Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS21859.roa
File: AS21859.roa (raw, json)
Hash identifier: +rvTteLEXEI+kBVI/6c/yOSWGzYzYcb7rHGImw7/OYs=
Subject key identifier: 1C:60:6A:74:9C:39:3A:80:D9:0D:D8:EB:6B:C3:10:30:18:02:27:5E
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 2A347E20DF023E572B26F92AB275C182C41B2BEF
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS21859.roa
Signing time: Thu 21 Aug 2025 07:08:58 +0000
ROA not before: Thu 21 Aug 2025 07:03:58 +0000
ROA not after: Thu 20 Aug 2026 07:08:58 +0000
asID: 21859
IP address blocks: 46.203.215.0/24 maxlen: 24
46.203.217.0/24 maxlen: 24
46.203.219.0/24 maxlen: 24
46.203.221.0/24 maxlen: 24
92.112.157.0/24 maxlen: 24
92.113.66.0/24 maxlen: 24
95.135.111.0/24 maxlen: 24
95.135.112.0/24 maxlen: 24
95.135.113.0/24 maxlen: 24
178.92.59.0/24 maxlen: 24
178.95.196.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 14:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2a:34:7e:20:df:02:3e:57:2b:26:f9:2a:b2:75:c1:82:c4:1b:2b:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Aug 21 07:03:58 2025 GMT
Not After : Aug 20 07:08:58 2026 GMT
Subject: CN=1C606A749C393A80D90DD8EB6BC310301802275E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:46:a4:9a:92:f4:33:f1:5d:35:fe:96:b1:ef:
e4:38:59:8e:48:b6:e5:0b:53:0e:e6:a4:9c:b7:3e:
4d:fd:87:e3:6b:fd:5e:82:f7:3f:04:c8:ec:81:2d:
54:05:84:89:7e:35:e3:76:f4:9f:96:83:ef:75:1d:
09:f1:03:b2:06:e0:28:a5:b4:86:17:dc:15:5d:ae:
df:54:e8:5c:91:fd:a7:7a:94:48:dd:ae:da:7e:7b:
92:9a:03:4a:b3:ea:83:6f:05:60:d0:b7:e4:85:02:
79:2c:4a:13:56:9b:81:7b:3f:66:ee:7e:3a:e6:1f:
19:44:03:1a:45:34:d1:95:23:c4:f0:5d:31:57:d4:
50:76:38:d1:8e:40:17:d7:af:ca:06:07:c5:1a:a7:
c4:09:0e:a2:e2:f1:73:c6:5e:4f:b7:ac:1e:6d:1b:
56:59:16:1e:7b:57:a0:96:4c:e3:af:c1:22:cb:ca:
6e:32:54:32:97:c3:24:7f:07:a8:a5:8f:c7:37:40:
34:9a:52:85:23:62:a5:f0:bb:53:a6:24:13:36:37:
06:57:61:06:78:64:3a:64:1a:e7:8d:9a:ef:d2:e3:
e1:bf:6d:ff:35:6f:8a:d9:4a:df:45:33:1e:54:7d:
39:5a:15:94:48:16:34:fa:0d:aa:93:35:b4:d3:a3:
c8:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:60:6A:74:9C:39:3A:80:D9:0D:D8:EB:6B:C3:10:30:18:02:27:5E
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS21859.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.203.215.0/24
46.203.217.0/24
46.203.219.0/24
46.203.221.0/24
92.112.157.0/24
