Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS14618.roa
File: AS14618.roa (raw, json)
Hash identifier: U2lM034WQ1IIGTTXV7FhIH/6lf8jmJHVa/BYkMhdmFk=
Subject key identifier: AB:F2:A8:23:50:A0:5D:CD:5E:A3:40:CD:3E:DA:E7:DD:A9:49:C8:63
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 30E24C6ADA3F3F279AECF99C8ABEE5F90A784775
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS14618.roa
Signing time: Tue 05 May 2026 14:19:12 +0000
ROA not before: Tue 05 May 2026 14:14:12 +0000
ROA not after: Tue 04 May 2027 14:19:12 +0000
asID: 14618
IP address blocks: 2.57.18.0/24 maxlen: 24
181.214.94.0/24 maxlen: 24
181.214.110.0/24 maxlen: 24
181.215.206.0/23 maxlen: 24
185.137.13.0/24 maxlen: 24
191.96.204.0/24 maxlen: 24
191.101.111.0/24 maxlen: 24
2a00:d1a0:10::/48 maxlen: 48
2a00:d1a0:11::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 20:10:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
30:e2:4c:6a:da:3f:3f:27:9a:ec:f9:9c:8a:be:e5:f9:0a:78:47:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: May 5 14:14:12 2026 GMT
Not After : May 4 14:19:12 2027 GMT
Subject: CN=ABF2A82350A05DCD5EA340CD3EDAE7DDA949C863
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:89:52:cf:fc:a6:0a:21:5a:ac:5c:43:f9:eb:
3a:ad:31:5c:16:32:bf:02:2d:47:41:2e:71:8a:13:
d1:e7:55:7a:bf:d2:63:c8:9c:e6:3d:7f:a0:5f:2f:
54:f5:ac:72:a9:bd:69:0e:bb:68:ae:ee:1f:0a:77:
30:a5:81:38:b7:0b:9c:aa:3e:dd:dd:12:00:bf:b1:
4d:a4:38:42:86:60:cc:71:66:de:5a:dc:7f:25:fa:
2e:96:1f:e8:c1:ee:8c:9d:ee:a1:5a:8f:f2:9f:b4:
63:ae:ad:ae:43:12:77:fe:08:ed:8a:6a:57:eb:25:
99:e7:f3:d8:13:f9:27:55:2d:ad:a4:57:de:ce:fc:
10:80:f0:11:73:2d:0a:76:95:db:ce:eb:fd:73:1d:
5a:19:ca:da:71:b0:9a:71:32:b5:cc:91:c6:32:8a:
2b:bf:e0:00:9e:0d:36:7a:1a:a0:9d:13:8c:f0:be:
9d:03:37:f9:c0:84:76:8e:cb:4d:cf:15:ed:41:1b:
de:d7:9b:da:50:32:56:2a:1e:77:17:4c:a8:ca:09:
e8:41:9f:28:ec:ae:bf:82:96:9d:7e:18:da:4f:bf:
56:4d:c1:ce:24:b4:67:fc:20:b2:93:87:54:a9:db:
c8:a0:73:b3:d6:23:31:48:99:70:6f:82:5c:1c:00:
3f:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:F2:A8:23:50:A0:5D:CD:5E:A3:40:CD:3E:DA:E7:DD:A9:49:C8:63
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS14618.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.57.18.0/24
181.214.94.0/24
181.214.110.0/24
181.215.206.0/23
185.137.13.0/24
