Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS198663.roa
File: AS198663.roa (raw, json)
Hash identifier: YjivbGuiN4G08WNaBoGpeGhPenspJpN9EicvLBloDTU=
Subject key identifier: 89:FB:40:E8:E0:9D:01:E2:2E:05:3D:80:85:58:C7:FB:18:0F:C9:93
Certificate issuer: /CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Certificate serial: 13111D457966D11925D304422D46A9307D161356
Authority key identifier: A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS198663.roa
Signing time: Fri 01 May 2026 15:31:38 +0000
ROA not before: Fri 01 May 2026 15:26:38 +0000
ROA not after: Fri 30 Apr 2027 15:31:38 +0000
asID: 198663
IP address blocks: 2a14:7580:eb00::/40 maxlen: 48
2a14:7581:9f80::/44 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft
rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 08:48:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
13:11:1d:45:79:66:d1:19:25:d3:04:42:2d:46:a9:30:7d:16:13:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Validity
Not Before: May 1 15:26:38 2026 GMT
Not After : Apr 30 15:31:38 2027 GMT
Subject: CN=89FB40E8E09D01E22E053D808558C7FB180FC993
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:b9:65:28:e2:55:43:45:2f:4b:0b:a9:a7:d9:
c6:9c:8b:b8:45:03:ca:8a:f7:7f:ca:5c:9d:9a:35:
a4:86:82:61:62:29:7c:91:e4:4f:de:6c:4c:1d:30:
a7:72:41:4d:a9:79:44:85:ab:f4:9e:e6:3c:b9:e7:
09:33:d4:90:f8:e5:b9:f9:0a:01:1e:b7:d5:cb:d7:
7d:33:a4:62:a5:8d:12:ab:9f:0c:3b:2c:6f:ad:ea:
a8:47:e0:3e:ad:ad:f1:ac:58:4e:71:a0:dd:a8:9f:
c5:16:78:1b:1c:46:5d:2f:d6:39:95:2d:4e:14:34:
a6:8f:26:ef:c1:33:b7:8c:54:c0:45:f6:55:02:bd:
16:10:69:ff:a6:fe:2c:03:a9:09:69:9c:93:21:59:
d2:2b:12:5a:4a:2b:5a:ba:8a:95:70:43:75:ed:1d:
74:02:76:55:80:4c:cd:83:38:44:55:3b:fb:76:10:
7b:22:6a:6b:eb:27:f3:a1:7d:61:e6:26:ec:7a:45:
cb:4f:d2:af:47:37:73:25:96:de:90:1c:5d:50:80:
50:00:61:a7:fb:eb:50:b5:6c:4a:09:ad:6c:41:fd:
f2:73:be:1b:4c:a4:ac:d8:38:ff:f7:d1:3f:11:f7:
3c:75:e8:61:e1:98:17:cf:e4:11:64:cb:61:86:67:
a7:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:FB:40:E8:E0:9D:01:E2:2E:05:3D:80:85:58:C7:FB:18:0F:C9:93
X509v3 Authority Key Identifier:
keyid:A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS198663.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:7580:eb00::/40
2a14:7581:9f80::/44
Signature Algorithm: sha256WithRSAEncryption
4f:64:26:16:4e:b4:d5:f6:95:0c:9f:cb:26:ad:0d:8f:df:52:
63:89:11:94:0c:c7:36:ef:a5:70:96:b5:ae:c5:cc:a2:7e:2c:
