Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS21859.roa
File: AS21859.roa (raw, json)
Hash identifier: CuJ2oYGl6l5GyIOpQZbmj0mK1fK4xpO6bb1ItEByJNg=
Subject key identifier: 64:96:51:75:A7:9D:C1:A8:EF:BF:9A:3A:F1:EE:F2:B1:89:8C:DB:DC
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 7989DA37C4A314D1D946BF7AC448EA9236BE53EF
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS21859.roa
Signing time: Thu 07 Aug 2025 06:37:05 +0000
ROA not before: Thu 07 Aug 2025 06:32:05 +0000
ROA not after: Thu 06 Aug 2026 06:37:05 +0000
asID: 21859
IP address blocks: 82.24.81.0/24 maxlen: 24
82.25.35.0/24 maxlen: 24
82.25.143.0/24 maxlen: 24
82.26.140.0/24 maxlen: 24
82.27.17.0/24 maxlen: 24
82.29.125.0/24 maxlen: 24
2a13:9500:aa::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 14:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
79:89:da:37:c4:a3:14:d1:d9:46:bf:7a:c4:48:ea:92:36:be:53:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Aug 7 06:32:05 2025 GMT
Not After : Aug 6 06:37:05 2026 GMT
Subject: CN=64965175A79DC1A8EFBF9A3AF1EEF2B1898CDBDC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:69:77:3d:6b:40:07:cf:44:7a:a1:a3:e0:c8:
e3:25:99:c2:c9:3f:06:8d:ae:a0:7f:68:09:14:4e:
bc:2d:02:d9:5c:30:02:cc:8b:9c:0f:fc:0a:01:42:
40:6e:f9:41:02:95:8a:18:5d:bf:d8:f1:a4:13:8a:
07:48:cd:27:45:b4:cb:bc:95:ac:2e:82:a4:a6:ea:
96:e4:7e:66:7f:fc:4d:46:08:87:7a:56:64:b6:92:
e4:1d:b4:a6:3c:09:cb:05:a8:f6:c3:cb:07:1b:3d:
a3:ff:53:45:17:9e:9f:4d:16:ee:d9:9d:bf:84:16:
5f:0d:32:7d:75:26:d9:11:c0:bc:53:a0:23:7e:bf:
95:ec:b4:82:36:78:66:a5:92:93:55:bc:ce:64:a2:
be:dc:c7:cc:c3:6c:b0:ea:29:87:82:50:68:54:dc:
3b:d8:cd:e0:a7:61:e2:9e:20:6f:55:29:6c:65:e5:
bc:e7:f7:60:22:ef:7c:8a:d5:f5:96:2b:71:00:be:
3a:59:a8:35:a0:7f:d5:fc:59:1d:a1:22:1d:dc:c4:
ed:cd:9e:c6:ed:47:a1:3a:c5:6e:b7:b6:15:2f:79:
c8:b7:27:b1:3b:0b:20:c8:fd:63:f5:3c:b6:e0:a7:
7a:5a:71:c4:d2:2d:8c:f1:76:ee:fb:79:a5:24:49:
e9:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:96:51:75:A7:9D:C1:A8:EF:BF:9A:3A:F1:EE:F2:B1:89:8C:DB:DC
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS21859.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.24.81.0/24
82.25.35.0/24
82.25.143.0/24
82.26.140.0/24
82.27.17.0/24
82.29.125.0/24
IPv6:
