Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS14618.roa
File: AS14618.roa (raw, json)
Hash identifier: a1RS4FGVinpINIvv+kMByUNYnXmZOo1b0lHMO/feQCI=
Subject key identifier: 9E:9C:CF:B7:9E:9B:55:AD:87:8E:79:05:B2:C8:3A:35:03:39:BB:76
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 4BB4FA695516DD97CE83BF7A07793C72268A8963
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS14618.roa
Signing time: Tue 24 Jun 2025 22:07:16 +0000
ROA not before: Tue 24 Jun 2025 22:02:16 +0000
ROA not after: Tue 23 Jun 2026 22:07:16 +0000
asID: 14618
IP address blocks: 82.21.28.0/22 maxlen: 24
82.24.100.0/24 maxlen: 24
82.25.56.0/21 maxlen: 21
82.26.154.0/24 maxlen: 24
82.26.201.0/24 maxlen: 24
82.29.0.0/24 maxlen: 24
82.29.2.0/24 maxlen: 24
82.29.3.0/24 maxlen: 24
82.29.4.0/24 maxlen: 24
82.29.102.0/24 maxlen: 24
82.29.104.0/24 maxlen: 24
82.29.105.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 11:27:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4b:b4:fa:69:55:16:dd:97:ce:83:bf:7a:07:79:3c:72:26:8a:89:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Jun 24 22:02:16 2025 GMT
Not After : Jun 23 22:07:16 2026 GMT
Subject: CN=9E9CCFB79E9B55AD878E7905B2C83A350339BB76
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:4f:fb:51:a2:6e:a5:0b:8f:9e:17:3e:9a:dc:
4a:bd:5c:2e:80:6e:6f:24:97:c3:43:71:21:12:83:
54:7a:4a:77:87:b5:cf:68:43:f8:c0:74:ea:7e:9b:
67:ba:02:a9:c4:47:e4:c2:3b:15:8c:5d:52:55:33:
f4:73:13:24:b8:69:2f:d0:6d:80:cc:90:cf:53:6e:
16:46:91:e8:bb:b8:0d:a5:e5:db:7e:da:79:6d:09:
77:56:8d:c6:10:90:71:58:26:0c:86:25:7b:ee:d6:
eb:c2:c7:41:b7:c9:9e:e2:32:06:07:6c:9d:ba:84:
1f:11:10:e4:ac:cc:fe:e7:41:7c:e4:18:f1:38:b9:
db:90:38:10:1f:6b:10:42:c2:e0:bc:7f:17:15:41:
74:18:3f:ea:64:61:5b:8c:d6:ad:7f:f1:4c:1b:0e:
4e:54:1f:b1:d7:e5:83:43:34:e0:e3:ff:1a:c6:cf:
70:4d:ef:45:e7:e6:fd:d9:d9:65:0b:e7:24:d2:c6:
62:6f:d2:88:25:ba:dd:64:7d:d6:89:13:90:9c:7f:
67:27:57:61:f1:39:a4:05:d9:fa:e4:c6:44:44:0c:
b5:03:79:c4:67:7a:6e:0f:47:54:c4:88:07:fa:87:
f9:64:a9:90:1e:e7:db:c0:6b:ae:d7:58:2f:e3:f4:
11:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:9C:CF:B7:9E:9B:55:AD:87:8E:79:05:B2:C8:3A:35:03:39:BB:76
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS14618.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.28.0/22
82.24.100.0/24
82.25.56.0/21
82.26.154.0/24
82.26.201.0/24
