Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS21859.roa
File: AS21859.roa (raw, json)
Hash identifier: Bq0VVqQVsiB+f4JyADTwCxuT9hIjCi8z/OP0rKHD33k=
Subject key identifier: F6:58:4F:05:58:8F:8E:79:36:AE:B0:36:32:5D:36:55:3B:74:84:98
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 09EC2905FC224348FE6ECE91F964E01903633276
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS21859.roa
Signing time: Fri 02 May 2025 00:00:04 +0000
ROA not before: Thu 01 May 2025 23:55:04 +0000
ROA not after: Fri 01 May 2026 00:00:04 +0000
asID: 21859
IP address blocks: 148.135.194.0/24 maxlen: 24
148.135.196.0/23 maxlen: 23
148.135.204.0/23 maxlen: 23
150.241.229.0/24 maxlen: 24
150.241.231.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 06 May 2025 18:19:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
09:ec:29:05:fc:22:43:48:fe:6e:ce:91:f9:64:e0:19:03:63:32:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: May 1 23:55:04 2025 GMT
Not After : May 1 00:00:04 2026 GMT
Subject: CN=F6584F05588F8E7936AEB036325D36553B748498
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:a8:c7:da:56:23:b7:c2:86:e1:c2:32:e4:d5:
c5:d2:61:9e:3f:e2:ca:25:ce:69:3d:7e:7c:21:54:
20:af:4c:e7:6f:98:a5:18:f3:82:7e:d3:0e:12:4a:
3e:17:64:aa:6c:cc:c2:4d:8e:46:2c:29:be:49:68:
6e:cf:52:ca:94:b4:20:cf:7d:33:f3:5b:fe:34:23:
ba:93:c4:d0:9f:0d:70:e2:99:6a:81:50:29:20:f3:
08:f3:04:ae:8d:d2:37:bb:cb:31:ca:ae:59:e4:00:
82:62:2a:de:04:f7:3c:f8:71:4e:66:b6:9d:73:5e:
4e:52:bb:0a:c7:ad:36:b6:c0:f2:41:c4:d3:0b:e6:
7e:f1:7b:a2:7a:af:f0:51:5c:54:b2:1a:23:36:ac:
12:73:bc:ae:0e:ee:ae:3d:ca:b9:19:6b:20:f0:2a:
94:c2:65:3e:12:36:f6:ed:ec:b5:a2:84:77:c3:e2:
52:fa:a6:af:4a:ca:5a:c8:b8:61:91:96:8a:05:0d:
be:e9:a7:29:67:78:c8:72:be:dd:9e:6a:61:f8:3d:
3d:58:00:03:1d:1f:15:7f:f4:43:07:ca:97:26:0e:
e1:8f:42:8f:78:f6:43:e5:ec:25:1f:a4:34:70:e6:
ad:2e:fb:69:d7:e4:30:eb:2f:86:d6:62:7d:3a:23:
d9:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:58:4F:05:58:8F:8E:79:36:AE:B0:36:32:5D:36:55:3B:74:84:98
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS21859.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
148.135.194.0/24
148.135.196.0/23
148.135.204.0/23
150.241.229.0/24
150.241.231.0/24
Signature Algorithm: sha256WithRSAEncryption
99:6a:80:62:3e:62:15:f0:e5:36:0c:2c:5d:8a:3a:37:11:71:
a6:52:99:ee:ee:12:d0:e4:84:4c:79:51:1e:e9:7e:ba:f3:9a:
b6:d3:85:d6:03:8b:50:ae:21:3e:ee:5e:41:b2:39:fb:df:68:
9e:8f:69:f4:a5:33:aa:d5:1e:24:e5:5e:f3:c0:3e:94:e6:ab:
0c:27:d1:64:42:7d:32:a1:41:70:00:aa:87:d9:75:13:6c:c6:
bf:b7:fd:fe:62:24:db:2d:8f:fd:b8:33:47:7a:3e:72:37:f6:
ec:9a:54:70:54:47:7d:d5:cc:b7:67:66:a8:a0:70:c9:c2:ad:
ac:00:7d:43:5d:f0:73:bc:eb:c4:e7:77:58:fb:5e:a6:2c:1d:
a5:ce:45:99:d8:a4:bf:d8:98:88:a6:58:98:af:17:07:0c:d8:
d8:2a:c9:a7:92:56:b7:1a:8c:44:a7:e3:6a:22:49:01:fd:7f:
5b:dd:81:d8:f3:98:1c:d9:a5:3d:0f:e7:d6:2a:58:81:4f:48:
6a:f2:76:f7:59:c2:1d:b6:41:a2:f9:9e:62:a9:70:00:da:81:
65:aa:e9:f1:5f:41:4a:aa:b3:b9:19:a0:68:2c:74:ac:00:d2:
7e:c3:26:a3:1b:c4:2c:00:19:23:b3:fd:2c:5b:ab:3a:61:dc:
7b:c4:71:1a
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgIUCewpBfwiQ0j+bs6R+WTgGQNjMnYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTA1MDEyMzU1MDRaFw0yNjA1MDEwMDAwMDRaMDMxMTAvBgNV
BAMTKEY2NTg0RjA1NTg4RjhFNzkzNkFFQjAzNjMyNUQzNjU1M0I3NDg0OTgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDCqMfaViO3wobhwjLk1cXSYZ4/
4solzmk9fnwhVCCvTOdvmKUY84J+0w4SSj4XZKpszMJNjkYsKb5JaG7PUsqUtCDP
fTPzW/40I7qTxNCfDXDimWqBUCkg8wjzBK6N0je7yzHKrlnkAIJiKt4E9zz4cU5m
tp1zXk5SuwrHrTa2wPJBxNML5n7xe6J6r/BRXFSyGiM2rBJzvK4O7q49yrkZayDw
KpTCZT4SNvbt7LWihHfD4lL6pq9KylrIuGGRlooFDb7ppylneMhyvt2eamH4PT1Y
AAMdHxV/9EMHypcmDuGPQo949kPl7CUfpDRw5q0u+2nX5DDrL4bWYn06I9mdAgMB
AAGjggIhMIICHTAdBgNVHQ4EFgQU9lhPBViPjnk2rrA2Ml02VTt0hJgwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMjE4NTkucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwNwYIKwYBBQUHAQcBAf8EKDAmMCQEAgABMB4DBACUh8ID
BAGUh8QDBAGUh8wDBACW8eUDBACW8ecwDQYJKoZIhvcNAQELBQADggEBAJlqgGI+
YhXw5TYMLF2KOjcRcaZSme7uEtDkhEx5UR7pfrrzmrbThdYDi1CuIT7uXkGyOfvf
aJ6PafSlM6rVHiTlXvPAPpTmqwwn0WRCfTKhQXAAqofZdRNsxr+3/f5iJNstj/24
M0d6PnI39uyaVHBUR33VzLdnZqigcMnCrawAfUNd8HO868Tnd1j7XqYsHaXORZnY
pL/YmIimWJivFwcM2NgqyaeSVrcajESn42oiSQH9f1vdgdjzmBzZpT0P59YqWIFP
SGrydvdZwh22QaL5nmKpcADagWWq6fFfQUqqs7kZoGgsdKwA0n7DJqMbxCwAGSOz
/Sxbqzph3HvEcRo=
-----END CERTIFICATE-----
Generated at Tue May 6 00:22:57 2025 by rpki-client