Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS21859.roa
File: AS21859.roa (raw, json)
Hash identifier: yCzXNf1DwW0A4w14kAWQg89kUcnMIZAJ3kQrQ5JhDbY=
Subject key identifier: 8C:AA:98:ED:38:3D:88:FC:0B:CA:8B:D9:D5:EB:61:EF:39:46:EF:61
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 0795B48437E4C900624D26005DD10A1ECB1910F9
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS21859.roa
Signing time: Sat 14 Jun 2025 00:00:39 +0000
ROA not before: Fri 13 Jun 2025 23:55:39 +0000
ROA not after: Sat 13 Jun 2026 00:00:39 +0000
asID: 21859
IP address blocks: 46.202.62.0/24 maxlen: 24
46.203.215.0/24 maxlen: 24
46.203.217.0/24 maxlen: 24
46.203.219.0/24 maxlen: 24
46.203.221.0/24 maxlen: 24
92.112.157.0/24 maxlen: 24
92.113.66.0/24 maxlen: 24
95.134.194.0/24 maxlen: 24
95.135.71.0/24 maxlen: 24
95.135.103.0/24 maxlen: 24
95.135.111.0/24 maxlen: 24
95.135.112.0/24 maxlen: 24
95.135.113.0/24 maxlen: 24
95.135.119.0/24 maxlen: 24
95.135.126.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
07:95:b4:84:37:e4:c9:00:62:4d:26:00:5d:d1:0a:1e:cb:19:10:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Jun 13 23:55:39 2025 GMT
Not After : Jun 13 00:00:39 2026 GMT
Subject: CN=8CAA98ED383D88FC0BCA8BD9D5EB61EF3946EF61
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:f7:37:9b:60:c8:cc:9a:d8:bf:59:46:c6:3f:
d4:b9:2b:05:50:36:ae:10:95:b5:92:d3:c3:ea:1c:
29:c8:7e:68:ec:dc:60:f2:39:66:a8:bd:22:66:03:
13:b8:14:f0:79:6c:3e:e0:df:de:4d:d6:7a:ca:4b:
13:ee:58:41:89:dd:53:f6:7d:ab:c1:f1:fb:d2:9d:
36:98:24:5c:ef:2c:4d:23:9b:c9:19:9f:9a:6e:7e:
88:ba:c4:79:16:53:7a:58:26:71:67:89:b1:91:8b:
1e:ef:03:33:9b:3e:97:35:dc:b9:db:c1:c7:23:48:
69:dd:d3:2b:90:f7:ed:10:4e:58:e2:88:11:01:1e:
e7:10:4b:11:c2:39:2a:dc:4d:62:b3:01:3d:e2:36:
a6:79:f0:6b:ba:8f:f3:12:ee:78:b5:41:32:6c:e5:
48:e5:6c:58:b1:72:55:08:01:f0:b7:62:f8:25:e4:
19:f8:b0:d3:13:8b:f7:50:d2:23:4a:55:22:a8:c2:
65:30:7b:24:31:d8:90:98:67:3a:94:d5:5b:69:6f:
cc:c0:40:b7:33:0d:e0:c9:cc:8f:fc:bc:54:88:da:
f7:ec:fa:bf:5e:99:1d:c0:cf:bf:3f:a9:38:19:2b:
2b:73:4c:3c:0a:96:1a:f2:b2:fd:99:65:f3:92:34:
2f:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:AA:98:ED:38:3D:88:FC:0B:CA:8B:D9:D5:EB:61:EF:39:46:EF:61
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS21859.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.202.62.0/24
46.203.215.0/24
46.203.217.0/24
46.203.219.0/24
46.203.221.0/24
92.112.157.0/24
