Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS63199.roa
File: AS63199.roa (raw, json)
Hash identifier: luA/OUAaHLHiaVRzrHiE76IXSDFJc+W7fuxuiRG7Syo=
Subject key identifier: 5B:9C:75:8F:76:1B:71:98:AD:C5:A4:BA:7E:41:D2:14:FB:65:D3:8B
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 7A1D3F2083836E3D223D78F7FC04F14151965CF2
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS63199.roa
Signing time: Mon 23 Mar 2026 06:29:47 +0000
ROA not before: Mon 23 Mar 2026 06:24:47 +0000
ROA not after: Mon 22 Mar 2027 06:29:47 +0000
asID: 63199
IP address blocks: 96.62.101.0/24 maxlen: 24
96.62.115.0/24 maxlen: 24
140.150.239.0/24 maxlen: 24
140.233.187.0/24 maxlen: 24
146.103.22.0/24 maxlen: 24
146.103.35.0/24 maxlen: 24
147.79.7.0/24 maxlen: 24
147.79.17.0/24 maxlen: 24
148.135.199.0/24 maxlen: 24
148.135.203.0/24 maxlen: 24
150.241.131.0/24 maxlen: 24
150.241.141.0/24 maxlen: 24
155.117.4.0/24 maxlen: 24
155.117.6.0/24 maxlen: 24
167.148.136.0/24 maxlen: 24
168.222.10.0/24 maxlen: 24
168.222.17.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Mar 2026 00:55:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7a:1d:3f:20:83:83:6e:3d:22:3d:78:f7:fc:04:f1:41:51:96:5c:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Mar 23 06:24:47 2026 GMT
Not After : Mar 22 06:29:47 2027 GMT
Subject: CN=5B9C758F761B7198ADC5A4BA7E41D214FB65D38B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:0d:ff:3e:dc:76:24:46:2d:2b:6e:ec:06:67:
ce:08:05:b7:aa:33:44:12:81:62:72:c8:79:1f:0e:
e0:24:a8:b2:07:40:1a:7c:67:fb:1f:a8:e6:af:2f:
8c:51:30:96:65:29:70:3c:b9:e1:5d:dc:a3:d6:6f:
74:a1:80:20:82:4a:9c:64:e0:89:bd:12:ba:3d:9b:
b0:82:b1:ec:fd:76:03:e9:01:f9:e1:2c:68:b2:c2:
3d:ad:24:a9:b5:ca:93:3b:28:06:c2:d3:11:23:75:
a5:e9:43:14:ac:23:b2:8e:9e:19:55:95:f3:9b:24:
ef:d4:5d:77:8c:a0:78:a8:8d:85:f0:99:c1:c9:8c:
f0:0b:3f:1f:b8:e8:0e:fc:45:58:d3:0b:c8:f9:84:
95:fe:cd:b1:53:54:8a:af:c3:6f:30:6a:cd:ff:e8:
65:53:54:2d:aa:ab:17:9b:4b:70:05:6b:6d:7c:34:
98:6f:4b:02:7e:18:a5:62:2a:85:8c:eb:33:3c:27:
db:c0:60:f4:f5:4d:67:da:bd:a1:d3:bf:e4:84:a4:
aa:38:67:4c:d5:cd:7c:3d:e3:f6:9d:cf:6f:a3:2f:
fb:5e:58:57:16:cb:dc:ae:8e:48:3f:80:b8:09:61:
4c:6a:66:bd:58:64:f1:70:5a:db:d9:9e:81:3f:b7:
82:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:9C:75:8F:76:1B:71:98:AD:C5:A4:BA:7E:41:D2:14:FB:65:D3:8B
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS63199.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
96.62.101.0/24
96.62.115.0/24
140.150.239.0/24
140.233.187.0/24
