Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS21840.roa
File: AS21840.roa (raw, json)
Hash identifier: h/lKif8h5NNtKG1ov02t98W9emyRKyrYusqXvlR0yJw=
Subject key identifier: 78:EB:8B:B9:AF:4F:16:50:BC:13:70:F1:CD:F5:9B:4E:3C:82:A3:08
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 3E6EE5721088137DC19FBE5F0EC5CB8AD359A61F
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS21840.roa
Signing time: Tue 24 Feb 2026 10:17:26 +0000
ROA not before: Tue 24 Feb 2026 10:12:26 +0000
ROA not after: Tue 23 Feb 2027 10:17:26 +0000
asID: 21840
IP address blocks: 92.112.37.0/24 maxlen: 24
95.134.29.0/24 maxlen: 24
95.135.109.0/24 maxlen: 24
95.135.199.0/24 maxlen: 24
95.135.230.0/24 maxlen: 24
178.92.184.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 08:09:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3e:6e:e5:72:10:88:13:7d:c1:9f:be:5f:0e:c5:cb:8a:d3:59:a6:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Feb 24 10:12:26 2026 GMT
Not After : Feb 23 10:17:26 2027 GMT
Subject: CN=78EB8BB9AF4F1650BC1370F1CDF59B4E3C82A308
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:69:d7:c0:0b:ee:54:a6:89:d1:68:1c:53:67:
8e:2a:9e:ce:9b:d1:91:5e:8e:19:13:ca:31:d9:4a:
80:28:8c:49:ba:2a:3f:c1:0e:fb:59:e3:46:1e:bd:
2f:9c:8b:32:b6:b7:ca:f0:26:90:fb:39:1b:18:3b:
df:5e:f9:7e:e5:74:e1:8b:42:eb:49:d2:e8:54:e2:
c6:49:cd:34:d2:04:d4:af:54:e3:b3:ae:85:3e:2d:
35:ff:32:ca:73:96:1d:fa:7f:49:ed:b0:69:d4:13:
63:22:9c:f4:1a:8c:53:b9:4f:12:1e:d5:82:0f:55:
1a:76:07:c1:61:c3:86:ca:c5:28:90:ff:57:22:2f:
2e:8d:e9:e2:2f:c2:0b:65:0e:38:96:d6:b0:e5:ef:
69:81:3b:4c:00:e9:c7:8a:ad:19:16:d8:52:49:4e:
5d:c6:2a:dc:15:6e:4d:c1:32:15:80:e7:a8:24:11:
90:70:02:56:d5:57:51:37:e9:00:74:4a:75:7f:57:
12:4c:a6:b1:9e:6c:f8:d2:a6:ca:a7:7c:01:be:8e:
2e:df:28:06:2c:26:d7:82:5d:b5:c5:71:41:ce:f8:
f1:d5:79:58:74:b3:d4:21:60:4e:f9:21:e0:47:3b:
14:b5:ee:84:01:13:d0:b3:03:b2:97:7c:b4:a1:92:
37:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:EB:8B:B9:AF:4F:16:50:BC:13:70:F1:CD:F5:9B:4E:3C:82:A3:08
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS21840.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.112.37.0/24
95.134.29.0/24
95.135.109.0/24
95.135.199.0/24
95.135.230.0/24
178.92.184.0/24
Signature Algorithm: sha256WithRSAEncryption
a8:37:88:83:41:f7:fc:73:1c:d3:6f:94:49:0d:a3:c4:87:93:
6f:f1:16:45:23:2f:e0:6d:0a:6a:66:d4:8f:26:de:90:32:08:
8b:f8:5a:a2:4d:4c:78:12:a9:5e:46:0e:bf:99:cf:cb:7b:c6:
41:5b:d6:52:59:e9:61:e1:05:70:f3:22:47:4f:6c:96:8d:fa:
e9:88:b3:d0:e3:5f:b2:98:ca:e2:fd:18:96:bd:4b:4c:d7:3c:
48:3f:5a:07:e6:6c:87:a1:ae:7e:03:33:94:21:ef:ae:e7:a2:
3c:a5:fd:71:db:92:0f:c5:f6:ef:ba:31:77:cc:17:94:3a:be:
66:f9:4a:88:98:69:7f:99:52:e3:fb:09:23:32:b2:bf:9a:8b:
db:c6:c1:e2:c6:22:45:45:6f:44:b9:e4:32:2d:50:86:12:18:
37:4b:6e:0b:e0:08:c7:1c:86:45:92:11:24:07:71:5a:ec:5b:
d7:dc:be:5c:91:7b:7e:38:cf:f6:a8:e9:99:d4:d3:5b:3e:33:
4e:39:e1:39:b8:4a:51:e9:7b:bc:21:1f:f8:10:1f:9f:b3:76:
08:2d:c5:64:04:87:e3:76:e1:c7:80:ef:64:17:28:35:03:7e:
45:4d:b4:17:b8:f4:29:bf:a3:be:6d:a1:a2:f5:53:4e:12:a5:
d6:ea:c3:b1
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgIUPm7lchCIE33Bn75fDsXLitNZph8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNjAyMjQxMDEyMjZaFw0yNzAyMjMxMDE3MjZaMDMxMTAvBgNV
BAMTKDc4RUI4QkI5QUY0RjE2NTBCQzEzNzBGMUNERjU5QjRFM0M4MkEzMDgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQChadfAC+5UponRaBxTZ44qns6b
0ZFejhkTyjHZSoAojEm6Kj/BDvtZ40YevS+cizK2t8rwJpD7ORsYO99e+X7ldOGL
QutJ0uhU4sZJzTTSBNSvVOOzroU+LTX/Mspzlh36f0ntsGnUE2MinPQajFO5TxIe
1YIPVRp2B8Fhw4bKxSiQ/1ciLy6N6eIvwgtlDjiW1rDl72mBO0wA6ceKrRkW2FJJ
Tl3GKtwVbk3BMhWA56gkEZBwAlbVV1E36QB0SnV/VxJMprGebPjSpsqnfAG+ji7f
KAYsJteCXbXFcUHO+PHVeVh0s9QhYE75IeBHOxS17oQBE9CzA7KXfLShkjdNAgMB
AAGjggInMIICIzAdBgNVHQ4EFgQUeOuLua9PFlC8E3DxzfWbTjyCowgwHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTMjE4NDAucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwPQYIKwYBBQUHAQcBAf8ELjAsMCoEAgABMCQDBABccCUD
BABfhh0DBABfh20DBABfh8cDBABfh+YDBACyXLgwDQYJKoZIhvcNAQELBQADggEB
AKg3iINB9/xzHNNvlEkNo8SHk2/xFkUjL+BtCmpm1I8m3pAyCIv4WqJNTHgSqV5G
Dr+Zz8t7xkFb1lJZ6WHhBXDzIkdPbJaN+umIs9DjX7KYyuL9GJa9S0zXPEg/Wgfm
bIehrn4DM5Qh767nojyl/XHbkg/F9u+6MXfMF5Q6vmb5SoiYaX+ZUuP7CSMysr+a
i9vGweLGIkVFb0S55DItUIYSGDdLbgvgCMcchkWSESQHcVrsW9fcvlyRe344z/ao
6ZnU01s+M0454Tm4SlHpe7whH/gQH5+zdggtxWQEh+N24ceA72QXKDUDfkVNtBe4
9Cm/o75toaL1U04Spdbqw7E=
-----END CERTIFICATE-----
Generated at Sun Mar 1 20:10:58 2026 by rpki-client