Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/AS21859.roa
File: AS21859.roa (raw, json)
Hash identifier: SBL7Jm7VacHit2bN7If4Od5fbVbDrZ/3EAN3Lpu5TvI=
Subject key identifier: CD:9C:B2:DA:AB:67:EB:3E:88:14:87:47:99:34:C6:43:A6:1F:9C:6E
Certificate issuer: /CN=03b1ba3fdb91d8d9ea76c5776320eb7eb2d6ed9d
Certificate serial: 1039BB0AC2AC9F8184CAFE1637DA5527F2DCB93F
Authority key identifier: 03:B1:BA:3F:DB:91:D8:D9:EA:76:C5:77:63:20:EB:7E:B2:D6:ED:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/A7G6P9uR2NnqdsV3YyDrfrLW7Z0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/AS21859.roa
Signing time: Tue 29 Jul 2025 07:51:21 +0000
ROA not before: Tue 29 Jul 2025 07:46:21 +0000
ROA not after: Tue 28 Jul 2026 07:51:21 +0000
asID: 21859
IP address blocks: 192.166.114.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/03B1BA3FDB91D8D9EA76C5776320EB7EB2D6ED9D.crl
rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/03B1BA3FDB91D8D9EA76C5776320EB7EB2D6ED9D.mft
rsync://rpki.ripe.net/repository/DEFAULT/A7G6P9uR2NnqdsV3YyDrfrLW7Z0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 00:02:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
10:39:bb:0a:c2:ac:9f:81:84:ca:fe:16:37:da:55:27:f2:dc:b9:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=03b1ba3fdb91d8d9ea76c5776320eb7eb2d6ed9d
Validity
Not Before: Jul 29 07:46:21 2025 GMT
Not After : Jul 28 07:51:21 2026 GMT
Subject: CN=CD9CB2DAAB67EB3E881487479934C643A61F9C6E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:0c:6d:82:1f:19:2b:e1:b2:35:d5:02:6b:6d:
94:18:38:50:20:84:db:4d:76:d6:37:d1:6c:a7:89:
1f:0e:7d:3b:c6:15:15:a7:67:a9:83:8b:d5:2c:d1:
f8:69:88:e7:e4:66:71:a3:e7:0d:18:4b:65:d3:23:
ae:29:e9:f0:a0:7e:02:56:e5:31:4a:c1:c2:85:1f:
d9:37:84:fc:41:24:51:22:83:56:13:1c:42:5f:70:
d6:9a:de:4e:68:f8:c7:5d:b3:b1:be:31:59:ca:a1:
6f:e4:22:61:07:1b:bf:4f:5e:da:ea:2d:b4:bc:eb:
c3:40:cf:21:8d:d7:c2:85:28:40:5a:c3:b5:99:48:
1e:a5:1e:c7:5c:94:eb:85:d8:ea:22:49:73:34:4c:
59:cd:4d:e7:01:1e:c5:ca:87:ff:d4:3a:86:1f:ca:
e5:29:46:da:d5:a8:bb:eb:d4:84:59:8f:c2:d6:d2:
65:28:8d:b4:56:b7:6f:19:97:64:53:4c:0d:45:13:
66:51:b9:6f:47:b2:a2:f3:5a:f6:9c:65:88:3d:4d:
3d:0c:34:ac:66:d9:6f:6b:e9:c8:d2:6f:fe:d8:27:
cf:0c:3d:63:42:18:42:fc:3f:ca:27:f5:6a:bd:3c:
c5:d8:d5:ce:a3:15:51:26:89:94:5c:3a:55:d8:1f:
7a:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:9C:B2:DA:AB:67:EB:3E:88:14:87:47:99:34:C6:43:A6:1F:9C:6E
X509v3 Authority Key Identifier:
keyid:03:B1:BA:3F:DB:91:D8:D9:EA:76:C5:77:63:20:EB:7E:B2:D6:ED:9D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/03B1BA3FDB91D8D9EA76C5776320EB7EB2D6ED9D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A7G6P9uR2NnqdsV3YyDrfrLW7Z0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/AS21859.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.166.114.0/24
