Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS63199.roa
File: AS63199.roa (raw, json)
Hash identifier: i66Vc5DQQhYEuOfnKDz2mgbncCyIaWfY2ujF7JQNHm0=
Subject key identifier: E9:EB:77:22:0C:75:10:A2:A8:E4:FA:E6:BF:4B:8D:19:22:DE:F1:4E
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 4BB7A465288B59CD3BE977C79559C175ABA0864A
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS63199.roa
Signing time: Sun 12 Apr 2026 09:33:02 +0000
ROA not before: Sun 12 Apr 2026 09:28:02 +0000
ROA not after: Sun 11 Apr 2027 09:33:02 +0000
asID: 63199
IP address blocks: 96.62.115.0/24 maxlen: 24
140.150.239.0/24 maxlen: 24
140.233.187.0/24 maxlen: 24
146.103.22.0/24 maxlen: 24
146.103.35.0/24 maxlen: 24
147.79.7.0/24 maxlen: 24
147.79.17.0/24 maxlen: 24
148.135.199.0/24 maxlen: 24
150.241.131.0/24 maxlen: 24
155.117.4.0/24 maxlen: 24
155.117.6.0/24 maxlen: 24
167.148.136.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 22:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4b:b7:a4:65:28:8b:59:cd:3b:e9:77:c7:95:59:c1:75:ab:a0:86:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Apr 12 09:28:02 2026 GMT
Not After : Apr 11 09:33:02 2027 GMT
Subject: CN=E9EB77220C7510A2A8E4FAE6BF4B8D1922DEF14E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:8c:80:af:2f:ec:6d:63:4e:9c:94:c8:be:5c:
15:d5:e6:c0:e3:50:c5:4b:22:03:ab:d9:f1:ac:8d:
f2:7c:5e:29:13:37:ce:a4:eb:21:23:c8:f0:cd:db:
c1:9d:97:85:b5:54:a1:9d:64:fe:e1:cf:06:a0:97:
03:d5:f8:de:ac:5d:3c:74:a4:43:3b:ce:bc:32:22:
2c:8d:c4:63:29:f4:5e:16:2f:39:ee:ce:9b:80:12:
ec:e3:2a:26:b0:09:da:be:aa:84:08:f4:e8:ae:50:
d2:8f:76:dc:33:17:c5:7b:95:4e:32:82:6e:37:e2:
5d:f6:4d:ec:0b:4e:74:7a:ac:24:91:b9:b1:95:e6:
a5:61:25:9a:12:28:bc:40:35:7e:25:54:29:29:be:
39:6b:3c:1f:90:8a:05:9c:f1:12:c8:45:6e:81:4f:
22:d7:ce:28:ce:5e:0c:5f:72:5a:18:8e:1a:ce:7c:
c8:49:bc:1c:fb:32:8f:e0:d1:e2:a5:8a:a5:06:61:
4c:57:79:5a:07:51:17:84:50:bc:e0:98:e1:af:14:
29:84:44:f5:f0:db:63:a6:ba:63:0b:38:da:09:5a:
7e:47:cf:96:8d:08:4a:a1:cd:16:88:46:67:42:41:
a6:47:d9:47:1d:bd:35:a3:e4:84:c4:d2:7b:af:6f:
0d:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:EB:77:22:0C:75:10:A2:A8:E4:FA:E6:BF:4B:8D:19:22:DE:F1:4E
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS63199.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
96.62.115.0/24
140.150.239.0/24
140.233.187.0/24
146.103.22.0/24
146.103.35.0/24
