Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS199614.roa
File: AS199614.roa (raw, json)
Hash identifier: 7luaf5QXxTPR98Z24L9p4KGL3sIsOZTi6QTpJ9b8WZI=
Subject key identifier: EE:31:B5:4D:84:E0:66:BC:D7:FA:B5:A7:B9:89:D0:5C:69:81:62:09
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 59D0FD0F5EA5DE2128A68BFEEC9DCFEE1014FE44
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS199614.roa
Signing time: Tue 04 Nov 2025 01:07:10 +0000
ROA not before: Tue 04 Nov 2025 01:02:10 +0000
ROA not after: Tue 03 Nov 2026 01:07:10 +0000
asID: 199614
IP address blocks: 82.38.208.0/24 maxlen: 24
82.38.209.0/24 maxlen: 24
82.38.213.0/24 maxlen: 24
82.38.214.0/24 maxlen: 24
82.39.191.0/24 maxlen: 24
82.39.192.0/24 maxlen: 24
82.41.8.0/24 maxlen: 24
82.41.9.0/24 maxlen: 24
82.41.239.0/24 maxlen: 24
82.41.240.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 12:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
59:d0:fd:0f:5e:a5:de:21:28:a6:8b:fe:ec:9d:cf:ee:10:14:fe:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Nov 4 01:02:10 2025 GMT
Not After : Nov 3 01:07:10 2026 GMT
Subject: CN=EE31B54D84E066BCD7FAB5A7B989D05C69816209
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:b5:86:53:12:cd:c1:d8:0c:e3:d5:4b:01:27:
9e:a6:b8:f6:ff:7f:67:05:4d:47:df:b3:a0:fb:ad:
9c:cd:93:90:80:12:36:58:a3:b2:e2:d6:37:b8:c4:
7e:a2:c9:e9:69:1e:1d:68:27:35:38:16:b5:c5:14:
5d:d4:86:41:87:89:4b:c9:91:69:c1:c2:de:44:8d:
40:a5:0b:3d:76:35:ab:d2:c6:5a:e4:a2:18:ad:86:
e4:f4:89:05:98:a7:e4:33:b7:d5:aa:e3:33:97:db:
c9:89:e2:37:62:ac:b7:86:72:58:09:d3:e9:bb:93:
b9:15:90:69:3e:a3:bd:76:5b:2b:a1:87:32:ed:5b:
a9:38:d5:a4:bc:50:cb:3d:b0:2e:03:59:1f:2a:00:
a6:b2:8e:e3:c2:16:c6:a8:a7:54:cb:a4:bc:2e:2f:
b0:d1:c2:2a:aa:06:74:71:07:62:6a:84:3a:ca:44:
c1:b3:69:17:52:64:99:d4:c2:d5:85:09:e9:63:0c:
3a:16:ca:17:1b:9f:9d:2a:13:96:ac:f2:08:d6:9c:
40:fb:62:5d:2b:32:ec:96:2b:fb:c3:dd:27:18:7c:
6d:f8:3a:55:72:db:b9:fa:01:ed:77:0d:7d:ae:08:
a3:88:00:ee:36:e4:3c:76:fe:c8:29:a8:65:fe:23:
eb:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:31:B5:4D:84:E0:66:BC:D7:FA:B5:A7:B9:89:D0:5C:69:81:62:09
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS199614.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.38.208.0/23
82.38.213.0-82.38.214.255