b1:bb:a7:db:11:09:e3:8f:b3:af:4e:f8:0e:9e:e8:d9:a2:5f:
53:92:3f:f2:fe:c9:7e:44:7f:39:bc:18:5a:65:36:ad:8d:cf:
22:4d:62:05:f3:c5:37:c2:30:96:00:dc:71:b1:8c:68:80:44:
91:72:ec:5d:1f:46:5d:81:bd:1b:d2:64:7f:0d:d4:62:93:ad:
7e:fb:4f:05:3b:22:58:32:f1:0e:4a:5c:da:9d:69:48:37:9e:
6d:61:b9:35:cd:23:c7:53:2d:bb:12:b4:61:fc:b8:ad:b1:86:
70:8c:97:91:25:0c:30:a2:64:1b:89:b2:50:e9:5d:a0:ad:b8:
53:29:48:5e:3f:7d:29:11:ae:f2:6f:06:e6:47:20:67:7d:a2:
16:69:ff:8f:4e:78:1e:48:5b:ea:78:91:94:6b:79:9d:bc:fd:
9f:30:57:43:4d:d4:3c:80:ba:dd:a2:47:d9:27:fe:e0:ab:e4:
94:e6:6f:14:f0:91:cd:34:a8:e9:64:2f:13:d4:8e:ae:48:5f:
7e:b4:31:8e:17:f1:cc:35:b9:cf:ef:e0:95:0b:ea:f8:fd:a5:
cd:88:24:0d
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgIUExEdRXlm0Rkl0wRCLUapMH0WE1YwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTgzZDQ4NjUyZjNiMmRmNzRmNmJmOWJhYThhOWMxNzRj
Y2ZkMzc3MjAeFw0yNjA1MDExNTI2MzhaFw0yNzA0MzAxNTMxMzhaMDMxMTAvBgNV
BAMTKDg5RkI0MEU4RTA5RDAxRTIyRTA1M0Q4MDg1NThDN0ZCMTgwRkM5OTMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCPuWUo4lVDRS9LC6mn2caci7hF
A8qK93/KXJ2aNaSGgmFiKXyR5E/ebEwdMKdyQU2peUSFq/Se5jy55wkz1JD45bn5
CgEet9XL130zpGKljRKrnww7LG+t6qhH4D6trfGsWE5xoN2on8UWeBscRl0v1jmV
LU4UNKaPJu/BM7eMVMBF9lUCvRYQaf+m/iwDqQlpnJMhWdIrElpKK1q6ipVwQ3Xt
HXQCdlWATM2DOERVO/t2EHsiamvrJ/OhfWHmJux6RctP0q9HN3Mllt6QHF1QgFAA
Yaf761C1bEoJrWxB/fJzvhtMpKzYOP/30T8R9zx16GHhmBfP5BFky2GGZ6chAgMB
AAGjggIVMIICETAdBgNVHQ4EFgQUiftA6OCdAeIuBT2AhVjH+xgPyZMwHwYDVR0j
BBgwFoAUqD1IZS87LfdPa/m6qKnBdMz9N3IwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODkyNzBmNmMtYTNmZS00Mjk5LWIwNzktMzA5ZWQ5N2Yz
ODI0LzAvQTgzRDQ4NjUyRjNCMkRGNzRGNkJGOUJBQThBOUMxNzRDQ0ZEMzc3Mi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FEMUlaUzg3TGZkUGFfbTZxS25CZE16
OU4zSS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5Lzg5MjcwZjZjLWEzZmUt
NDI5OS1iMDc5LTMwOWVkOTdmMzgyNC8wL0FTMTk4NjYzLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCoGCCsGAQUFBwEHAQH/BBswGTAXBAIAAjARAwYAKhR1
gOsDBwQqFHWBn4AwDQYJKoZIhvcNAQELBQADggEBAE9kJhZOtNX2lQyfyyatDY/f
UmOJEZQMxzbvpXCWta7FzKJ+LLG7p9sRCeOPs69O+A6e6NmiX1OSP/L+yX5Efzm8
GFplNq2NzyJNYgXzxTfCMJYA3HGxjGiARJFy7F0fRl2BvRvSZH8N1GKTrX77TwU7
Ilgy8Q5KXNqdaUg3nm1huTXNI8dTLbsStGH8uK2xhnCMl5ElDDCiZBuJslDpXaCt
uFMpSF4/fSkRrvJvBuZHIGd9ohZp/49OeB5IW+p4kZRreZ28/Z8wV0NN1DyAut2i
R9kn/uCr5JTmbxTwkc00qOlkLxPUjq5IX360MY4X8cw1uc/v4JUL6vj9pc2IJA0=
-----END CERTIFICATE-----
Generated at Tue May 12 22:05:57 2026 by rpki-client