147.79.7.0/24
147.79.17.0/24
148.135.199.0/24
150.241.131.0/24
155.117.4.0/24
155.117.6.0/24
167.148.136.0/24
Signature Algorithm: sha256WithRSAEncryption
1f:9f:d5:3b:23:e9:31:17:04:8d:be:93:d8:d8:de:ef:37:ee:
cd:0e:73:8e:f8:cb:d3:95:44:c5:19:d9:78:d0:ef:4e:6a:76:
4f:1d:4f:fb:42:c4:f3:de:78:59:06:09:65:41:04:b2:d9:55:
2e:fd:8e:3a:9e:91:75:f2:fc:e2:11:d6:ff:f2:a2:8e:ed:e3:
4e:4e:a2:4a:ee:b9:77:21:6f:ea:7e:ea:6c:ae:6b:9c:ea:44:
82:e5:ce:f2:e1:0f:be:ed:23:b3:ef:09:bb:ff:c7:10:19:b2:
ac:a4:ea:a7:ac:f6:81:10:23:80:10:5b:15:7d:23:82:28:5b:
38:b4:36:f0:6f:86:93:4f:c8:d6:21:81:e5:57:54:34:b8:1f:
49:0c:55:96:ae:3d:6a:f0:04:06:b7:e2:24:bb:c1:6a:76:48:
17:45:1d:55:e9:fc:cd:99:57:d4:99:56:7c:8a:a3:30:7b:62:
6f:bf:db:c1:ca:68:35:f4:aa:3e:f2:5a:e3:b5:b3:45:1b:74:
3c:d6:ff:a1:8e:f9:4a:2b:b7:af:07:8c:2f:84:b5:58:91:ab:
07:14:45:86:93:9d:ee:9e:ce:8f:1e:65:fa:da:e9:a5:54:a4:
39:8c:83:76:ae:63:3d:56:c9:84:92:1e:db:73:19:8c:41:51:
2d:4d:94:12
-----BEGIN CERTIFICATE-----
MIIFQTCCBCmgAwIBAgIUS7ekZSiLWc076XfHlVnBdaughkowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNjA0MTIwOTI4MDJaFw0yNzA0MTEwOTMzMDJaMDMxMTAvBgNV
BAMTKEU5RUI3NzIyMEM3NTEwQTJBOEU0RkFFNkJGNEI4RDE5MjJERUYxNEUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDQjICvL+xtY06clMi+XBXV5sDj
UMVLIgOr2fGsjfJ8XikTN86k6yEjyPDN28Gdl4W1VKGdZP7hzwaglwPV+N6sXTx0
pEM7zrwyIiyNxGMp9F4WLznuzpuAEuzjKiawCdq+qoQI9OiuUNKPdtwzF8V7lU4y
gm434l32TewLTnR6rCSRubGV5qVhJZoSKLxANX4lVCkpvjlrPB+QigWc8RLIRW6B
TyLXzijOXgxfcloYjhrOfMhJvBz7Mo/g0eKliqUGYUxXeVoHUReEULzgmOGvFCmE
RPXw22OmumMLONoJWn5Hz5aNCEqhzRaIRmdCQaZH2UcdvTWj5ITE0nuvbw1nAgMB
AAGjggJLMIICRzAdBgNVHQ4EFgQU6et3Igx1EKKo5Prmv0uNGSLe8U4wHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTNjMxOTkucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwYQYIKwYBBQUHAQcBAf8EUjBQME4EAgABMEgDBABgPnMD
BACMlu8DBACM6bsDBACSZxYDBACSZyMDBACTTwcDBACTTxEDBACUh8cDBACW8YMD
BACbdQQDBACbdQYDBACnlIgwDQYJKoZIhvcNAQELBQADggEBAB+f1Tsj6TEXBI2+
k9jY3u837s0Oc474y9OVRMUZ2XjQ705qdk8dT/tCxPPeeFkGCWVBBLLZVS79jjqe
kXXy/OIR1v/yoo7t405OokruuXchb+p+6myua5zqRILlzvLhD77tI7PvCbv/xxAZ
sqyk6qes9oEQI4AQWxV9I4IoWzi0NvBvhpNPyNYhgeVXVDS4H0kMVZauPWrwBAa3
4iS7wWp2SBdFHVXp/M2ZV9SZVnyKozB7Ym+/28HKaDX0qj7yWuO1s0UbdDzW/6GO
+Uort68HjC+EtViRqwcURYaTne6ezo8eZfra6aVUpDmMg3auYz1WyYSSHttzGYxB
US1NlBI=
-----END CERTIFICATE-----
Generated at Fri Apr 17 06:06:07 2026 by rpki-client