Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS21859.roa
File: AS21859.roa (raw, json)
Hash identifier: xkNP/nRhUhHkYLuD9DuRjWokUltwdDEtKeGD+/qaI0I=
Subject key identifier: 9B:6A:1F:D1:C3:B9:16:EE:0D:AD:7D:14:45:08:F2:2A:5E:2F:AF:6D
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 23FE1661CC8422C6C1B28D2D1ACA66DBF198624E
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS21859.roa
Signing time: Thu 16 Apr 2026 06:44:37 +0000
ROA not before: Thu 16 Apr 2026 06:39:37 +0000
ROA not after: Thu 15 Apr 2027 06:44:37 +0000
asID: 21859
IP address blocks: 46.203.46.0/24 maxlen: 24
46.203.215.0/24 maxlen: 24
46.203.217.0/24 maxlen: 24
46.203.219.0/24 maxlen: 24
46.203.221.0/24 maxlen: 24
91.124.15.0/24 maxlen: 24
92.112.157.0/24 maxlen: 24
92.113.66.0/24 maxlen: 24
95.135.111.0/24 maxlen: 24
95.135.112.0/24 maxlen: 24
95.135.113.0/24 maxlen: 24
178.92.11.0/24 maxlen: 24
178.92.24.0/24 maxlen: 24
178.92.59.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 22:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
23:fe:16:61:cc:84:22:c6:c1:b2:8d:2d:1a:ca:66:db:f1:98:62:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Apr 16 06:39:37 2026 GMT
Not After : Apr 15 06:44:37 2027 GMT
Subject: CN=9B6A1FD1C3B916EE0DAD7D144508F22A5E2FAF6D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:11:94:82:60:a8:c6:bf:88:4d:ad:f6:4b:eb:
2a:eb:03:95:f3:b9:9a:77:f5:98:cc:87:24:82:85:
35:e5:90:a4:6a:4b:e1:7f:cb:92:0e:18:da:12:07:
a2:0e:bf:0d:19:84:7e:cb:c3:18:df:12:56:df:99:
81:12:b8:97:c9:0a:8a:bb:72:49:fa:36:49:a8:2b:
09:c0:62:9b:e0:c4:d4:6a:46:b1:3c:31:2f:ab:9e:
4b:23:ae:7a:54:fc:84:70:3b:51:d0:dd:f7:36:34:
0f:17:29:93:0e:9c:3d:41:aa:ea:3a:19:9a:51:72:
98:de:f3:80:31:2c:8e:ab:f5:90:13:4f:55:8b:d5:
8d:e2:50:07:72:57:cc:54:21:d1:fa:76:9b:2d:d1:
42:b7:6e:a5:7f:47:9c:2d:b4:87:f1:97:bc:4c:82:
8a:1f:ca:9b:73:0e:73:4c:43:95:02:be:b1:69:70:
4a:bf:66:46:43:1f:6c:ac:47:e3:d0:54:53:1e:ea:
70:ce:58:ef:cd:01:cd:71:e8:10:da:46:d2:62:de:
b3:4a:f0:43:24:64:99:6c:b6:49:c1:49:bd:14:ba:
80:5c:98:13:8e:73:8b:d2:b9:19:9e:8c:0e:5e:c6:
5e:00:e4:c1:18:6d:d8:b8:bc:58:13:6c:1d:53:85:
52:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:6A:1F:D1:C3:B9:16:EE:0D:AD:7D:14:45:08:F2:2A:5E:2F:AF:6D
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS21859.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.203.46.0/24
46.203.215.0/24
46.203.217.0/24
46.203.219.0/24