92.113.66.0/24
95.135.111.0-95.135.113.255
178.92.59.0/24
178.95.196.0/24
Signature Algorithm: sha256WithRSAEncryption
0a:6a:9e:ec:35:5c:fe:d1:ee:16:98:d7:17:10:8a:7d:c7:34:
e5:1f:15:64:b5:61:81:9a:cc:0a:07:0e:0b:3c:03:ad:c1:7b:
97:ee:66:6a:76:49:11:9f:50:be:2b:23:ca:fd:da:67:92:56:
a3:b6:51:2e:c9:04:4d:58:30:e9:76:d8:9b:22:a5:5d:ac:65:
24:59:c6:7e:dd:a0:15:93:3b:50:c0:22:2d:55:3e:67:77:b3:
7e:e6:6f:71:a2:b1:f9:01:75:91:af:82:aa:28:03:ba:86:a8:
44:43:a4:35:69:fc:4e:c6:22:67:21:06:81:b5:74:27:0b:ba:
8e:21:f9:9b:d9:21:02:45:7b:15:a2:30:18:48:5a:15:95:d0:
07:67:a7:f7:ca:da:cc:61:eb:fd:7e:1b:30:93:2c:10:ff:6f:
0c:d1:45:a6:e5:79:da:b1:54:ea:6c:48:ac:fc:73:5d:70:26:
b6:ae:42:25:28:50:71:96:42:40:16:59:2e:fa:88:24:9b:2c:
d5:9c:dd:dc:69:c9:1b:dd:0a:d0:2b:15:e9:92:c5:96:fe:e4:
f3:11:57:70:01:26:72:9e:4c:a7:36:f4:43:b8:70:91:51:1e:
6f:7e:aa:09:b1:30:05:6e:1c:df:46:5a:10:fe:91:22:97:39:
25:57:a3:5b
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUKjR+IN8CPlcrJvkqsnXBgsQbK+8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNTA4MjEwNzAzNThaFw0yNjA4MjAwNzA4NThaMDMxMTAvBgNV
BAMTKDFDNjA2QTc0OUMzOTNBODBEOTBERDhFQjZCQzMxMDMwMTgwMjI3NUUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC6RqSakvQz8V01/pax7+Q4WY5I
tuULUw7mpJy3Pk39h+Nr/V6C9z8EyOyBLVQFhIl+NeN29J+Wg+91HQnxA7IG4Cil
tIYX3BVdrt9U6FyR/ad6lEjdrtp+e5KaA0qz6oNvBWDQt+SFAnksShNWm4F7P2bu
fjrmHxlEAxpFNNGVI8TwXTFX1FB2ONGOQBfXr8oGB8Uap8QJDqLi8XPGXk+3rB5t
G1ZZFh57V6CWTOOvwSLLym4yVDKXwyR/B6ilj8c3QDSaUoUjYqXwu1OmJBM2NwZX
YQZ4ZDpkGueNmu/S4+G/bf81b4rZSt9FMx5UfTlaFZRIFjT6DaqTNbTTo8jPAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUHGBqdJw5OoDZDdjra8MQMBgCJ14wHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTMjE4NTkucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwVwYIKwYBBQUHAQcBAf8ESDBGMEQEAgABMD4DBAAuy9cD
BAAuy9kDBAAuy9sDBAAuy90DBABccJ0DBABccUIwDAMEAF+HbwMEAV+HcAMEALJc
OwMEALJfxDANBgkqhkiG9w0BAQsFAAOCAQEACmqe7DVc/tHuFpjXFxCKfcc05R8V
ZLVhgZrMCgcOCzwDrcF7l+5manZJEZ9Qvisjyv3aZ5JWo7ZRLskETVgw6XbYmyKl
XaxlJFnGft2gFZM7UMAiLVU+Z3ezfuZvcaKx+QF1ka+CqigDuoaoREOkNWn8TsYi
ZyEGgbV0Jwu6jiH5m9khAkV7FaIwGEhaFZXQB2en98razGHr/X4bMJMsEP9vDNFF
puV52rFU6mxIrPxzXXAmtq5CJShQcZZCQBZZLvqIJJss1Zzd3GnJG90K0CsV6ZLF
lv7k8xFXcAEmcp5Mpzb0Q7hwkVEeb36qCbEwBW4c30ZaEP6RIpc5JVejWw==
-----END CERTIFICATE-----
Generated at Sat Aug 23 21:19:17 2025 by rpki-client