Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS63199.roa
File:                     AS63199.roa (raw, json)
Hash identifier:          pYSQi+tMJn6HEWjg+r3lGfaAhUHYXeFhammc7L+eBuA=
Subject key identifier:   30:5B:66:E2:CC:9E:20:55:52:91:08:14:0A:BE:62:25:D6:04:BD:73
Certificate issuer:       /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial:       18EAD0DEF219999BCE82DA86CD8DDD2593912F3C
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS63199.roa
Signing time:             Mon 06 Jul 2026 02:24:32 +0000
ROA not before:           Mon 06 Jul 2026 02:19:32 +0000
ROA not after:            Mon 05 Jul 2027 02:24:32 +0000
asID:                     63199
IP address blocks:        82.21.200.0/24 maxlen: 24
                          82.23.142.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Jul 2026 16:14:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            18:ea:d0:de:f2:19:99:9b:ce:82:da:86:cd:8d:dd:25:93:91:2f:3c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
        Validity
            Not Before: Jul  6 02:19:32 2026 GMT
            Not After : Jul  5 02:24:32 2027 GMT
        Subject: CN=305B66E2CC9E2055529108140ABE6225D604BD73
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:3c:e3:73:c5:ba:d5:81:23:e0:85:23:58:08:
                    b3:5c:6f:9a:c2:f3:e4:46:31:ba:aa:c0:c8:cc:69:
                    33:38:49:4a:2f:9f:47:b4:08:d4:0d:0d:85:31:6c:
                    f5:66:3f:f4:86:32:bb:e3:8c:02:fd:d2:8d:9c:38:
                    98:a7:90:55:28:bd:42:50:13:fe:1c:9a:d3:b2:d5:
                    ff:e1:5e:14:b4:c7:37:05:36:e1:6b:be:ab:5b:b3:
                    d9:2a:40:2b:b7:ca:a4:d8:cc:bf:5f:bc:d5:03:f4:
                    4e:a3:9b:8f:df:c6:b7:19:bb:40:d2:81:7b:98:7d:
                    99:7f:14:df:d0:6e:98:71:28:f8:25:e6:6a:e2:2b:
                    bf:c3:81:6c:4c:2b:f9:52:9f:05:97:1b:d3:31:6e:
                    7c:f5:a9:49:66:df:61:6f:65:12:df:8f:ba:79:4b:
                    e2:79:87:49:bb:b0:1a:3c:d5:1a:41:a6:0e:40:7b:
                    80:6a:51:78:05:84:6b:b8:0c:da:bd:1d:32:41:ac:
                    bb:4e:cc:4e:29:82:7b:0a:a8:ca:ea:58:d9:46:5d:
                    b2:88:c5:fd:2b:bc:04:99:1d:96:00:03:9e:42:82:
                    1b:43:29:5e:2c:19:d3:9b:fd:f9:66:84:e4:17:ee:
                    0a:f7:5c:78:4d:4d:ef:10:5b:21:c5:a5:ec:8e:3f:
                    94:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                30:5B:66:E2:CC:9E:20:55:52:91:08:14:0A:BE:62:25:D6:04:BD:73
            X509v3 Authority Key Identifier:
                keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS63199.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.21.200.0/24
                  82.23.142.0/24

    Signature Algorithm: sha256WithRSAEncryption
         35:01:5d:64:09:71:3d:f1:2d:7d:31:66:38:ee:56:18:e7:f5:
         44:5a:86:c2:13:c6:bf:ca:d8:16:70:3a:47:36:4a:5d:40:96:
         3e:db:13:84:23:a1:73:73:86:34:cb:1b:ba:89:67:7e:c7:cd:
         8a:5f:1a:b3:24:a1:8c:e2:26:36:4d:6b:23:5d:26:bc:d6:ef:
         c0:a6:12:0f:d3:cf:b9:a3:2a:88:1b:6a:88:5d:25:37:77:10:
         c7:d7:1f:b6:91:81:2a:02:d8:0f:8e:b7:b6:a7:62:94:e0:8b:
         f5:17:71:8f:20:28:6b:54:fd:73:06:6d:59:86:66:de:cd:d1:
         68:4b:8e:52:34:a0:20:dc:dd:4c:a5:cd:ce:bc:a1:52:3a:de:
         33:c4:bc:0b:0c:77:9b:10:91:f1:91:bc:4e:d7:10:6b:76:43:
         cb:00:f5:a4:10:fa:f5:4a:16:d8:95:f2:58:10:5b:ab:e2:96:
         eb:7a:a0:81:27:02:61:26:e0:06:78:0e:1b:bb:01:57:5b:04:
         c9:66:7c:13:bc:db:ae:72:b2:78:64:6e:c3:25:a2:48:67:f7:
         15:4e:16:75:4a:42:d9:42:11:04:76:42:51:4c:4b:29:97:0b:
         9e:c1:97:6d:4e:9e:76:b1:fa:61:21:37:30:06:76:67:70:80:
         81:5a:cf:f5
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgIUGOrQ3vIZmZvOgtqGzY3dJZORLzwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjA3MDYwMjE5MzJaFw0yNzA3MDUwMjI0MzJaMDMxMTAvBgNV
BAMTKDMwNUI2NkUyQ0M5RTIwNTU1MjkxMDgxNDBBQkU2MjI1RDYwNEJENzMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCxPONzxbrVgSPghSNYCLNcb5rC
8+RGMbqqwMjMaTM4SUovn0e0CNQNDYUxbPVmP/SGMrvjjAL90o2cOJinkFUovUJQ
E/4cmtOy1f/hXhS0xzcFNuFrvqtbs9kqQCu3yqTYzL9fvNUD9E6jm4/fxrcZu0DS
gXuYfZl/FN/QbphxKPgl5mriK7/DgWxMK/lSnwWXG9Mxbnz1qUlm32FvZRLfj7p5
S+J5h0m7sBo81RpBpg5Ae4BqUXgFhGu4DNq9HTJBrLtOzE4pgnsKqMrqWNlGXbKI
xf0rvASZHZYAA55CghtDKV4sGdOb/flmhOQX7gr3XHhNTe8QWyHFpeyOP5RNAgMB
AAGjggIPMIICCzAdBgNVHQ4EFgQUMFtm4syeIFVSkQgUCr5iJdYEvXMwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTNjMxOTkucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwDBABSFcgD
BABSF44wDQYJKoZIhvcNAQELBQADggEBADUBXWQJcT3xLX0xZjjuVhjn9URahsIT
xr/K2BZwOkc2Sl1Alj7bE4QjoXNzhjTLG7qJZ37HzYpfGrMkoYziJjZNayNdJrzW
78CmEg/Tz7mjKogbaohdJTd3EMfXH7aRgSoC2A+Ot7anYpTgi/UXcY8gKGtU/XMG
bVmGZt7N0WhLjlI0oCDc3Uylzc68oVI63jPEvAsMd5sQkfGRvE7XEGt2Q8sA9aQQ
+vVKFtiV8lgQW6vilut6oIEnAmEm4AZ4Dhu7AVdbBMlmfBO8265ysnhkbsMlokhn
9xVOFnVKQtlCEQR2QlFMSymXC57Bl21Onnax+mEhNzAGdmdwgIFaz/U=
-----END CERTIFICATE-----
Generated at Fri Jul 17 23:05:57 2026 by rpki-client