Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS14618.roa
File: AS14618.roa (raw, json)
Hash identifier: YI+R6ByxBFO58V6vOsytMq48G2m4hC+u0sPWOUqh3Qo=
Subject key identifier: A7:14:90:FE:1E:2D:F3:44:12:E1:AA:09:F9:F6:84:B3:3A:9E:F6:78
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 746C50547D0C7405A227F8ED8DECD7CFC22EF87F
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS14618.roa
Signing time: Mon 06 Apr 2026 13:36:20 +0000
ROA not before: Mon 06 Apr 2026 13:31:20 +0000
ROA not after: Mon 05 Apr 2027 13:36:20 +0000
asID: 14618
IP address blocks: 82.21.28.0/22 maxlen: 24
82.22.51.0/24 maxlen: 24
82.24.76.0/24 maxlen: 24
82.24.100.0/24 maxlen: 24
82.26.154.0/24 maxlen: 24
82.26.201.0/24 maxlen: 24
82.29.0.0/24 maxlen: 24
82.29.2.0/24 maxlen: 24
82.29.3.0/24 maxlen: 24
82.29.4.0/24 maxlen: 24
82.29.102.0/24 maxlen: 24
82.29.104.0/24 maxlen: 24
82.29.105.0/24 maxlen: 24
82.39.223.0/24 maxlen: 24
82.41.200.0/24 maxlen: 24
84.75.18.0/24 maxlen: 24
84.75.19.0/24 maxlen: 24
84.75.34.0/24 maxlen: 24
84.75.36.0/24 maxlen: 24
84.75.37.0/24 maxlen: 24
84.75.38.0/24 maxlen: 24
84.75.41.0/24 maxlen: 24
84.75.42.0/24 maxlen: 24
84.75.48.0/24 maxlen: 24
84.75.50.0/24 maxlen: 24
84.75.51.0/24 maxlen: 24
84.75.52.0/24 maxlen: 24
84.75.53.0/24 maxlen: 24
84.75.55.0/24 maxlen: 24
84.75.61.0/24 maxlen: 24
84.75.62.0/24 maxlen: 24
84.75.63.0/24 maxlen: 24
84.75.64.0/24 maxlen: 24
84.75.65.0/24 maxlen: 24
84.75.67.0/24 maxlen: 24
84.75.68.0/24 maxlen: 24
84.75.69.0/24 maxlen: 24
84.75.70.0/24 maxlen: 24
84.75.96.0/19 maxlen: 24
178.83.112.0/22 maxlen: 22
2a13:9500:126::/48 maxlen: 48
2a13:9500:127::/48 maxlen: 48
2a13:9500:13a::/48 maxlen: 48
2a13:9500:157::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 08 Apr 2026 04:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
74:6c:50:54:7d:0c:74:05:a2:27:f8:ed:8d:ec:d7:cf:c2:2e:f8:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Apr 6 13:31:20 2026 GMT
Not After : Apr 5 13:36:20 2027 GMT
Subject: CN=A71490FE1E2DF34412E1AA09F9F684B33A9EF678
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:a8:85:b5:f2:ca:c7:fe:74:94:91:53:4e:dd:
a1:5a:e9:13:d5:90:75:bf:a5:9c:9a:ff:e9:48:84:
e5:03:fa:5f:9e:88:af:36:39:43:78:a8:41:0b:24:
14:37:16:9b:98:6b:69:0c:b1:e7:14:9e:7f:25:45:
7b:d7:15:c7:59:0f:b5:6b:d9:be:54:42:80:95:5b:
3f:10:97:f0:29:19:b6:fc:d8:33:9b:e1:c2:76:2c:
74:c3:ad:26:d4:43:82:bf:35:cf:d5:06:87:2e:6f:
fe:2f:28:84:cf:30:69:d1:eb:91:19:29:f8:2e:70:
4f:42:5c:b6:13:00:8f:1f:8e:b0:bf:67:15:33:49:
91:fc:44:8f:1c:0f:ff:3a:ac:01:5c:53:af:0d:30:
bc:19:94:5c:f7:81:ec:53:98:57:29:cf:ac:c0:67:
35:5f:5f:a5:db:20:80:1f:ae:52:33:9f:53:41:f2:
0d:cb:70:40:27:a7:f3:19:27:88:29:8c:bc:da:8a:
43:11:71:5c:40:99:d5:e0:94:0f:2c:03:79:0a:bc:
01:c6:94:42:cf:07:de:87:84:86:19:7d:3b:43:b4:
a1:8e:f6:cf:f7:a6:a2:a1:fb:45:44:c7:e3:42:05:
78:2b:a8:ad:59:2d:05:2a:89:dd:66:36:65:72:b0:
db:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:14:90:FE:1E:2D:F3:44:12:E1:AA:09:F9:F6:84:B3:3A:9E:F6:78
