Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/AS199959.roa
File: AS199959.roa (raw, json)
Hash identifier: 2G/uyvdrYhq8ymn8kjcq9jGCG212tuniZ6mXdYNvmVo=
Subject key identifier: 62:2F:1E:95:86:9E:E6:BC:5E:37:91:14:05:4C:BD:D8:21:37:D7:D8
Certificate issuer: /CN=88c14ec02adbf083138eddd47871176ddeb93d9d
Certificate serial: 487E1C07044505EF945099622FB63193EF6FB7FC
Authority key identifier: 88:C1:4E:C0:2A:DB:F0:83:13:8E:DD:D4:78:71:17:6D:DE:B9:3D:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/AS199959.roa
Signing time: Tue 01 Jul 2025 14:26:35 +0000
ROA not before: Tue 01 Jul 2025 14:21:35 +0000
ROA not after: Tue 30 Jun 2026 14:26:35 +0000
asID: 199959
IP address blocks: 143.20.200.0/22 maxlen: 22
143.20.208.0/22 maxlen: 22
143.20.216.0/22 maxlen: 22
143.20.224.0/22 maxlen: 22
143.20.232.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.crl
rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.mft
rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 11:24:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
48:7e:1c:07:04:45:05:ef:94:50:99:62:2f:b6:31:93:ef:6f:b7:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88c14ec02adbf083138eddd47871176ddeb93d9d
Validity
Not Before: Jul 1 14:21:35 2025 GMT
Not After : Jun 30 14:26:35 2026 GMT
Subject: CN=622F1E95869EE6BC5E379114054CBDD82137D7D8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:0e:3e:86:3d:d5:67:59:16:a2:c0:ae:59:e2:
02:16:95:12:a9:f8:70:06:c1:1a:b7:2a:10:3c:56:
6c:e9:57:c5:23:20:17:74:61:48:b4:92:81:cb:5e:
80:60:9c:e6:3a:98:fe:75:97:7f:36:a1:84:9f:9e:
c3:eb:4c:a7:56:06:75:da:0f:f5:22:b0:b4:b0:b0:
ea:36:31:37:f2:c8:61:7f:77:33:df:40:d2:2f:8b:
42:a8:8a:fb:69:a6:c6:f8:cc:47:f2:86:64:4d:d2:
2a:a7:c3:5e:a5:48:63:3d:1a:a8:8c:75:18:bc:37:
6d:36:08:ec:8c:ea:0e:95:c1:d3:32:82:a9:a1:3c:
8b:29:6f:2e:45:f9:84:00:60:5d:6f:06:d5:99:c7:
cc:c3:7c:0b:7d:bd:78:30:a4:f9:19:ed:33:50:a1:
31:8b:f2:5f:79:de:69:82:8e:89:7e:d1:e4:72:03:
52:ae:dc:f2:aa:96:5f:5c:9a:12:fe:6f:6a:f4:61:
80:a5:ce:1e:07:66:f9:b3:5b:03:b9:de:a9:f6:76:
b4:6e:66:cf:99:05:03:bb:54:05:7b:d1:50:61:d3:
eb:65:11:e5:4b:5c:2b:ce:81:94:19:b7:24:d1:15:
18:99:b0:91:28:b3:fe:b4:f7:b0:70:14:64:e2:0f:
55:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:2F:1E:95:86:9E:E6:BC:5E:37:91:14:05:4C:BD:D8:21:37:D7:D8
X509v3 Authority Key Identifier:
keyid:88:C1:4E:C0:2A:DB:F0:83:13:8E:DD:D4:78:71:17:6D:DE:B9:3D:9D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/AS199959.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.20.200.0/22
143.20.208.0/22
143.20.216.0/22
143.20.224.0/22
143.20.232.0/22
