Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS21859.roa
File: AS21859.roa (raw, json)
Hash identifier: z9hTIMKdbQIDXL7DwtGs7QCrGajp/iyeX74OWILkM1Q=
Subject key identifier: E0:E7:A7:56:C1:8D:CA:83:F6:8E:F4:36:13:C6:E2:50:E9:EF:75:EB
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 19A61B4BA3C1398EDA2583215063BA6BD75A33A3
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS21859.roa
Signing time: Wed 11 Jun 2025 02:46:29 +0000
ROA not before: Wed 11 Jun 2025 02:41:29 +0000
ROA not after: Wed 10 Jun 2026 02:46:29 +0000
asID: 21859
IP address blocks: 82.24.81.0/24 maxlen: 24
82.26.156.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
19:a6:1b:4b:a3:c1:39:8e:da:25:83:21:50:63:ba:6b:d7:5a:33:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Jun 11 02:41:29 2025 GMT
Not After : Jun 10 02:46:29 2026 GMT
Subject: CN=E0E7A756C18DCA83F68EF43613C6E250E9EF75EB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:97:21:28:84:33:e0:bb:a6:97:c9:20:a4:03:
19:62:04:f4:d4:b2:73:1a:f5:80:01:22:78:26:e5:
c2:b8:52:a7:3c:a4:10:d4:cc:2d:ff:b2:d0:17:4d:
2b:b9:fb:7c:6a:38:1c:9f:44:71:08:fb:2d:47:a2:
ed:b9:32:40:2b:cc:f8:5d:15:3f:d6:0e:af:e3:86:
b7:f3:8b:2b:4e:ac:cc:c5:58:7e:0e:aa:4c:e4:8a:
b2:77:0f:4e:76:6c:96:8b:b2:81:6b:51:c2:f2:a6:
1d:36:ac:e0:6f:78:a5:46:6e:52:7f:4a:c7:f7:dc:
61:8a:6e:48:7c:f7:f8:4b:52:3c:87:6d:70:43:d1:
bf:f6:7c:4c:33:7d:a1:9e:3b:35:9a:88:66:fd:d5:
3f:b8:44:20:14:9b:39:95:d0:1e:37:c1:b7:99:20:
4f:fb:e5:7d:5e:d0:84:3b:41:0c:75:e3:7a:0e:80:
53:1e:9a:9d:bb:02:c1:04:33:58:13:46:da:df:e9:
23:54:56:10:31:1f:8c:cf:bf:f6:ae:a9:ef:9b:66:
69:0c:fa:55:7b:82:f7:62:62:fc:21:3c:ce:ea:11:
5b:2a:be:2e:c9:0b:da:79:86:d4:75:03:9a:ed:a5:
a6:11:bd:45:18:b0:fc:fe:7f:ad:c3:4d:3e:29:36:
b2:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:E7:A7:56:C1:8D:CA:83:F6:8E:F4:36:13:C6:E2:50:E9:EF:75:EB
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS21859.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.24.81.0/24
82.26.156.0/24
Signature Algorithm: sha256WithRSAEncryption
4f:2e:2c:6f:d9:22:44:e4:9d:ae:96:1a:d7:0a:ce:eb:18:cf:
e8:fb:d2:d9:fc:6d:f0:80:ab:b2:19:6f:11:f8:96:1d:fb:03:
ed:3d:c2:40:36:53:59:af:fd:a3:b7:7e:fd:57:54:56:d4:8b:
e2:c5:2d:c8:5a:6b:2a:00:de:76:ce:9f:7b:58:b5:89:b4:da:
88:2c:7b:79:f4:17:59:3e:2c:d0:b5:06:a0:4a:8b:33:36:5b:
c0:d0:f6:9e:85:07:09:97:e6:04:51:1f:39:de:c2:87:a3:93:
a8:8e:a5:d3:70:23:53:d1:1e:92:bf:2b:f6:ca:99:d2:33:e6:
73:40:1b:3e:23:10:57:25:8e:e4:28:f6:ef:ff:7f:8f:bd:44:
93:95:40:00:93:79:20:c4:21:28:b5:04:42:78:31:4f:13:03:
b0:d3:86:08:f1:24:8f:f8:44:35:40:f0:1c:67:38:99:6a:e7:
5b:5b:9a:e5:e0:d2:7c:46:9a:dd:ad:08:f4:1f:97:2a:f3:1f:
b1:f6:00:8b:8b:8c:db:93:d8:31:91:a1:34:7a:1f:df:57:c1:
b5:71:21:31:c1:aa:81:d2:b2:95:fc:5d:56:bd:30:ae:c6:5e:
0e:8f:6d:37:6d:d9:3a:cd:99:b8:6a:90:b2:7f:1f:95:bd:35:
8a:c0:ee:11
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgIUGaYbS6PBOY7aJYMhUGO6a9daM6MwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTA2MTEwMjQxMjlaFw0yNjA2MTAwMjQ2MjlaMDMxMTAvBgNV
BAMTKEUwRTdBNzU2QzE4RENBODNGNjhFRjQzNjEzQzZFMjUwRTlFRjc1RUIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5lyEohDPgu6aXySCkAxliBPTU
snMa9YABIngm5cK4Uqc8pBDUzC3/stAXTSu5+3xqOByfRHEI+y1Hou25MkArzPhd
FT/WDq/jhrfziytOrMzFWH4OqkzkirJ3D052bJaLsoFrUcLyph02rOBveKVGblJ/
Ssf33GGKbkh89/hLUjyHbXBD0b/2fEwzfaGeOzWaiGb91T+4RCAUmzmV0B43wbeZ
IE/75X1e0IQ7QQx143oOgFMemp27AsEEM1gTRtrf6SNUVhAxH4zPv/auqe+bZmkM
+lV7gvdiYvwhPM7qEVsqvi7JC9p5htR1A5rtpaYRvUUYsPz+f63DTT4pNrL1AgMB
AAGjggIPMIICCzAdBgNVHQ4EFgQU4OenVsGNyoP2jvQ2E8biUOnvdeswHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMjE4NTkucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwDBABSGFED
BABSGpwwDQYJKoZIhvcNAQELBQADggEBAE8uLG/ZIkTkna6WGtcKzusYz+j70tn8
bfCAq7IZbxH4lh37A+09wkA2U1mv/aO3fv1XVFbUi+LFLchaayoA3nbOn3tYtYm0
2ogse3n0F1k+LNC1BqBKizM2W8DQ9p6FBwmX5gRRHznewoejk6iOpdNwI1PRHpK/
K/bKmdIz5nNAGz4jEFcljuQo9u//f4+9RJOVQACTeSDEISi1BEJ4MU8TA7DThgjx
JI/4RDVA8BxnOJlq51tbmuXg0nxGmt2tCPQflyrzH7H2AIuLjNuT2DGRoTR6H99X
wbVxITHBqoHSspX8XVa9MK7GXg6PbTdt2TrNmbhqkLJ/H5W9NYrA7hE=
-----END CERTIFICATE-----
Generated at Sat Jun 14 10:57:02 2025 by rpki-client