Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS14618.roa
File: AS14618.roa (raw, json)
Hash identifier: ejJNPpbAm8qTGRZZOMjFWtGQZKpeG+nPi5U/QueIaBM=
Subject key identifier: D8:0A:84:7D:80:18:A3:C5:FF:9F:5F:E9:83:EB:35:66:B5:FA:C8:B2
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 59D007DB029A88E6C5DD92AC1839830625A09D7D
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS14618.roa
Signing time: Mon 04 Aug 2025 00:01:19 +0000
ROA not before: Sun 03 Aug 2025 23:56:19 +0000
ROA not after: Mon 03 Aug 2026 00:01:19 +0000
asID: 14618
IP address blocks: 82.21.28.0/22 maxlen: 24
82.24.100.0/24 maxlen: 24
82.26.154.0/24 maxlen: 24
82.26.201.0/24 maxlen: 24
82.29.0.0/24 maxlen: 24
82.29.2.0/24 maxlen: 24
82.29.3.0/24 maxlen: 24
82.29.4.0/24 maxlen: 24
82.29.102.0/24 maxlen: 24
82.29.104.0/24 maxlen: 24
82.29.105.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 03:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
59:d0:07:db:02:9a:88:e6:c5:dd:92:ac:18:39:83:06:25:a0:9d:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Aug 3 23:56:19 2025 GMT
Not After : Aug 3 00:01:19 2026 GMT
Subject: CN=D80A847D8018A3C5FF9F5FE983EB3566B5FAC8B2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:e6:7e:16:ed:43:8e:32:47:19:ce:0c:35:9a:
51:92:32:25:c6:81:3c:c5:e3:0c:8c:d3:07:00:e9:
75:66:34:82:09:cb:42:4b:cb:2e:ec:71:77:9e:69:
e0:55:4b:83:1b:5f:05:3f:ab:7b:08:f4:7e:11:c2:
01:cd:b4:66:0b:9a:78:1f:9a:13:65:07:f3:03:f5:
02:39:6e:39:b6:3f:6a:65:22:7a:4e:be:85:4f:c4:
fc:2b:88:78:79:1d:06:76:ae:50:23:0b:7d:91:a2:
d3:bb:a4:79:b6:57:da:c9:e1:f2:69:7d:59:f2:88:
d7:da:31:bb:ec:4b:1d:ad:39:8c:68:9a:5d:f1:b2:
85:0f:83:a8:64:43:7d:73:ee:b7:54:a9:bc:ee:10:
01:d9:34:93:d7:58:42:87:d8:5a:fe:6e:59:cc:05:
af:f6:ae:78:a6:a8:c8:bf:79:27:d6:f7:21:ae:5e:
58:3c:3e:f2:51:c3:83:4c:1c:23:ac:55:d9:48:59:
b6:0c:b8:f6:d7:8b:69:39:09:aa:b1:59:20:89:2c:
18:a9:7f:2e:45:f3:c1:75:05:4d:45:b7:98:8e:4e:
95:b2:93:4c:04:d5:60:ea:d3:10:01:42:c6:6f:5d:
a9:9f:3e:41:f0:22:5e:ce:97:a4:0c:c7:74:5b:5b:
4d:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:0A:84:7D:80:18:A3:C5:FF:9F:5F:E9:83:EB:35:66:B5:FA:C8:B2
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS14618.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.28.0/22
82.24.100.0/24
82.26.154.0/24
82.26.201.0/24
82.29.0.0/24
