Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS63199.roa
File: AS63199.roa (raw, json)
Hash identifier: keN9Vevhwwfyhv05pR7gk74CTPcn6GHeygnJi2d9Ktc=
Subject key identifier: B5:43:77:56:A9:39:0F:31:EA:BC:9C:BD:37:F5:6E:73:2D:0C:03:EF
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 53C492C0D35ECDB0BD955EDA02374322E06EAE19
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS63199.roa
Signing time: Mon 02 Mar 2026 10:10:25 +0000
ROA not before: Mon 02 Mar 2026 10:05:25 +0000
ROA not after: Mon 01 Mar 2027 10:10:25 +0000
asID: 63199
IP address blocks: 82.21.169.0/24 maxlen: 24
82.23.143.0/24 maxlen: 24
82.26.129.0/24 maxlen: 24
82.29.48.0/24 maxlen: 24
82.29.103.0/24 maxlen: 24
82.39.102.0/24 maxlen: 24
82.39.103.0/24 maxlen: 24
82.39.170.0/24 maxlen: 24
82.40.36.0/24 maxlen: 24
82.40.62.0/24 maxlen: 24
82.41.0.0/24 maxlen: 24
82.41.19.0/24 maxlen: 24
82.41.56.0/24 maxlen: 24
178.83.145.0/24 maxlen: 24
178.83.147.0/24 maxlen: 24
178.83.149.0/24 maxlen: 24
178.83.151.0/24 maxlen: 24
178.83.153.0/24 maxlen: 24
178.83.155.0/24 maxlen: 24
178.83.157.0/24 maxlen: 24
178.83.160.0/24 maxlen: 24
178.83.162.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 05 Mar 2026 09:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
53:c4:92:c0:d3:5e:cd:b0:bd:95:5e:da:02:37:43:22:e0:6e:ae:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Mar 2 10:05:25 2026 GMT
Not After : Mar 1 10:10:25 2027 GMT
Subject: CN=B5437756A9390F31EABC9CBD37F56E732D0C03EF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:9e:4a:31:21:4d:59:85:9b:29:bc:80:aa:4f:
54:17:51:6e:23:e8:b5:3a:53:11:e8:37:3e:db:ac:
07:97:c7:e0:0b:dc:3d:9a:11:70:2a:6d:2a:b6:33:
6b:3a:cf:79:03:98:80:01:05:a6:3c:63:d6:0b:e1:
69:b4:df:7f:d0:40:c9:31:a0:1e:2c:fc:d8:5e:97:
73:93:b5:11:14:a8:bb:9a:6f:f2:b1:c8:c7:9f:09:
33:b3:ca:5d:b3:3e:77:06:45:e7:dc:4e:0e:ef:93:
b1:c6:74:37:28:fb:c1:84:fa:4d:32:37:63:90:dd:
c3:3b:84:25:cf:9b:4e:04:af:c9:38:62:56:39:3c:
57:46:cc:1a:61:9b:4d:fb:68:09:91:fc:9e:6d:78:
3a:4d:04:83:12:7c:ef:e7:b5:3c:c7:94:9a:73:3f:
b5:84:e3:3b:2a:a2:67:4d:1b:24:3e:18:70:22:aa:
e3:de:95:3a:45:e1:75:8d:bf:ce:c4:5e:34:d5:b0:
e1:da:f6:c1:2e:80:0b:cc:23:51:ad:73:bb:d4:ae:
10:5c:43:05:12:be:92:33:ec:be:1c:93:97:c4:b5:
4a:6c:17:7b:40:d7:37:7e:df:7f:8d:8b:00:c8:5c:
92:53:49:1f:d3:6d:18:63:7d:9a:fa:ad:7d:57:52:
ed:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:43:77:56:A9:39:0F:31:EA:BC:9C:BD:37:F5:6E:73:2D:0C:03:EF
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS63199.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.169.0/24
82.23.143.0/24
82.26.129.0/24
