Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS25198.roa
File: AS25198.roa (raw, json)
Hash identifier: PMqpf6WdhYVE5UzzTK01MTFXCMIHK30auJV0Dc2p67w=
Subject key identifier: D8:3B:2B:D9:3A:DB:0B:FD:6D:F1:2B:84:68:6E:F5:0C:EB:99:54:04
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 3E3B8C324EF78A734D6C39C3A6C011B368014B97
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS25198.roa
Signing time: Tue 09 Jun 2026 06:28:30 +0000
ROA not before: Tue 09 Jun 2026 06:23:30 +0000
ROA not after: Tue 08 Jun 2027 06:28:30 +0000
asID: 25198
IP address blocks: 140.233.177.0/24 maxlen: 24
162.141.65.0/24 maxlen: 24
162.141.70.0/24 maxlen: 24
162.141.140.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 13 Jun 2026 19:43:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3e:3b:8c:32:4e:f7:8a:73:4d:6c:39:c3:a6:c0:11:b3:68:01:4b:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Jun 9 06:23:30 2026 GMT
Not After : Jun 8 06:28:30 2027 GMT
Subject: CN=D83B2BD93ADB0BFD6DF12B84686EF50CEB995404
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:0b:e0:3d:1a:3d:4e:cf:93:81:73:7c:bc:8b:
af:44:c5:14:e5:02:52:67:d9:db:d4:87:61:c8:4b:
d3:98:a6:ca:cb:75:f5:f5:32:c7:45:9e:5d:1c:71:
a7:37:3e:82:b7:2c:24:3f:42:1b:cf:f0:2f:a6:40:
1b:91:21:94:27:7f:84:e1:9f:35:14:9c:ec:e8:f1:
76:f1:11:a1:8d:f6:f5:f2:47:08:0f:e6:2c:30:54:
0e:60:e1:da:d0:19:81:1c:f0:30:20:0d:35:7f:0c:
7d:fc:ca:3b:ad:93:49:40:4f:34:db:b3:96:35:bd:
e5:a3:b3:db:2b:73:e0:80:e7:a0:cd:ce:4b:39:00:
42:7d:77:95:35:86:1c:c7:0e:df:43:9d:91:4b:fe:
93:18:eb:e6:28:ce:db:57:15:3c:ed:b0:76:af:f1:
b5:17:90:40:05:8f:76:7e:b3:72:be:f4:42:db:80:
63:10:38:e6:3c:3b:bf:0d:91:e6:db:b7:f1:80:a4:
77:f7:d8:4f:fe:24:20:40:f6:20:fc:63:8f:61:61:
be:39:c8:2b:4e:d5:c1:77:86:df:1e:de:01:7e:d2:
b8:52:9c:33:78:76:37:39:a4:be:30:18:f4:77:f7:
bc:6d:eb:77:94:b4:40:2f:11:3c:df:dd:05:f2:e3:
f6:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:3B:2B:D9:3A:DB:0B:FD:6D:F1:2B:84:68:6E:F5:0C:EB:99:54:04
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS25198.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
140.233.177.0/24
162.141.65.0/24
162.141.70.0/24
162.141.140.0/24
Signature Algorithm: sha256WithRSAEncryption
a8:a1:a7:8f:3c:35:86:01:81:c8:e4:2a:99:53:68:d6:55:6d:
79:0c:2e:fd:5b:3a:10:78:b3:64:6a:c5:7c:48:19:54:1a:c5:
6a:87:63:3a:ac:82:f3:ac:bb:f9:55:b2:58:34:77:3f:fb:70:
7c:09:37:ef:28:26:ab:19:ed:73:e5:3b:5b:67:fe:ea:3a:52:
62:86:95:3b:65:36:92:87:90:d1:79:34:d8:19:e0:32:57:3c:
f4:64:9a:97:fc:d7:ab:ba:b2:36:83:42:a1:ef:65:32:9d:32:
ca:98:e0:40:08:14:50:2e:bb:97:c0:e9:6e:19:d8:b7:06:54:
3c:01:20:f6:54:cd:c5:f0:33:f3:f5:a0:86:f9:ef:63:94:4e:
c5:0d:b7:b1:06:af:d0:e3:44:ba:e9:a2:ea:c1:95:b5:5f:b4:
61:49:40:be:73:fe:03:c5:b1:ae:ec:32:95:1d:e5:35:df:28:
48:ac:a1:24:1b:32:89:b9:5f:4e:95:7d:f2:6f:51:6b:75:38:
7d:33:3b:fc:c3:04:42:29:1d:e9:e3:19:38:82:2c:83:65:23:
3a:0f:7b:44:fb:9f:8e:f9:12:ab:69:0b:fc:28:f9:16:ee:60:
ea:45:dd:d6:28:6b:b5:d6:a4:2d:12:68:42:92:18:83:3d:5a:
f8:f1:9c:1e
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgIUPjuMMk73inNNbDnDpsARs2gBS5cwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNjA2MDkwNjIzMzBaFw0yNzA2MDgwNjI4MzBaMDMxMTAvBgNV
BAMTKEQ4M0IyQkQ5M0FEQjBCRkQ2REYxMkI4NDY4NkVGNTBDRUI5OTU0MDQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCjC+A9Gj1Oz5OBc3y8i69ExRTl
AlJn2dvUh2HIS9OYpsrLdfX1MsdFnl0ccac3PoK3LCQ/QhvP8C+mQBuRIZQnf4Th
nzUUnOzo8XbxEaGN9vXyRwgP5iwwVA5g4drQGYEc8DAgDTV/DH38yjutk0lATzTb
s5Y1veWjs9src+CA56DNzks5AEJ9d5U1hhzHDt9DnZFL/pMY6+YozttXFTztsHav
8bUXkEAFj3Z+s3K+9ELbgGMQOOY8O78Nkebbt/GApHf32E/+JCBA9iD8Y49hYb45
yCtO1cF3ht8e3gF+0rhSnDN4djc5pL4wGPR397xt63eUtEAvETzf3QXy4/YVAgMB
AAGjggIbMIICFzAdBgNVHQ4EFgQU2Dsr2TrbC/1t8SuEaG71DOuZVAQwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMjUxOTgucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwMQYIKwYBBQUHAQcBAf8EIjAgMB4EAgABMBgDBACM6bED
BACijUEDBACijUYDBACijYwwDQYJKoZIhvcNAQELBQADggEBAKihp488NYYBgcjk
KplTaNZVbXkMLv1bOhB4s2RqxXxIGVQaxWqHYzqsgvOsu/lVslg0dz/7cHwJN+8o
JqsZ7XPlO1tn/uo6UmKGlTtlNpKHkNF5NNgZ4DJXPPRkmpf816u6sjaDQqHvZTKd
MsqY4EAIFFAuu5fA6W4Z2LcGVDwBIPZUzcXwM/P1oIb572OUTsUNt7EGr9DjRLrp
ourBlbVftGFJQL5z/gPFsa7sMpUd5TXfKEisoSQbMom5X06VffJvUWt1OH0zO/zD
BEIpHenjGTiCLINlIzoPe0T7n475EqtpC/wo+RbuYOpF3dYoa7XWpC0SaEKSGIM9
WvjxnB4=
-----END CERTIFICATE-----
Generated at Sat Jun 13 05:41:28 2026 by rpki-client