Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS2914.roa
File: AS2914.roa (raw, json)
Hash identifier: BvRlDBok5COJW5h4rrKSe7d1v9S+ly+1V5K3Jl94wqI=
Subject key identifier: 9C:E1:77:34:0C:30:12:BB:79:38:0D:DF:DE:9A:3F:23:C9:58:08:71
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 487FBECC803034BF4A60F15465012C9BF971323D
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS2914.roa
Signing time: Thu 28 May 2026 10:26:59 +0000
ROA not before: Thu 28 May 2026 10:21:59 +0000
ROA not after: Thu 27 May 2027 10:26:59 +0000
asID: 2914
IP address blocks: 82.26.139.0/24 maxlen: 24
82.26.142.0/24 maxlen: 24
82.26.143.0/24 maxlen: 24
82.26.144.0/24 maxlen: 24
82.29.48.0/24 maxlen: 24
82.38.12.0/24 maxlen: 24
82.38.62.0/24 maxlen: 24
82.38.93.0/24 maxlen: 24
82.38.94.0/24 maxlen: 24
82.38.95.0/24 maxlen: 24
82.38.98.0/24 maxlen: 24
82.38.113.0/24 maxlen: 24
82.38.120.0/24 maxlen: 24
82.38.131.0/24 maxlen: 24
82.38.144.0/24 maxlen: 24
82.38.145.0/24 maxlen: 24
82.38.146.0/24 maxlen: 24
82.38.151.0/24 maxlen: 24
82.38.169.0/24 maxlen: 24
82.38.172.0/24 maxlen: 24
82.38.175.0/24 maxlen: 24
82.38.181.0/24 maxlen: 24
82.39.164.0/24 maxlen: 24
82.47.30.0/24 maxlen: 24
82.47.40.0/24 maxlen: 24
82.47.43.0/24 maxlen: 24
82.47.44.0/24 maxlen: 24
82.47.53.0/24 maxlen: 24
82.47.107.0/24 maxlen: 24
82.47.110.0/24 maxlen: 24
82.47.111.0/24 maxlen: 24
82.47.113.0/24 maxlen: 24
82.47.116.0/24 maxlen: 24
82.47.118.0/24 maxlen: 24
82.47.119.0/24 maxlen: 24
82.47.122.0/24 maxlen: 24
82.47.135.0/24 maxlen: 24
82.47.151.0/24 maxlen: 24
82.47.156.0/24 maxlen: 24
82.47.163.0/24 maxlen: 24
82.47.173.0/24 maxlen: 24
82.47.178.0/24 maxlen: 24
82.47.183.0/24 maxlen: 24
82.47.209.0/24 maxlen: 24
82.47.210.0/24 maxlen: 24
82.47.213.0/24 maxlen: 24
82.47.215.0/24 maxlen: 24
82.47.223.0/24 maxlen: 24
82.47.248.0/24 maxlen: 24
84.75.128.0/24 maxlen: 24
84.75.136.0/24 maxlen: 24
84.75.137.0/24 maxlen: 24
84.75.163.0/24 maxlen: 24
84.75.167.0/24 maxlen: 24
84.75.173.0/24 maxlen: 24
84.75.208.0/24 maxlen: 24
178.83.116.0/24 maxlen: 24
178.83.119.0/24 maxlen: 24
178.83.155.0/24 maxlen: 24
178.83.160.0/24 maxlen: 24
178.83.162.0/24 maxlen: 24
178.83.170.0/24 maxlen: 24
178.83.177.0/24 maxlen: 24
178.83.179.0/24 maxlen: 24
178.83.189.0/24 maxlen: 24
178.83.193.0/24 maxlen: 24
178.83.194.0/24 maxlen: 24
178.83.202.0/24 maxlen: 24
178.83.212.0/24 maxlen: 24
178.83.213.0/24 maxlen: 24
178.83.214.0/24 maxlen: 24
178.83.223.0/24 maxlen: 24
178.83.227.0/24 maxlen: 24
178.83.241.0/24 maxlen: 24
178.83.246.0/24 maxlen: 24
178.83.247.0/24 maxlen: 24
178.83.253.0/24 maxlen: 24
