Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS21859.roa
File: AS21859.roa (raw, json)
Hash identifier: nWUls8y33lYEqnjgbrni5RwUhbvne1C5rlfmozHbtuw=
Subject key identifier: 1B:12:B5:78:C9:1D:0E:4D:4E:A1:53:C8:C9:1E:F0:FC:CB:C7:77:79
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 40943DB6BD5B3D724D3972CADD3A8BCD1CA3229C
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS21859.roa
Signing time: Fri 18 Apr 2025 06:55:36 +0000
ROA not before: Fri 18 Apr 2025 06:50:36 +0000
ROA not after: Fri 17 Apr 2026 06:55:36 +0000
asID: 21859
IP address blocks: 46.202.62.0/24 maxlen: 24
46.203.215.0/24 maxlen: 24
46.203.217.0/24 maxlen: 24
46.203.219.0/24 maxlen: 24
46.203.221.0/24 maxlen: 24
91.124.37.0/24 maxlen: 24
92.112.157.0/24 maxlen: 24
92.113.66.0/24 maxlen: 24
95.134.194.0/24 maxlen: 24
95.135.71.0/24 maxlen: 24
95.135.103.0/24 maxlen: 24
95.135.111.0/24 maxlen: 24
95.135.112.0/24 maxlen: 24
95.135.113.0/24 maxlen: 24
95.135.119.0/24 maxlen: 24
95.135.126.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
40:94:3d:b6:bd:5b:3d:72:4d:39:72:ca:dd:3a:8b:cd:1c:a3:22:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Apr 18 06:50:36 2025 GMT
Not After : Apr 17 06:55:36 2026 GMT
Subject: CN=1B12B578C91D0E4D4EA153C8C91EF0FCCBC77779
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:02:5c:a8:5c:56:ef:12:65:31:35:3c:57:b5:
a1:78:55:83:8b:14:4c:48:9d:9a:0d:06:ab:a5:8b:
ef:d1:08:43:05:2e:b4:d7:30:6e:58:e8:c6:79:ac:
03:e8:be:8d:5e:db:fb:0f:a5:36:ac:24:55:3d:e0:
bc:c3:26:69:de:fb:23:25:07:4f:ee:3c:13:6d:d3:
75:57:a1:f5:14:0a:0d:4a:a6:a3:d7:ec:ce:de:15:
e3:5a:54:18:ac:b4:6c:e2:1e:11:02:94:2f:29:37:
99:4b:8a:85:95:40:38:c9:af:58:fd:be:7a:27:aa:
37:f2:b3:fe:ee:61:77:00:b4:bf:cb:6a:4d:fe:88:
a2:ec:db:c1:48:15:16:01:0b:92:17:ef:24:77:27:
42:43:26:af:c3:88:b0:00:dd:cb:1b:b2:c4:50:79:
b7:fe:c7:be:01:1c:74:17:60:d2:73:ee:d6:b5:39:
6e:18:f3:2f:a6:95:42:9a:b8:43:90:b9:a0:e6:73:
39:0c:8c:37:2a:a2:82:f0:ce:e8:00:3d:ff:af:76:
04:89:b9:c8:90:3b:95:c9:16:d4:89:98:48:04:1c:
b9:1f:8a:6a:fd:7c:b6:eb:74:f7:d9:da:12:e8:d2:
6e:8e:86:f4:dd:21:fa:0c:76:bb:45:30:3a:cb:61:
f8:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:12:B5:78:C9:1D:0E:4D:4E:A1:53:C8:C9:1E:F0:FC:CB:C7:77:79
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS21859.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.202.62.0/24
46.203.215.0/24
46.203.217.0/24
46.203.219.0/24
46.203.221.0/24
91.124.37.0/24
