Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS14618.roa
File: AS14618.roa (raw, json)
Hash identifier: g1dvy5OGdmdpjToWmax82c/XY8CPdu2sO0tDcT6aRno=
Subject key identifier: B3:5F:2E:DB:8B:E1:AC:98:67:04:61:58:29:C3:39:A3:41:E7:52:EB
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 088926013405162386AE76105D8ED55024F261C2
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS14618.roa
Signing time: Tue 02 Jun 2026 12:58:24 +0000
ROA not before: Tue 02 Jun 2026 12:53:24 +0000
ROA not after: Tue 01 Jun 2027 12:58:24 +0000
asID: 14618
IP address blocks: 82.21.0.0/24 maxlen: 24
82.23.172.0/24 maxlen: 24
82.24.76.0/24 maxlen: 24
82.24.100.0/24 maxlen: 24
82.26.154.0/24 maxlen: 24
82.26.201.0/24 maxlen: 24
82.29.0.0/24 maxlen: 24
82.29.2.0/24 maxlen: 24
82.29.3.0/24 maxlen: 24
82.29.4.0/24 maxlen: 24
82.29.44.0/24 maxlen: 24
82.29.102.0/24 maxlen: 24
82.29.104.0/24 maxlen: 24
82.29.105.0/24 maxlen: 24
82.41.200.0/24 maxlen: 24
82.47.64.0/19 maxlen: 24
82.47.152.0/22 maxlen: 24
82.47.222.0/24 maxlen: 24
84.75.18.0/24 maxlen: 24
84.75.19.0/24 maxlen: 24
84.75.34.0/24 maxlen: 24
84.75.36.0/24 maxlen: 24
84.75.37.0/24 maxlen: 24
84.75.38.0/24 maxlen: 24
84.75.41.0/24 maxlen: 24
84.75.42.0/24 maxlen: 24
84.75.48.0/24 maxlen: 24
84.75.50.0/24 maxlen: 24
84.75.51.0/24 maxlen: 24
84.75.52.0/24 maxlen: 24
84.75.53.0/24 maxlen: 24
84.75.55.0/24 maxlen: 24
84.75.61.0/24 maxlen: 24
84.75.62.0/24 maxlen: 24
84.75.63.0/24 maxlen: 24
84.75.64.0/24 maxlen: 24
84.75.65.0/24 maxlen: 24
84.75.67.0/24 maxlen: 24
84.75.68.0/24 maxlen: 24
84.75.69.0/24 maxlen: 24
84.75.70.0/24 maxlen: 24
84.75.96.0/19 maxlen: 24
84.75.132.0/23 maxlen: 24
178.83.182.0/23 maxlen: 24
178.83.230.0/23 maxlen: 24
178.83.232.0/24 maxlen: 24
2a13:9500:126::/48 maxlen: 48
2a13:9500:127::/48 maxlen: 48
2a13:9500:13a::/48 maxlen: 48
2a13:9500:157::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 03 Jun 2026 15:55:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
08:89:26:01:34:05:16:23:86:ae:76:10:5d:8e:d5:50:24:f2:61:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Jun 2 12:53:24 2026 GMT
Not After : Jun 1 12:58:24 2027 GMT
Subject: CN=B35F2EDB8BE1AC986704615829C339A341E752EB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:c8:6a:bc:fe:97:5d:d5:7d:db:03:fd:14:b9:
60:de:6b:bc:17:27:f3:9c:26:8d:69:1b:32:1e:bc:
ea:b9:7a:db:60:28:12:08:15:9e:91:4b:14:8d:2b:
f7:17:c2:03:b8:42:01:ab:7c:6a:7f:1c:90:32:28:
24:2c:0b:1e:b1:bd:1d:f9:21:2c:ae:09:a5:54:de:
db:98:e9:82:56:a8:76:17:92:4b:38:fd:91:48:bc:
32:db:be:cc:bd:bf:cb:86:a7:c3:a6:88:04:a7:db:
56:e2:fd:df:77:2f:93:85:7e:82:e9:29:da:bd:ac:
05:ab:52:93:d3:12:bd:53:44:33:f8:2e:31:3c:ba:
a8:e4:1d:fc:b6:30:09:b0:28:96:48:51:80:1c:15:
50:6d:98:7e:b5:a9:f5:3f:ef:97:f9:1a:c0:85:3e:
71:84:c5:19:d7:90:d6:d7:ec:fe:ef:4d:77:e6:5d:
93:fd:92:19:4a:4a:02:56:7b:9e:3c:03:2b:72:09:
2a:2d:1a:e1:5a:05:2d:cc:fe:68:ca:61:d4:80:6a:
15:28:49:81:54:6f:18:63:54:6a:3a:3e:37:2c:d7:
0e:f7:84:28:c9:9e:88:a9:14:0f:0d:a8:3b:e0:9f:
b5:68:c3:02:42:cc:55:c8:7d:fd:2d:17:24:d1:46:
3a:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:5F:2E:DB:8B:E1:AC:98:67:04:61:58:29:C3:39:A3:41:E7:52:EB
