Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS21859.roa
File: AS21859.roa (raw, json)
Hash identifier: 7iaDM2T5MsAEv1E+ar3FtKQl5Qwbl37mlKCs9PN3+Qg=
Subject key identifier: DA:B8:68:ED:B8:2A:EB:9F:34:F8:F8:C6:51:08:04:1A:29:CE:06:D3
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 3A4C8F6AEC7C0E3E1D145BE5B5C763D966381451
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS21859.roa
Signing time: Fri 12 Jun 2026 06:26:37 +0000
ROA not before: Fri 12 Jun 2026 06:21:37 +0000
ROA not after: Fri 11 Jun 2027 06:26:37 +0000
asID: 21859
IP address blocks: 46.203.46.0/24 maxlen: 24
46.203.215.0/24 maxlen: 24
46.203.217.0/24 maxlen: 24
46.203.219.0/24 maxlen: 24
46.203.221.0/24 maxlen: 24
91.124.15.0/24 maxlen: 24
95.135.111.0/24 maxlen: 24
95.135.112.0/24 maxlen: 24
95.135.113.0/24 maxlen: 24
178.92.11.0/24 maxlen: 24
178.92.20.0/24 maxlen: 24
178.92.24.0/24 maxlen: 24
178.92.59.0/24 maxlen: 24
178.93.178.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3a:4c:8f:6a:ec:7c:0e:3e:1d:14:5b:e5:b5:c7:63:d9:66:38:14:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Jun 12 06:21:37 2026 GMT
Not After : Jun 11 06:26:37 2027 GMT
Subject: CN=DAB868EDB82AEB9F34F8F8C65108041A29CE06D3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:09:83:b2:3c:1c:f8:53:37:4a:7b:ac:f2:0c:
ac:8e:b6:21:01:94:22:73:68:d2:63:59:89:d8:18:
7c:10:c6:a3:cc:40:62:56:47:ba:77:0c:cd:37:9d:
bc:9d:9f:e4:49:74:49:76:68:35:6a:b0:ec:e5:63:
24:43:9d:33:7b:cf:42:eb:77:e8:8d:85:56:0b:fd:
76:66:c8:02:5a:08:d1:a0:e8:72:00:99:8c:27:d7:
eb:1d:e4:6f:eb:53:5e:81:20:f6:14:20:bb:0f:64:
00:ac:21:d4:3b:79:f1:23:4e:95:ff:4e:76:12:58:
b3:c2:79:94:58:7e:cf:26:bb:a2:0a:44:64:5f:fc:
8d:98:60:94:fe:98:67:dc:0b:9f:78:c8:97:1d:ee:
d9:6d:46:81:17:d0:a1:08:eb:20:53:8f:2b:55:3b:
42:ef:47:2c:61:a2:42:1e:80:d5:74:07:0a:5c:24:
33:d2:fb:a5:70:e8:58:ad:6d:10:d5:dc:7c:02:1e:
2d:d6:64:93:18:aa:95:e8:4b:a4:e5:fd:bb:5b:86:
52:75:6b:16:41:f3:5b:a2:6f:b2:20:5f:d0:0f:41:
7e:81:94:b2:56:99:46:bc:a8:0a:c8:23:cf:15:a8:
7f:82:17:b3:ee:6f:6b:86:4e:4b:20:8f:57:da:c2:
c8:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:B8:68:ED:B8:2A:EB:9F:34:F8:F8:C6:51:08:04:1A:29:CE:06:D3
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS21859.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.203.46.0/24
46.203.215.0/24
46.203.217.0/24
46.203.219.0/24
46.203.221.0/24
91.124.15.0/24
