Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS198825.roa
File: AS198825.roa (raw, json)
Hash identifier: IyTDV2SRFS4Dq/e7w2AMooMYFWevNyWu4PvD42a9/WU=
Subject key identifier: 6A:9A:1A:01:F3:F7:F8:0A:50:3B:C3:72:63:54:F5:6F:51:B9:A6:B9
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 35707D6DD0B22F2C6E66817335C13591EA9BCAA3
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS198825.roa
Signing time: Wed 18 Mar 2026 11:51:35 +0000
ROA not before: Wed 18 Mar 2026 11:46:35 +0000
ROA not after: Wed 17 Mar 2027 11:51:35 +0000
asID: 198825
IP address blocks: 82.22.2.0/24 maxlen: 24
82.22.7.0/24 maxlen: 24
82.22.77.0/24 maxlen: 24
82.26.157.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 15:17:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
35:70:7d:6d:d0:b2:2f:2c:6e:66:81:73:35:c1:35:91:ea:9b:ca:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Mar 18 11:46:35 2026 GMT
Not After : Mar 17 11:51:35 2027 GMT
Subject: CN=6A9A1A01F3F7F80A503BC3726354F56F51B9A6B9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:fa:9d:9e:88:42:a8:fd:b0:70:56:0e:3d:02:
ae:35:32:69:b2:16:f5:e2:08:af:58:8e:c5:ca:81:
8f:f1:73:06:1a:3e:d5:ae:ea:46:d1:b0:6f:16:a8:
7c:94:d9:40:7b:86:5b:50:08:25:4e:1d:5d:83:a1:
67:80:9a:8e:ef:b5:bb:5a:8b:63:9d:27:85:ba:e4:
12:06:41:a4:16:82:f7:c4:c2:41:28:0d:e6:e0:31:
68:bf:0c:67:64:27:cb:f7:1c:ee:7e:3c:cb:d5:bf:
71:e2:f4:29:f9:87:c2:7d:a6:4b:a8:ef:4f:63:ea:
39:f8:7a:9b:1c:cf:16:e3:f7:8a:10:4d:33:6a:17:
7e:0c:b2:cf:c1:ab:ad:bb:d7:f1:7f:da:9a:e7:5f:
7d:69:51:01:5f:30:50:27:50:6a:b5:62:1f:d9:00:
0c:d8:ed:1c:e6:5c:4c:bd:fb:62:4f:e6:9f:a4:eb:
65:4c:53:f9:05:37:9e:65:c2:e7:08:02:50:6a:33:
c2:96:1e:f8:f8:37:15:c6:66:5d:df:db:0d:0e:c7:
ef:c0:1d:9e:da:6f:25:9e:1a:89:cd:d8:35:bc:56:
cd:8d:18:6c:e9:17:de:c0:3e:bd:43:05:7b:71:ef:
d4:49:4d:91:e1:60:79:85:a8:47:36:2d:b4:88:d7:
74:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:9A:1A:01:F3:F7:F8:0A:50:3B:C3:72:63:54:F5:6F:51:B9:A6:B9
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS198825.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.22.2.0/24
82.22.7.0/24
82.22.77.0/24
82.26.157.0/24
Signature Algorithm: sha256WithRSAEncryption
23:65:c3:19:d2:4d:f7:35:5e:f1:7d:f5:5f:e0:9e:6f:28:dc:
6f:89:ea:35:3d:ee:83:6f:e8:9a:18:5b:1b:58:5c:e6:a7:88:
36:88:f2:06:c6:2e:88:d6:b4:ca:2e:3a:75:f1:2e:4f:df:db:
3b:18:f5:ba:92:35:03:a9:2a:25:cb:11:e2:b3:14:5d:72:d3:
10:4c:94:ad:ea:15:e0:9b:f2:a7:86:8c:b3:12:83:70:bb:3a:
95:fd:26:bf:26:e1:c2:13:0f:89:63:a7:a7:20:f4:08:39:cb:
9a:de:30:07:85:6c:88:39:21:26:a1:ee:c1:56:30:a7:c5:19:
21:89:e2:6c:ab:c4:d1:82:18:17:69:84:2b:16:e1:80:b0:b3:
1c:4f:8b:dc:19:6f:96:71:2b:7c:d0:6a:6b:4c:63:13:09:39:
69:6f:be:52:10:75:32:62:3a:ea:28:cb:8e:14:b1:eb:52:d8:
61:3b:65:88:bf:ef:5b:20:7b:3e:d8:fd:6f:1e:3b:03:cd:19:
e8:7f:66:da:48:09:7d:57:dc:ab:79:00:8e:73:3e:3c:89:d9:
f6:0a:a4:21:b4:f1:ca:80:34:30:9b:ef:6a:a7:e0:c1:74:1f:
e4:a2:23:3c:35:5d:c7:7d:71:cd:e6:f3:89:56:65:1a:e7:a1:
0a:70:c6:61
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgIUNXB9bdCyLyxuZoFzNcE1keqbyqMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjAzMTgxMTQ2MzVaFw0yNzAzMTcxMTUxMzVaMDMxMTAvBgNV
BAMTKDZBOUExQTAxRjNGN0Y4MEE1MDNCQzM3MjYzNTRGNTZGNTFCOUE2QjkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDB+p2eiEKo/bBwVg49Aq41Mmmy
FvXiCK9YjsXKgY/xcwYaPtWu6kbRsG8WqHyU2UB7hltQCCVOHV2DoWeAmo7vtbta
i2OdJ4W65BIGQaQWgvfEwkEoDebgMWi/DGdkJ8v3HO5+PMvVv3Hi9Cn5h8J9pkuo
709j6jn4epsczxbj94oQTTNqF34Mss/Bq6271/F/2prnX31pUQFfMFAnUGq1Yh/Z
AAzY7RzmXEy9+2JP5p+k62VMU/kFN55lwucIAlBqM8KWHvj4NxXGZl3f2w0Ox+/A
HZ7abyWeGonN2DW8Vs2NGGzpF97APr1DBXtx79RJTZHhYHmFqEc2LbSI13RrAgMB
AAGjggIcMIICGDAdBgNVHQ4EFgQUapoaAfP3+ApQO8NyY1T1b1G5prkwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMTk4ODI1LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAUhYC
AwQAUhYHAwQAUhZNAwQAUhqdMA0GCSqGSIb3DQEBCwUAA4IBAQAjZcMZ0k33NV7x
ffVf4J5vKNxvieo1Pe6Db+iaGFsbWFzmp4g2iPIGxi6I1rTKLjp18S5P39s7GPW6
kjUDqSolyxHisxRdctMQTJSt6hXgm/KnhoyzEoNwuzqV/Sa/JuHCEw+JY6enIPQI
Ocua3jAHhWyIOSEmoe7BVjCnxRkhieJsq8TRghgXaYQrFuGAsLMcT4vcGW+WcSt8
0GprTGMTCTlpb75SEHUyYjrqKMuOFLHrUthhO2WIv+9bIHs+2P1vHjsDzRnof2ba
SAl9V9yreQCOcz48idn2CqQhtPHKgDQwm+9qp+DBdB/koiM8NV3HfXHN5vOJVmUa
56EKcMZh
-----END CERTIFICATE-----
Generated at Thu Mar 26 01:29:07 2026 by rpki-client