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS14618.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.28.0/22
82.22.51.0/24
82.24.76.0/24
82.24.100.0/24
82.26.154.0/24
82.26.201.0/24
82.29.0.0/24
82.29.2.0-82.29.4.255
82.29.102.0/24
82.29.104.0/23
82.39.223.0/24
82.41.200.0/24
84.75.18.0/23
84.75.34.0/24
84.75.36.0-84.75.38.255
84.75.41.0-84.75.42.255
84.75.48.0/24
84.75.50.0-84.75.53.255
84.75.55.0/24
84.75.61.0-84.75.65.255
84.75.67.0-84.75.70.255
84.75.96.0/19
178.83.112.0/22
IPv6:
2a13:9500:126::/47
2a13:9500:13a::/48
2a13:9500:157::/48
Signature Algorithm: sha256WithRSAEncryption
09:53:41:72:d2:7f:a2:39:c5:5b:9b:b4:9c:15:6c:3a:16:89:
6f:dc:47:b5:a8:0d:32:18:0d:25:94:51:29:c3:ed:bc:85:e0:
e2:9a:e3:bd:f2:40:3e:c3:d5:5f:0a:f7:a3:4e:3b:ab:b3:43:
34:ae:cb:4a:14:9f:33:1b:7e:d9:2e:3e:99:9d:1f:b4:e2:8e:
2f:bb:c9:86:8a:9e:9a:b4:3b:ce:1d:1c:db:a2:f9:f7:55:39:
8e:22:90:2a:eb:a0:9a:18:cd:64:ad:e5:0d:96:ee:85:fd:f5:
98:fa:f5:91:87:06:ab:fb:2b:d0:e1:f1:1a:a3:c0:07:b0:54:
40:b6:e6:8f:32:c3:d7:a3:ad:fb:97:dc:4a:76:85:ac:1d:1c:
60:a9:41:e7:4b:f6:73:e2:97:07:54:47:aa:f7:d8:cb:02:e0:
0e:d3:6e:21:2f:c9:f4:48:89:b9:50:bc:89:11:97:88:9d:8a:
d1:a7:89:67:3e:13:09:95:2e:bf:64:b1:90:06:29:c0:e5:4b:
95:69:cb:6c:a9:b6:80:0c:6f:4c:b5:f6:d4:46:21:5a:9f:fa:
b9:01:32:75:7f:33:fb:9b:91:9d:03:9d:fe:1c:4c:dd:f8:44:
2a:bc:c7:59:be:5e:b8:d9:31:4d:26:bf:ee:ba:42:40:15:87:
21:61:4f:2e
-----BEGIN CERTIFICATE-----
MIIF2zCCBMOgAwIBAgIUdGxQVH0MdAWiJ/jtjezXz8Iu+H8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjA0MDYxMzMxMjBaFw0yNzA0MDUxMzM2MjBaMDMxMTAvBgNV
BAMTKEE3MTQ5MEZFMUUyREYzNDQxMkUxQUEwOUY5RjY4NEIzM0E5RUY2NzgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCMqIW18srH/nSUkVNO3aFa6RPV
kHW/pZya/+lIhOUD+l+eiK82OUN4qEELJBQ3FpuYa2kMsecUnn8lRXvXFcdZD7Vr
2b5UQoCVWz8Ql/ApGbb82DOb4cJ2LHTDrSbUQ4K/Nc/VBocub/4vKITPMGnR65EZ
KfgucE9CXLYTAI8fjrC/ZxUzSZH8RI8cD/86rAFcU68NMLwZlFz3gexTmFcpz6zA
ZzVfX6XbIIAfrlIzn1NB8g3LcEAnp/MZJ4gpjLzaikMRcVxAmdXglA8sA3kKvAHG
lELPB96HhIYZfTtDtKGO9s/3pqKh+0VEx+NCBXgrqK1ZLQUqid1mNmVysNsDAgMB
AAGjggLlMIIC4TAdBgNVHQ4EFgQUpxSQ/h4t80QS4aoJ+faEszqe9ngwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMTQ2MTgucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwgfoGCCsGAQUFBwEHAQH/BIHqMIHnMIHBBAIAATCBugME
AlIVHAMEAFIWMwMEAFIYTAMEAFIYZAMEAFIamgMEAFIayQMEAFIdADAMAwQBUh0C
AwQAUh0EAwQAUh1mAwQBUh1oAwQAUiffAwQAUinIAwQBVEsSAwQAVEsiMAwDBAJU
SyQDBABUSyYwDAMEAFRLKQMEAFRLKgMEAFRLMDAMAwQBVEsyAwQBVEs0AwQAVEs3
MAwDBABUSz0DBAFUS0AwDAMEAFRLQwMEAFRLRgMEBVRLYAMEArJTcDAhBAIAAjAb
AwcBKhOVAAEmAwcAKhOVAAE6AwcAKhOVAAFXMA0GCSqGSIb3DQEBCwUAA4IBAQAJ
U0Fy0n+iOcVbm7ScFWw6Folv3Ee1qA0yGA0llFEpw+28heDimuO98kA+w9VfCvej
Tjurs0M0rstKFJ8zG37ZLj6ZnR+04o4vu8mGip6atDvOHRzbovn3VTmOIpAq66Ca
GM1kreUNlu6F/fWY+vWRhwar+yvQ4fEao8AHsFRAtuaPMsPXo637l9xKdoWsHRxg
qUHnS/Zz4pcHVEeq99jLAuAO024hL8n0SIm5ULyJEZeInYrRp4lnPhMJlS6/ZLGQ
BinA5UuVactsqbaADG9MtfbURiFan/q5ATJ1fzP7m5GdA53+HEzd+EQqvMdZvl64
2TFNJr/uukJAFYchYU8u
-----END CERTIFICATE-----
Generated at Tue Apr 7 10:31:38 2026 by rpki-client