Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS14618.roa
File: AS14618.roa (raw, json)
Hash identifier: QzKEX+LZgURv5wnflXHr9iNUEGMRK7xaJBX7EpGhg0w=
Subject key identifier: 17:D4:89:62:62:26:90:83:A5:98:67:86:23:06:3A:83:71:18:71:5C
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 6388C7A8F4B4667712F6B84DD8C872D6A4040364
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS14618.roa
Signing time: Fri 23 May 2025 09:30:19 +0000
ROA not before: Fri 23 May 2025 09:25:19 +0000
ROA not after: Fri 22 May 2026 09:30:19 +0000
asID: 14618
IP address blocks: 82.21.28.0/22 maxlen: 24
82.25.56.0/21 maxlen: 21
82.26.154.0/24 maxlen: 24
82.26.201.0/24 maxlen: 24
82.29.0.0/24 maxlen: 24
82.29.2.0/24 maxlen: 24
82.29.3.0/24 maxlen: 24
82.29.4.0/24 maxlen: 24
82.29.102.0/24 maxlen: 24
82.29.104.0/24 maxlen: 24
82.29.105.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
63:88:c7:a8:f4:b4:66:77:12:f6:b8:4d:d8:c8:72:d6:a4:04:03:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: May 23 09:25:19 2025 GMT
Not After : May 22 09:30:19 2026 GMT
Subject: CN=17D4896262269083A598678623063A837118715C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:92:a4:81:30:e1:57:36:25:b8:32:d4:42:61:
ec:48:03:bf:ab:51:8d:f7:ea:5f:37:eb:90:c3:ba:
d0:fb:57:aa:37:f8:b7:a7:ca:b6:99:ac:59:b9:bc:
9a:65:2c:be:f7:ad:9b:55:85:0c:0b:bb:14:0b:14:
ce:47:ac:2a:e7:e7:76:6b:b1:f6:de:0f:70:d3:60:
23:0c:f8:cb:38:d3:75:81:92:29:81:b9:48:63:5b:
09:17:0e:22:2b:22:cb:7d:4e:4f:24:af:b4:ae:1a:
fe:9b:0d:64:49:1a:7c:cf:7a:d0:07:d3:ec:b7:8f:
a8:5e:ed:2c:8d:20:1d:95:45:e7:ec:2b:8d:ac:db:
57:13:f0:2a:76:40:10:be:3c:a4:a4:e0:47:51:44:
91:c3:8d:37:89:db:cc:71:f0:06:73:c4:13:d3:91:
ed:b7:09:16:af:86:7c:e9:04:67:d7:09:8a:c7:4a:
fd:53:ac:6a:04:98:28:97:7e:83:c9:0e:88:f4:8e:
f2:39:30:3c:eb:1c:f2:7e:7f:b9:c8:18:c7:63:8b:
bc:5d:0b:8f:c2:f0:fb:bc:c4:41:17:c0:14:37:34:
72:00:ca:8d:73:58:f8:0b:da:b8:d1:31:50:1e:88:
5c:29:4e:81:3a:04:69:a7:45:cf:56:5b:0c:e6:a8:
81:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:D4:89:62:62:26:90:83:A5:98:67:86:23:06:3A:83:71:18:71:5C
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS14618.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.28.0/22
82.25.56.0/21
82.26.154.0/24
82.26.201.0/24
82.29.0.0/24
82.29.2.0-82.29.4.255