178.83.254.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 03 Jun 2026 15:55:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
48:7f:be:cc:80:30:34:bf:4a:60:f1:54:65:01:2c:9b:f9:71:32:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: May 28 10:21:59 2026 GMT
Not After : May 27 10:26:59 2027 GMT
Subject: CN=9CE177340C3012BB79380DDFDE9A3F23C9580871
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:15:eb:5e:bd:0a:3e:70:d9:81:40:f5:1d:5b:
23:36:70:e5:f9:53:6f:81:30:ed:1d:99:a0:80:c0:
74:44:ec:1a:07:80:fc:54:04:84:c0:03:28:7d:a7:
86:c4:97:69:01:d0:9e:0a:9d:38:cf:0e:aa:76:83:
86:f5:aa:73:6b:e7:14:5d:0b:c9:cf:db:00:92:22:
48:d9:aa:a9:2b:bb:ed:ac:35:76:e2:06:fc:c1:7b:
77:44:31:e0:55:3a:2b:df:93:bc:c5:f9:ef:a8:b7:
ad:f7:4e:c5:a2:b7:d8:1d:a4:4c:7e:cd:84:82:63:
91:ca:f8:13:40:f9:c0:50:49:29:f0:0d:b9:88:5e:
0a:50:7c:b8:06:d8:b8:1d:04:36:9b:5e:6d:9c:0b:
b2:0f:d7:8d:6a:b7:f4:e2:18:5a:d6:56:c3:00:00:
61:23:f8:44:26:ac:39:d8:3f:02:df:76:0e:06:37:
6e:db:20:97:94:8b:02:f9:a1:f9:b9:8f:f4:d1:1d:
0a:d0:09:0e:dc:7a:58:ac:64:c4:01:32:e1:a6:46:
a9:19:40:98:ff:b4:d5:b0:6c:0f:5c:04:d6:75:2d:
7d:fd:7a:f2:bf:92:bb:78:01:30:cd:9c:d6:94:d1:
e2:3e:08:2b:81:4e:76:3a:d6:19:82:17:03:59:ef:
99:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:E1:77:34:0C:30:12:BB:79:38:0D:DF:DE:9A:3F:23:C9:58:08:71
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS2914.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.26.139.0/24
82.26.142.0-82.26.144.255
82.29.48.0/24
82.38.12.0/24
82.38.62.0/24
82.38.93.0-82.38.95.255
82.38.98.0/24
82.38.113.0/24
82.38.120.0/24
82.38.131.0/24
82.38.144.0-82.38.146.255
82.38.151.0/24
82.38.169.0/24
82.38.172.0/24
82.38.175.0/24
82.38.181.0/24
82.39.164.0/24
82.47.30.0/24
82.47.40.0/24
82.47.43.0-82.47.44.255
82.47.53.0/24
82.47.107.0/24
82.47.110.0/23
82.47.113.0/24
82.47.116.0/24
82.47.118.0/23
82.47.122.0/24
82.47.135.0/24
82.47.151.0/24
82.47.156.0/24
82.47.163.0/24
82.47.173.0/24
82.47.178.0/24
82.47.183.0/24
82.47.209.0-82.47.210.255
82.47.213.0/24
82.47.215.0/24
82.47.223.0/24
82.47.248.0/24
84.75.128.0/24
84.75.136.0/23
84.75.163.0/24
84.75.167.0/24
84.75.173.0/24
84.75.208.0/24
178.83.116.0/24
178.83.119.0/24
178.83.155.0/24
178.83.160.0/24
178.83.162.0/24
178.83.170.0/24
178.83.177.0/24
178.83.179.0/24
178.83.189.0/24
178.83.193.0-178.83.194.255
178.83.202.0/24
178.83.212.0-178.83.214.255
178.83.223.0/24
178.83.227.0/24
178.83.241.0/24
178.83.246.0/23
178.83.253.0-178.83.254.255
Signature Algorithm: sha256WithRSAEncryption
14:8f:af:7c:e6:3b:fc:6a:c7:c4:35:60:ca:9a:ce:91:40:90:
b9:d8:91:80:f3:28:7a:cd:db:b5:0a:6d:f8:9d:36:50:4e:5f:
