Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS63199.roa
File: AS63199.roa (raw, json)
Hash identifier: bw2Lt3LmZwfDknfMBucgA1SvxVaqJ04/sVAOFIweDaA=
Subject key identifier: A9:47:14:6E:6F:14:FC:BE:D9:CF:70:44:26:4A:20:C4:95:85:F4:18
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 635D0078698C9C7130F8985789895722EA78C28D
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS63199.roa
Signing time: Wed 29 Oct 2025 03:15:16 +0000
ROA not before: Wed 29 Oct 2025 03:10:16 +0000
ROA not after: Wed 28 Oct 2026 03:15:16 +0000
asID: 63199
IP address blocks: 143.14.23.0/24 maxlen: 24
155.117.13.0/24 maxlen: 24
162.141.115.0/24 maxlen: 24
167.148.206.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 18:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
63:5d:00:78:69:8c:9c:71:30:f8:98:57:89:89:57:22:ea:78:c2:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Oct 29 03:10:16 2025 GMT
Not After : Oct 28 03:15:16 2026 GMT
Subject: CN=A947146E6F14FCBED9CF7044264A20C49585F418
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f6:d6:3d:44:f3:09:1a:89:89:8c:68:a5:6b:cd:
ff:18:6d:d7:dd:18:f3:91:70:26:99:4f:04:d4:60:
16:e8:63:1c:af:50:ae:8c:41:71:f5:7e:0a:70:5f:
cc:86:51:8e:63:c8:89:a7:92:60:92:50:a0:61:84:
d6:41:e3:cc:02:98:e5:42:0b:25:e3:8b:c7:99:4a:
e2:12:03:eb:3a:80:ba:d0:be:03:03:eb:5e:57:0c:
2c:e8:60:11:9a:0f:be:e8:7a:2d:b0:6a:21:d6:d5:
9f:fc:d6:f2:57:7d:5b:12:24:62:35:cb:15:4e:0a:
06:6e:33:2e:43:55:aa:1b:ea:70:9a:73:c3:42:b2:
e6:55:da:c4:18:3a:10:31:58:36:fe:bb:ae:15:06:
a4:6e:88:2d:15:4d:be:1e:15:4d:26:50:22:50:6e:
46:6f:e4:6b:56:6a:c9:81:d5:b0:6d:32:b5:12:43:
33:43:24:50:65:20:9b:04:6b:b0:2a:a4:fa:84:b4:
9f:ec:e7:f6:71:01:28:69:7d:55:4b:2c:9b:8a:65:
67:3e:05:f1:0f:d3:10:0c:51:e1:ab:b1:23:e0:59:
ad:59:26:3a:8d:cb:fe:0e:62:5f:df:3c:28:1d:8c:
22:93:65:50:e3:63:00:75:07:54:d3:d8:0e:d4:7a:
48:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:47:14:6E:6F:14:FC:BE:D9:CF:70:44:26:4A:20:C4:95:85:F4:18
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS63199.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.14.23.0/24
155.117.13.0/24
162.141.115.0/24
167.148.206.0/24
Signature Algorithm: sha256WithRSAEncryption
b7:03:ce:f8:80:3c:c5:d4:f8:76:63:99:94:4e:8f:d1:a8:a0:
5e:0e:28:63:0a:67:e2:dc:9e:57:5b:41:43:c7:d7:7d:b9:3b:
3b:d2:61:34:73:b8:c3:5d:8e:5e:c4:0c:06:65:28:3d:e1:53:
4d:00:b3:d0:51:48:92:3a:a3:b7:65:ad:3a:5f:f5:40:1d:73:
de:8e:53:11:eb:96:57:a5:df:e7:5d:70:5e:48:4c:40:81:2f:
f4:81:04:6b:5d:b3:16:d6:f5:8c:2e:2d:cc:31:8d:fa:7e:a0:
60:47:2f:04:26:05:31:bb:fb:dc:cb:c1:25:c4:ee:b4:44:73:
cc:1e:ed:3a:f8:f7:35:2c:e9:49:81:28:63:6d:e8:4e:26:d1:
81:46:bf:dd:90:24:1f:12:96:98:6b:1a:24:7e:af:db:e5:73:
6d:cc:03:be:20:76:fa:6c:0b:4a:ba:72:5f:b7:b9:ae:ec:17:
34:5c:26:47:92:a1:ab:a0:62:6d:17:f5:b6:a3:1c:56:eb:e0:
e0:47:48:4b:c0:05:fa:47:5f:0c:9a:a7:52:0e:52:78:8b:30:
40:4d:20:b8:a5:c9:ea:15:ae:77:9f:0d:2f:d5:f4:91:48:6b:
53:26:36:06:fe:5a:d8:b4:46:5a:85:65:fb:f5:40:33:da:90:
57:18:75:e0
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgIUY10AeGmMnHEw+JhXiYlXIup4wo0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTEwMjkwMzEwMTZaFw0yNjEwMjgwMzE1MTZaMDMxMTAvBgNV
BAMTKEE5NDcxNDZFNkYxNEZDQkVEOUNGNzA0NDI2NEEyMEM0OTU4NUY0MTgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQD21j1E8wkaiYmMaKVrzf8Ybdfd
GPORcCaZTwTUYBboYxyvUK6MQXH1fgpwX8yGUY5jyImnkmCSUKBhhNZB48wCmOVC
CyXji8eZSuISA+s6gLrQvgMD615XDCzoYBGaD77oei2waiHW1Z/81vJXfVsSJGI1
yxVOCgZuMy5DVaob6nCac8NCsuZV2sQYOhAxWDb+u64VBqRuiC0VTb4eFU0mUCJQ
bkZv5GtWasmB1bBtMrUSQzNDJFBlIJsEa7AqpPqEtJ/s5/ZxAShpfVVLLJuKZWc+
BfEP0xAMUeGrsSPgWa1ZJjqNy/4OYl/fPCgdjCKTZVDjYwB1B1TT2A7UekhlAgMB
AAGjggIbMIICFzAdBgNVHQ4EFgQUqUcUbm8U/L7Zz3BEJkogxJWF9BgwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTNjMxOTkucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwMQYIKwYBBQUHAQcBAf8EIjAgMB4EAgABMBgDBACPDhcD
BACbdQ0DBACijXMDBACnlM4wDQYJKoZIhvcNAQELBQADggEBALcDzviAPMXU+HZj
mZROj9GooF4OKGMKZ+LcnldbQUPH1325OzvSYTRzuMNdjl7EDAZlKD3hU00As9BR
SJI6o7dlrTpf9UAdc96OUxHrllel3+ddcF5ITECBL/SBBGtdsxbW9YwuLcwxjfp+
oGBHLwQmBTG7+9zLwSXE7rREc8we7Tr49zUs6UmBKGNt6E4m0YFGv92QJB8Slphr
GiR+r9vlc23MA74gdvpsC0q6cl+3ua7sFzRcJkeSoaugYm0X9bajHFbr4OBHSEvA
BfpHXwyap1IOUniLMEBNILilyeoVrnefDS/V9JFIa1MmNgb+Wti0RlqFZfv1QDPa
kFcYdeA=
-----END CERTIFICATE-----
Generated at Tue Nov 4 22:54:44 2025 by rpki-client