Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS14618.roa
File: AS14618.roa (raw, json)
Hash identifier: E4DlD0mVIfpfvNLk+TYpHZqx6G+6v732ic2H2NfbHBc=
Subject key identifier: CF:A6:41:BE:58:A4:93:CC:5B:DA:69:F3:37:E8:B9:55:7A:AC:F0:44
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 1B2007AF5B9EF21A03CBCCDE7C2BC0A64A4E7C35
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS14618.roa
Signing time: Tue 24 Mar 2026 14:46:34 +0000
ROA not before: Tue 24 Mar 2026 14:41:34 +0000
ROA not after: Tue 23 Mar 2027 14:46:34 +0000
asID: 14618
IP address blocks: 82.21.28.0/22 maxlen: 24
82.22.145.0/24 maxlen: 24
82.24.76.0/24 maxlen: 24
82.24.100.0/24 maxlen: 24
82.26.154.0/24 maxlen: 24
82.26.201.0/24 maxlen: 24
82.29.0.0/24 maxlen: 24
82.29.2.0/24 maxlen: 24
82.29.3.0/24 maxlen: 24
82.29.4.0/24 maxlen: 24
82.29.102.0/24 maxlen: 24
82.29.104.0/24 maxlen: 24
82.29.105.0/24 maxlen: 24
82.39.223.0/24 maxlen: 24
82.41.200.0/24 maxlen: 24
84.75.96.0/19 maxlen: 24
178.83.112.0/22 maxlen: 22
2a13:9500:13a::/48 maxlen: 48
2a13:9500:157::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 15:17:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1b:20:07:af:5b:9e:f2:1a:03:cb:cc:de:7c:2b:c0:a6:4a:4e:7c:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Mar 24 14:41:34 2026 GMT
Not After : Mar 23 14:46:34 2027 GMT
Subject: CN=CFA641BE58A493CC5BDA69F337E8B9557AACF044
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:8b:0b:29:fc:91:1c:84:d5:41:b6:e9:97:eb:
c8:ee:6e:bd:26:ac:37:24:a0:03:76:6d:56:8e:b6:
cb:da:a3:78:8a:54:6b:16:37:31:42:0f:b3:35:d8:
c2:7c:0e:0e:47:7b:68:33:bb:22:5d:35:69:19:03:
1f:41:09:f2:4d:8f:f7:2d:b5:d5:b8:e4:dd:9e:01:
5a:fe:fb:ff:9f:2c:a5:ef:4c:19:a2:bf:c6:4c:66:
ac:25:d4:4f:f4:53:39:f3:e5:e4:5e:0a:74:a0:a8:
4b:34:6a:69:fb:0c:b4:b1:18:23:99:ec:53:fb:4d:
ee:f1:66:82:3d:b0:97:65:db:5b:b6:c2:ec:d3:44:
fe:c4:60:4e:9a:d1:e8:c0:cc:49:95:ea:52:de:bd:
75:f4:3f:7e:e3:7b:2e:4c:45:a4:90:1e:57:42:4b:
c1:af:86:18:9d:d3:9d:db:f6:59:55:c3:96:59:ec:
5d:2d:7e:16:46:6a:05:d7:19:0e:1a:e9:11:76:7d:
8e:4c:72:d1:cc:32:53:5a:92:22:a8:03:38:c7:67:
dc:db:28:33:ae:29:f0:f5:9b:d0:76:51:9a:30:15:
50:f3:ee:73:95:69:59:2a:d9:7d:89:06:27:2b:6d:
32:37:20:35:68:ed:0c:48:16:9b:2b:9b:d9:91:8f:
d0:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:A6:41:BE:58:A4:93:CC:5B:DA:69:F3:37:E8:B9:55:7A:AC:F0:44
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS14618.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.28.0/22
82.22.145.0/24
82.24.76.0/24
82.24.100.0/24