82.29.2.0-82.29.4.255
82.29.102.0/24
82.29.104.0/23
Signature Algorithm: sha256WithRSAEncryption
97:b2:6f:cb:43:0b:c5:ce:a1:26:83:d6:67:44:a5:c7:ef:40:
4a:59:8f:e2:ff:82:03:41:d0:80:45:88:4f:ef:8e:a5:9a:34:
79:62:7e:c8:7f:31:d2:e4:aa:33:e1:bf:6f:e0:e0:4c:38:1e:
83:fa:f3:28:7c:39:49:70:3e:35:f6:6d:38:d8:79:b8:80:83:
71:4b:dd:ab:65:35:67:3a:20:28:d8:50:f2:d4:35:7f:25:e2:
19:3f:cd:22:17:a3:a9:aa:f6:c1:a0:ce:dc:11:f4:9e:92:b0:
99:2d:26:16:e0:6f:71:d1:e8:dc:29:bf:d3:4e:4e:84:07:65:
e0:45:53:28:2a:02:c7:22:46:a1:b1:f2:6c:d5:5d:3e:1f:a6:
48:79:a8:2e:8f:b7:c7:03:bc:0a:ac:01:02:7d:2d:c4:0c:6e:
24:36:38:5b:72:ec:66:4d:10:4a:ed:3e:50:5b:b1:4d:47:d8:
78:9c:91:e9:40:61:6b:f4:16:d4:b6:02:9c:c3:3a:e7:95:94:
12:b3:1c:28:f9:39:2b:b8:c3:8a:1b:01:44:6e:fe:26:41:8a:
eb:ef:bf:e3:9e:0b:21:8a:81:8d:01:e2:c1:25:2d:88:b3:28:
e0:39:f2:27:38:77:68:18:b4:7a:3b:41:15:6b:c5:ae:42:e9:
5d:64:b9:0e
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUWdAH2wKaiObF3ZKsGDmDBiWgnX0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTA4MDMyMzU2MTlaFw0yNjA4MDMwMDAxMTlaMDMxMTAvBgNV
BAMTKEQ4MEE4NDdEODAxOEEzQzVGRjlGNUZFOTgzRUIzNTY2QjVGQUM4QjIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDy5n4W7UOOMkcZzgw1mlGSMiXG
gTzF4wyM0wcA6XVmNIIJy0JLyy7scXeeaeBVS4MbXwU/q3sI9H4RwgHNtGYLmngf
mhNlB/MD9QI5bjm2P2plInpOvoVPxPwriHh5HQZ2rlAjC32RotO7pHm2V9rJ4fJp
fVnyiNfaMbvsSx2tOYxoml3xsoUPg6hkQ31z7rdUqbzuEAHZNJPXWEKH2Fr+blnM
Ba/2rnimqMi/eSfW9yGuXlg8PvJRw4NMHCOsVdlIWbYMuPbXi2k5CaqxWSCJLBip
fy5F88F1BU1Ft5iOTpWyk0wE1WDq0xABQsZvXamfPkHwIl7Ol6QMx3RbW00xAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQU2AqEfYAYo8X/n1/pg+s1ZrX6yLIwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMTQ2MTgucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwUQYIKwYBBQUHAQcBAf8EQjBAMD4EAgABMDgDBAJSFRwD
BABSGGQDBABSGpoDBABSGskDBABSHQAwDAMEAVIdAgMEAFIdBAMEAFIdZgMEAVId
aDANBgkqhkiG9w0BAQsFAAOCAQEAl7Jvy0MLxc6hJoPWZ0Slx+9ASlmP4v+CA0HQ
gEWIT++OpZo0eWJ+yH8x0uSqM+G/b+DgTDgeg/rzKHw5SXA+NfZtONh5uICDcUvd
q2U1ZzogKNhQ8tQ1fyXiGT/NIhejqar2waDO3BH0npKwmS0mFuBvcdHo3Cm/005O
hAdl4EVTKCoCxyJGobHybNVdPh+mSHmoLo+3xwO8CqwBAn0txAxuJDY4W3LsZk0Q
Su0+UFuxTUfYeJyR6UBha/QW1LYCnMM655WUErMcKPk5K7jDihsBRG7+JkGK6++/
454LIYqBjQHiwSUtiLMo4DnyJzh3aBi0ejtBFWvFrkLpXWS5Dg==
-----END CERTIFICATE-----
Generated at Mon Aug 4 10:59:33 2025 by rpki-client