Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS63199.roa
File: AS63199.roa (raw, json)
Hash identifier: scFKuX7Ujpqkq5uKTbgu7O0eGJuYXxDe7BJMDpOajiU=
Subject key identifier: 6C:44:1E:08:97:03:58:D6:B8:EE:4F:62:85:AC:56:E5:68:88:80:E6
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 4F841985F63E201B2A61C1A233822F9DD34A4C0B
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS63199.roa
Signing time: Sun 01 Mar 2026 03:02:41 +0000
ROA not before: Sun 01 Mar 2026 02:57:41 +0000
ROA not after: Sun 28 Feb 2027 03:02:41 +0000
asID: 63199
IP address blocks: 140.150.152.0/24 maxlen: 24
150.241.131.0/24 maxlen: 24
150.241.240.0/24 maxlen: 24
168.222.97.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4f:84:19:85:f6:3e:20:1b:2a:61:c1:a2:33:82:2f:9d:d3:4a:4c:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Mar 1 02:57:41 2026 GMT
Not After : Feb 28 03:02:41 2027 GMT
Subject: CN=6C441E08970358D6B8EE4F6285AC56E5688880E6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:60:94:34:04:10:c2:fe:37:e3:9c:8d:40:f1:
a2:47:79:bf:d4:d2:61:96:15:26:28:4f:09:27:b3:
81:e8:31:80:83:28:cc:7b:89:a0:4a:73:c4:95:6f:
9c:50:28:54:8f:3a:10:df:33:31:b0:0a:8f:65:af:
b5:07:9f:27:75:4d:a2:17:51:73:32:be:1d:e4:dd:
f4:2c:1d:e0:3b:71:b3:c5:6d:1a:21:bf:e0:be:df:
04:48:87:c5:ba:4e:3b:60:60:5c:db:29:fd:18:ad:
cd:44:46:b4:12:a7:4d:d4:44:73:14:ad:a3:cd:65:
a2:cb:16:e3:6e:36:4d:a1:06:6d:03:35:92:cb:85:
2c:00:bc:35:e5:56:a0:04:8e:a4:4b:b5:94:d5:fe:
56:56:06:0c:b6:a3:5b:9c:27:e1:ed:b5:48:34:4f:
68:d0:6a:41:86:68:c9:83:64:ec:d2:aa:0f:4e:c4:
05:88:63:f1:93:3d:4f:15:f1:00:70:ab:0e:15:2d:
c1:8a:81:e7:7a:ed:6c:9a:13:2b:42:9d:fb:4e:46:
d1:e8:19:6b:1b:ca:fd:6b:52:5b:2f:bc:c2:13:fb:
49:36:96:b5:77:e3:a5:2e:4b:df:6d:9c:8b:7c:1d:
97:de:63:73:22:fa:6d:bb:7e:80:b7:f2:ae:9a:f1:
ca:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:44:1E:08:97:03:58:D6:B8:EE:4F:62:85:AC:56:E5:68:88:80:E6
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS63199.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
140.150.152.0/24
150.241.131.0/24
150.241.240.0/24
168.222.97.0/24
Signature Algorithm: sha256WithRSAEncryption
9e:01:43:a9:30:ce:b7:06:4f:eb:ec:4f:f4:5f:3d:52:50:93:
3c:13:14:db:b0:33:b8:18:6c:01:5c:dc:7f:e4:20:10:06:de:
39:a2:c1:96:cc:40:1a:d1:2e:e4:44:67:09:2a:8b:a5:12:95:
2b:d1:70:7d:66:75:90:5c:49:cb:37:db:88:ec:e8:df:b8:99:
25:06:00:92:69:35:a9:c7:79:aa:6f:38:50:ab:5b:bd:ae:78:
54:66:0d:9e:2e:d5:85:b5:cb:9e:1f:b5:db:bb:38:16:d8:57:
a4:82:91:e9:78:a3:9e:53:44:11:43:ad:90:10:28:f3:ed:26:
10:63:2e:e0:f3:cc:e8:28:67:eb:69:52:28:ca:a5:a5:0c:5b:
68:c5:2d:6e:96:d3:c7:f2:73:71:99:b8:31:f3:0d:8b:46:d7:
40:bf:92:f9:67:29:c4:86:71:ae:79:aa:2a:df:39:0c:59:28:
36:83:04:1e:b3:b4:40:70:09:2c:a8:3b:fb:f4:6f:dc:14:e8:
67:7a:81:c0:7e:72:2f:fb:99:69:6b:e5:8d:d9:27:41:0f:91:
47:9d:ce:e8:10:77:eb:90:a0:76:26:6c:81:d6:9b:35:35:c7:
36:d2:31:75:6d:96:63:93:39:d7:77:79:6d:35:8b:cb:94:03:
d5:1b:bb:10
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgIUT4QZhfY+IBsqYcGiM4IvndNKTAswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNjAzMDEwMjU3NDFaFw0yNzAyMjgwMzAyNDFaMDMxMTAvBgNV
BAMTKDZDNDQxRTA4OTcwMzU4RDZCOEVFNEY2Mjg1QUM1NkU1Njg4ODgwRTYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDlYJQ0BBDC/jfjnI1A8aJHeb/U
0mGWFSYoTwkns4HoMYCDKMx7iaBKc8SVb5xQKFSPOhDfMzGwCo9lr7UHnyd1TaIX
UXMyvh3k3fQsHeA7cbPFbRohv+C+3wRIh8W6TjtgYFzbKf0Yrc1ERrQSp03URHMU
raPNZaLLFuNuNk2hBm0DNZLLhSwAvDXlVqAEjqRLtZTV/lZWBgy2o1ucJ+HttUg0
T2jQakGGaMmDZOzSqg9OxAWIY/GTPU8V8QBwqw4VLcGKged67WyaEytCnftORtHo
GWsbyv1rUlsvvMIT+0k2lrV346UuS99tnIt8HZfeY3Mi+m27foC38q6a8cpJAgMB
AAGjggIbMIICFzAdBgNVHQ4EFgQUbEQeCJcDWNa47k9ihaxW5WiIgOYwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTNjMxOTkucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwMQYIKwYBBQUHAQcBAf8EIjAgMB4EAgABMBgDBACMlpgD
BACW8YMDBACW8fADBACo3mEwDQYJKoZIhvcNAQELBQADggEBAJ4BQ6kwzrcGT+vs
T/RfPVJQkzwTFNuwM7gYbAFc3H/kIBAG3jmiwZbMQBrRLuREZwkqi6USlSvRcH1m
dZBcScs324js6N+4mSUGAJJpNanHeapvOFCrW72ueFRmDZ4u1YW1y54ftdu7OBbY
V6SCkel4o55TRBFDrZAQKPPtJhBjLuDzzOgoZ+tpUijKpaUMW2jFLW6W08fyc3GZ
uDHzDYtG10C/kvlnKcSGca55qirfOQxZKDaDBB6ztEBwCSyoO/v0b9wU6Gd6gcB+
ci/7mWlr5Y3ZJ0EPkUedzugQd+uQoHYmbIHWmzU1xzbSMXVtlmOTOdd3eW01i8uU
A9UbuxA=
-----END CERTIFICATE-----
Generated at Mon Mar 2 04:50:40 2026 by rpki-client