82.29.0.0/24
82.29.2.0-82.29.4.255
82.29.102.0/24
82.29.104.0/23
Signature Algorithm: sha256WithRSAEncryption
59:63:93:02:6c:b0:c2:fa:12:26:11:25:ac:ef:18:e1:b9:f3:
96:72:47:9f:a0:35:1d:44:90:a9:15:1b:b6:ba:e0:46:e2:c6:
8b:df:e9:b2:8a:12:9f:0d:35:11:28:e5:cd:45:57:ab:78:44:
10:17:d9:4c:99:34:11:26:90:03:d5:cb:ae:95:a3:d1:ba:63:
f0:d3:e8:86:ad:30:f2:9a:6f:0b:92:37:0b:a5:f8:91:d9:a7:
e8:54:03:07:02:f6:e2:eb:15:4d:ab:5d:74:a6:b7:e2:ad:1d:
7d:24:c0:a3:50:20:06:00:da:79:5e:26:01:6e:7d:8a:ac:f4:
c8:2e:8b:a8:46:52:2c:72:8c:19:8f:5c:4a:31:93:08:78:91:
88:22:d8:4c:00:64:55:dd:20:ac:0d:25:d2:be:1f:81:c1:3a:
60:7b:db:b7:3c:17:03:94:17:fc:11:28:e3:33:96:38:c0:b9:
7e:99:c3:b4:a8:81:d5:92:a3:8e:2f:f1:be:de:a4:e4:49:48:
6a:ce:09:a1:42:04:ca:d7:17:3f:55:2f:4d:40:60:30:82:79:
aa:3a:30:23:34:d8:33:5c:fb:24:8e:37:b3:cd:25:07:28:da:
c3:75:f9:01:e7:d3:98:7d:ea:0e:ec:e9:cb:3a:4e:14:27:0c:
7f:0e:b6:d5
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUS7T6aVUW3ZfOg796B3k8ciaKiWMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTA2MjQyMjAyMTZaFw0yNjA2MjMyMjA3MTZaMDMxMTAvBgNV
BAMTKDlFOUNDRkI3OUU5QjU1QUQ4NzhFNzkwNUIyQzgzQTM1MDMzOUJCNzYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCpT/tRom6lC4+eFz6a3Eq9XC6A
bm8kl8NDcSESg1R6SneHtc9oQ/jAdOp+m2e6AqnER+TCOxWMXVJVM/RzEyS4aS/Q
bYDMkM9TbhZGkei7uA2l5dt+2nltCXdWjcYQkHFYJgyGJXvu1uvCx0G3yZ7iMgYH
bJ26hB8REOSszP7nQXzkGPE4uduQOBAfaxBCwuC8fxcVQXQYP+pkYVuM1q1/8Uwb
Dk5UH7HX5YNDNODj/xrGz3BN70Xn5v3Z2WUL5yTSxmJv0oglut1kfdaJE5Ccf2cn
V2HxOaQF2frkxkREDLUDecRnem4PR1TEiAf6h/lkqZAe59vAa67XWC/j9BFtAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUnpzPt56bVa2HjnkFssg6NQM5u3YwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMTQ2MTgucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwVwYIKwYBBQUHAQcBAf8ESDBGMEQEAgABMD4DBAJSFRwD
BABSGGQDBANSGTgDBABSGpoDBABSGskDBABSHQAwDAMEAVIdAgMEAFIdBAMEAFId
ZgMEAVIdaDANBgkqhkiG9w0BAQsFAAOCAQEAWWOTAmywwvoSJhElrO8Y4bnzlnJH
n6A1HUSQqRUbtrrgRuLGi9/psooSnw01ESjlzUVXq3hEEBfZTJk0ESaQA9XLrpWj
0bpj8NPohq0w8ppvC5I3C6X4kdmn6FQDBwL24usVTatddKa34q0dfSTAo1AgBgDa
eV4mAW59iqz0yC6LqEZSLHKMGY9cSjGTCHiRiCLYTABkVd0grA0l0r4fgcE6YHvb
tzwXA5QX/BEo4zOWOMC5fpnDtKiB1ZKjji/xvt6k5ElIas4JoUIEytcXP1UvTUBg
MIJ5qjowIzTYM1z7JI43s80lByjaw3X5AefTmH3qDuzpyzpOFCcMfw621Q==
-----END CERTIFICATE-----
Generated at Sat Jun 28 23:48:39 2025 by rpki-client