Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS14618.roa
File: AS14618.roa (raw, json)
Hash identifier: bTeAv1rQFoF5xEhlp5aUp4fyqs/QMnGiOyuwLyoHXXY=
Subject key identifier: 24:E5:A0:9D:21:3A:11:C0:65:6A:EF:FA:F0:95:0C:62:96:CE:3E:D7
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 531169B06F2A0F17DA15AD4F59E7F226B9D196D2
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS14618.roa
Signing time: Mon 13 Apr 2026 13:10:26 +0000
ROA not before: Mon 13 Apr 2026 13:05:26 +0000
ROA not after: Mon 12 Apr 2027 13:10:26 +0000
asID: 14618
IP address blocks: 82.21.28.0/22 maxlen: 24
82.24.76.0/24 maxlen: 24
82.24.100.0/24 maxlen: 24
82.26.154.0/24 maxlen: 24
82.26.201.0/24 maxlen: 24
82.29.0.0/24 maxlen: 24
82.29.2.0/24 maxlen: 24
82.29.3.0/24 maxlen: 24
82.29.4.0/24 maxlen: 24
82.29.102.0/24 maxlen: 24
82.29.104.0/24 maxlen: 24
82.29.105.0/24 maxlen: 24
82.41.200.0/24 maxlen: 24
82.47.64.0/19 maxlen: 24
84.75.18.0/24 maxlen: 24
84.75.19.0/24 maxlen: 24
84.75.34.0/24 maxlen: 24
84.75.36.0/24 maxlen: 24
84.75.37.0/24 maxlen: 24
84.75.38.0/24 maxlen: 24
84.75.41.0/24 maxlen: 24
84.75.42.0/24 maxlen: 24
84.75.48.0/24 maxlen: 24
84.75.50.0/24 maxlen: 24
84.75.51.0/24 maxlen: 24
84.75.52.0/24 maxlen: 24
84.75.53.0/24 maxlen: 24
84.75.55.0/24 maxlen: 24
84.75.61.0/24 maxlen: 24
84.75.62.0/24 maxlen: 24
84.75.63.0/24 maxlen: 24
84.75.64.0/24 maxlen: 24
84.75.65.0/24 maxlen: 24
84.75.67.0/24 maxlen: 24
84.75.68.0/24 maxlen: 24
84.75.69.0/24 maxlen: 24
84.75.70.0/24 maxlen: 24
84.75.96.0/19 maxlen: 24
178.83.112.0/22 maxlen: 22
2a13:9500:126::/48 maxlen: 48
2a13:9500:127::/48 maxlen: 48
2a13:9500:13a::/48 maxlen: 48
2a13:9500:157::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 22:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
53:11:69:b0:6f:2a:0f:17:da:15:ad:4f:59:e7:f2:26:b9:d1:96:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Apr 13 13:05:26 2026 GMT
Not After : Apr 12 13:10:26 2027 GMT
Subject: CN=24E5A09D213A11C0656AEFFAF0950C6296CE3ED7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:69:d0:03:2a:bb:2d:1c:66:fc:96:2d:4d:4a:
c1:4f:5c:1d:9d:36:f6:bb:d5:d4:8d:c8:ca:a9:fc:
ed:66:42:e7:a9:87:4f:ca:dd:73:51:2c:be:54:63:
55:e5:5d:2a:71:19:fb:af:18:cf:41:69:0a:c3:58:
60:ab:3d:df:94:83:a6:4d:90:37:e6:4f:0c:2a:f9:
de:0e:d7:71:60:53:da:dd:dc:c3:3b:13:8c:13:46:
cc:d6:b5:cf:19:cc:37:e5:26:fa:78:d0:0d:48:1f:
9b:8e:b1:80:b9:8a:27:82:02:17:43:dc:9f:70:8d:
70:17:bd:9f:32:52:20:5f:55:65:bc:c0:2a:3f:de:
33:a9:60:f9:2d:9a:ac:5c:1a:d9:99:3d:9e:15:12:
19:4e:09:a7:32:2f:e0:cd:ea:54:83:db:f5:81:b2:
4a:88:78:2c:13:86:97:43:84:b7:f9:ab:03:db:7b:
84:6e:65:d3:87:7b:85:34:c7:9a:3d:9d:d2:2d:57:
ad:2e:98:78:98:5c:f2:c7:c3:3f:04:34:0d:d7:4c:
4b:2a:fb:a4:86:b7:c8:44:ab:c1:b0:fb:1a:65:07:
cb:76:51:ca:a1:c5:c9:d7:03:a4:78:4a:59:c8:3b:
86:c7:af:1f:9b:4d:9e:f3:41:29:eb:d4:de:06:ad:
f6:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:E5:A0:9D:21:3A:11:C0:65:6A:EF:FA:F0:95:0C:62:96:CE:3E:D7