191.96.204.0/24
191.101.111.0/24
IPv6:
2a00:d1a0:10::/47
Signature Algorithm: sha256WithRSAEncryption
0f:01:df:df:c1:ee:2f:56:5a:57:fd:b8:f8:62:f4:25:99:6b:
b7:d9:8e:fe:88:9f:f3:61:e2:21:fb:96:d4:7c:d3:d5:d9:a7:
80:cf:01:d2:29:38:df:e7:d4:af:4a:5b:0f:e7:89:15:16:f6:
2c:38:e5:92:4f:01:c5:14:8b:4b:68:72:7d:21:64:ee:d8:1c:
4b:09:fd:f3:ae:7a:33:60:a4:a7:88:57:3c:86:db:0f:3c:62:
8d:1c:15:e0:ee:35:95:1a:b4:ea:df:d1:81:19:c7:53:94:2e:
0a:bf:b3:4a:9e:70:c8:91:aa:b7:3b:39:85:b9:b2:5a:8d:41:
ef:0c:6a:6a:2b:6f:74:71:f2:7a:32:f5:6e:21:c0:92:1c:7f:
a9:e1:12:22:db:98:6a:cd:02:55:8f:82:2e:8c:2f:41:7d:1d:
56:1c:d8:d3:8f:3f:c8:50:35:e0:fc:c1:37:73:bb:91:3b:d6:
eb:af:a0:44:17:61:20:10:a7:69:44:2c:35:ac:e9:26:34:20:
3c:ad:35:c5:dd:e6:e4:29:86:86:aa:15:1a:c9:86:df:ec:47:
9d:5b:a0:27:00:91:9b:80:9b:53:86:1d:ab:81:bc:e7:4e:2a:
31:98:68:48:23:d6:da:cf:95:13:fe:36:18:44:dd:bf:2e:76:
14:24:30:fd
-----BEGIN CERTIFICATE-----
MIIFNDCCBBygAwIBAgIUMOJMato/Pyea7Pmcir7l+Qp4R3UwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNjA1MDUxNDE0MTJaFw0yNzA1MDQxNDE5MTJaMDMxMTAvBgNV
BAMTKEFCRjJBODIzNTBBMDVEQ0Q1RUEzNDBDRDNFREFFN0REQTk0OUM4NjMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCciVLP/KYKIVqsXEP56zqtMVwW
Mr8CLUdBLnGKE9HnVXq/0mPInOY9f6BfL1T1rHKpvWkOu2iu7h8KdzClgTi3C5yq
Pt3dEgC/sU2kOEKGYMxxZt5a3H8l+i6WH+jB7oyd7qFaj/KftGOura5DEnf+CO2K
alfrJZnn89gT+SdVLa2kV97O/BCA8BFzLQp2ldvO6/1zHVoZytpxsJpxMrXMkcYy
iiu/4ACeDTZ6GqCdE4zwvp0DN/nAhHaOy03PFe1BG97Xm9pQMlYqHncXTKjKCehB
nyjsrr+Clp1+GNpPv1ZNwc4ktGf8ILKTh1Sp28igc7PWIzFImXBvglwcAD91AgMB
AAGjggI+MIICOjAdBgNVHQ4EFgQUq/KoI1CgXc1eo0DNPtrn3alJyGMwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMTQ2MTgucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwVAYIKwYBBQUHAQcBAf8ERTBDMDAEAgABMCoDBAACORID
BAC11l4DBAC11m4DBAG1184DBAC5iQ0DBAC/YMwDBAC/ZW8wDwQCAAIwCQMHASoA
0aAAEDANBgkqhkiG9w0BAQsFAAOCAQEADwHf38HuL1ZaV/24+GL0JZlrt9mO/oif
82HiIfuW1HzT1dmngM8B0ik43+fUr0pbD+eJFRb2LDjlkk8BxRSLS2hyfSFk7tgc
Swn98656M2Ckp4hXPIbbDzxijRwV4O41lRq06t/RgRnHU5QuCr+zSp5wyJGqtzs5
hbmyWo1B7wxqaitvdHHyejL1biHAkhx/qeESItuYas0CVY+CLowvQX0dVhzY048/
yFA14PzBN3O7kTvW66+gRBdhIBCnaUQsNazpJjQgPK01xd3m5CmGhqoVGsmG3+xH
nVugJwCRm4CbU4Ydq4G8504qMZhoSCPW2s+VE/42GETdvy52FCQw/Q==
-----END CERTIFICATE-----
Generated at Wed May 13 02:42:31 2026 by rpki-client