Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS14618.roa
File: AS14618.roa (raw, json)
Hash identifier: /7KYeD/PI8gx4WP2UYvw60HSwcfQ4Kh7a154kAQgZ6w=
Subject key identifier: 8C:9F:21:EF:FB:6E:8C:9C:0F:C4:38:F0:98:7E:42:30:EC:BC:62:DE
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 3CCFB11370E71A57733CD54818D78DDD79F87A2C
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS14618.roa
Signing time: Wed 12 Mar 2025 11:25:58 +0000
ROA not before: Wed 12 Mar 2025 11:20:58 +0000
ROA not after: Wed 11 Mar 2026 11:25:58 +0000
asID: 14618
IP address blocks: 82.21.28.0/22 maxlen: 24
82.21.195.0/24 maxlen: 24
82.25.56.0/21 maxlen: 21
82.26.201.0/24 maxlen: 24
82.29.0.0/24 maxlen: 24
82.29.2.0/24 maxlen: 24
82.29.3.0/24 maxlen: 24
82.29.4.0/24 maxlen: 24
82.29.102.0/24 maxlen: 24
82.29.104.0/24 maxlen: 24
82.29.105.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 16 Apr 2025 15:22:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3c:cf:b1:13:70:e7:1a:57:73:3c:d5:48:18:d7:8d:dd:79:f8:7a:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Mar 12 11:20:58 2025 GMT
Not After : Mar 11 11:25:58 2026 GMT
Subject: CN=8C9F21EFFB6E8C9C0FC438F0987E4230ECBC62DE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:ed:ac:c2:91:51:5c:16:70:11:6b:3d:9f:06:
54:9b:69:79:c4:9b:0f:47:73:2e:6a:09:97:ce:36:
9f:e5:32:95:0d:68:39:fb:26:98:3d:7b:cc:90:89:
5a:15:bf:44:5b:71:78:d9:77:5e:73:4d:f9:ec:03:
c8:f3:22:dc:aa:cf:d0:da:33:3e:8f:53:6a:ea:d6:
83:28:dd:2d:4a:7d:10:a6:72:6d:f1:f1:8d:73:e6:
4c:fd:61:39:e5:5f:50:c4:14:14:12:87:95:51:74:
e9:9e:81:c8:51:c8:50:b7:8a:6b:5d:99:38:61:ed:
13:83:4c:ed:0a:5e:3f:d8:c5:41:18:8c:a9:05:e0:
e6:77:d7:b2:7c:50:bf:ad:fd:65:28:1c:ab:5a:98:
f3:06:62:b9:a0:db:6e:8f:f8:68:87:e4:67:d4:d1:
c7:40:96:75:d6:13:28:b9:66:0d:8d:c0:1c:29:0c:
79:7b:7f:92:3f:8e:f5:48:61:3a:dd:c8:6c:1e:35:
e8:b0:b5:ba:30:fa:8f:46:8a:16:22:f1:54:e0:78:
17:6f:81:07:b0:45:e2:e4:9f:5b:2e:03:69:6f:c5:
7c:90:e3:45:a9:c8:aa:41:d3:12:84:1a:00:b3:77:
14:81:96:f8:94:b1:84:0e:dd:d0:b4:1f:f0:67:92:
6a:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:9F:21:EF:FB:6E:8C:9C:0F:C4:38:F0:98:7E:42:30:EC:BC:62:DE
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS14618.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.28.0/22
82.21.195.0/24
82.25.56.0/21
82.26.201.0/24
