Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS21840.roa
File: AS21840.roa (raw, json)
Hash identifier: WgBeJVPtDJILLjlWl6G5jfisM7Sv+D7YZs7GJm2Hzao=
Subject key identifier: FF:47:53:61:AF:3A:61:4A:94:C2:F6:4E:C0:8B:78:42:E2:25:32:39
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 1DD52026D70215B3B811AF46DD67E5222AC65701
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS21840.roa
Signing time: Tue 24 Mar 2026 13:12:35 +0000
ROA not before: Tue 24 Mar 2026 13:07:35 +0000
ROA not after: Tue 23 Mar 2027 13:12:35 +0000
asID: 21840
IP address blocks: 92.112.37.0/24 maxlen: 24
95.134.29.0/24 maxlen: 24
95.134.52.0/24 maxlen: 24
95.134.143.0/24 maxlen: 24
95.135.199.0/24 maxlen: 24
95.135.230.0/24 maxlen: 24
178.92.184.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Mar 2026 00:55:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1d:d5:20:26:d7:02:15:b3:b8:11:af:46:dd:67:e5:22:2a:c6:57:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Mar 24 13:07:35 2026 GMT
Not After : Mar 23 13:12:35 2027 GMT
Subject: CN=FF475361AF3A614A94C2F64EC08B7842E2253239
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:e0:90:21:99:03:b9:c4:2d:98:fc:9b:9c:05:
c7:f0:ee:54:c7:a1:a4:16:9c:57:49:0b:8d:2c:cb:
4b:4e:9d:32:53:47:0f:50:04:a6:d8:0d:91:fd:9d:
72:25:bc:2c:1a:0d:79:3f:55:fc:6c:47:3b:17:19:
c4:ab:b4:94:d1:0f:bd:75:f1:9f:f8:62:dc:3c:49:
39:68:70:8d:bc:e6:23:b4:27:e8:7b:82:64:b7:bd:
49:ad:e7:be:da:4d:2a:d8:3f:a7:29:a8:1e:a5:8f:
c9:bf:6a:0d:50:e0:60:3e:f8:56:7c:f2:19:4e:41:
34:4a:d8:22:5f:d8:6e:42:3c:14:07:5d:e0:3f:8a:
d9:0c:62:6f:ed:f4:60:6d:0b:04:cb:61:58:cd:de:
29:ac:93:31:fd:e2:fb:88:70:02:e5:f2:38:58:8d:
59:13:8f:13:8b:8f:ba:19:96:56:fa:22:46:84:92:
a1:03:8f:d7:64:46:96:d7:7f:04:01:02:29:da:cc:
9f:fc:6c:31:ff:37:97:c4:88:5a:cc:a5:35:5f:a2:
b5:fd:b6:7f:60:5f:b2:5d:9a:69:21:f1:f6:2f:ff:
9f:85:49:50:ea:17:79:70:f9:70:2d:64:7d:0f:b8:
44:de:e0:b3:03:99:d9:e3:7b:0a:f5:08:52:17:a4:
25:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:47:53:61:AF:3A:61:4A:94:C2:F6:4E:C0:8B:78:42:E2:25:32:39
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS21840.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.112.37.0/24
95.134.29.0/24
95.134.52.0/24
95.134.143.0/24
95.135.199.0/24
95.135.230.0/24
178.92.184.0/24
Signature Algorithm: sha256WithRSAEncryption
8b:d3:9f:e6:27:be:44:5b:bb:fa:bd:dc:48:35:a8:42:54:0b:
35:87:e2:70:86:42:b2:e5:d3:bc:cc:d2:d4:ff:cf:63:f8:2a:
4e:80:c3:ab:2c:f7:92:47:60:b5:b8:e8:31:d3:f1:44:13:af:
50:4a:76:2b:00:0a:cb:bf:40:6d:bf:5b:05:07:db:5e:7b:ca:
c1:cc:72:cf:bd:e0:14:da:ca:cd:54:fb:38:08:93:65:29:25:
81:98:b8:56:75:49:67:2f:74:e8:38:a9:0c:89:cc:3c:37:4e:
f1:ae:55:76:9b:bb:3e:4d:e5:df:b9:2a:ea:a4:80:0a:85:b0:
bb:fe:6e:fd:c9:3c:f4:67:8e:c4:5c:8b:44:cd:78:8d:4c:7f:
b7:67:87:d1:54:fb:ce:e8:01:2f:e2:c2:70:7e:1e:e7:c9:5c:
3b:15:17:ac:87:20:4f:31:1c:f0:2d:28:37:3b:e0:2c:35:8e:
e6:ac:bb:14:20:fd:75:f9:c6:11:83:44:57:e4:bb:50:2f:eb:
fc:a0:4e:33:a3:3a:d2:ee:80:12:4e:b9:a5:67:34:da:7f:5d:
e3:7f:7c:1e:2e:d7:a2:9a:60:90:9c:37:ff:10:e7:5d:2e:2e:
a5:8d:e8:e1:61:84:74:c4:bd:a0:36:5f:c7:8f:03:85:b5:e7:
44:d6:49:8f
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgIUHdUgJtcCFbO4Ea9G3WflIirGVwEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNjAzMjQxMzA3MzVaFw0yNzAzMjMxMzEyMzVaMDMxMTAvBgNV
BAMTKEZGNDc1MzYxQUYzQTYxNEE5NEMyRjY0RUMwOEI3ODQyRTIyNTMyMzkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC14JAhmQO5xC2Y/JucBcfw7lTH
oaQWnFdJC40sy0tOnTJTRw9QBKbYDZH9nXIlvCwaDXk/VfxsRzsXGcSrtJTRD711
8Z/4Ytw8STlocI285iO0J+h7gmS3vUmt577aTSrYP6cpqB6lj8m/ag1Q4GA++FZ8
8hlOQTRK2CJf2G5CPBQHXeA/itkMYm/t9GBtCwTLYVjN3imskzH94vuIcALl8jhY
jVkTjxOLj7oZllb6IkaEkqEDj9dkRpbXfwQBAinazJ/8bDH/N5fEiFrMpTVforX9
tn9gX7Jdmmkh8fYv/5+FSVDqF3lw+XAtZH0PuETe4LMDmdnjewr1CFIXpCUzAgMB
AAGjggItMIICKTAdBgNVHQ4EFgQU/0dTYa86YUqUwvZOwIt4QuIlMjkwHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTMjE4NDAucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwQwYIKwYBBQUHAQcBAf8ENDAyMDAEAgABMCoDBABccCUD
BABfhh0DBABfhjQDBABfho8DBABfh8cDBABfh+YDBACyXLgwDQYJKoZIhvcNAQEL
BQADggEBAIvTn+YnvkRbu/q93Eg1qEJUCzWH4nCGQrLl07zM0tT/z2P4Kk6Aw6ss
95JHYLW46DHT8UQTr1BKdisACsu/QG2/WwUH2157ysHMcs+94BTays1U+zgIk2Up
JYGYuFZ1SWcvdOg4qQyJzDw3TvGuVXabuz5N5d+5KuqkgAqFsLv+bv3JPPRnjsRc
i0TNeI1Mf7dnh9FU+87oAS/iwnB+HufJXDsVF6yHIE8xHPAtKDc74Cw1juasuxQg
/XX5xhGDRFfku1Av6/ygTjOjOtLugBJOuaVnNNp/XeN/fB4u16KaYJCcN/8Q510u
LqWN6OFhhHTEvaA2X8ePA4W150TWSY8=
-----END CERTIFICATE-----
Generated at Sat Mar 28 10:13:51 2026 by rpki-client