Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS21840.roa
File: AS21840.roa (raw, json)
Hash identifier: u6FDUHEfRI4M+7PzmIEYoCp48DgIJBruOAhI+Yug2Aw=
Subject key identifier: E4:77:9A:A2:E3:0D:9E:B0:04:4D:68:CD:F2:0D:F4:B9:68:9D:74:A5
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 7DA8536E3FBF8E96D74A4130D6DD924495D344EA
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS21840.roa
Signing time: Sun 08 Mar 2026 02:11:43 +0000
ROA not before: Sun 08 Mar 2026 02:06:43 +0000
ROA not after: Sun 07 Mar 2027 02:11:43 +0000
asID: 21840
IP address blocks: 82.26.160.0/24 maxlen: 24
178.83.158.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 19:43:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7d:a8:53:6e:3f:bf:8e:96:d7:4a:41:30:d6:dd:92:44:95:d3:44:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Mar 8 02:06:43 2026 GMT
Not After : Mar 7 02:11:43 2027 GMT
Subject: CN=E4779AA2E30D9EB0044D68CDF20DF4B9689D74A5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:c0:26:7d:22:7e:28:46:31:bf:62:a0:c9:30:
79:8c:3c:c0:41:6c:e2:f7:b1:77:fa:b9:9b:b6:25:
76:9d:c4:69:50:64:21:98:36:72:aa:04:e8:dd:83:
62:88:68:09:9f:d1:9a:3d:bb:68:f4:e3:bd:5e:63:
c3:d3:4f:66:c0:76:cf:8d:2a:37:ce:1b:f5:e0:3a:
52:b8:70:16:8f:ec:6f:9f:fd:f0:ac:c3:4d:a9:b9:
41:b1:d5:1d:93:8f:10:58:d2:21:db:e6:7b:33:6c:
17:2a:7e:3e:bf:b1:74:f3:5d:50:36:e2:36:bd:a5:
38:f3:79:ad:8e:91:d0:40:6a:d2:7e:02:49:5a:a0:
67:40:e8:37:75:9b:4c:9f:18:2c:3b:df:a3:d4:d8:
cb:58:fa:e5:ff:c7:34:3d:fd:19:30:41:4d:74:32:
6b:c5:7a:80:58:05:fb:ac:b0:36:ce:49:19:59:aa:
c9:4f:05:33:04:7f:a1:0e:fa:19:7c:ce:4e:05:52:
c5:21:3f:21:11:0e:e9:08:10:04:71:c7:b1:52:1e:
48:83:56:da:29:7a:ab:28:64:c1:c8:67:7e:3d:74:
67:a1:ac:a7:7d:08:32:0e:55:8e:ce:cf:06:e2:70:
52:66:18:62:c2:35:1e:59:d2:3b:b4:83:e4:86:ef:
32:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:77:9A:A2:E3:0D:9E:B0:04:4D:68:CD:F2:0D:F4:B9:68:9D:74:A5
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS21840.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.26.160.0/24
178.83.158.0/24
Signature Algorithm: sha256WithRSAEncryption
48:06:11:6e:6f:04:e0:7c:43:0e:0f:10:bf:26:e4:74:12:e5:
20:31:ed:9b:45:b2:fd:58:0b:24:41:4d:77:68:b8:c8:54:76:
be:b9:20:09:90:4c:e6:cb:ab:f3:df:3f:fc:c3:a6:a5:30:62:
50:fc:e8:5d:7e:19:d8:bd:aa:f7:99:97:e9:74:bf:23:9c:a8:
aa:09:0e:cc:7d:48:2f:cc:97:1d:95:91:d3:35:16:3d:c5:f1:
f7:8b:21:a4:44:f6:c5:61:d3:ef:29:ab:e8:bd:b5:5e:6b:5f:
8a:cc:c9:69:8e:73:08:b8:93:bf:8f:18:aa:94:01:95:bd:fe:
a0:8d:48:02:82:ce:bc:47:9b:2c:14:5e:fa:ca:c0:95:49:93:
5a:9f:09:71:d0:3f:53:49:87:e2:bd:0d:c4:e5:b6:5e:2d:8e:
e2:b7:dc:63:1e:74:7a:f8:68:8a:4d:dc:9e:37:aa:2f:14:11:
b3:50:64:29:89:75:c6:17:b3:3c:36:09:df:1c:18:49:66:9e:
d3:f4:93:fd:e3:bf:28:06:e7:3c:21:60:6b:91:d5:74:00:9a:
88:c8:7a:ca:8f:27:6a:34:07:b1:5a:57:fe:00:b1:d6:64:49:
ca:6d:51:11:ef:63:ff:66:74:77:dd:03:d1:c1:18:ef:8b:30:
b8:c4:85:34
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgIUfahTbj+/jpbXSkEw1t2SRJXTROowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjAzMDgwMjA2NDNaFw0yNzAzMDcwMjExNDNaMDMxMTAvBgNV
BAMTKEU0Nzc5QUEyRTMwRDlFQjAwNDRENjhDREYyMERGNEI5Njg5RDc0QTUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDBwCZ9In4oRjG/YqDJMHmMPMBB
bOL3sXf6uZu2JXadxGlQZCGYNnKqBOjdg2KIaAmf0Zo9u2j0471eY8PTT2bAds+N
KjfOG/XgOlK4cBaP7G+f/fCsw02puUGx1R2TjxBY0iHb5nszbBcqfj6/sXTzXVA2
4ja9pTjzea2OkdBAatJ+AklaoGdA6Dd1m0yfGCw736PU2MtY+uX/xzQ9/RkwQU10
MmvFeoBYBfussDbOSRlZqslPBTMEf6EO+hl8zk4FUsUhPyERDukIEARxx7FSHkiD
VtopeqsoZMHIZ349dGehrKd9CDIOVY7OzwbicFJmGGLCNR5Z0ju0g+SG7zJdAgMB
AAGjggIPMIICCzAdBgNVHQ4EFgQU5HeaouMNnrAETWjN8g30uWiddKUwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMjE4NDAucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwDBABSGqAD
BACyU54wDQYJKoZIhvcNAQELBQADggEBAEgGEW5vBOB8Qw4PEL8m5HQS5SAx7ZtF
sv1YCyRBTXdouMhUdr65IAmQTObLq/PfP/zDpqUwYlD86F1+Gdi9qveZl+l0vyOc
qKoJDsx9SC/Mlx2VkdM1Fj3F8feLIaRE9sVh0+8pq+i9tV5rX4rMyWmOcwi4k7+P
GKqUAZW9/qCNSAKCzrxHmywUXvrKwJVJk1qfCXHQP1NJh+K9DcTltl4tjuK33GMe
dHr4aIpN3J43qi8UEbNQZCmJdcYXszw2Cd8cGElmntP0k/3jvygG5zwhYGuR1XQA
mojIesqPJ2o0B7FaV/4AsdZkScptURHvY/9mdHfdA9HBGO+LMLjEhTQ=
-----END CERTIFICATE-----
Generated at Thu Mar 26 06:09:48 2026 by rpki-client