95.135.111.0-95.135.113.255
178.92.11.0/24
178.92.20.0/24
178.92.24.0/24
178.92.59.0/24
178.93.178.0/24
Signature Algorithm: sha256WithRSAEncryption
86:4a:48:9b:da:90:6a:6b:fd:98:15:f6:50:c7:d0:57:1f:1b:
16:50:8d:5c:6f:54:c7:26:08:6f:4e:16:2b:48:b1:89:1a:1e:
63:3f:e5:07:41:8f:23:fe:4e:26:ab:ff:e5:63:b6:f5:80:a4:
73:a7:e2:8c:78:f7:03:9a:29:94:65:54:46:a8:68:a3:77:eb:
b6:7c:6d:5a:c0:85:80:7a:df:e8:78:fe:7b:82:e1:67:d3:b5:
6b:8c:f4:73:4c:2b:95:1c:47:00:d9:dd:5c:8b:ac:e8:76:4c:
67:8e:6a:55:d5:4b:9f:b7:55:14:22:1a:93:f7:04:c3:b7:6a:
ba:c7:7e:0f:a5:e1:a3:5b:66:c6:4e:0b:ae:39:7d:c2:b1:ed:
d1:96:22:0d:67:47:e7:40:9c:7c:7c:c5:df:17:61:83:9c:9c:
54:6b:55:89:52:0f:13:68:35:10:b9:d5:4c:02:d0:32:52:dc:
76:02:1e:b8:8f:f0:59:64:6d:ae:e5:68:18:9c:4a:7c:7a:d1:
73:20:e2:d1:21:c8:15:40:82:fe:16:4a:96:25:8c:06:01:d9:
6e:5a:be:ec:65:66:0d:20:91:00:25:9d:01:6c:ed:e7:cd:e2:
73:90:f7:f2:e1:5a:0d:4f:0a:5a:7d:e4:4b:11:f2:e0:cf:21:
99:30:17:4a
-----BEGIN CERTIFICATE-----
MIIFSTCCBDGgAwIBAgIUOkyPaux8Dj4dFFvltcdj2WY4FFEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNjA2MTIwNjIxMzdaFw0yNzA2MTEwNjI2MzdaMDMxMTAvBgNV
BAMTKERBQjg2OEVEQjgyQUVCOUYzNEY4RjhDNjUxMDgwNDFBMjlDRTA2RDMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCPCYOyPBz4UzdKe6zyDKyOtiEB
lCJzaNJjWYnYGHwQxqPMQGJWR7p3DM03nbydn+RJdEl2aDVqsOzlYyRDnTN7z0Lr
d+iNhVYL/XZmyAJaCNGg6HIAmYwn1+sd5G/rU16BIPYUILsPZACsIdQ7efEjTpX/
TnYSWLPCeZRYfs8mu6IKRGRf/I2YYJT+mGfcC594yJcd7tltRoEX0KEI6yBTjytV
O0LvRyxhokIegNV0BwpcJDPS+6Vw6FitbRDV3HwCHi3WZJMYqpXoS6Tl/btbhlJ1
axZB81uib7IgX9APQX6BlLJWmUa8qArII88VqH+CF7Pub2uGTksgj1fawsgjAgMB
AAGjggJTMIICTzAdBgNVHQ4EFgQU2rho7bgq6580+PjGUQgEGinOBtMwHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTMjE4NTkucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwaQYIKwYBBQUHAQcBAf8EWjBYMFYEAgABMFADBAAuyy4D
BAAuy9cDBAAuy9kDBAAuy9sDBAAuy90DBABbfA8wDAMEAF+HbwMEAV+HcAMEALJc
CwMEALJcFAMEALJcGAMEALJcOwMEALJdsjANBgkqhkiG9w0BAQsFAAOCAQEAhkpI
m9qQamv9mBX2UMfQVx8bFlCNXG9UxyYIb04WK0ixiRoeYz/lB0GPI/5OJqv/5WO2
9YCkc6fijHj3A5oplGVURqhoo3frtnxtWsCFgHrf6Hj+e4LhZ9O1a4z0c0wrlRxH
ANndXIus6HZMZ45qVdVLn7dVFCIak/cEw7dqusd+D6Xho1tmxk4Lrjl9wrHt0ZYi
DWdH50CcfHzF3xdhg5ycVGtViVIPE2g1ELnVTALQMlLcdgIeuI/wWWRtruVoGJxK
fHrRcyDi0SHIFUCC/hZKliWMBgHZblq+7GVmDSCRACWdAWzt583ic5D38uFaDU8K
Wn3kSxHy4M8hmTAXSg==
-----END CERTIFICATE-----
Generated at Sat Jun 13 07:03:56 2026 by rpki-client