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS14618.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.28.0/22
82.24.76.0/24
82.24.100.0/24
82.26.154.0/24
82.26.201.0/24
82.29.0.0/24
82.29.2.0-82.29.4.255
82.29.102.0/24
82.29.104.0/23
82.41.200.0/24
82.47.64.0/19
84.75.18.0/23
84.75.34.0/24
84.75.36.0-84.75.38.255
84.75.41.0-84.75.42.255
84.75.48.0/24
84.75.50.0-84.75.53.255
84.75.55.0/24
84.75.61.0-84.75.65.255
84.75.67.0-84.75.70.255
84.75.96.0/19
178.83.112.0/22
IPv6:
2a13:9500:126::/47
2a13:9500:13a::/48
2a13:9500:157::/48
Signature Algorithm: sha256WithRSAEncryption
51:c0:69:94:40:a0:1c:66:43:77:39:b3:50:21:bf:da:b3:50:
d5:6a:00:bb:35:67:4c:ee:1c:8b:bc:72:22:f2:41:cb:c4:d1:
5b:4f:bc:9d:3b:2c:4c:9f:10:86:1a:79:fc:14:6c:54:23:12:
90:b2:eb:e2:28:85:67:b5:b0:2d:83:7f:1c:48:b4:13:50:68:
dc:5c:29:36:b0:ec:df:20:29:15:c1:dc:0b:6d:b7:db:ff:29:
13:91:8d:6f:5b:d9:4d:49:28:5c:a4:76:02:65:16:d5:e7:79:
39:08:f8:c4:a7:79:d5:13:4e:27:63:e3:e3:cd:4d:10:18:f7:
3b:fe:c5:8c:e6:22:b5:e8:a8:0e:ec:9d:a3:3d:b7:04:56:62:
5d:42:8d:65:e1:9c:a5:2c:65:2a:0f:da:ef:e9:34:89:8e:38:
9c:be:fb:c0:da:c1:ab:c8:2e:8f:e8:8b:4c:ba:6a:24:58:e7:
d7:4c:a2:da:2b:9c:5c:8c:6f:f7:c0:2f:53:91:5d:11:a9:5a:
b7:80:2c:66:af:0f:a4:b2:3b:81:6e:29:66:ff:7d:5f:56:fa:
df:cc:4b:14:7a:9e:9c:23:d3:e5:a3:89:48:92:47:87:d9:d8:
19:e0:32:74:36:68:55:e0:11:cc:50:7a:32:db:db:51:e4:9f:
e0:9d:b3:e3
-----BEGIN CERTIFICATE-----
MIIF1TCCBL2gAwIBAgIUUxFpsG8qDxfaFa1PWefyJrnRltIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjA0MTMxMzA1MjZaFw0yNzA0MTIxMzEwMjZaMDMxMTAvBgNV
BAMTKDI0RTVBMDlEMjEzQTExQzA2NTZBRUZGQUYwOTUwQzYyOTZDRTNFRDcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDbadADKrstHGb8li1NSsFPXB2d
Nva71dSNyMqp/O1mQueph0/K3XNRLL5UY1XlXSpxGfuvGM9BaQrDWGCrPd+Ug6ZN
kDfmTwwq+d4O13FgU9rd3MM7E4wTRszWtc8ZzDflJvp40A1IH5uOsYC5iieCAhdD
3J9wjXAXvZ8yUiBfVWW8wCo/3jOpYPktmqxcGtmZPZ4VEhlOCacyL+DN6lSD2/WB
skqIeCwThpdDhLf5qwPbe4RuZdOHe4U0x5o9ndItV60umHiYXPLHwz8ENA3XTEsq
+6SGt8hEq8Gw+xplB8t2UcqhxcnXA6R4SlnIO4bHrx+bTZ7zQSnr1N4GrfYxAgMB
AAGjggLfMIIC2zAdBgNVHQ4EFgQUJOWgnSE6EcBlau/68JUMYpbOPtcwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMTQ2MTgucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwgfQGCCsGAQUFBwEHAQH/BIHkMIHhMIG7BAIAATCBtAME
AlIVHAMEAFIYTAMEAFIYZAMEAFIamgMEAFIayQMEAFIdADAMAwQBUh0CAwQAUh0E
AwQAUh1mAwQBUh1oAwQAUinIAwQFUi9AAwQBVEsSAwQAVEsiMAwDBAJUSyQDBABU
SyYwDAMEAFRLKQMEAFRLKgMEAFRLMDAMAwQBVEsyAwQBVEs0AwQAVEs3MAwDBABU
Sz0DBAFUS0AwDAMEAFRLQwMEAFRLRgMEBVRLYAMEArJTcDAhBAIAAjAbAwcBKhOV
AAEmAwcAKhOVAAE6AwcAKhOVAAFXMA0GCSqGSIb3DQEBCwUAA4IBAQBRwGmUQKAc
ZkN3ObNQIb/as1DVagC7NWdM7hyLvHIi8kHLxNFbT7ydOyxMnxCGGnn8FGxUIxKQ
suviKIVntbAtg38cSLQTUGjcXCk2sOzfICkVwdwLbbfb/ykTkY1vW9lNSShcpHYC
ZRbV53k5CPjEp3nVE04nY+PjzU0QGPc7/sWM5iK16KgO7J2jPbcEVmJdQo1l4Zyl
LGUqD9rv6TSJjjicvvvA2sGryC6P6ItMumokWOfXTKLaK5xcjG/3wC9TkV0RqVq3
gCxmrw+ksjuBbilm/31fVvrfzEsUep6cI9Plo4lIkkeH2dgZ4DJ0NmhV4BHMUHoy
29tR5J/gnbPj
-----END CERTIFICATE-----
Generated at Fri Apr 17 05:56:44 2026 by rpki-client