Signature Algorithm: sha256WithRSAEncryption
5e:8d:35:e2:64:4b:91:73:b8:47:79:65:e3:6a:a2:9b:2c:55:
5e:47:3f:53:64:cd:b8:84:e7:88:2a:fd:21:8c:32:b9:98:d7:
e3:cb:1e:9f:97:d4:3b:b6:4c:7a:1d:e6:b8:aa:f8:fe:e4:45:
ec:12:f2:ed:6b:4a:06:2d:6d:96:12:bf:73:bb:9a:52:4c:0d:
13:3b:b3:ff:85:cd:80:95:f3:ea:63:79:13:fa:bd:85:d3:82:
af:24:d7:53:ad:43:d5:4c:f3:8a:f0:29:b9:16:ed:57:c7:5f:
b4:4d:44:a6:89:fb:8d:1b:41:35:01:52:c0:c4:56:08:73:57:
58:93:c0:7d:af:41:f1:1c:0d:14:e3:0c:38:c5:cf:86:d3:08:
11:77:99:bf:df:dc:eb:93:63:74:6d:63:f9:f0:a0:11:f6:4a:
52:ad:1c:a1:9b:3d:5a:44:88:97:27:61:eb:ef:22:be:8f:c0:
9c:7f:3b:79:dd:a0:82:d6:2a:d7:4a:1b:b5:b6:56:e9:5e:4c:
a7:43:fd:57:f1:57:7f:d7:f1:b6:2d:6f:ca:75:e1:09:1a:a8:
37:0a:10:ef:c7:d3:64:ae:67:02:dc:2d:ab:13:3d:df:7e:1d:
95:54:e2:99:79:b5:bc:2f:19:c8:ec:23:1c:cc:58:a4:fb:48:
55:c9:60:4d
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgIUSH4cBwRFBe+UUJliL7Yxk+9vt/wwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODhjMTRlYzAyYWRiZjA4MzEzOGVkZGQ0Nzg3MTE3NmRk
ZWI5M2Q5ZDAeFw0yNTA3MDExNDIxMzVaFw0yNjA2MzAxNDI2MzVaMDMxMTAvBgNV
BAMTKDYyMkYxRTk1ODY5RUU2QkM1RTM3OTExNDA1NENCREQ4MjEzN0Q3RDgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCiDj6GPdVnWRaiwK5Z4gIWlRKp
+HAGwRq3KhA8VmzpV8UjIBd0YUi0koHLXoBgnOY6mP51l382oYSfnsPrTKdWBnXa
D/UisLSwsOo2MTfyyGF/dzPfQNIvi0Koivtppsb4zEfyhmRN0iqnw16lSGM9GqiM
dRi8N202COyM6g6VwdMygqmhPIspby5F+YQAYF1vBtWZx8zDfAt9vXgwpPkZ7TNQ
oTGL8l953mmCjol+0eRyA1Ku3PKqll9cmhL+b2r0YYClzh4HZvmzWwO53qn2drRu
Zs+ZBQO7VAV70VBh0+tlEeVLXCvOgZQZtyTRFRiZsJEos/6097BwFGTiD1XTAgMB
AAGjggIiMIICHjAdBgNVHQ4EFgQUYi8elYae5rxeN5EUBUy92CE319gwHwYDVR0j
BBgwFoAUiMFOwCrb8IMTjt3UeHEXbd65PZ0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQwOWQ3YjItZWU2NC00OWYxLWFkODEtOGU0YTEwN2Q2
MmUwLzAvODhDMTRFQzAyQURCRjA4MzEzOEVEREQ0Nzg3MTE3NkRERUI5M0Q5RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2lNRk93Q3JiOElNVGp0M1VlSEVYYmQ2
NVBaMC5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0MDlkN2IyLWVlNjQt
NDlmMS1hZDgxLThlNGExMDdkNjJlMC8wL0FTMTk5OTU5LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCjxTI
AwQCjxTQAwQCjxTYAwQCjxTgAwQCjxToMA0GCSqGSIb3DQEBCwUAA4IBAQBejTXi
ZEuRc7hHeWXjaqKbLFVeRz9TZM24hOeIKv0hjDK5mNfjyx6fl9Q7tkx6Hea4qvj+
5EXsEvLta0oGLW2WEr9zu5pSTA0TO7P/hc2AlfPqY3kT+r2F04KvJNdTrUPVTPOK
8Cm5Fu1Xx1+0TUSmifuNG0E1AVLAxFYIc1dYk8B9r0HxHA0U4ww4xc+G0wgRd5m/
39zrk2N0bWP58KAR9kpSrRyhmz1aRIiXJ2Hr7yK+j8Ccfzt53aCC1irXShu1tlbp
XkynQ/1X8Vd/1/G2LW/KdeEJGqg3ChDvx9NkrmcC3C2rEz3ffh2VVOKZebW8LxnI
7CMczFik+0hVyWBN
-----END CERTIFICATE-----
Generated at Tue Jul 22 19:30:36 2025 by rpki-client