Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS21859.roa
File: AS21859.roa (raw, json)
Hash identifier: 1WS8jlUHUAjhGov79J0ZIZWjq8sJCcu8o9qy2fZe8sI=
Subject key identifier: 36:D0:D6:D1:E9:1F:00:AA:14:52:F4:30:55:1E:45:C7:EE:04:15:A4
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 3B2209D2B078BB9470FE0708B3CBCAFA2CAB1E40
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS21859.roa
Signing time: Fri 20 Jun 2025 18:34:12 +0000
ROA not before: Fri 20 Jun 2025 18:29:12 +0000
ROA not after: Fri 19 Jun 2026 18:34:12 +0000
asID: 21859
IP address blocks: 5.252.82.0/24 maxlen: 24
45.133.176.0/24 maxlen: 24
181.214.100.0/24 maxlen: 24
181.215.205.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 01:56:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3b:22:09:d2:b0:78:bb:94:70:fe:07:08:b3:cb:ca:fa:2c:ab:1e:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Jun 20 18:29:12 2025 GMT
Not After : Jun 19 18:34:12 2026 GMT
Subject: CN=36D0D6D1E91F00AA1452F430551E45C7EE0415A4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:65:e5:89:ea:41:6c:2e:98:e9:a8:b5:ee:47:
96:c3:d1:b8:02:4e:4b:16:14:e7:a0:00:c2:e8:5c:
ad:b0:11:a0:95:d2:9b:a9:16:33:41:5f:9c:6e:62:
67:a4:62:bb:95:94:81:8e:04:4c:5f:cb:6c:7e:0e:
00:a6:e1:a7:05:11:c0:49:fd:c4:7f:7d:ff:85:a4:
3a:46:dc:10:0a:9e:a5:b1:51:15:ee:96:98:6f:2b:
1f:c9:d5:a1:88:e1:76:46:f0:22:2e:74:01:de:b7:
fc:1a:b4:aa:7e:7f:79:1e:9f:16:84:93:0a:ca:7a:
5d:f4:b0:3b:65:4e:eb:15:24:cb:9d:41:c0:e3:75:
59:c6:c5:94:de:c6:b0:d8:48:5d:31:d7:ea:1b:ae:
6e:9a:9d:1a:b9:d0:26:3c:e4:6d:32:73:e0:c6:be:
cd:a5:d1:99:1e:21:84:e8:de:ef:6e:2f:5f:40:c8:
8d:9b:7e:51:e9:79:0f:13:8e:e8:2a:d4:04:5c:8d:
a5:0b:ba:25:54:d0:4e:50:f3:e4:04:07:4c:0f:e1:
8e:52:4b:f4:60:6c:64:83:48:a9:e5:8a:2b:bb:78:
8f:e1:50:b1:ab:11:b9:2d:f6:c0:11:c0:51:5a:d6:
2f:97:e9:05:15:fe:5c:e2:72:2f:ee:60:37:6f:4c:
e4:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:D0:D6:D1:E9:1F:00:AA:14:52:F4:30:55:1E:45:C7:EE:04:15:A4
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS21859.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.252.82.0/24
45.133.176.0/24
181.214.100.0/24
181.215.205.0/24
Signature Algorithm: sha256WithRSAEncryption
49:46:83:cd:90:c7:75:39:71:96:a5:4b:82:50:c2:11:d5:bd:
da:b3:c1:a6:3e:84:9c:79:15:f0:be:d3:e6:7e:f4:2e:23:36:
ba:b3:22:a2:2e:35:51:60:ea:ca:db:21:e4:8e:f0:05:25:48:
91:a1:13:56:79:cc:b4:19:8e:66:c8:60:5a:92:61:08:27:2f:
ef:ed:68:10:e5:ca:0b:ad:4b:bd:4a:1a:c7:78:27:e7:43:c1:
0d:41:7c:6a:c5:7e:50:51:f6:9d:ef:e6:86:4a:5c:05:d7:ad:
01:cc:c2:88:4e:4d:68:d6:28:ba:92:79:6a:95:9e:df:4d:ec:
bf:6b:27:ba:cd:8f:ea:32:36:2e:6e:e6:89:60:51:d4:24:44:
04:4f:d9:ad:fd:e1:50:4a:7d:ff:d7:fd:53:c4:d5:15:64:be:
5b:9b:d8:0c:e3:a8:df:e7:38:d3:e7:6f:19:55:fd:79:4e:ee:
99:be:e7:49:bc:7d:3d:e7:6c:e8:ae:57:b9:54:6d:f3:ad:e2:
16:35:3b:0e:a4:f6:08:e9:f3:b5:61:27:30:fc:87:38:1e:4b:
ee:e3:f4:1a:51:52:c5:5b:90:76:6e:4d:a8:1f:75:1b:da:f8:
a6:01:52:6a:88:9a:6c:ca:30:be:06:5e:a6:fd:94:38:96:f5:
e7:a7:c1:58
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgIUOyIJ0rB4u5Rw/gcIs8vK+iyrHkAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNTA2MjAxODI5MTJaFw0yNjA2MTkxODM0MTJaMDMxMTAvBgNV
BAMTKDM2RDBENkQxRTkxRjAwQUExNDUyRjQzMDU1MUU0NUM3RUUwNDE1QTQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDRZeWJ6kFsLpjpqLXuR5bD0bgC
TksWFOegAMLoXK2wEaCV0pupFjNBX5xuYmekYruVlIGOBExfy2x+DgCm4acFEcBJ
/cR/ff+FpDpG3BAKnqWxURXulphvKx/J1aGI4XZG8CIudAHet/watKp+f3kenxaE
kwrKel30sDtlTusVJMudQcDjdVnGxZTexrDYSF0x1+obrm6anRq50CY85G0yc+DG
vs2l0ZkeIYTo3u9uL19AyI2bflHpeQ8Tjugq1ARcjaULuiVU0E5Q8+QEB0wP4Y5S
S/RgbGSDSKnliiu7eI/hULGrEbkt9sARwFFa1i+X6QUV/lzici/uYDdvTOQlAgMB
AAGjggIbMIICFzAdBgNVHQ4EFgQUNtDW0ekfAKoUUvQwVR5Fx+4EFaQwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMjE4NTkucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwMQYIKwYBBQUHAQcBAf8EIjAgMB4EAgABMBgDBAAF/FID
BAAthbADBAC11mQDBAC1180wDQYJKoZIhvcNAQELBQADggEBAElGg82Qx3U5cZal
S4JQwhHVvdqzwaY+hJx5FfC+0+Z+9C4jNrqzIqIuNVFg6srbIeSO8AUlSJGhE1Z5
zLQZjmbIYFqSYQgnL+/taBDlygutS71KGsd4J+dDwQ1BfGrFflBR9p3v5oZKXAXX
rQHMwohOTWjWKLqSeWqVnt9N7L9rJ7rNj+oyNi5u5olgUdQkRARP2a394VBKff/X
/VPE1RVkvlub2AzjqN/nONPnbxlV/XlO7pm+50m8fT3nbOiuV7lUbfOt4hY1Ow6k
9gjp87VhJzD8hzgeS+7j9BpRUsVbkHZuTagfdRva+KYBUmqImmzKML4GXqb9lDiW
9eenwVg=
-----END CERTIFICATE-----
Generated at Sat Jun 28 14:06:29 2025 by rpki-client