82.39.191.0-82.39.192.255
82.41.8.0/23
82.41.239.0-82.41.240.255
Signature Algorithm: sha256WithRSAEncryption
70:45:0d:3f:4e:8d:90:42:40:61:d8:10:cf:51:c0:6d:f6:3b:
c6:28:ee:8c:76:cf:81:b3:c2:94:30:20:35:fc:e2:fa:26:66:
14:ee:d7:bc:1c:cb:a2:af:fb:d0:0c:88:e4:48:e8:6a:9a:63:
61:e1:0d:49:f2:21:0f:ce:4d:ae:09:18:8e:2e:ed:8d:ba:b3:
bb:aa:b5:fc:bb:ca:25:cb:05:54:c1:29:e4:57:e4:21:55:ed:
7b:91:e4:7f:56:1f:3e:00:81:b7:32:df:a5:5c:b8:5e:27:7f:
cb:05:26:83:9c:e7:e2:12:3f:97:14:93:76:43:ef:d2:f4:31:
98:02:8e:4f:6a:03:ab:79:ce:0b:bc:0e:94:72:f3:38:26:ed:
20:06:63:fa:c9:9b:5e:fe:98:3b:97:15:e3:aa:9d:01:23:17:
15:66:0f:27:48:31:3f:67:b2:f6:a5:55:1d:21:32:e7:7a:0c:
3f:d2:78:6d:25:c1:4a:93:75:3b:6a:4a:7c:39:7b:df:6f:74:
48:71:0b:25:cc:38:c2:75:c2:8a:76:72:15:90:ec:32:0d:29:
bd:31:84:be:35:98:e2:86:a1:b1:3c:b7:cd:1d:5f:53:1e:dc:
a2:39:66:82:6f:77:8c:c2:40:ec:d1:f0:c0:c7:87:09:c0:a5:
ce:47:26:96
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgIUWdD9D16l3iEopov+7J3P7hAU/kQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTExMDQwMTAyMTBaFw0yNjExMDMwMTA3MTBaMDMxMTAvBgNV
BAMTKEVFMzFCNTREODRFMDY2QkNEN0ZBQjVBN0I5ODlEMDVDNjk4MTYyMDkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCVtYZTEs3B2Azj1UsBJ56muPb/
f2cFTUffs6D7rZzNk5CAEjZYo7Li1je4xH6iyelpHh1oJzU4FrXFFF3UhkGHiUvJ
kWnBwt5EjUClCz12NavSxlrkohithuT0iQWYp+Qzt9Wq4zOX28mJ4jdirLeGclgJ
0+m7k7kVkGk+o712WyuhhzLtW6k41aS8UMs9sC4DWR8qAKayjuPCFsaop1TLpLwu
L7DRwiqqBnRxB2JqhDrKRMGzaRdSZJnUwtWFCeljDDoWyhcbn50qE5as8gjWnED7
Yl0rMuyWK/vD3ScYfG34OlVy27n6Ae13DX2uCKOIAO425Dx2/sgpqGX+I+ujAgMB
AAGjggI6MIICNjAdBgNVHQ4EFgQU7jG1TYTgZrzX+rWnuYnQXGmBYgkwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMTk5NjE0LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQBUibQ
MAwDBABSJtUDBABSJtYwDAMEAFInvwMEAFInwAMEAVIpCDAMAwQAUinvAwQAUinw
MA0GCSqGSIb3DQEBCwUAA4IBAQBwRQ0/To2QQkBh2BDPUcBt9jvGKO6Mds+Bs8KU
MCA1/OL6JmYU7te8HMuir/vQDIjkSOhqmmNh4Q1J8iEPzk2uCRiOLu2NurO7qrX8
u8olywVUwSnkV+QhVe17keR/Vh8+AIG3Mt+lXLheJ3/LBSaDnOfiEj+XFJN2Q+/S
9DGYAo5PagOrec4LvA6UcvM4Ju0gBmP6yZte/pg7lxXjqp0BIxcVZg8nSDE/Z7L2
pVUdITLnegw/0nhtJcFKk3U7akp8OXvfb3RIcQslzDjCdcKKdnIVkOwyDSm9MYS+
NZjihqGxPLfNHV9THtyiOWaCb3eMwkDs0fDAx4cJwKXORyaW
-----END CERTIFICATE-----
Generated at Wed Nov 5 21:21:28 2025 by rpki-client