Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS59711.roa
File: AS59711.roa (raw, json)
Hash identifier: ZT1DAdJKBHbcvD24EFF8PQIve4FmsXfJA1UcZHljMYw=
Subject key identifier: B9:C4:26:08:2D:63:85:C7:7F:32:C9:49:6D:94:78:91:96:95:5D:94
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 754DC060307FAFC907198579E77F8FBD672D0591
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS59711.roa
Signing time: Fri 27 Mar 2026 11:58:51 +0000
ROA not before: Fri 27 Mar 2026 11:53:51 +0000
ROA not after: Fri 26 Mar 2027 11:58:51 +0000
asID: 59711
IP address blocks: 82.21.210.0/24 maxlen: 24
82.21.213.0/24 maxlen: 24
82.21.216.0/24 maxlen: 24
82.21.255.0/24 maxlen: 24
82.22.208.0/24 maxlen: 24
82.22.250.0/24 maxlen: 24
82.22.255.0/24 maxlen: 24
82.23.205.0/24 maxlen: 24
82.23.223.0/24 maxlen: 24
82.23.245.0/24 maxlen: 24
82.24.216.0/24 maxlen: 24
82.24.255.0/24 maxlen: 24
82.25.209.0/24 maxlen: 24
82.25.220.0/24 maxlen: 24
82.25.229.0/24 maxlen: 24
82.25.233.0/24 maxlen: 24
82.25.255.0/24 maxlen: 24
82.26.210.0/24 maxlen: 24
82.27.88.0/24 maxlen: 24
82.27.89.0/24 maxlen: 24
82.27.107.0/24 maxlen: 24
82.27.109.0/24 maxlen: 24
82.27.229.0/24 maxlen: 24
82.29.210.0/24 maxlen: 24
82.29.255.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 22:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
75:4d:c0:60:30:7f:af:c9:07:19:85:79:e7:7f:8f:bd:67:2d:05:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Mar 27 11:53:51 2026 GMT
Not After : Mar 26 11:58:51 2027 GMT
Subject: CN=B9C426082D6385C77F32C9496D94789196955D94
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:d1:10:b6:ea:b3:b0:46:53:0b:e5:68:89:c0:
5f:75:ca:ad:e9:aa:d7:61:e6:70:df:12:a1:02:84:
2f:76:60:46:9d:ea:be:be:d5:34:32:a9:96:bb:11:
d0:ae:51:dc:cc:76:d2:53:9b:2f:2f:38:8f:28:74:
63:2f:af:d2:97:86:50:93:24:69:0a:34:60:89:b0:
fe:99:aa:b7:39:a8:e3:d1:58:55:49:5b:fa:e7:f4:
40:47:88:8e:34:e1:c6:ef:0e:b3:40:7b:6d:60:f3:
84:8c:74:5a:0f:6d:ea:78:62:6b:32:65:97:2b:1f:
be:a8:39:1c:ab:f5:99:84:32:73:bd:b1:b3:23:ef:
3e:08:23:b9:04:79:85:bf:67:41:d1:9e:a6:1b:0c:
db:c6:b0:02:92:9f:0e:88:ac:e8:98:4b:1e:6b:e2:
95:88:19:78:a8:58:e0:c4:98:35:17:b8:68:0a:a7:
a1:e0:7d:d3:b3:4e:92:fb:0d:cf:d3:65:8a:95:d2:
10:03:1a:51:7b:f4:d7:24:1e:6d:9f:b2:ed:f3:70:
ac:7e:8d:dd:67:fb:d1:3f:f2:40:3f:15:ff:f9:76:
9b:a1:e9:65:59:03:af:70:d6:db:f9:31:e1:50:a4:
0c:72:51:5d:28:6d:56:ce:3e:dc:fa:3a:73:f2:f4:
6d:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:C4:26:08:2D:63:85:C7:7F:32:C9:49:6D:94:78:91:96:95:5D:94
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS59711.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.210.0/24
82.21.213.0/24
82.21.216.0/24