146.103.22.0/24
146.103.35.0/24
147.79.7.0/24
147.79.17.0/24
148.135.199.0/24
148.135.203.0/24
150.241.131.0/24
150.241.141.0/24
155.117.4.0/24
155.117.6.0/24
167.148.136.0/24
168.222.10.0/24
168.222.17.0/24
Signature Algorithm: sha256WithRSAEncryption
8a:14:14:bc:c2:b2:ce:28:b8:93:2a:72:04:3b:06:d1:fc:58:
7e:2c:88:af:7c:e9:62:fa:25:a2:f6:28:f9:e1:c7:46:be:35:
57:82:a5:c8:a9:61:64:36:ec:87:77:b4:66:9a:fc:ff:86:0b:
c3:56:bb:a2:49:38:64:fa:82:61:74:9c:50:03:6b:4c:4c:05:
af:41:54:d8:88:1f:78:c9:e2:a3:65:c7:b6:84:b2:e9:ef:4e:
51:85:2d:52:d8:e6:6f:b8:96:68:ec:df:af:ef:b6:c5:f3:39:
5b:b1:0c:88:94:47:2a:b4:45:51:72:03:76:3a:e4:ab:14:f9:
99:63:3c:da:eb:60:15:47:bc:6a:3b:5b:81:da:7c:ed:ad:ea:
95:25:94:ee:0a:b5:27:1c:a8:41:be:a2:c1:5e:78:f8:97:8e:
e5:0d:85:39:d6:ab:36:c3:e3:05:1c:06:8d:f8:b7:93:cf:19:
7d:58:62:2c:f1:d4:53:45:07:85:39:05:59:ef:36:34:cf:1a:
f6:f7:5a:55:f6:d5:61:1d:07:c0:3f:4e:20:dd:f6:86:95:c4:
e4:22:ae:55:14:15:28:54:e8:a5:ae:0c:47:13:e6:29:f2:73:
0d:67:f1:68:14:b2:31:0d:98:14:71:9b:6c:d5:46:ba:41:a6:
a2:7e:72:22
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgIUeh0/IIODbj0iPXj3/ATxQVGWXPIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNjAzMjMwNjI0NDdaFw0yNzAzMjIwNjI5NDdaMDMxMTAvBgNV
BAMTKDVCOUM3NThGNzYxQjcxOThBREM1QTRCQTdFNDFEMjE0RkI2NUQzOEIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDdDf8+3HYkRi0rbuwGZ84IBbeq
M0QSgWJyyHkfDuAkqLIHQBp8Z/sfqOavL4xRMJZlKXA8ueFd3KPWb3ShgCCCSpxk
4Im9Ero9m7CCsez9dgPpAfnhLGiywj2tJKm1ypM7KAbC0xEjdaXpQxSsI7KOnhlV
lfObJO/UXXeMoHiojYXwmcHJjPALPx+46A78RVjTC8j5hJX+zbFTVIqvw28was3/
6GVTVC2qqxebS3AFa218NJhvSwJ+GKViKoWM6zM8J9vAYPT1TWfavaHTv+SEpKo4
Z0zVzXw94/adz2+jL/teWFcWy9yujkg/gLgJYUxqZr1YZPFwWtvZnoE/t4IlAgMB
AAGjggJpMIICZTAdBgNVHQ4EFgQUW5x1j3YbcZitxaS6fkHSFPtl04swHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTNjMxOTkucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwfwYIKwYBBQUHAQcBAf8EcDBuMGwEAgABMGYDBABgPmUD
BABgPnMDBACMlu8DBACM6bsDBACSZxYDBACSZyMDBACTTwcDBACTTxEDBACUh8cD
BACUh8sDBACW8YMDBACW8Y0DBACbdQQDBACbdQYDBACnlIgDBACo3goDBACo3hEw
DQYJKoZIhvcNAQELBQADggEBAIoUFLzCss4ouJMqcgQ7BtH8WH4siK986WL6JaL2
KPnhx0a+NVeCpcipYWQ27Id3tGaa/P+GC8NWu6JJOGT6gmF0nFADa0xMBa9BVNiI
H3jJ4qNlx7aEsunvTlGFLVLY5m+4lmjs36/vtsXzOVuxDIiURyq0RVFyA3Y65KsU
+ZljPNrrYBVHvGo7W4HafO2t6pUllO4KtSccqEG+osFeePiXjuUNhTnWqzbD4wUc
Bo34t5PPGX1YYizx1FNFB4U5BVnvNjTPGvb3WlX21WEdB8A/TiDd9oaVxOQirlUU
FShU6KWuDEcT5inycw1n8WgUsjENmBRxm2zVRrpBpqJ+ciI=
-----END CERTIFICATE-----
Generated at Sat Mar 28 10:27:28 2026 by rpki-client