Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS14618.roa
File: AS14618.roa (raw, json)
Hash identifier: 1HEgq1AqQwC5uK5oLg5LcaQd7AQKtkm9D74456VSOmU=
Subject key identifier: 7F:44:C2:BD:7C:76:CE:C9:B3:A7:07:E3:5A:86:7C:33:A7:D3:27:6B
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 5F42EFDB9CA1C9A08FF4FE63933BC6DD0CC44F0E
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS14618.roa
Signing time: Wed 15 Jan 2025 08:48:38 +0000
ROA not before: Wed 15 Jan 2025 08:43:38 +0000
ROA not after: Wed 14 Jan 2026 08:48:38 +0000
asID: 14618
IP address blocks: 82.29.0.0/24 maxlen: 24
82.29.2.0/24 maxlen: 24
82.29.3.0/24 maxlen: 24
82.29.4.0/24 maxlen: 24
82.29.102.0/24 maxlen: 24
82.29.104.0/24 maxlen: 24
82.29.105.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5f:42:ef:db:9c:a1:c9:a0:8f:f4:fe:63:93:3b:c6:dd:0c:c4:4f:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Jan 15 08:43:38 2025 GMT
Not After : Jan 14 08:48:38 2026 GMT
Subject: CN=7F44C2BD7C76CEC9B3A707E35A867C33A7D3276B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:27:df:81:03:0d:e2:38:dc:f9:0b:91:ff:c6:
a6:dd:09:73:bb:75:b1:1c:3a:97:da:ec:c6:5f:c8:
32:c5:e0:32:13:9b:92:24:ea:c3:ad:44:d0:03:0b:
c4:69:ea:65:ff:e0:01:59:03:82:52:9b:3e:7c:93:
ca:12:9e:6a:5a:a7:85:03:34:1b:19:2a:a1:87:ea:
1f:02:af:90:76:40:04:8d:0e:b4:97:ee:3b:9b:c8:
38:fb:24:32:60:c8:b2:2a:f4:3c:f6:39:fc:03:80:
e0:43:41:93:a2:cb:f2:89:e2:f8:57:93:1e:cd:bf:
65:2c:ee:6e:24:4b:77:49:19:68:85:ff:07:3a:f2:
41:e6:ae:25:df:6f:5e:e7:f2:cc:7a:a9:06:c9:a4:
43:eb:c4:3a:ba:4a:14:ce:33:50:36:24:ad:10:4a:
9a:2d:9d:f6:f3:74:9b:3d:d9:3c:76:7e:ff:65:6b:
f0:57:9d:dc:40:63:db:76:24:0c:53:fc:79:a3:2f:
19:7d:a1:d2:c4:c6:0d:23:0e:12:48:69:2a:58:13:
3b:62:fa:4e:74:4d:14:d0:f0:68:fa:cc:72:d6:73:
97:ce:69:d9:ff:fe:5d:7c:6e:9e:01:f1:d4:63:e0:
5d:a4:d7:ff:aa:79:e3:95:65:4a:c5:c5:78:4f:bb:
2a:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:44:C2:BD:7C:76:CE:C9:B3:A7:07:E3:5A:86:7C:33:A7:D3:27:6B
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS14618.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.29.0.0/24
82.29.2.0-82.29.4.255
82.29.102.0/24
82.29.104.0/23
Signature Algorithm: sha256WithRSAEncryption
24:2c:e3:cc:10:b2:f0:53:14:c9:2a:34:b8:19:fc:5f:19:8b:
53:b0:ff:dd:1c:40:ab:da:b0:7d:3b:3b:b3:4d:c1:48:ba:d5:
90:9d:5e:00:0e:05:3b:c9:bf:78:5f:7f:21:1c:8e:62:a0:f2:
55:78:af:f2:6a:fe:81:39:66:96:72:b8:57:a9:79:cf:dc:fb:
15:85:9b:62:ff:1c:08:11:a4:8f:39:a1:ab:71:8b:74:5b:a3:
2b:27:27:1f:8d:41:1f:b5:e0:f3:48:a0:fb:9c:29:c6:0b:85:
cd:4d:0f:a9:94:f4:78:0c:15:7f:0e:5a:4b:ef:54:25:3c:54:
85:2a:33:cb:87:f5:ae:65:94:d5:f3:c9:d6:ca:3e:c9:44:de:
13:69:91:53:7f:6b:07:9a:65:6d:87:3d:fb:5c:80:e1:20:9a:
e0:9a:68:d3:6a:5b:98:94:a1:f3:c0:aa:f0:de:92:9d:44:be:
00:5d:6a:13:8d:16:d3:e8:6c:a9:6d:13:82:25:d3:b5:3c:f4:
f0:48:af:a6:e7:2f:9f:30:09:a1:3b:b9:59:6a:7c:06:1e:f1:
99:cc:0d:ce:59:ef:63:7a:5e:e6:03:71:4c:cd:38:75:6e:72:
53:64:e8:47:fa:af:62:fb:ef:22:ec:01:4e:18:77:1c:01:34:
40:c3:49:7e
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgIUX0Lv25yhyaCP9P5jkzvG3QzETw4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTAxMTUwODQzMzhaFw0yNjAxMTQwODQ4MzhaMDMxMTAvBgNV
BAMTKDdGNDRDMkJEN0M3NkNFQzlCM0E3MDdFMzVBODY3QzMzQTdEMzI3NkIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCuJ9+BAw3iONz5C5H/xqbdCXO7
dbEcOpfa7MZfyDLF4DITm5Ik6sOtRNADC8Rp6mX/4AFZA4JSmz58k8oSnmpap4UD
NBsZKqGH6h8Cr5B2QASNDrSX7jubyDj7JDJgyLIq9Dz2OfwDgOBDQZOiy/KJ4vhX
kx7Nv2Us7m4kS3dJGWiF/wc68kHmriXfb17n8sx6qQbJpEPrxDq6ShTOM1A2JK0Q
SpotnfbzdJs92Tx2fv9la/BXndxAY9t2JAxT/HmjLxl9odLExg0jDhJIaSpYEzti
+k50TRTQ8Gj6zHLWc5fOadn//l18bp4B8dRj4F2k1/+qeeOVZUrFxXhPuyrFAgMB
AAGjggIjMIICHzAdBgNVHQ4EFgQUf0TCvXx2zsmzpwfjWoZ8M6fTJ2swHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMTQ2MTgucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwOQYIKwYBBQUHAQcBAf8EKjAoMCYEAgABMCADBABSHQAw
DAMEAVIdAgMEAFIdBAMEAFIdZgMEAVIdaDANBgkqhkiG9w0BAQsFAAOCAQEAJCzj
zBCy8FMUySo0uBn8XxmLU7D/3RxAq9qwfTs7s03BSLrVkJ1eAA4FO8m/eF9/IRyO
YqDyVXiv8mr+gTlmlnK4V6l5z9z7FYWbYv8cCBGkjzmhq3GLdFujKycnH41BH7Xg
80ig+5wpxguFzU0PqZT0eAwVfw5aS+9UJTxUhSozy4f1rmWU1fPJ1so+yUTeE2mR
U39rB5plbYc9+1yA4SCa4Jpo02pbmJSh88Cq8N6SnUS+AF1qE40W0+hsqW0TgiXT
tTz08EivpucvnzAJoTu5WWp8Bh7xmcwNzlnvY3pe5gNxTM04dW5yU2ToR/qvYvvv
IuwBThh3HAE0QMNJfg==
-----END CERTIFICATE-----
Generated at Sun Feb 2 09:55:34 2025 by rpki-client