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS14618.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.0.0/24
82.23.172.0/24
82.24.76.0/24
82.24.100.0/24
82.26.154.0/24
82.26.201.0/24
82.29.0.0/24
82.29.2.0-82.29.4.255
82.29.44.0/24
82.29.102.0/24
82.29.104.0/23
82.41.200.0/24
82.47.64.0/19
82.47.152.0/22
82.47.222.0/24
84.75.18.0/23
84.75.34.0/24
84.75.36.0-84.75.38.255
84.75.41.0-84.75.42.255
84.75.48.0/24
84.75.50.0-84.75.53.255
84.75.55.0/24
84.75.61.0-84.75.65.255
84.75.67.0-84.75.70.255
84.75.96.0/19
84.75.132.0/23
178.83.182.0/23
178.83.230.0-178.83.232.255
IPv6:
2a13:9500:126::/47
2a13:9500:13a::/48
2a13:9500:157::/48
Signature Algorithm: sha256WithRSAEncryption
50:46:07:0c:1c:5e:e0:df:95:85:08:31:59:5d:16:98:8c:54:
13:a7:e2:ac:46:e4:23:50:c5:68:91:56:89:f6:b8:86:4f:c2:
73:22:63:82:f1:f1:73:0c:6c:60:65:45:a6:72:7b:3f:ee:3c:
6d:28:22:52:64:8e:0b:64:4a:51:8b:ac:b6:e8:08:ca:af:50:
68:cc:91:46:ef:00:f1:f0:97:02:6d:7a:79:70:83:a5:11:c8:
7a:6f:e6:99:1a:1a:04:c9:d9:25:a2:73:b2:a7:cf:14:08:b0:
5c:5f:57:1c:ec:f3:2d:96:2e:6d:28:aa:0c:a3:c7:4e:a0:f6:
05:bf:90:49:53:62:f1:f2:5b:19:e1:80:2e:e2:f7:bb:2c:41:
0f:7e:31:09:eb:cb:f3:a5:f5:e0:3a:50:3c:49:58:7f:6d:5d:
87:be:cb:3c:5c:69:70:16:47:17:33:b5:40:73:64:e9:4c:64:
b1:dc:7c:76:44:59:8e:e6:66:a7:82:8c:7f:b4:f6:85:f5:f9:
be:be:76:52:68:56:e3:25:19:3f:c4:33:e5:74:e0:84:78:ea:
5a:54:ae:6a:26:92:b7:b3:96:bb:b7:94:de:a4:e2:e8:d4:e7:
21:c1:f1:e5:32:3f:46:0b:87:d3:97:92:d2:22:c1:48:8d:b5:
fb:66:b1:a6
-----BEGIN CERTIFICATE-----
MIIGBDCCBOygAwIBAgIUCIkmATQFFiOGrnYQXY7VUCTyYcIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjA2MDIxMjUzMjRaFw0yNzA2MDExMjU4MjRaMDMxMTAvBgNV
BAMTKEIzNUYyRURCOEJFMUFDOTg2NzA0NjE1ODI5QzMzOUEzNDFFNzUyRUIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCqyGq8/pdd1X3bA/0UuWDea7wX
J/OcJo1pGzIevOq5ettgKBIIFZ6RSxSNK/cXwgO4QgGrfGp/HJAyKCQsCx6xvR35
ISyuCaVU3tuY6YJWqHYXkks4/ZFIvDLbvsy9v8uGp8OmiASn21bi/d93L5OFfoLp
Kdq9rAWrUpPTEr1TRDP4LjE8uqjkHfy2MAmwKJZIUYAcFVBtmH61qfU/75f5GsCF
PnGExRnXkNbX7P7vTXfmXZP9khlKSgJWe548AytyCSotGuFaBS3M/mjKYdSAahUo
SYFUbxhjVGo6Pjcs1w73hCjJnoipFA8NqDvgn7VowwJCzFXIff0tFyTRRjrhAgMB
AAGjggMOMIIDCjAdBgNVHQ4EFgQUs18u24vhrJhnBGFYKcM5o0HnUuswHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMTQ2MTgucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwggEiBggrBgEFBQcBBwEB/wSCAREwggENMIHnBAIAATCB
4AMEAFIVAAMEAFIXrAMEAFIYTAMEAFIYZAMEAFIamgMEAFIayQMEAFIdADAMAwQB
Uh0CAwQAUh0EAwQAUh0sAwQAUh1mAwQBUh1oAwQAUinIAwQFUi9AAwQCUi+YAwQA
Ui/eAwQBVEsSAwQAVEsiMAwDBAJUSyQDBABUSyYwDAMEAFRLKQMEAFRLKgMEAFRL
MDAMAwQBVEsyAwQBVEs0AwQAVEs3MAwDBABUSz0DBAFUS0AwDAMEAFRLQwMEAFRL
RgMEBVRLYAMEAVRLhAMEAbJTtjAMAwQBslPmAwQAslPoMCEEAgACMBsDBwEqE5UA
ASYDBwAqE5UAAToDBwAqE5UAAVcwDQYJKoZIhvcNAQELBQADggEBAFBGBwwcXuDf
lYUIMVldFpiMVBOn4qxG5CNQxWiRVon2uIZPwnMiY4Lx8XMMbGBlRaZyez/uPG0o
IlJkjgtkSlGLrLboCMqvUGjMkUbvAPHwlwJtenlwg6URyHpv5pkaGgTJ2SWic7Kn
zxQIsFxfVxzs8y2WLm0oqgyjx06g9gW/kElTYvHyWxnhgC7i97ssQQ9+MQnry/Ol
9eA6UDxJWH9tXYe+yzxcaXAWRxcztUBzZOlMZLHcfHZEWY7mZqeCjH+09oX1+b6+
dlJoVuMlGT/EM+V04IR46lpUrmomkrezlru3lN6k4ujU5yHB8eUyP0YLh9OXktIi
wUiNtftmsaY=
-----END CERTIFICATE-----
Generated at Tue Jun 2 21:10:58 2026 by rpki-client