82.29.48.0/24
82.29.103.0/24
82.39.102.0/23
82.39.170.0/24
82.40.36.0/24
82.40.62.0/24
82.41.0.0/24
82.41.19.0/24
82.41.56.0/24
178.83.145.0/24
178.83.147.0/24
178.83.149.0/24
178.83.151.0/24
178.83.153.0/24
178.83.155.0/24
178.83.157.0/24
178.83.160.0/24
178.83.162.0/24
Signature Algorithm: sha256WithRSAEncryption
9c:c9:a4:51:73:20:24:3b:49:6b:67:a2:3e:2b:8d:bb:a7:bb:
0f:3a:b7:75:3e:3e:a7:80:df:25:35:0d:78:75:6b:80:d0:e2:
8a:0a:47:42:34:95:50:68:ed:06:8a:bd:48:d2:6c:fb:9a:e0:
b2:58:03:98:9d:de:71:b2:94:40:9e:a7:4a:97:fe:36:54:a6:
1c:2a:5a:9c:4f:a0:01:40:cc:20:4e:a4:d3:5b:85:67:c9:f0:
2f:b6:21:46:dc:f2:0d:35:b1:7d:75:b6:e2:5f:ed:6a:ae:b8:
db:ac:ff:d4:dc:36:0f:93:4c:32:79:f2:0e:7e:19:0f:b7:35:
80:d8:f0:15:f0:84:d1:ef:ff:7f:9b:13:c4:88:1a:6a:aa:2a:
59:4d:e1:ea:d2:79:f4:12:48:df:1c:1b:00:3a:fa:0a:3e:18:
82:ef:1a:2e:b7:7d:70:50:a1:20:bc:d6:f3:a7:e1:12:95:85:
d4:11:da:a8:32:29:2c:92:ec:0d:c3:e5:18:c2:45:cd:8f:ac:
31:25:01:b6:2c:74:b8:4e:c7:67:bd:e0:e0:76:42:02:f8:65:
da:52:bd:b8:f4:b4:58:8b:54:2b:3d:c0:30:b2:6e:9a:e5:c5:
cf:b8:ab:9d:e1:1c:cd:8d:1e:13:e7:d2:c1:95:50:13:4a:90:
d7:13:37:17
-----BEGIN CERTIFICATE-----
MIIFezCCBGOgAwIBAgIUU8SSwNNezbC9lV7aAjdDIuBurhkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjAzMDIxMDA1MjVaFw0yNzAzMDExMDEwMjVaMDMxMTAvBgNV
BAMTKEI1NDM3NzU2QTkzOTBGMzFFQUJDOUNCRDM3RjU2RTczMkQwQzAzRUYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCNnkoxIU1ZhZspvICqT1QXUW4j
6LU6UxHoNz7brAeXx+AL3D2aEXAqbSq2M2s6z3kDmIABBaY8Y9YL4Wm033/QQMkx
oB4s/Nhel3OTtREUqLuab/KxyMefCTOzyl2zPncGRefcTg7vk7HGdDco+8GE+k0y
N2OQ3cM7hCXPm04Er8k4YlY5PFdGzBphm037aAmR/J5teDpNBIMSfO/ntTzHlJpz
P7WE4zsqomdNGyQ+GHAiquPelTpF4XWNv87EXjTVsOHa9sEugAvMI1Gtc7vUrhBc
QwUSvpIz7L4ck5fEtUpsF3tA1zd+33+NiwDIXJJTSR/TbRhjfZr6rX1XUu2bAgMB
AAGjggKFMIICgTAdBgNVHQ4EFgQUtUN3Vqk5DzHqvJy9N/Vucy0MA+8wHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTNjMxOTkucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwgZoGCCsGAQUFBwEHAQH/BIGKMIGHMIGEBAIAATB+AwQA
UhWpAwQAUhePAwQAUhqBAwQAUh0wAwQAUh1nAwQBUidmAwQAUieqAwQAUigkAwQA
Uig+AwQAUikAAwQAUikTAwQAUik4AwQAslORAwQAslOTAwQAslOVAwQAslOXAwQA
slOZAwQAslObAwQAslOdAwQAslOgAwQAslOiMA0GCSqGSIb3DQEBCwUAA4IBAQCc
yaRRcyAkO0lrZ6I+K427p7sPOrd1Pj6ngN8lNQ14dWuA0OKKCkdCNJVQaO0Gir1I
0mz7muCyWAOYnd5xspRAnqdKl/42VKYcKlqcT6ABQMwgTqTTW4VnyfAvtiFG3PIN
NbF9dbbiX+1qrrjbrP/U3DYPk0wyefIOfhkPtzWA2PAV8ITR7/9/mxPEiBpqqipZ
TeHq0nn0EkjfHBsAOvoKPhiC7xout31wUKEgvNbzp+ESlYXUEdqoMikskuwNw+UY
wkXNj6wxJQG2LHS4TsdnveDgdkIC+GXaUr249LRYi1QrPcAwsm6a5cXPuKud4RzN
jR4T59LBlVATSpDXEzcX
-----END CERTIFICATE-----
Generated at Wed Mar 4 16:04:23 2026 by rpki-client