41:22:f7:11:
ab:34:4e:1b:1a:c1:20:92:7f:c6:73:23:3c:bd:6e:
1a:1c:2b:fa:87:50:58:79:c9:ee:73:b7:8a:b9:e5:
30:12:8b:e7:fa:27:3a:97:79:fe:8d:15:a5:bb:ba:
6e:28:3b:60:89:00:17:3b:3f:01:06:a0:5b:28:da:
4a:1e:f7:da:cd:95:37:8b:b3:65:8a:e4:f5:cc:18:
c5:a3:6e:68:b0:2d:e2:cf:70:e1:61:e1:aa:d8:b0:
03:ed:c0:fe:9f:7f:70:02:99:90:b3:02:90:f3:98:
64:43:4c:b2:b9:7b:88:1c:cd:1a:fd:ce:3b:23:a2:
3e:c4:7f:b2:a3:3d:c1:03:87:dc:87:f3:4d:1f:9a:
10:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:7F:BD:C5:34:7A:BE:87:87:63:85:76:AC:3C:E2:54:63:5E:8D:C5
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS14618.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
181.214.236.0/23
181.215.206.0/23
185.135.159.0/24
185.137.12.0/23
185.141.166.0/24
185.151.58.0/24
191.96.204.0/24
191.101.111.0/24
191.101.223.0/24
213.109.169.0/24
Signature Algorithm: sha256WithRSAEncryption
5f:77:61:40:4b:5f:fc:71:cc:8d:2c:29:c4:14:37:7e:99:ac:
0e:12:83:34:b5:4f:f2:26:96:a7:16:b6:6d:61:3c:9d:ce:f0:
a8:70:67:79:8b:4e:52:53:ec:f9:de:21:03:6d:83:f5:55:67:
88:f1:c8:e4:ba:c7:28:b1:42:b0:e7:c5:a3:04:74:af:81:aa:
66:a4:ea:25:95:b2:31:36:de:9b:28:cf:2e:51:80:32:1d:d7:
1c:62:72:c3:41:0e:6a:10:75:92:90:6f:43:7c:a2:c7:f2:ce:
ea:e2:6a:c1:ac:a9:f4:b6:20:e9:de:bc:39:9a:94:7e:80:ef:
22:31:0d:36:8a:7d:6c:4a:02:5a:27:84:7d:2f:af:bc:79:6e:
23:d2:32:70:2d:7d:cd:a1:d8:79:03:6b:12:01:55:79:99:65:
0a:99:64:47:6a:f4:8d:43:12:f2:cb:1b:e2:f2:8f:2c:8c:48:
4e:12:0d:89:cb:14:c1:1d:8a:fa:72:ab:8e:52:01:85:01:f5:
cd:22:15:47:6c:44:8f:d3:d5:66:34:75:00:fe:d3:4d:a8:48:
e2:47:ac:0a:b2:c2:b0:21:a2:ad:0b:a7:e2:f3:f3:db:73:aa:
ef:1b:64:cc:e7:21:b9:84:80:4e:c9:21:7c:03:8c:f4:c2:00:
77:07:01:7b
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUSp+fgapBrGsEqfhjh+UjrfYij7gwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNTAxMzAwODIwNDZaFw0yNjAxMjkwODI1NDZaMDMxMTAvBgNV
BAMTKDc0N0ZCREM1MzQ3QUJFODc4NzYzODU3NkFDM0NFMjU0NjM1RThEQzUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCizsWFGhsvwIiua3qq/3C2Y5U5
N/PuM6OhtrMP4sm+M8MWvRv5OUgbrr0qBJKdMWmicf1ReEhw53x+xvTVYxH+UDLd
sKeFeOhcPlEL+3panjuDX9iF9vAsVO8GP1WcsbhfTT2TnUR6S3QCB9GyVllcgQEM
QSL3Eas0ThsawSCSf8ZzIzy9bhocK/qHUFh5ye5zt4q55TASi+f6JzqXef6NFaW7
um4oO2CJABc7PwEGoFso2koe99rNlTeLs2WK5PXMGMWjbmiwLeLPcOFh4arYsAPt
wP6ff3ACmZCzApDzmGRDTLK5e4gczRr9zjsjoj7Ef7KjPcEDh9yH800fmhCtAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUdH+9xTR6voeHY4V2rDziVGNejcUwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMTQ2MTgucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwVQYIKwYBBQUHAQcBAf8ERjBEMEIEAgABMDwDBAG11uwD
BAG1184DBAC5h58DBAG5iQwDBAC5jaYDBAC5lzoDBAC/YMwDBAC/ZW8DBAC/Zd8D
BADVbakwDQYJKoZIhvcNAQELBQADggEBAF93YUBLX/xxzI0sKcQUN36ZrA4SgzS1
T/ImlqcWtm1hPJ3O8KhwZ3mLTlJT7PneIQNtg/VVZ4jxyOS6xyixQrDnxaMEdK+B
qmak6iWVsjE23psozy5RgDId1xxicsNBDmoQdZKQb0N8osfyzuriasGsqfS2IOne
vDmalH6A7yIxDTaKfWxKAlonhH0vr7x5biPSMnAtfc2h2HkDaxIBVXmZZQqZZEdq
9I1DEvLLG+LyjyyMSE4SDYnLFMEdivpyq45SAYUB9c0iFUdsRI/T1WY0dQD+002o
SOJHrAqywrAhoq0Lp+Lz89tzqu8bZMznIbmEgE7JIXwDjPTCAHcHAXs=
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:22:11 2025 by rpki-client