Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS14618.roa
File: AS14618.roa (raw, json)
Hash identifier: FeXSg6m/FN7t74lV6ueYImuxjOQJlp0q7/N3XIsuwoA=
Subject key identifier: E1:96:41:8C:4D:1C:CC:29:FB:5C:0C:41:04:EA:73:25:2C:FC:94:D9
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 02A5730BD07F1578FA1F6B0093D5FC77FCBE6631
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS14618.roa
Signing time: Mon 11 May 2026 02:35:47 +0000
ROA not before: Mon 11 May 2026 02:30:47 +0000
ROA not after: Mon 10 May 2027 02:35:47 +0000
asID: 14618
IP address blocks: 82.21.28.0/22 maxlen: 24
82.23.172.0/24 maxlen: 24
82.24.76.0/24 maxlen: 24
82.24.100.0/24 maxlen: 24
82.26.154.0/24 maxlen: 24
82.26.201.0/24 maxlen: 24
82.29.0.0/24 maxlen: 24
82.29.2.0/24 maxlen: 24
82.29.3.0/24 maxlen: 24
82.29.4.0/24 maxlen: 24
82.29.102.0/24 maxlen: 24
82.29.104.0/24 maxlen: 24
82.29.105.0/24 maxlen: 24
82.41.200.0/24 maxlen: 24
82.47.64.0/19 maxlen: 24
82.47.152.0/22 maxlen: 24
84.75.18.0/24 maxlen: 24
84.75.19.0/24 maxlen: 24
84.75.34.0/24 maxlen: 24
84.75.36.0/24 maxlen: 24
84.75.37.0/24 maxlen: 24
84.75.38.0/24 maxlen: 24
84.75.41.0/24 maxlen: 24
84.75.42.0/24 maxlen: 24
84.75.48.0/24 maxlen: 24
84.75.50.0/24 maxlen: 24
84.75.51.0/24 maxlen: 24
84.75.52.0/24 maxlen: 24
84.75.53.0/24 maxlen: 24
84.75.55.0/24 maxlen: 24
84.75.61.0/24 maxlen: 24
84.75.62.0/24 maxlen: 24
84.75.63.0/24 maxlen: 24
84.75.64.0/24 maxlen: 24
84.75.65.0/24 maxlen: 24
84.75.67.0/24 maxlen: 24
84.75.68.0/24 maxlen: 24
84.75.69.0/24 maxlen: 24
84.75.70.0/24 maxlen: 24
84.75.96.0/19 maxlen: 24
84.75.132.0/23 maxlen: 24
178.83.112.0/22 maxlen: 22
2a13:9500:126::/48 maxlen: 48
2a13:9500:127::/48 maxlen: 48
2a13:9500:13a::/48 maxlen: 48
2a13:9500:157::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
02:a5:73:0b:d0:7f:15:78:fa:1f:6b:00:93:d5:fc:77:fc:be:66:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: May 11 02:30:47 2026 GMT
Not After : May 10 02:35:47 2027 GMT
Subject: CN=E196418C4D1CCC29FB5C0C4104EA73252CFC94D9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:6b:e1:63:3c:d0:34:2d:4d:40:7a:1a:0f:88:
c4:f9:fa:e3:7e:e0:44:7e:cc:f6:b9:c2:b6:e8:99:
98:ef:e4:0d:0a:e9:40:a3:86:7e:59:86:56:56:96:
7b:64:3a:f6:1c:10:06:bf:18:ec:f4:0b:9f:8e:62:
09:ee:f2:c6:f0:50:56:9b:b6:ac:65:1f:18:89:53:
85:08:d1:3d:e4:33:7b:33:bc:3e:b5:2f:7d:3f:ab:
c7:8b:94:ca:1a:ff:df:d7:0c:65:1a:e0:6a:22:ea:
62:db:cc:91:50:e7:76:42:f8:c9:02:a3:9d:e3:16:
18:ef:99:43:c0:26:b5:30:42:8b:ef:83:9d:d5:90:
52:7c:91:a9:be:6a:ef:3c:0f:0e:92:7a:46:b9:8d:
2f:73:e6:95:40:01:2b:fc:d6:02:d2:30:e9:ef:78:
27:b0:05:49:ce:e1:2c:73:bb:ef:54:04:61:e9:68:
de:0f:10:ad:14:9b:bd:d0:71:a2:55:cb:f8:a0:a5:
64:be:20:91:64:96:1a:2f:c2:68:7c:de:6a:9a:ab:
11:f7:a4:5d:51:cd:fc:a4:5c:81:c3:63:99:fc:cd:
12:70:38:c9:7e:a2:e5:ee:fc:ac:46:0a:9a:2f:14:
50:59:c2:9c:f4:e3:1b:6a:95:de:06:06:ec:ea:f6:
d3:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:96:41:8C:4D:1C:CC:29:FB:5C:0C:41:04:EA:73:25:2C:FC:94:D9