13:c1:4f:9a:9f:2d:66:71:ee:c6:9a:6e:10:4b:8f:ae:a8:5b:
a0:4b:30:af:e5:4f:d8:f7:fe:aa:5c:07:54:45:ef:6c:36:97:
c2:d1:65:82:8b:f1:75:cd:7e:6d:9a:96:84:3c:1b:3e:a7:ce:
dc:36:2c:f5:5f:86:ed:92:e0:e9:1c:71:fa:d7:71:70:d4:9a:
1d:09:ba:60:91:d5:24:8e:bb:a1:db:3b:f9:63:a8:b0:a6:d5:
8b:be:23:4b:aa:4b:68:05:49:ea:07:d4:55:9b:53:05:cc:ff:
52:df:3c:8e:84:c3:eb:7e:cf:c4:11:1d:9a:1f:64:48:01:a3:
9e:61:c0:de:27:d5:5f:1b:96:89:cc:56:aa:f1:af:d7:71:8c:
06:fd:5c:24:08:93:58:95:96:d8:b5:18:8d:ef:8d:d0:14:28:
6d:a0:ad:43:bf:80:1f:b2:ee:b8:83:0a:f4:b1:27:f2:8f:3c:
a3:bc:26:79:21:31:98:67:af:45:46:51:3a:e0:37:a5:cf:05:
30:66:b8:75:97:17:b3:8b:f7:26:c0:89:f3:37:0c:f7:23:92:
ba:9a:8c:c9
-----BEGIN CERTIFICATE-----
MIIGtjCCBZ6gAwIBAgIUSH++zIAwNL9KYPFUZQEsm/lxMj0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjA1MjgxMDIxNTlaFw0yNzA1MjcxMDI2NTlaMDMxMTAvBgNV
BAMTKDlDRTE3NzM0MEMzMDEyQkI3OTM4MERERkRFOUEzRjIzQzk1ODA4NzEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCTFetevQo+cNmBQPUdWyM2cOX5
U2+BMO0dmaCAwHRE7BoHgPxUBITAAyh9p4bEl2kB0J4KnTjPDqp2g4b1qnNr5xRd
C8nP2wCSIkjZqqkru+2sNXbiBvzBe3dEMeBVOivfk7zF+e+ot633TsWit9gdpEx+
zYSCY5HK+BNA+cBQSSnwDbmIXgpQfLgG2LgdBDabXm2cC7IP141qt/TiGFrWVsMA
AGEj+EQmrDnYPwLfdg4GN27bIJeUiwL5ofm5j/TRHQrQCQ7celisZMQBMuGmRqkZ
QJj/tNWwbA9cBNZ1LX39evK/krt4ATDNnNaU0eI+CCuBTnY61hmCFwNZ75m3AgMB
AAGjggPAMIIDvDAdBgNVHQ4EFgQUnOF3NAwwErt5OA3f3po/I8lYCHEwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMjkxNC5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCCAdUGCCsGAQUFBwEHAQH/BIIBxDCCAcAwggG8BAIAATCC
AbQDBABSGoswDAMEAVIajgMEAFIakAMEAFIdMAMEAFImDAMEAFImPjAMAwQAUiZd
AwQFUiZAAwQAUiZiAwQAUiZxAwQAUiZ4AwQAUiaDMAwDBARSJpADBABSJpIDBABS
JpcDBABSJqkDBABSJqwDBABSJq8DBABSJrUDBABSJ6QDBABSLx4DBABSLygwDAME
AFIvKwMEAFIvLAMEAFIvNQMEAFIvawMEAVIvbgMEAFIvcQMEAFIvdAMEAVIvdgME
AFIvegMEAFIvhwMEAFIvlwMEAFIvnAMEAFIvowMEAFIvrQMEAFIvsgMEAFIvtzAM
AwQAUi/RAwQAUi/SAwQAUi/VAwQAUi/XAwQAUi/fAwQAUi/4AwQAVEuAAwQBVEuI
AwQAVEujAwQAVEunAwQAVEutAwQAVEvQAwQAslN0AwQAslN3AwQAslObAwQAslOg
AwQAslOiAwQAslOqAwQAslOxAwQAslOzAwQAslO9MAwDBACyU8EDBACyU8IDBACy
U8owDAMEArJT1AMEALJT1gMEALJT3wMEALJT4wMEALJT8QMEAbJT9jAMAwQAslP9
AwQAslP+MA0GCSqGSIb3DQEBCwUAA4IBAQAUj6985jv8asfENWDKms6RQJC52JGA
8yh6zdu1Cm34nTZQTl8TwU+any1mce7Gmm4QS4+uqFugSzCv5U/Y9/6qXAdURe9s
NpfC0WWCi/F1zX5tmpaEPBs+p87cNiz1X4btkuDpHHH613Fw1JodCbpgkdUkjruh
2zv5Y6iwptWLviNLqktoBUnqB9RVm1MFzP9S3zyOhMPrfs/EER2aH2RIAaOeYcDe
J9VfG5aJzFaq8a/XcYwG/VwkCJNYlZbYtRiN743QFChtoK1Dv4Afsu64gwr0sSfy
jzyjvCZ5ITGYZ69FRlE64DelzwUwZrh1lxezi/cmwInzNwz3I5K6mozJ
-----END CERTIFICATE-----
Generated at Tue Jun 2 21:10:42 2026 by rpki-client