Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS25198.roa
File: AS25198.roa (raw, json)
Hash identifier: oF9HLON6MNl4JYb4EXU66EXGwayVS/BoKJPGT+7mO2U=
Subject key identifier: B4:D0:06:64:C4:04:B0:17:42:9D:97:0C:6D:8D:94:52:B9:D6:66:D9
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 484045A023A0309BF2B3F9C9B69D72DC0CC6BE25
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS25198.roa
Signing time: Tue 17 Feb 2026 04:30:26 +0000
ROA not before: Tue 17 Feb 2026 04:25:26 +0000
ROA not after: Tue 16 Feb 2027 04:30:26 +0000
asID: 25198
IP address blocks: 82.22.126.0/24 maxlen: 24
82.24.81.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 09:38:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
48:40:45:a0:23:a0:30:9b:f2:b3:f9:c9:b6:9d:72:dc:0c:c6:be:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Feb 17 04:25:26 2026 GMT
Not After : Feb 16 04:30:26 2027 GMT
Subject: CN=B4D00664C404B017429D970C6D8D9452B9D666D9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:05:c3:57:7b:7d:92:6f:6f:05:ee:21:a2:90:
77:21:bf:72:21:48:6d:14:6a:16:70:3a:99:d3:f5:
1a:c5:2d:2d:71:05:8e:ed:c8:21:11:ac:7a:7a:0f:
73:2a:8e:3d:9b:b0:2a:35:88:02:77:2a:86:35:24:
7c:f7:cc:fa:9f:29:ce:df:3d:77:53:1a:12:bd:b0:
31:90:4f:13:e7:c2:e3:da:1c:f3:5c:89:12:55:9d:
2e:55:81:6f:e7:eb:c5:66:07:64:c1:01:9f:44:b0:
1c:45:b6:ae:6a:d7:61:73:d8:75:84:f3:cb:73:9e:
76:d9:fb:7f:6c:95:ae:a6:e1:4b:f4:de:c4:40:37:
83:ed:87:16:e1:5c:8c:e7:aa:70:d7:8b:ad:89:d9:
0f:38:e5:bd:1c:58:01:81:65:09:e0:73:2a:0b:f8:
af:80:cb:a3:1f:7e:2f:2b:99:80:2d:41:a1:0f:45:
41:17:a2:73:4e:8b:ce:71:0c:4c:55:5c:3c:43:65:
4d:85:e3:3c:cd:c3:e9:88:74:3a:a1:0f:bf:70:d8:
b8:d7:d1:35:a9:a2:79:e1:84:da:65:65:a4:7e:b5:
88:3c:e4:56:dd:38:a9:0a:aa:3f:f6:90:d4:ca:55:
6d:3f:79:61:e9:16:7f:2a:4c:3d:26:8b:14:c1:2f:
ef:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:D0:06:64:C4:04:B0:17:42:9D:97:0C:6D:8D:94:52:B9:D6:66:D9
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS25198.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.22.126.0/24
82.24.81.0/24
Signature Algorithm: sha256WithRSAEncryption
9a:63:63:b1:d6:0f:c5:58:c8:50:0f:2a:9c:fa:28:f4:4a:8c:
b6:e2:3f:a3:fc:27:3f:60:c2:ed:d7:ef:48:5f:fe:9d:2c:af:
ab:8f:ac:51:19:2a:5e:56:c3:3f:2c:71:ad:f5:10:06:d0:74:
31:5a:91:b4:32:1c:99:f5:e4:83:f6:c7:a2:58:9a:b0:5c:52:
0d:0a:a0:60:e8:bb:d8:15:86:a7:30:c2:cf:49:1a:95:cb:2b:
ba:34:df:8c:44:ad:49:61:e9:4b:a3:ee:cc:66:e4:e0:5e:94:
2d:8e:6b:71:72:4d:2b:70:dc:6e:00:09:11:d3:5e:19:8f:f1:
db:f7:9c:cd:ec:5b:1e:67:f6:06:af:f5:f3:fe:62:bc:37:62:
70:39:55:32:14:17:d2:ab:72:1d:38:8c:88:45:be:8c:3c:23:
e7:94:17:6d:c6:56:71:0a:4a:36:91:3f:3b:08:0e:0b:15:37:
40:8a:24:67:76:d8:e9:88:ee:d4:0e:7b:89:5a:db:d0:a4:07:
85:1a:54:69:3b:1e:2a:15:32:3e:db:3a:c7:7e:71:94:a1:29:
df:27:4e:ac:7d:7e:a0:d9:fc:d6:f7:1f:7e:c5:65:43:87:58:
2a:de:06:1a:c2:11:c0:e0:4a:e2:8e:b5:69:28:b0:df:cf:f2:
a3:2e:20:a5
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgIUSEBFoCOgMJvys/nJtp1y3AzGviUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjAyMTcwNDI1MjZaFw0yNzAyMTYwNDMwMjZaMDMxMTAvBgNV
BAMTKEI0RDAwNjY0QzQwNEIwMTc0MjlEOTcwQzZEOEQ5NDUyQjlENjY2RDkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCgBcNXe32Sb28F7iGikHchv3Ih
SG0UahZwOpnT9RrFLS1xBY7tyCERrHp6D3Mqjj2bsCo1iAJ3KoY1JHz3zPqfKc7f
PXdTGhK9sDGQTxPnwuPaHPNciRJVnS5VgW/n68VmB2TBAZ9EsBxFtq5q12Fz2HWE
88tznnbZ+39sla6m4Uv03sRAN4PthxbhXIznqnDXi62J2Q845b0cWAGBZQngcyoL
+K+Ay6Mffi8rmYAtQaEPRUEXonNOi85xDExVXDxDZU2F4zzNw+mIdDqhD79w2LjX
0TWponnhhNplZaR+tYg85FbdOKkKqj/2kNTKVW0/eWHpFn8qTD0mixTBL+/LAgMB
AAGjggIPMIICCzAdBgNVHQ4EFgQUtNAGZMQEsBdCnZcMbY2UUrnWZtkwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMjUxOTgucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwDBABSFn4D
BABSGFEwDQYJKoZIhvcNAQELBQADggEBAJpjY7HWD8VYyFAPKpz6KPRKjLbiP6P8
Jz9gwu3X70hf/p0sr6uPrFEZKl5Wwz8sca31EAbQdDFakbQyHJn15IP2x6JYmrBc
Ug0KoGDou9gVhqcwws9JGpXLK7o034xErUlh6Uuj7sxm5OBelC2Oa3FyTStw3G4A
CRHTXhmP8dv3nM3sWx5n9gav9fP+Yrw3YnA5VTIUF9Krch04jIhFvow8I+eUF23G
VnEKSjaRPzsIDgsVN0CKJGd22OmI7tQOe4la29CkB4UaVGk7HioVMj7bOsd+cZSh
Kd8nTqx9fqDZ/Nb3H37FZUOHWCreBhrCEcDgSuKOtWkosN/P8qMuIKU=
-----END CERTIFICATE-----
Generated at Sun Mar 1 20:12:51 2026 by rpki-client