Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS201357.roa
File: AS201357.roa (raw, json)
Hash identifier: j250AgaWM9We/T+nQwtOq6cktks6a/j5he2For7qH0U=
Subject key identifier: 50:F2:C5:5A:27:1B:F9:3F:66:A8:E8:09:6B:CB:5E:F6:79:48:91:E5
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 687AB2FDFBB8DC5F461E4A2D525265762EFB0FDA
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS201357.roa
Signing time: Fri 03 Apr 2026 09:39:03 +0000
ROA not before: Fri 03 Apr 2026 09:34:03 +0000
ROA not after: Fri 02 Apr 2027 09:39:03 +0000
asID: 201357
IP address blocks: 82.22.99.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 07:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
68:7a:b2:fd:fb:b8:dc:5f:46:1e:4a:2d:52:52:65:76:2e:fb:0f:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Apr 3 09:34:03 2026 GMT
Not After : Apr 2 09:39:03 2027 GMT
Subject: CN=50F2C55A271BF93F66A8E8096BCB5EF6794891E5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:b7:83:85:8b:94:47:5d:80:2e:2b:31:76:8b:
c4:a5:2a:89:58:40:56:27:5f:39:03:7e:3c:ce:2e:
f4:f9:15:d7:f6:36:2c:45:c5:f0:38:be:08:00:40:
e5:de:cb:fb:23:12:db:7d:2c:1b:d5:41:a9:1e:2b:
ff:0a:56:4a:09:5c:9f:80:22:b6:31:a3:4c:4d:86:
e7:60:5a:c9:cd:68:88:1b:09:15:52:e9:46:8b:7d:
c4:98:f5:6a:d4:72:e4:23:11:57:e9:0c:4d:9b:05:
ea:ff:92:f3:d9:d0:aa:43:fc:05:8d:df:a3:48:f9:
84:7d:03:98:71:d1:fe:da:83:5b:fe:4c:2f:a3:dd:
71:32:6c:2b:21:b5:21:ee:0d:9d:f0:04:99:07:01:
a4:92:64:91:c1:34:86:90:e1:52:ba:8f:97:c7:e9:
d9:a8:65:18:ad:e8:f7:d5:6b:87:3b:db:28:1c:bb:
55:b6:35:fc:d8:e6:0f:4c:bb:a9:e6:38:4f:8d:ec:
1b:a2:0a:55:7a:c8:6a:5b:50:be:fd:27:54:2e:d5:
41:29:cb:bf:e0:3f:bc:f6:fd:d3:68:51:99:52:2b:
b3:1e:14:9b:b6:2d:aa:62:88:b9:52:01:39:a6:bc:
ee:54:a7:28:67:82:fb:d1:b0:25:fd:f2:e3:eb:0f:
c9:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:F2:C5:5A:27:1B:F9:3F:66:A8:E8:09:6B:CB:5E:F6:79:48:91:E5
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS201357.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.22.99.0/24
Signature Algorithm: sha256WithRSAEncryption
1c:64:82:94:b3:3d:7a:3c:09:99:6b:53:6b:ec:7f:1e:a0:a4:
97:1d:28:28:2d:a8:c7:8d:fd:44:15:f4:97:53:31:db:4b:27:
a1:e2:59:79:f9:de:96:91:93:21:08:e3:24:f4:30:70:c6:ea:
2f:3d:ee:bc:42:6e:f3:d9:f2:6d:5a:df:bd:c2:c5:dc:ca:3f:
7a:6c:58:e0:9d:1a:0c:ac:cc:52:3a:0a:ab:da:8d:59:5b:0a:
39:f7:d9:0c:dd:98:fc:ba:65:a8:06:a6:1e:95:8b:4e:34:0c:
6c:7d:aa:93:6d:a5:69:cd:d4:3b:69:74:60:02:0f:fb:70:6f:
cb:4c:2d:13:45:7b:89:e4:cb:df:07:e4:ce:a4:2c:0f:b2:5d:
9d:bd:fb:c1:17:48:0d:60:c4:30:06:c8:90:31:48:a7:fb:2c:
ce:f3:4c:1e:3c:13:48:1e:97:5a:20:c2:a1:58:6a:3e:30:b1:
39:6a:15:89:2a:2b:40:2c:7e:ea:4d:f9:fe:2b:03:97:4c:d7:
aa:d3:d6:94:fa:ae:33:30:62:c6:77:57:a4:9b:98:7b:e0:83:
d6:98:d7:72:5a:b8:49:93:64:d6:a6:6d:5b:56:5c:c2:92:80:
c8:95:eb:ba:e7:ff:05:aa:0c:d0:6c:4c:a7:eb:b4:8b:37:51:
f2:01:ca:3b
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIUaHqy/fu43F9GHkotUlJldi77D9owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjA0MDMwOTM0MDNaFw0yNzA0MDIwOTM5MDNaMDMxMTAvBgNV
BAMTKDUwRjJDNTVBMjcxQkY5M0Y2NkE4RTgwOTZCQ0I1RUY2Nzk0ODkxRTUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCwt4OFi5RHXYAuKzF2i8SlKolY
QFYnXzkDfjzOLvT5Fdf2NixFxfA4vggAQOXey/sjEtt9LBvVQakeK/8KVkoJXJ+A
IrYxo0xNhudgWsnNaIgbCRVS6UaLfcSY9WrUcuQjEVfpDE2bBer/kvPZ0KpD/AWN
36NI+YR9A5hx0f7ag1v+TC+j3XEybCshtSHuDZ3wBJkHAaSSZJHBNIaQ4VK6j5fH
6dmoZRit6PfVa4c72ygcu1W2NfzY5g9Mu6nmOE+N7BuiClV6yGpbUL79J1Qu1UEp
y7/gP7z2/dNoUZlSK7MeFJu2LapiiLlSATmmvO5UpyhngvvRsCX98uPrD8kfAgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQUUPLFWicb+T9mqOgJa8te9nlIkeUwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMjAxMzU3LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUhZj
MA0GCSqGSIb3DQEBCwUAA4IBAQAcZIKUsz16PAmZa1Nr7H8eoKSXHSgoLajHjf1E
FfSXUzHbSyeh4ll5+d6WkZMhCOMk9DBwxuovPe68Qm7z2fJtWt+9wsXcyj96bFjg
nRoMrMxSOgqr2o1ZWwo599kM3Zj8umWoBqYelYtONAxsfaqTbaVpzdQ7aXRgAg/7
cG/LTC0TRXuJ5MvfB+TOpCwPsl2dvfvBF0gNYMQwBsiQMUin+yzO80wePBNIHpda
IMKhWGo+MLE5ahWJKitALH7qTfn+KwOXTNeq09aU+q4zMGLGd1ekm5h74IPWmNdy
WrhJk2TWpm1bVlzCkoDIleu65/8FqgzQbEyn67SLN1HyAco7
-----END CERTIFICATE-----
Generated at Fri Apr 17 15:47:08 2026 by rpki-client