82.29.0.0/24
82.29.2.0-82.29.4.255
82.29.102.0/24
82.29.104.0/23
Signature Algorithm: sha256WithRSAEncryption
a4:6e:b3:99:33:5c:0f:b2:5c:7d:6e:4f:6a:bd:e7:5d:dd:ee:
14:84:53:fa:8b:f1:ff:4e:f7:11:fe:b3:6d:60:d7:99:5f:98:
5d:c4:bc:cd:01:c3:fa:7b:61:10:06:da:0e:ff:15:71:64:d7:
ad:30:1f:c1:99:1b:28:11:1a:15:e7:a8:ff:47:b0:2d:f1:c1:
fe:de:bd:a0:2d:6a:89:e7:b5:38:e6:34:db:a9:59:f4:8c:35:
28:9d:dd:d8:d3:3c:0f:17:06:ad:e5:e0:88:6b:35:94:3a:5b:
02:c3:c9:d9:55:d0:b5:bc:91:ef:83:16:ce:0e:f8:2e:93:05:
1a:e4:8e:bd:a4:29:26:0e:ee:2b:68:13:8c:9b:e4:59:0b:e7:
1f:0a:4e:15:10:c0:3c:ea:ed:db:70:ca:ce:44:a7:83:80:0b:
de:e0:f1:78:96:6a:29:e8:d5:a6:3e:f0:cd:09:86:51:63:b1:
e1:49:de:d2:98:0b:5a:f5:7e:57:bc:e6:4a:1f:41:17:be:4f:
ed:5a:fd:b6:fa:6f:dd:50:1e:55:ec:72:75:ed:8b:76:08:c4:
3c:08:7c:95:b0:74:76:78:a1:20:9d:7b:b3:3f:d7:50:8a:a0:
b0:41:ff:84:c8:af:b5:7e:63:d1:df:53:67:1c:0a:48:d8:54:
db:70:ca:7d
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUPM+xE3DnGldzPNVIGNeN3Xn4eiwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTAzMTIxMTIwNThaFw0yNjAzMTExMTI1NThaMDMxMTAvBgNV
BAMTKDhDOUYyMUVGRkI2RThDOUMwRkM0MzhGMDk4N0U0MjMwRUNCQzYyREUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDG7azCkVFcFnARaz2fBlSbaXnE
mw9Hcy5qCZfONp/lMpUNaDn7Jpg9e8yQiVoVv0RbcXjZd15zTfnsA8jzItyqz9Da
Mz6PU2rq1oMo3S1KfRCmcm3x8Y1z5kz9YTnlX1DEFBQSh5VRdOmegchRyFC3imtd
mThh7RODTO0KXj/YxUEYjKkF4OZ317J8UL+t/WUoHKtamPMGYrmg226P+GiH5GfU
0cdAlnXWEyi5Zg2NwBwpDHl7f5I/jvVIYTrdyGweNeiwtbow+o9GihYi8VTgeBdv
gQewReLkn1suA2lvxXyQ40WpyKpB0xKEGgCzdxSBlviUsYQO3dC0H/BnkmozAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUjJ8h7/tujJwPxDjwmH5CMOy8Yt4wHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMTQ2MTgucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwUQYIKwYBBQUHAQcBAf8EQjBAMD4EAgABMDgDBAJSFRwD
BABSFcMDBANSGTgDBABSGskDBABSHQAwDAMEAVIdAgMEAFIdBAMEAFIdZgMEAVId
aDANBgkqhkiG9w0BAQsFAAOCAQEApG6zmTNcD7JcfW5Par3nXd3uFIRT+ovx/073
Ef6zbWDXmV+YXcS8zQHD+nthEAbaDv8VcWTXrTAfwZkbKBEaFeeo/0ewLfHB/t69
oC1qiee1OOY026lZ9Iw1KJ3d2NM8DxcGreXgiGs1lDpbAsPJ2VXQtbyR74MWzg74
LpMFGuSOvaQpJg7uK2gTjJvkWQvnHwpOFRDAPOrt23DKzkSng4AL3uDxeJZqKejV
pj7wzQmGUWOx4Une0pgLWvV+V7zmSh9BF75P7Vr9tvpv3VAeVexyde2LdgjEPAh8
lbB0dnihIJ17sz/XUIqgsEH/hMivtX5j0d9TZxwKSNhU23DKfQ==
-----END CERTIFICATE-----
Generated at Tue Apr 15 23:19:52 2025 by rpki-client