Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS198100.roa
File: AS198100.roa (raw, json)
Hash identifier: olmrxXkUlrpHjhlcvrsQcq8yFJRY3HHcB68Wkg+Uwvs=
Subject key identifier: 2D:C9:ED:D2:5E:1D:22:51:2E:8E:D6:7F:F0:C3:79:AA:33:68:9D:8E
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 7D7B8029A485F0DEB7693550B1F1C942C1BFE5D1
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS198100.roa
Signing time: Sat 20 Sep 2025 09:40:42 +0000
ROA not before: Sat 20 Sep 2025 09:35:42 +0000
ROA not after: Sat 19 Sep 2026 09:40:42 +0000
asID: 198100
IP address blocks: 82.27.11.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7d:7b:80:29:a4:85:f0:de:b7:69:35:50:b1:f1:c9:42:c1:bf:e5:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Sep 20 09:35:42 2025 GMT
Not After : Sep 19 09:40:42 2026 GMT
Subject: CN=2DC9EDD25E1D22512E8ED67FF0C379AA33689D8E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:e6:04:4d:00:05:48:0c:26:ff:01:40:ac:20:
fb:99:a1:f8:9a:8d:5f:88:99:e3:d0:96:a5:ae:f3:
c1:4c:9c:01:d6:60:b1:21:98:60:9c:3a:48:42:19:
17:d9:cf:16:21:ef:36:cd:f0:99:e2:34:8d:71:e4:
37:6d:fb:38:9f:6c:d6:8d:1e:a1:cd:2a:29:6b:66:
b1:96:e9:68:4b:e3:db:52:79:2f:2d:03:71:db:82:
e6:b2:f6:2a:18:c3:a5:57:75:ae:8d:40:91:f2:da:
0a:85:10:3f:0e:4a:af:f7:14:3a:0e:4f:64:d7:82:
b7:87:7e:e0:48:dc:5b:fe:41:8a:cf:f1:45:6d:96:
e4:56:70:5b:a5:55:ed:04:91:dd:f3:3c:27:7f:5b:
81:c4:6c:97:45:9c:2c:a7:8d:4d:f2:4f:0c:85:c3:
44:37:97:7d:79:50:54:4f:cf:c8:e3:b9:7a:ae:98:
28:07:c8:ee:7a:07:d7:d7:29:ea:50:ef:f9:1a:61:
59:ca:56:f3:32:e0:17:01:62:0c:0b:ea:24:88:0b:
ad:df:96:ab:41:72:d5:ff:41:2d:15:16:e1:67:e9:
8a:c7:21:e6:27:cd:66:94:44:3f:82:4a:6c:51:d3:
b0:63:98:3b:e1:e7:45:e1:68:3e:a3:f4:b3:55:d5:
4b:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:C9:ED:D2:5E:1D:22:51:2E:8E:D6:7F:F0:C3:79:AA:33:68:9D:8E
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS198100.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.27.11.0/24
Signature Algorithm: sha256WithRSAEncryption
5d:41:88:27:2b:a8:d3:61:a8:84:40:2d:1f:fb:02:26:ea:41:
e8:90:ae:72:7a:19:65:1f:31:5d:b8:26:ef:c1:94:bb:34:e3:
77:16:b7:7c:3d:cb:13:b8:ee:20:69:a3:db:b4:53:ff:af:7a:
c3:d7:95:c4:cb:cb:c9:d4:da:2c:63:56:32:bc:fe:7c:88:60:
b5:bb:b7:ad:52:de:62:73:f9:3a:1c:dd:d2:55:b7:e1:d5:39:
02:61:f3:ff:47:53:fc:19:a6:53:5f:fd:86:eb:dc:a9:16:b7:
47:b1:66:bb:01:33:c0:8d:a0:af:21:cc:cf:67:dc:d7:1d:49:
fd:5d:54:13:94:4e:39:74:82:b1:85:69:c3:a9:fe:f5:ce:8e:
b9:78:86:2b:58:10:8e:8b:98:10:2e:a0:dd:2c:b2:44:14:16:
90:0b:95:5d:20:9c:03:84:0c:af:92:06:29:d0:5a:40:5f:30:
a9:df:1b:b6:85:33:d3:5d:a4:5e:94:23:ad:b5:66:ad:d6:04:
de:87:8e:64:dc:bf:11:82:56:d9:62:c0:97:2b:11:f1:2d:4c:
8f:89:7a:88:ee:32:0e:c3:eb:f5:76:8b:8c:d2:13:a8:80:05:
ee:26:5d:eb:3c:a8:c4:bf:43:2d:80:9b:97:ca:70:df:93:bd:
74:35:d3:fa
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIUfXuAKaSF8N63aTVQsfHJQsG/5dEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTA5MjAwOTM1NDJaFw0yNjA5MTkwOTQwNDJaMDMxMTAvBgNV
BAMTKDJEQzlFREQyNUUxRDIyNTEyRThFRDY3RkYwQzM3OUFBMzM2ODlEOEUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDS5gRNAAVIDCb/AUCsIPuZofia
jV+ImePQlqWu88FMnAHWYLEhmGCcOkhCGRfZzxYh7zbN8JniNI1x5Ddt+zifbNaN
HqHNKilrZrGW6WhL49tSeS8tA3Hbguay9ioYw6VXda6NQJHy2gqFED8OSq/3FDoO
T2TXgreHfuBI3Fv+QYrP8UVtluRWcFulVe0Ekd3zPCd/W4HEbJdFnCynjU3yTwyF
w0Q3l315UFRPz8jjuXqumCgHyO56B9fXKepQ7/kaYVnKVvMy4BcBYgwL6iSIC63f
lqtBctX/QS0VFuFn6YrHIeYnzWaURD+CSmxR07BjmDvh50XhaD6j9LNV1UtzAgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQULcnt0l4dIlEujtZ/8MN5qjNonY4wHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMTk4MTAwLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUhsL
MA0GCSqGSIb3DQEBCwUAA4IBAQBdQYgnK6jTYaiEQC0f+wIm6kHokK5yehllHzFd
uCbvwZS7NON3Frd8PcsTuO4gaaPbtFP/r3rD15XEy8vJ1NosY1YyvP58iGC1u7et
Ut5ic/k6HN3SVbfh1TkCYfP/R1P8GaZTX/2G69ypFrdHsWa7ATPAjaCvIczPZ9zX
HUn9XVQTlE45dIKxhWnDqf71zo65eIYrWBCOi5gQLqDdLLJEFBaQC5VdIJwDhAyv
kgYp0FpAXzCp3xu2hTPTXaRelCOttWat1gTeh45k3L8RglbZYsCXKxHxLUyPiXqI
7jIOw+v1douM0hOogAXuJl3rPKjEv0MtgJuXynDfk710NdP6
-----END CERTIFICATE-----
Generated at Sun Oct 19 19:27:42 2025 by rpki-client