82.26.154.0/24
82.26.201.0/24
82.29.0.0/24
82.29.2.0-82.29.4.255
82.29.102.0/24
82.29.104.0/23
82.39.223.0/24
82.41.200.0/24
84.75.96.0/19
178.83.112.0/22
IPv6:
2a13:9500:13a::/48
2a13:9500:157::/48
Signature Algorithm: sha256WithRSAEncryption
0d:f3:7d:31:db:b9:29:2c:09:b5:22:72:89:09:9f:cc:26:d5:
99:f6:0a:36:09:dd:15:a6:82:bc:66:fb:d3:f5:28:98:77:b7:
9f:08:91:61:4c:a9:5f:0c:61:64:74:ce:77:2a:4d:b1:af:55:
7b:e2:bf:db:a7:c4:eb:1b:cb:7c:c5:02:2f:57:f1:68:40:01:
a7:af:af:f1:db:05:21:d1:6f:3d:32:47:a2:03:9d:ff:ba:d1:
e2:c4:b9:e9:57:5f:cc:91:82:47:4f:35:d2:3a:7c:8c:88:02:
31:9c:0b:2c:f2:f1:a5:86:ff:e8:fa:c1:f4:2e:96:ae:e5:fe:
95:2e:72:eb:3d:97:8f:b0:df:83:d4:d4:f5:6d:e3:7f:67:2c:
10:18:44:31:1b:03:8b:52:c2:3e:84:74:3d:cf:1a:59:38:16:
8d:c8:cd:cf:c7:da:5a:68:2b:b4:cd:65:ee:2d:13:3c:19:be:
23:b7:a1:8c:8a:7c:d8:58:4c:20:5b:3b:8c:2b:4d:6d:cc:03:
f9:0f:ee:87:b9:81:8d:5e:84:8e:08:12:a2:3e:b9:b3:65:7c:
99:06:61:d8:53:3f:11:d7:0a:18:30:2a:7b:0f:b9:bc:4a:b5:
7a:6f:ca:07:cf:98:49:ee:27:67:4e:13:19:7b:1c:e3:16:6f:
ae:07:81:d4
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgIUGyAHr1ue8hoDy8zefCvApkpOfDUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjAzMjQxNDQxMzRaFw0yNzAzMjMxNDQ2MzRaMDMxMTAvBgNV
BAMTKENGQTY0MUJFNThBNDkzQ0M1QkRBNjlGMzM3RThCOTU1N0FBQ0YwNDQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCqiwsp/JEchNVBtumX68jubr0m
rDckoAN2bVaOtsvao3iKVGsWNzFCD7M12MJ8Dg5He2gzuyJdNWkZAx9BCfJNj/ct
tdW45N2eAVr++/+fLKXvTBmiv8ZMZqwl1E/0Uznz5eReCnSgqEs0amn7DLSxGCOZ
7FP7Te7xZoI9sJdl21u2wuzTRP7EYE6a0ejAzEmV6lLevXX0P37jey5MRaSQHldC
S8Gvhhid053b9llVw5ZZ7F0tfhZGagXXGQ4a6RF2fY5MctHMMlNakiKoAzjHZ9zb
KDOuKfD1m9B2UZowFVDz7nOVaVkq2X2JBicrbTI3IDVo7QxIFpsrm9mRj9BLAgMB
AAGjggJ7MIICdzAdBgNVHQ4EFgQUz6ZBvlikk8xb2mnzN+i5VXqs8EQwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMTQ2MTgucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwgZAGCCsGAQUFBwEHAQH/BIGAMH4wYgQCAAEwXAMEAlIV
HAMEAFIWkQMEAFIYTAMEAFIYZAMEAFIamgMEAFIayQMEAFIdADAMAwQBUh0CAwQA
Uh0EAwQAUh1mAwQBUh1oAwQAUiffAwQAUinIAwQFVEtgAwQCslNwMBgEAgACMBID
BwAqE5UAAToDBwAqE5UAAVcwDQYJKoZIhvcNAQELBQADggEBAA3zfTHbuSksCbUi
cokJn8wm1Zn2CjYJ3RWmgrxm+9P1KJh3t58IkWFMqV8MYWR0zncqTbGvVXviv9un
xOsby3zFAi9X8WhAAaevr/HbBSHRbz0yR6IDnf+60eLEuelXX8yRgkdPNdI6fIyI
AjGcCyzy8aWG/+j6wfQulq7l/pUucus9l4+w34PU1PVt439nLBAYRDEbA4tSwj6E
dD3PGlk4Fo3Izc/H2lpoK7TNZe4tEzwZviO3oYyKfNhYTCBbO4wrTW3MA/kP7oe5
gY1ehI4IEqI+ubNlfJkGYdhTPxHXChgwKnsPubxKtXpvygfPmEnuJ2dOExl7HOMW
b64HgdQ=
-----END CERTIFICATE-----
Generated at Thu Mar 26 01:34:29 2026 by rpki-client