82.21.255.0/24
82.22.208.0/24
82.22.250.0/24
82.22.255.0/24
82.23.205.0/24
82.23.223.0/24
82.23.245.0/24
82.24.216.0/24
82.24.255.0/24
82.25.209.0/24
82.25.220.0/24
82.25.229.0/24
82.25.233.0/24
82.25.255.0/24
82.26.210.0/24
82.27.88.0/23
82.27.107.0/24
82.27.109.0/24
82.27.229.0/24
82.29.210.0/24
82.29.255.0/24
Signature Algorithm: sha256WithRSAEncryption
9b:d3:f4:79:17:91:53:e2:99:06:4f:05:68:42:74:86:d0:f9:
9b:d5:dd:14:d1:4d:67:e3:4d:92:43:3b:86:a1:e9:9e:39:07:
8e:5e:55:02:bc:1d:87:e7:6e:2a:49:da:ee:cb:71:c9:31:8b:
eb:67:ec:71:41:a0:c7:8e:b7:33:9f:bd:ba:8a:d6:c2:6d:a4:
51:e9:46:f9:f3:29:42:e1:69:3c:5a:f9:6f:5c:48:6b:92:c0:
f0:88:a5:c2:1f:58:25:71:fa:28:f5:01:ff:b7:96:04:9a:d1:
5a:3a:3f:d4:cb:79:b2:fd:36:18:97:d6:e2:b8:3c:92:80:c4:
23:3f:dd:5a:2a:af:75:7a:6a:92:65:19:ed:3c:66:6e:79:1d:
c0:d0:29:e2:bd:c1:af:ef:27:f0:02:5b:51:56:6f:a6:a4:fd:
ac:6f:cb:be:25:e8:83:7c:cb:9b:b0:25:0e:db:2b:18:4d:cc:
3e:8b:0d:4d:89:6d:3f:df:78:10:f5:b0:96:00:d6:2b:92:be:
f6:c7:f8:32:ee:08:ff:c0:85:ae:e6:63:c4:6f:86:db:cd:6b:
79:0d:79:1d:1a:f2:27:12:98:2b:48:a0:e9:bc:04:d2:e1:aa:
f9:76:60:ec:50:f2:23:30:27:c5:b9:9a:ba:41:79:a3:4f:91:
51:19:2c:bc
-----BEGIN CERTIFICATE-----
MIIFjjCCBHagAwIBAgIUdU3AYDB/r8kHGYV553+PvWctBZEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjAzMjcxMTUzNTFaFw0yNzAzMjYxMTU4NTFaMDMxMTAvBgNV
BAMTKEI5QzQyNjA4MkQ2Mzg1Qzc3RjMyQzk0OTZEOTQ3ODkxOTY5NTVEOTQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDL0RC26rOwRlML5WiJwF91yq3p
qtdh5nDfEqEChC92YEad6r6+1TQyqZa7EdCuUdzMdtJTmy8vOI8odGMvr9KXhlCT
JGkKNGCJsP6Zqrc5qOPRWFVJW/rn9EBHiI404cbvDrNAe21g84SMdFoPbep4Ymsy
ZZcrH76oORyr9ZmEMnO9sbMj7z4II7kEeYW/Z0HRnqYbDNvGsAKSnw6IrOiYSx5r
4pWIGXioWODEmDUXuGgKp6HgfdOzTpL7Dc/TZYqV0hADGlF79NckHm2fsu3zcKx+
jd1n+9E/8kA/Ff/5dpuh6WVZA69w1tv5MeFQpAxyUV0obVbOPtz6OnPy9G1RAgMB
AAGjggKYMIIClDAdBgNVHQ4EFgQUucQmCC1jhcd/MslJbZR4kZaVXZQwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTNTk3MTEucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwga0GCCsGAQUFBwEHAQH/BIGdMIGaMIGXBAIAATCBkAME
AFIV0gMEAFIV1QMEAFIV2AMEAFIV/wMEAFIW0AMEAFIW+gMEAFIW/wMEAFIXzQME
AFIX3wMEAFIX9QMEAFIY2AMEAFIY/wMEAFIZ0QMEAFIZ3AMEAFIZ5QMEAFIZ6QME
AFIZ/wMEAFIa0gMEAVIbWAMEAFIbawMEAFIbbQMEAFIb5QMEAFId0gMEAFId/zAN
BgkqhkiG9w0BAQsFAAOCAQEAm9P0eReRU+KZBk8FaEJ0htD5m9XdFNFNZ+NNkkM7
hqHpnjkHjl5VArwdh+duKkna7stxyTGL62fscUGgx463M5+9uorWwm2kUelG+fMp
QuFpPFr5b1xIa5LA8Iilwh9YJXH6KPUB/7eWBJrRWjo/1Mt5sv02GJfW4rg8koDE
Iz/dWiqvdXpqkmUZ7TxmbnkdwNAp4r3Br+8n8AJbUVZvpqT9rG/LviXog3zLm7Al
DtsrGE3MPosNTYltP994EPWwlgDWK5K+9sf4Mu4I/8CFruZjxG+G281reQ15HRry
JxKYK0ig6bwE0uGq+XZg7FDyIzAnxbmaukF5o0+RURksvA==
-----END CERTIFICATE-----
Generated at Fri Apr 17 06:09:41 2026 by rpki-client