92.112.157.0/24
92.113.66.0/24
95.134.194.0/24
95.135.71.0/24
95.135.103.0/24
95.135.111.0-95.135.113.255
95.135.119.0/24
95.135.126.0/24
Signature Algorithm: sha256WithRSAEncryption
82:c2:19:93:70:7c:83:e4:28:c9:7e:ea:9e:17:ea:47:aa:46:
35:e0:5a:d7:3d:15:cf:88:08:7a:a5:4b:50:16:b4:ac:50:ac:
7e:5c:36:34:95:4f:68:2d:48:05:aa:04:4a:12:63:b9:15:ef:
1b:0d:c6:5b:98:9d:93:4d:f8:1d:af:77:a0:70:ef:5d:42:1d:
73:66:81:31:bf:dd:5c:7c:c5:1a:4b:20:cf:e2:af:62:c0:2e:
3a:83:86:47:d3:07:10:f9:be:f8:86:a7:dd:16:5f:16:37:fb:
f8:93:5a:b9:04:bf:9b:c5:f8:e3:96:d9:01:a5:d1:59:fc:59:
72:6b:33:5e:47:a7:5e:e6:c6:ec:e7:96:3e:a3:46:b0:1b:72:
39:75:a7:e6:40:1a:60:1f:8b:a5:2b:1d:21:c1:3a:2f:12:cf:
6f:28:17:95:8b:28:9d:d1:85:1c:1a:f0:c9:16:14:c7:71:bf:
c1:c0:52:1d:47:b6:43:10:21:9e:fb:66:76:d3:e2:1d:bd:16:
fe:1b:cd:08:ad:1a:40:9a:18:88:f1:df:c7:17:c9:98:c8:40:
06:37:e3:f0:8e:39:97:2b:3e:85:b1:c5:62:21:8d:4c:a8:59:
f3:50:e9:96:5d:3c:fb:32:7d:47:42:d5:b0:3f:8d:56:6d:53:
52:0d:50:a6
-----BEGIN CERTIFICATE-----
MIIFVTCCBD2gAwIBAgIUQJQ9tr1bPXJNOXLK3TqLzRyjIpwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNTA0MTgwNjUwMzZaFw0yNjA0MTcwNjU1MzZaMDMxMTAvBgNV
BAMTKDFCMTJCNTc4QzkxRDBFNEQ0RUExNTNDOEM5MUVGMEZDQ0JDNzc3NzkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCaAlyoXFbvEmUxNTxXtaF4VYOL
FExInZoNBquli+/RCEMFLrTXMG5Y6MZ5rAPovo1e2/sPpTasJFU94LzDJmne+yMl
B0/uPBNt03VXofUUCg1KpqPX7M7eFeNaVBistGziHhEClC8pN5lLioWVQDjJr1j9
vnonqjfys/7uYXcAtL/Lak3+iKLs28FIFRYBC5IX7yR3J0JDJq/DiLAA3csbssRQ
ebf+x74BHHQXYNJz7ta1OW4Y8y+mlUKauEOQuaDmczkMjDcqooLwzugAPf+vdgSJ
uciQO5XJFtSJmEgEHLkfimr9fLbrdPfZ2hLo0m6OhvTdIfoMdrtFMDrLYfhxAgMB
AAGjggJfMIICWzAdBgNVHQ4EFgQUGxK1eMkdDk1OoVPIyR7w/MvHd3kwHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTMjE4NTkucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwdQYIKwYBBQUHAQcBAf8EZjBkMGIEAgABMFwDBAAuyj4D
BAAuy9cDBAAuy9kDBAAuy9sDBAAuy90DBABbfCUDBABccJ0DBABccUIDBABfhsID
BABfh0cDBABfh2cwDAMEAF+HbwMEAV+HcAMEAF+HdwMEAF+HfjANBgkqhkiG9w0B
AQsFAAOCAQEAgsIZk3B8g+QoyX7qnhfqR6pGNeBa1z0Vz4gIeqVLUBa0rFCsflw2
NJVPaC1IBaoEShJjuRXvGw3GW5idk034Ha93oHDvXUIdc2aBMb/dXHzFGksgz+Kv
YsAuOoOGR9MHEPm++Ian3RZfFjf7+JNauQS/m8X445bZAaXRWfxZcmszXkenXubG
7OeWPqNGsBtyOXWn5kAaYB+LpSsdIcE6LxLPbygXlYsondGFHBrwyRYUx3G/wcBS
HUe2QxAhnvtmdtPiHb0W/hvNCK0aQJoYiPHfxxfJmMhABjfj8I45lys+hbHFYiGN
TKhZ81Dpll08+zJ9R0LVsD+NVm1TUg1Qpg==
-----END CERTIFICATE-----
Generated at Sat Apr 26 15:49:37 2025 by rpki-client