Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS7018.roa
File: AS7018.roa (raw, json)
Hash identifier: ANaknXRdJXZQqhURWvdwJQIXDNms/eFmtg3aVs48P9s=
Subject key identifier: C1:9B:F6:E2:00:CD:0B:DF:CF:03:7F:29:DC:87:09:27:41:C9:29:CC
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 2E0149398387BAFE68303B1382AB14BFC075C8BD
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS7018.roa
Signing time: Tue 07 Oct 2025 10:49:08 +0000
ROA not before: Tue 07 Oct 2025 10:44:08 +0000
ROA not after: Tue 06 Oct 2026 10:49:08 +0000
asID: 7018
IP address blocks: 82.21.104.0/22 maxlen: 24
82.22.128.0/21 maxlen: 24
82.22.136.0/22 maxlen: 24
82.22.148.0/22 maxlen: 24
82.22.152.0/22 maxlen: 24
82.23.152.0/21 maxlen: 24
82.24.10.0/23 maxlen: 24
82.24.36.0/22 maxlen: 24
82.24.44.0/23 maxlen: 24
82.24.50.0/23 maxlen: 24
82.24.102.0/23 maxlen: 24
82.24.184.0/22 maxlen: 24
82.24.204.0/23 maxlen: 24
82.25.0.0/22 maxlen: 24
82.25.18.0/23 maxlen: 24
82.25.128.0/22 maxlen: 24
82.25.206.0/23 maxlen: 24
82.26.102.0/23 maxlen: 24
82.27.24.0/21 maxlen: 24
82.27.48.0/20 maxlen: 24
82.27.80.0/21 maxlen: 24
82.27.112.0/22 maxlen: 24
82.27.136.0/21 maxlen: 24
82.27.144.0/20 maxlen: 24
82.27.168.0/21 maxlen: 24
82.27.192.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 01:50:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2e:01:49:39:83:87:ba:fe:68:30:3b:13:82:ab:14:bf:c0:75:c8:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Oct 7 10:44:08 2025 GMT
Not After : Oct 6 10:49:08 2026 GMT
Subject: CN=C19BF6E200CD0BDFCF037F29DC87092741C929CC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:13:de:78:d8:ed:9c:b2:d0:62:c0:79:11:51:
8a:e1:34:60:d6:f0:27:94:4c:e7:13:a1:78:c9:18:
c0:82:c4:e4:f0:13:c6:2d:aa:b9:9f:67:be:dc:7c:
26:58:06:0e:5f:50:fd:c6:5a:62:2b:a7:f6:e5:48:
b3:20:95:81:37:fd:57:d1:69:9e:0c:54:29:8d:9f:
53:0c:df:b4:f5:13:98:b6:81:10:ed:ba:fe:25:5e:
60:17:a8:11:dc:76:45:5b:ee:23:cb:b5:a3:ba:01:
d0:4e:ed:6e:d6:ea:d6:0c:f5:25:33:3b:16:7e:58:
34:b5:88:12:ed:3f:32:65:bb:14:5f:67:15:a0:0b:
b3:27:39:62:ea:06:96:4b:27:88:c8:8c:5b:43:b3:
3e:7c:91:1a:82:df:22:dd:41:1b:18:e8:bb:ba:0d:
6c:4d:73:2d:53:9e:fe:ef:af:09:8b:ad:0a:90:80:
18:50:39:e9:f2:c5:5f:f0:51:17:f2:7b:60:b0:03:
ed:27:9e:e1:a3:0f:49:26:d1:b6:71:fe:b5:7a:a4:
e4:6d:b2:01:e1:63:9a:fe:93:e4:44:74:d3:b7:67:
25:95:72:89:5d:37:2b:5f:fd:7b:27:c6:5d:69:7c:
7e:24:e2:01:66:4c:c4:a9:0e:bd:17:ba:c7:86:c4:
32:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:9B:F6:E2:00:CD:0B:DF:CF:03:7F:29:DC:87:09:27:41:C9:29:CC
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS7018.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.104.0/22
82.22.128.0-82.22.139.255
82.22.148.0-82.22.155.255
