Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS25198.roa
File: AS25198.roa (raw, json)
Hash identifier: cwrSHGDxugfcRPZgDK4vLjoTqTfcz0T7Uw5jxjStMsc=
Subject key identifier: 48:FA:E3:6B:1E:CF:2B:D9:A5:B6:A7:02:20:43:5A:C2:8B:8E:26:12
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 6F7BB19D3881893E9B5C4824B063C5DEB31F5FDB
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS25198.roa
Signing time: Sat 04 Oct 2025 10:45:29 +0000
ROA not before: Sat 04 Oct 2025 10:40:29 +0000
ROA not after: Sat 03 Oct 2026 10:45:29 +0000
asID: 25198
IP address blocks: 82.21.75.0/24 maxlen: 24
82.22.126.0/24 maxlen: 24
82.22.205.0/24 maxlen: 24
82.24.81.0/24 maxlen: 24
82.24.144.0/24 maxlen: 24
82.26.202.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6f:7b:b1:9d:38:81:89:3e:9b:5c:48:24:b0:63:c5:de:b3:1f:5f:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Oct 4 10:40:29 2025 GMT
Not After : Oct 3 10:45:29 2026 GMT
Subject: CN=48FAE36B1ECF2BD9A5B6A70220435AC28B8E2612
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:c3:aa:28:56:ff:0f:6c:41:80:34:fb:d2:7f:
88:25:cc:34:25:27:b5:7e:91:95:8e:d8:b6:55:c7:
a4:56:9b:4a:a0:52:5b:20:2d:88:8f:c3:aa:29:ae:
a3:ac:2b:bb:91:67:b9:ef:85:82:db:73:98:e3:68:
d3:1c:fe:c7:57:31:90:6e:c9:95:29:ed:99:d4:5c:
ba:a5:88:a8:fe:8f:20:0c:bd:2c:47:04:14:5f:ac:
fa:32:40:65:5a:30:54:a2:d4:66:84:e6:0b:ac:67:
f0:7a:a7:76:d1:ff:29:70:ea:66:65:c2:4c:94:c2:
4e:6e:73:5c:96:21:0e:79:50:43:fc:46:1b:87:43:
c2:5b:cc:33:01:1c:17:15:83:48:26:9f:3a:c4:3b:
24:dd:32:a0:b7:ed:1b:91:55:88:f3:59:93:6f:d0:
a1:af:ea:ef:f6:70:f4:fc:85:c9:cf:0a:f1:50:40:
21:c6:f9:c0:78:be:c7:8e:23:30:ee:c3:20:64:1a:
6d:04:cb:62:a7:fa:57:09:cf:45:25:8e:44:c1:06:
e7:e7:df:bf:d4:85:9e:e2:26:a0:e6:53:79:51:7b:
d0:12:7e:05:3c:5c:e4:c7:95:e3:37:26:bc:da:c9:
a8:4e:4a:5a:36:80:0f:67:47:12:07:20:7b:8b:8b:
00:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:FA:E3:6B:1E:CF:2B:D9:A5:B6:A7:02:20:43:5A:C2:8B:8E:26:12
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS25198.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.75.0/24
82.22.126.0/24
82.22.205.0/24
82.24.81.0/24
82.24.144.0/24
82.26.202.0/24
Signature Algorithm: sha256WithRSAEncryption
11:90:e0:87:4c:a3:9f:12:39:89:25:8a:c5:13:55:f0:f5:79:
d3:ba:8f:68:d0:61:39:48:3b:70:17:30:6b:8b:a8:57:2e:c7:
74:58:eb:67:04:7b:3c:34:7f:ee:a3:19:69:59:a7:fa:d8:c3:
a9:37:db:e6:29:9e:2b:c2:a2:15:6b:b0:26:d4:78:5e:36:31:
0d:ac:58:73:19:b8:cd:7d:72:67:5c:09:94:59:3e:19:a8:0c:
6d:f3:b3:8f:ed:08:c7:6f:66:c4:04:e7:26:83:d9:b4:88:2f:
48:c1:d6:23:eb:7e:7c:74:bc:09:a6:e9:46:c3:bd:2a:57:e1:
9d:ca:61:8c:8f:02:82:ca:c3:ca:20:de:7c:32:22:18:7c:d2:
86:a3:9d:e7:32:21:e7:ba:46:f4:96:be:89:6d:2e:ee:b1:60:
34:b6:91:70:78:63:14:f6:11:79:e0:1d:3e:e4:d5:ab:8b:35:
b2:67:de:34:6c:79:89:e3:d3:af:fd:7a:fe:3a:8a:16:9f:b3:
7a:f8:b7:98:ec:9c:79:07:33:22:8f:58:eb:e5:b7:8a:d5:4d:
ac:c2:26:18:00:17:13:01:1d:50:6a:48:7e:df:7b:94:a2:0f:
36:0f:0e:53:1c:31:07:f8:65:b3:25:0c:de:6f:8c:11:65:cc:
f4:79:c9:fd
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgIUb3uxnTiBiT6bXEgksGPF3rMfX9swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTEwMDQxMDQwMjlaFw0yNjEwMDMxMDQ1MjlaMDMxMTAvBgNV
BAMTKDQ4RkFFMzZCMUVDRjJCRDlBNUI2QTcwMjIwNDM1QUMyOEI4RTI2MTIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDCw6ooVv8PbEGANPvSf4glzDQl
J7V+kZWO2LZVx6RWm0qgUlsgLYiPw6oprqOsK7uRZ7nvhYLbc5jjaNMc/sdXMZBu
yZUp7ZnUXLqliKj+jyAMvSxHBBRfrPoyQGVaMFSi1GaE5gusZ/B6p3bR/ylw6mZl
wkyUwk5uc1yWIQ55UEP8RhuHQ8JbzDMBHBcVg0gmnzrEOyTdMqC37RuRVYjzWZNv
0KGv6u/2cPT8hcnPCvFQQCHG+cB4vseOIzDuwyBkGm0Ey2Kn+lcJz0UljkTBBufn
37/UhZ7iJqDmU3lRe9ASfgU8XOTHleM3JrzayahOSlo2gA9nRxIHIHuLiwCVAgMB
AAGjggInMIICIzAdBgNVHQ4EFgQUSPrjax7PK9mltqcCIENawouOJhIwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMjUxOTgucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwPQYIKwYBBQUHAQcBAf8ELjAsMCoEAgABMCQDBABSFUsD
BABSFn4DBABSFs0DBABSGFEDBABSGJADBABSGsowDQYJKoZIhvcNAQELBQADggEB
ABGQ4IdMo58SOYklisUTVfD1edO6j2jQYTlIO3AXMGuLqFcux3RY62cEezw0f+6j
GWlZp/rYw6k32+YpnivCohVrsCbUeF42MQ2sWHMZuM19cmdcCZRZPhmoDG3zs4/t
CMdvZsQE5yaD2bSIL0jB1iPrfnx0vAmm6UbDvSpX4Z3KYYyPAoLKw8og3nwyIhh8
0oajnecyIee6RvSWvoltLu6xYDS2kXB4YxT2EXngHT7k1auLNbJn3jRseYnj06/9
ev46ihafs3r4t5jsnHkHMyKPWOvlt4rVTazCJhgAFxMBHVBqSH7fe5SiDzYPDlMc
MQf4ZbMlDN5vjBFlzPR5yf0=
-----END CERTIFICATE-----
Generated at Sun Oct 19 19:30:13 2025 by rpki-client