92.113.66.0/24
95.134.194.0/24
95.135.71.0/24
95.135.103.0/24
95.135.111.0-95.135.113.255
95.135.119.0/24
95.135.126.0/24
Signature Algorithm: sha256WithRSAEncryption
3b:ba:1a:64:8a:3a:c8:32:43:b2:c0:f5:f0:9e:18:39:96:7f:
db:cb:6f:af:09:ba:3b:48:3f:7e:d3:39:83:71:75:b7:28:04:
a9:93:fb:34:d1:80:04:ad:85:d6:b9:ab:13:82:93:30:c3:91:
2d:b0:ed:e8:6d:b2:ff:cf:a6:fe:a1:96:0e:2b:6b:65:c2:2a:
69:7c:d3:b5:4e:48:d6:e4:a7:64:72:ca:61:51:25:ef:27:40:
b1:29:28:18:73:9a:28:5e:57:93:33:20:c9:14:cc:01:9d:2a:
01:3b:be:5a:8d:9a:70:64:70:92:10:35:d9:24:de:eb:46:66:
b8:29:9a:fe:a9:ad:fb:6f:f3:e6:df:81:a1:a8:a8:99:18:b2:
84:3d:fd:68:a1:a6:63:17:5b:ed:83:24:15:02:30:d9:ff:41:
c6:d9:59:ae:64:8b:1f:bf:d9:ae:bc:6d:6b:52:bf:fb:24:8e:
c6:63:c3:bf:a2:45:1b:ac:b7:68:78:f8:8a:59:7d:54:fa:72:
14:8e:6a:a0:ac:60:c2:6e:54:ba:14:2d:d7:c8:29:62:ce:b9:
03:e2:67:29:29:81:13:36:83:41:b7:f4:23:b8:de:f9:d1:07:
73:16:a0:0a:59:9b:e7:85:72:d3:6d:2c:e4:70:10:9c:f6:01:
d9:f3:43:81
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgIUB5W0hDfkyQBiTSYAXdEKHssZEPkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNTA2MTMyMzU1MzlaFw0yNjA2MTMwMDAwMzlaMDMxMTAvBgNV
BAMTKDhDQUE5OEVEMzgzRDg4RkMwQkNBOEJEOUQ1RUI2MUVGMzk0NkVGNjEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDN9zebYMjMmti/WUbGP9S5KwVQ
Nq4QlbWS08PqHCnIfmjs3GDyOWaovSJmAxO4FPB5bD7g395N1nrKSxPuWEGJ3VP2
favB8fvSnTaYJFzvLE0jm8kZn5pufoi6xHkWU3pYJnFnibGRix7vAzObPpc13Lnb
wccjSGnd0yuQ9+0QTljiiBEBHucQSxHCOSrcTWKzAT3iNqZ58Gu6j/MS7ni1QTJs
5UjlbFixclUIAfC3Yvgl5Bn4sNMTi/dQ0iNKVSKowmUweyQx2JCYZzqU1Vtpb8zA
QLczDeDJzI/8vFSI2vfs+r9emR3Az78/qTgZKytzTDwKlhrysv2ZZfOSNC9vAgMB
AAGjggJZMIICVTAdBgNVHQ4EFgQUjKqY7Tg9iPwLyovZ1eth7zlG72EwHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTMjE4NTkucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwbwYIKwYBBQUHAQcBAf8EYDBeMFwEAgABMFYDBAAuyj4D
BAAuy9cDBAAuy9kDBAAuy9sDBAAuy90DBABccJ0DBABccUIDBABfhsIDBABfh0cD
BABfh2cwDAMEAF+HbwMEAV+HcAMEAF+HdwMEAF+HfjANBgkqhkiG9w0BAQsFAAOC
AQEAO7oaZIo6yDJDssD18J4YOZZ/28tvrwm6O0g/ftM5g3F1tygEqZP7NNGABK2F
1rmrE4KTMMORLbDt6G2y/8+m/qGWDitrZcIqaXzTtU5I1uSnZHLKYVEl7ydAsSko
GHOaKF5XkzMgyRTMAZ0qATu+Wo2acGRwkhA12STe60ZmuCma/qmt+2/z5t+Boaio
mRiyhD39aKGmYxdb7YMkFQIw2f9BxtlZrmSLH7/Zrrxta1K/+ySOxmPDv6JFG6y3
aHj4ill9VPpyFI5qoKxgwm5UuhQt18gpYs65A+JnKSmBEzaDQbf0I7je+dEHcxag
Clmb54Vy020s5HAQnPYB2fNDgQ==
-----END CERTIFICATE-----
Generated at Sat Jun 14 10:59:17 2025 by rpki-client