82.23.152.0/21
82.24.10.0/23
82.24.36.0/22
82.24.44.0/23
82.24.50.0/23
82.24.102.0/23
82.24.184.0/22
82.24.204.0/23
82.25.0.0/22
82.25.18.0/23
82.25.128.0/22
82.25.206.0/23
82.26.102.0/23
82.27.24.0/21
82.27.48.0/20
82.27.80.0/21
82.27.112.0/22
82.27.136.0-82.27.159.255
82.27.168.0/21
82.27.192.0/22
Signature Algorithm: sha256WithRSAEncryption
07:54:78:ce:d1:c0:84:45:b9:34:85:13:04:9a:47:55:bb:a7:
4d:14:7e:36:88:24:46:89:dc:5d:41:c6:f2:73:6d:56:22:f8:
a9:5e:d2:55:a9:0b:4a:0b:45:f4:a1:dd:45:45:ff:ac:da:eb:
ab:e6:b0:aa:5a:97:58:d2:ba:0d:f0:45:72:bf:56:e1:9a:0e:
38:b1:e6:62:6c:fa:41:53:3d:62:a9:f1:5c:ba:21:85:b1:55:
30:48:a6:ea:71:43:82:fa:44:f4:36:7e:92:bc:38:b6:1f:94:
55:cb:55:85:0e:ed:5c:ea:2b:47:cf:a3:39:d1:ae:c2:f4:7b:
74:ad:de:f1:75:2a:78:d3:3e:6d:68:54:59:53:fb:a5:13:55:
f2:58:f2:7f:96:38:72:5d:9f:6e:86:2f:04:60:b3:16:19:ad:
e1:8b:48:58:90:89:ec:f8:1e:c3:88:9c:91:17:d2:c2:ec:62:
5b:15:8d:af:5c:6d:51:7e:f6:2c:61:13:bc:19:bd:2e:c4:2f:
a1:f2:13:82:44:b7:e2:c8:ac:5a:c9:b7:e5:5f:e7:65:6d:70:
16:1b:77:29:71:32:91:9f:41:bd:83:ed:c9:d4:49:3e:b0:03:
12:b0:6b:81:15:f0:fc:3d:bf:b0:fb:df:c9:aa:95:57:22:66:
4b:48:bf:7f
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgIULgFJOYOHuv5oMDsTgqsUv8B1yL0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTEwMDcxMDQ0MDhaFw0yNjEwMDYxMDQ5MDhaMDMxMTAvBgNV
BAMTKEMxOUJGNkUyMDBDRDBCREZDRjAzN0YyOURDODcwOTI3NDFDOTI5Q0MwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCVE9542O2cstBiwHkRUYrhNGDW
8CeUTOcToXjJGMCCxOTwE8YtqrmfZ77cfCZYBg5fUP3GWmIrp/blSLMglYE3/VfR
aZ4MVCmNn1MM37T1E5i2gRDtuv4lXmAXqBHcdkVb7iPLtaO6AdBO7W7W6tYM9SUz
OxZ+WDS1iBLtPzJluxRfZxWgC7MnOWLqBpZLJ4jIjFtDsz58kRqC3yLdQRsY6Lu6
DWxNcy1Tnv7vrwmLrQqQgBhQOenyxV/wURfye2CwA+0nnuGjD0km0bZx/rV6pORt
sgHhY5r+k+REdNO3ZyWVcoldNytf/Xsnxl1pfH4k4gFmTMSpDr0XuseGxDLDAgMB
AAGjggKpMIICpTAdBgNVHQ4EFgQUwZv24gDNC9/PA38p3IcJJ0HJKcwwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTNzAxOC5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCBvwYIKwYBBQUHAQcBAf8Ega8wgawwgakEAgABMIGiAwQC
UhVoMAwDBAdSFoADBAJSFogwDAMEAlIWlAMEAlIWmAMEA1IXmAMEAVIYCgMEAlIY
JAMEAVIYLAMEAVIYMgMEAVIYZgMEAlIYuAMEAVIYzAMEAlIZAAMEAVIZEgMEAlIZ
gAMEAVIZzgMEAVIaZgMEA1IbGAMEBFIbMAMEA1IbUAMEAlIbcDAMAwQDUhuIAwQF
UhuAAwQDUhuoAwQCUhvAMA0GCSqGSIb3DQEBCwUAA4IBAQAHVHjO0cCERbk0hRME
mkdVu6dNFH42iCRGidxdQcbyc21WIvipXtJVqQtKC0X0od1FRf+s2uur5rCqWpdY
0roN8EVyv1bhmg44seZibPpBUz1iqfFcuiGFsVUwSKbqcUOC+kT0Nn6SvDi2H5RV
y1WFDu1c6itHz6M50a7C9Ht0rd7xdSp40z5taFRZU/ulE1XyWPJ/ljhyXZ9uhi8E
YLMWGa3hi0hYkIns+B7DiJyRF9LC7GJbFY2vXG1RfvYsYRO8Gb0uxC+h8hOCRLfi
yKxaybflX+dlbXAWG3cpcTKRn0G9g+3J1Ek+sAMSsGuBFfD8Pb+w+9/JqpVXImZL
SL9/
-----END CERTIFICATE-----
Generated at Sun Oct 19 16:11:48 2025 by rpki-client