46.203.221.0/24
91.124.15.0/24
92.112.157.0/24
92.113.66.0/24
95.135.111.0-95.135.113.255
178.92.11.0/24
178.92.24.0/24
178.92.59.0/24
Signature Algorithm: sha256WithRSAEncryption
8d:4f:5c:3e:05:56:cc:f7:03:e3:72:db:e5:ef:85:a1:bb:ee:
5b:9d:94:1b:75:69:eb:2d:29:0e:5f:57:be:be:6b:f0:70:9f:
dd:57:a7:f9:04:e1:c4:69:fc:ca:56:8c:09:8e:5b:29:2b:c3:
e0:65:8b:96:e9:0f:11:05:0f:2a:65:df:73:1e:6d:b8:27:0e:
29:74:fa:41:d3:4f:fb:87:f4:7a:e5:ba:67:44:20:d1:df:c6:
81:bf:d0:c4:9f:4a:bd:bd:e0:01:b0:2d:ca:7a:e9:25:75:54:
9b:80:87:9a:84:c5:31:e7:f7:e6:39:3f:8e:ca:97:ae:49:44:
c6:21:3d:0b:f3:00:5e:af:14:82:5f:2c:61:9a:fb:e8:fb:64:
e2:10:f9:be:08:8b:eb:b0:18:09:e0:9f:05:98:e8:a7:66:95:
c8:f8:48:88:ae:e2:4b:17:96:93:e3:41:cb:e2:d2:24:8a:59:
9e:5d:bb:a6:e9:82:b1:b2:dc:08:28:4f:f4:dd:1a:ce:97:b3:
ab:84:b1:30:eb:12:88:83:e4:30:5d:00:53:62:ff:43:5c:88:
1c:94:f2:ac:8f:a3:67:b1:14:bd:63:b1:d4:55:d2:51:e4:f4:
d2:4a:13:89:6f:ec:a5:ba:d3:5a:3c:05:2d:9b:bf:ca:17:d4:
51:be:21:5f
-----BEGIN CERTIFICATE-----
MIIFSTCCBDGgAwIBAgIUI/4WYcyEIsbBso0tGspm2/GYYk4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNjA0MTYwNjM5MzdaFw0yNzA0MTUwNjQ0MzdaMDMxMTAvBgNV
BAMTKDlCNkExRkQxQzNCOTE2RUUwREFEN0QxNDQ1MDhGMjJBNUUyRkFGNkQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCuEZSCYKjGv4hNrfZL6yrrA5Xz
uZp39ZjMhySChTXlkKRqS+F/y5IOGNoSB6IOvw0ZhH7LwxjfElbfmYESuJfJCoq7
ckn6NkmoKwnAYpvgxNRqRrE8MS+rnksjrnpU/IRwO1HQ3fc2NA8XKZMOnD1Bquo6
GZpRcpje84AxLI6r9ZATT1WL1Y3iUAdyV8xUIdH6dpst0UK3bqV/R5wttIfxl7xM
goofyptzDnNMQ5UCvrFpcEq/ZkZDH2ysR+PQVFMe6nDOWO/NAc1x6BDaRtJi3rNK
8EMkZJlstknBSb0UuoBcmBOOc4vSuRmejA5exl4A5MEYbdi4vFgTbB1ThVIvAgMB
AAGjggJTMIICTzAdBgNVHQ4EFgQUm2of0cO5Fu4NrX0URQjyKl4vr20wHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTMjE4NTkucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwaQYIKwYBBQUHAQcBAf8EWjBYMFYEAgABMFADBAAuyy4D
BAAuy9cDBAAuy9kDBAAuy9sDBAAuy90DBABbfA8DBABccJ0DBABccUIwDAMEAF+H
bwMEAV+HcAMEALJcCwMEALJcGAMEALJcOzANBgkqhkiG9w0BAQsFAAOCAQEAjU9c
PgVWzPcD43Lb5e+FobvuW52UG3Vp6y0pDl9Xvr5r8HCf3Ven+QThxGn8ylaMCY5b
KSvD4GWLlukPEQUPKmXfcx5tuCcOKXT6QdNP+4f0euW6Z0Qg0d/Ggb/QxJ9Kvb3g
AbAtynrpJXVUm4CHmoTFMef35jk/jsqXrklExiE9C/MAXq8Ugl8sYZr76Ptk4hD5
vgiL67AYCeCfBZjop2aVyPhIiK7iSxeWk+NBy+LSJIpZnl27pumCsbLcCChP9N0a
zpezq4SxMOsSiIPkMF0AU2L/Q1yIHJTyrI+jZ7EUvWOx1FXSUeT00koTiW/spbrT
WjwFLZu/yhfUUb4hXw==
-----END CERTIFICATE-----
Generated at Fri Apr 17 05:51:52 2026 by rpki-client