82.29.102.0/24
82.29.104.0/23
Signature Algorithm: sha256WithRSAEncryption
1c:a8:12:27:85:4e:69:f2:8a:b7:2b:8e:4d:15:5a:2a:58:4e:
5a:d6:34:ca:96:e1:b3:27:de:77:e4:bc:e5:f9:32:ae:dd:51:
0b:ba:6f:c0:25:d5:0d:c9:2e:bb:ee:27:65:7c:af:68:40:59:
0a:4f:6e:99:c5:c7:10:90:85:24:e9:11:50:0f:50:7c:31:d6:
5d:df:43:24:5f:ca:f2:b9:34:31:f6:25:8f:89:f0:e5:3d:72:
68:47:23:d6:dc:1d:9c:f3:49:bc:8f:5c:21:f5:f6:ae:8b:3e:
98:60:99:9d:7b:40:ff:a2:a5:6b:7e:a3:90:2a:df:8f:a5:97:
7c:dc:d3:18:84:b7:38:a4:f7:69:8b:4f:ab:18:45:4d:98:80:
7c:d6:03:1d:43:5f:16:c9:b3:d0:01:71:16:b1:34:4e:df:18:
c3:e7:11:6d:80:83:70:1d:a9:ca:0d:dc:7f:38:17:02:7c:c4:
5d:60:89:91:67:ec:de:26:57:16:89:e2:35:e8:fd:ae:e9:28:
cd:37:e3:b4:f0:a2:e0:9a:eb:eb:e0:fc:58:f5:f4:12:c0:96:
d7:ba:e9:0c:e1:0c:68:40:e8:27:3d:28:6c:f8:89:c7:20:c5:
4a:9f:6d:d3:e2:67:b4:d2:15:0d:2d:15:60:99:5e:68:79:55:
32:2f:8d:3a
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUY4jHqPS0ZncS9rhN2Mhy1qQEA2QwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTA1MjMwOTI1MTlaFw0yNjA1MjIwOTMwMTlaMDMxMTAvBgNV
BAMTKDE3RDQ4OTYyNjIyNjkwODNBNTk4Njc4NjIzMDYzQTgzNzExODcxNUMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDIkqSBMOFXNiW4MtRCYexIA7+r
UY336l8365DDutD7V6o3+LenyraZrFm5vJplLL73rZtVhQwLuxQLFM5HrCrn53Zr
sfbeD3DTYCMM+Ms403WBkimBuUhjWwkXDiIrIst9Tk8kr7SuGv6bDWRJGnzPetAH
0+y3j6he7SyNIB2VRefsK42s21cT8Cp2QBC+PKSk4EdRRJHDjTeJ28xx8AZzxBPT
ke23CRavhnzpBGfXCYrHSv1TrGoEmCiXfoPJDoj0jvI5MDzrHPJ+f7nIGMdji7xd
C4/C8Pu8xEEXwBQ3NHIAyo1zWPgL2rjRMVAeiFwpToE6BGmnRc9WWwzmqIFZAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUF9SJYmImkIOlmGeGIwY6g3EYcVwwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMTQ2MTgucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwUQYIKwYBBQUHAQcBAf8EQjBAMD4EAgABMDgDBAJSFRwD
BANSGTgDBABSGpoDBABSGskDBABSHQAwDAMEAVIdAgMEAFIdBAMEAFIdZgMEAVId
aDANBgkqhkiG9w0BAQsFAAOCAQEAHKgSJ4VOafKKtyuOTRVaKlhOWtY0ypbhsyfe
d+S85fkyrt1RC7pvwCXVDckuu+4nZXyvaEBZCk9umcXHEJCFJOkRUA9QfDHWXd9D
JF/K8rk0MfYlj4nw5T1yaEcj1twdnPNJvI9cIfX2ros+mGCZnXtA/6Kla36jkCrf
j6WXfNzTGIS3OKT3aYtPqxhFTZiAfNYDHUNfFsmz0AFxFrE0Tt8Yw+cRbYCDcB2p
yg3cfzgXAnzEXWCJkWfs3iZXFoniNej9rukozTfjtPCi4Jrr6+D8WPX0EsCW17rp
DOEMaEDoJz0obPiJxyDFSp9t0+JntNIVDS0VYJleaHlVMi+NOg==
-----END CERTIFICATE-----
Generated at Sat Jun 14 10:57:02 2025 by rpki-client