Signature Algorithm: sha256WithRSAEncryption
cd:45:c3:cf:97:97:02:fb:13:c7:64:99:a6:f9:ab:8b:7e:21:
c2:75:f1:11:6f:06:01:df:5f:08:c5:ee:1d:52:2a:16:f4:5a:
91:7e:8e:8a:e0:95:a8:52:2d:dd:8b:49:e7:17:34:79:c2:24:
72:13:a5:b0:d6:96:21:5d:0b:b6:e7:17:9e:27:5d:fa:66:c3:
46:23:3b:cf:ee:2c:23:13:ca:9a:97:0a:c9:47:be:79:c6:96:
c9:51:c4:c9:89:28:49:d3:a4:74:a6:05:4c:03:0b:57:5e:63:
4f:d1:2b:20:19:7a:85:c8:4a:9d:55:92:ca:a0:b9:fc:51:56:
ca:3b:51:07:53:86:90:c9:65:bc:7b:d8:5f:4c:31:22:b9:aa:
ad:52:28:ef:df:f2:aa:35:4c:9e:73:29:88:78:25:98:f6:5b:
a9:3b:1e:8c:2e:ec:a3:98:d4:9f:0d:62:21:65:a6:1f:2d:67:
b7:ad:ee:45:e9:01:06:fe:95:58:af:8b:09:a1:86:6c:01:db:
eb:c9:eb:06:c1:62:c0:ab:a3:53:9d:d6:3f:12:08:c9:0f:84:
b4:02:59:d4:b2:0d:d0:9d:cd:c3:92:7f:f2:84:41:c2:17:d7:
48:34:31:a2:16:98:db:76:3d:5b:f0:b9:a7:bf:49:fa:71:41:
69:97:03:ce
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgIUEDm7CsKsn4GEyv4WN9pVJ/LcuT8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDNiMWJhM2ZkYjkxZDhkOWVhNzZjNTc3NjMyMGViN2Vi
MmQ2ZWQ5ZDAeFw0yNTA3MjkwNzQ2MjFaFw0yNjA3MjgwNzUxMjFaMDMxMTAvBgNV
BAMTKENEOUNCMkRBQUI2N0VCM0U4ODE0ODc0Nzk5MzRDNjQzQTYxRjlDNkUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDnDG2CHxkr4bI11QJrbZQYOFAg
hNtNdtY30WyniR8OfTvGFRWnZ6mDi9Us0fhpiOfkZnGj5w0YS2XTI64p6fCgfgJW
5TFKwcKFH9k3hPxBJFEig1YTHEJfcNaa3k5o+Mdds7G+MVnKoW/kImEHG79PXtrq
LbS868NAzyGN18KFKEBaw7WZSB6lHsdclOuF2OoiSXM0TFnNTecBHsXKh//UOoYf
yuUpRtrVqLvr1IRZj8LW0mUojbRWt28Zl2RTTA1FE2ZRuW9HsqLzWvacZYg9TT0M
NKxm2W9r6cjSb/7YJ88MPWNCGEL8P8on9Wq9PMXY1c6jFVEmiZRcOlXYH3qpAgMB
AAGjggIJMIICBTAdBgNVHQ4EFgQUzZyy2qtn6z6IFIdHmTTGQ6YfnG4wHwYDVR0j
BBgwFoAUA7G6P9uR2NnqdsV3YyDrfrLW7Z0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvN2ZmMGY1NTUtZGJhNy00MTkyLWEwMWQtZjY5MTZkNWJi
ODRlLzAvMDNCMUJBM0ZEQjkxRDhEOUVBNzZDNTc3NjMyMEVCN0VCMkQ2RUQ5RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0E3RzZQOXVSMk5ucWRzVjNZeURyZnJM
VzdaMC5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzdmZjBmNTU1LWRiYTct
NDE5Mi1hMDFkLWY2OTE2ZDViYjg0ZS8wL0FTMjE4NTkucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADApnIw
DQYJKoZIhvcNAQELBQADggEBAM1Fw8+XlwL7E8dkmab5q4t+IcJ18RFvBgHfXwjF
7h1SKhb0WpF+jorglahSLd2LSecXNHnCJHITpbDWliFdC7bnF54nXfpmw0YjO8/u
LCMTypqXCslHvnnGlslRxMmJKEnTpHSmBUwDC1deY0/RKyAZeoXISp1VksqgufxR
Vso7UQdThpDJZbx72F9MMSK5qq1SKO/f8qo1TJ5zKYh4JZj2W6k7Howu7KOY1J8N
YiFlph8tZ7et7kXpAQb+lViviwmhhmwB2+vJ6wbBYsCro1Od1j8SCMkPhLQCWdSy
DdCdzcOSf/KEQcIX10g0MaIWmNt2PVvwuae/SfpxQWmXA84=
-----END CERTIFICATE-----
Generated at Mon Aug 4 07:38:52 2025 by rpki-client