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS14618.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.28.0/22
82.23.172.0/24
82.24.76.0/24
82.24.100.0/24
82.26.154.0/24
82.26.201.0/24
82.29.0.0/24
82.29.2.0-82.29.4.255
82.29.102.0/24
82.29.104.0/23
82.41.200.0/24
82.47.64.0/19
82.47.152.0/22
84.75.18.0/23
84.75.34.0/24
84.75.36.0-84.75.38.255
84.75.41.0-84.75.42.255
84.75.48.0/24
84.75.50.0-84.75.53.255
84.75.55.0/24
84.75.61.0-84.75.65.255
84.75.67.0-84.75.70.255
84.75.96.0/19
84.75.132.0/23
178.83.112.0/22
IPv6:
2a13:9500:126::/47
2a13:9500:13a::/48
2a13:9500:157::/48
Signature Algorithm: sha256WithRSAEncryption
a3:5c:00:6f:a0:41:2e:a8:74:73:5a:8c:62:44:c8:0d:e9:01:
1d:dd:67:9c:8f:be:49:04:f0:aa:75:25:82:08:23:ca:07:06:
ea:70:97:7f:e0:f3:82:06:ee:64:3f:47:3e:92:1d:4d:b7:d9:
2c:05:89:67:d6:f6:72:99:99:bf:12:91:2d:88:b6:61:ea:44:
79:03:f7:da:c5:e8:69:af:eb:92:3b:aa:1b:c7:cc:dd:8b:42:
4c:57:19:1e:a8:ec:6c:8d:eb:e3:05:42:ed:c7:53:65:f2:77:
91:7d:f7:9b:35:6f:43:2f:2d:6f:7e:83:b0:5c:04:0c:28:f7:
79:70:e1:2f:66:3a:94:12:32:82:9a:89:07:e5:f0:5c:e7:db:
61:fd:08:5d:5f:f8:24:b5:70:5a:6a:51:1c:fc:a0:6a:4e:28:
42:6c:9b:96:e9:8d:b0:11:cb:83:b9:4a:e9:27:7a:a7:db:fc:
2a:b9:f3:c6:ca:89:db:1e:c5:a1:7a:da:fa:5b:9a:df:f4:95:
c5:32:09:90:a5:5e:ca:f4:05:a5:21:0a:00:97:19:43:62:18:
f2:46:59:3a:12:3d:57:10:3e:51:dc:72:3a:4d:28:5b:a3:ae:
a6:df:d9:96:8d:3a:7f:7c:1b:06:53:53:ad:80:2b:8f:5d:b6:
8f:03:d2:fb
-----BEGIN CERTIFICATE-----
MIIF6DCCBNCgAwIBAgIUAqVzC9B/FXj6H2sAk9X8d/y+ZjEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjA1MTEwMjMwNDdaFw0yNzA1MTAwMjM1NDdaMDMxMTAvBgNV
BAMTKEUxOTY0MThDNEQxQ0NDMjlGQjVDMEM0MTA0RUE3MzI1MkNGQzk0RDkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCSa+FjPNA0LU1AehoPiMT5+uN+
4ER+zPa5wrbomZjv5A0K6UCjhn5ZhlZWlntkOvYcEAa/GOz0C5+OYgnu8sbwUFab
tqxlHxiJU4UI0T3kM3szvD61L30/q8eLlMoa/9/XDGUa4Goi6mLbzJFQ53ZC+MkC
o53jFhjvmUPAJrUwQovvg53VkFJ8kam+au88Dw6Seka5jS9z5pVAASv81gLSMOnv
eCewBUnO4Sxzu+9UBGHpaN4PEK0Um73QcaJVy/igpWS+IJFklhovwmh83mqaqxH3
pF1RzfykXIHDY5n8zRJwOMl+ouXu/KxGCpovFFBZwpz04xtqld4GBuzq9tMtAgMB
AAGjggLyMIIC7jAdBgNVHQ4EFgQU4ZZBjE0czCn7XAxBBOpzJSz8lNkwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMTQ2MTgucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwggEGBggrBgEFBQcBBwEB/wSB9jCB8zCBzQQCAAEwgcYD
BAJSFRwDBABSF6wDBABSGEwDBABSGGQDBABSGpoDBABSGskDBABSHQAwDAMEAVId
AgMEAFIdBAMEAFIdZgMEAVIdaAMEAFIpyAMEBVIvQAMEAlIvmAMEAVRLEgMEAFRL
IjAMAwQCVEskAwQAVEsmMAwDBABUSykDBABUSyoDBABUSzAwDAMEAVRLMgMEAVRL
NAMEAFRLNzAMAwQAVEs9AwQBVEtAMAwDBABUS0MDBABUS0YDBAVUS2ADBAFUS4QD
BAKyU3AwIQQCAAIwGwMHASoTlQABJgMHACoTlQABOgMHACoTlQABVzANBgkqhkiG
9w0BAQsFAAOCAQEAo1wAb6BBLqh0c1qMYkTIDekBHd1nnI++SQTwqnUlgggjygcG
6nCXf+DzggbuZD9HPpIdTbfZLAWJZ9b2cpmZvxKRLYi2YepEeQP32sXoaa/rkjuq
G8fM3YtCTFcZHqjsbI3r4wVC7cdTZfJ3kX33mzVvQy8tb36DsFwEDCj3eXDhL2Y6
lBIygpqJB+XwXOfbYf0IXV/4JLVwWmpRHPygak4oQmyblumNsBHLg7lK6Sd6p9v8
KrnzxsqJ2x7FoXra+lua3/SVxTIJkKVeyvQFpSEKAJcZQ2IY8kZZOhI9VxA+Udxy
Ok0oW6Oupt/Zlo06f3wbBlNTrYArj122jwPS+w==
-----END CERTIFICATE-----
Generated at Tue May 12 23:39:37 2026 by rpki-client