2a13:9500:aa::/48
Signature Algorithm: sha256WithRSAEncryption
9f:c6:75:5f:ea:d6:1b:2f:e5:9a:62:e3:92:35:0a:cc:4f:15:
d2:49:2e:c5:6a:ec:f9:c7:19:f0:30:ce:ac:7a:bf:0a:a9:07:
20:fc:ee:5d:40:49:67:5a:cf:5f:f8:6d:bc:d1:9e:26:40:94:
da:cb:23:d6:5f:cc:c9:8e:a7:16:0a:46:d5:9a:9b:19:59:40:
0e:24:62:58:8d:cf:0f:99:cf:53:0b:d0:f4:a0:16:10:3f:48:
d6:48:94:e9:4a:8e:08:7c:65:4f:a2:1e:e7:d6:7d:55:6c:14:
5b:84:fb:ef:6b:3e:54:9f:0f:2f:22:fd:d2:3a:05:de:da:92:
20:2d:75:ec:58:b7:1c:62:6c:ca:70:aa:7b:b3:a7:de:4d:94:
f0:90:ab:1c:1c:5a:87:55:7c:a0:aa:6f:f6:b2:b7:e5:93:38:
68:7b:78:b8:1e:82:79:e5:96:3e:bf:a7:ea:07:bf:20:30:f1:
a6:20:8b:5a:02:9e:22:8d:d0:07:14:36:a9:72:55:4b:c4:3d:
6b:ea:82:f1:22:0e:b0:bc:6a:4c:4e:12:07:06:86:a0:14:57:
05:32:df:8c:bc:3b:d4:f3:19:45:68:2b:c9:1e:33:95:9f:ea:
fd:a3:01:05:06:b4:45:16:f5:c4:6e:90:f9:5a:43:fa:00:85:
a1:0d:79:2a
-----BEGIN CERTIFICATE-----
MIIFLjCCBBagAwIBAgIUeYnaN8SjFNHZRr96xEjqkja+U+8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTA4MDcwNjMyMDVaFw0yNjA4MDYwNjM3MDVaMDMxMTAvBgNV
BAMTKDY0OTY1MTc1QTc5REMxQThFRkJGOUEzQUYxRUVGMkIxODk4Q0RCREMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDjaXc9a0AHz0R6oaPgyOMlmcLJ
PwaNrqB/aAkUTrwtAtlcMALMi5wP/AoBQkBu+UEClYoYXb/Y8aQTigdIzSdFtMu8
lawugqSm6pbkfmZ//E1GCId6VmS2kuQdtKY8CcsFqPbDywcbPaP/U0UXnp9NFu7Z
nb+EFl8NMn11JtkRwLxToCN+v5XstII2eGalkpNVvM5kor7cx8zDbLDqKYeCUGhU
3DvYzeCnYeKeIG9VKWxl5bzn92Ai73yK1fWWK3EAvjpZqDWgf9X8WR2hIh3cxO3N
nsbtR6E6xW63thUveci3J7E7CyDI/WP1PLbgp3paccTSLYzxdu77eaUkSekDAgMB
AAGjggI4MIICNDAdBgNVHQ4EFgQUZJZRdaedwajvv5o68e7ysYmM29wwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMjE4NTkucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwTgYIKwYBBQUHAQcBAf8EPzA9MCoEAgABMCQDBABSGFED
BABSGSMDBABSGY8DBABSGowDBABSGxEDBABSHX0wDwQCAAIwCQMHACoTlQAAqjAN
BgkqhkiG9w0BAQsFAAOCAQEAn8Z1X+rWGy/lmmLjkjUKzE8V0kkuxWrs+ccZ8DDO
rHq/CqkHIPzuXUBJZ1rPX/htvNGeJkCU2ssj1l/MyY6nFgpG1ZqbGVlADiRiWI3P
D5nPUwvQ9KAWED9I1kiU6UqOCHxlT6Ie59Z9VWwUW4T772s+VJ8PLyL90joF3tqS
IC117Fi3HGJsynCqe7On3k2U8JCrHBxah1V8oKpv9rK35ZM4aHt4uB6CeeWWPr+n
6ge/IDDxpiCLWgKeIo3QBxQ2qXJVS8Q9a+qC8SIOsLxqTE4SBwaGoBRXBTLfjLw7
1PMZRWgryR4zlZ/q/aMBBQa0RRb1xG6Q+VpD+gCFoQ15Kg==
-----END CERTIFICATE-----
Generated at Sat Aug 23 22:43:40 2025 by rpki-client