Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS21859.roa
File: AS21859.roa (raw, json)
Hash identifier: 9zaNZeTmyBBhL/yFt/61rKcvIeFZyVkkcAYdRgIXCA8=
Subject key identifier: 9B:9F:46:D0:B3:C3:99:A9:A6:25:95:42:20:8B:58:B9:DB:9A:F0:22
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 251D6FFA0E1E1E24FA50A1B75571AFA785428AFB
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS21859.roa
Signing time: Thu 16 Oct 2025 06:21:10 +0000
ROA not before: Thu 16 Oct 2025 06:16:10 +0000
ROA not after: Thu 15 Oct 2026 06:21:10 +0000
asID: 21859
IP address blocks: 46.203.215.0/24 maxlen: 24
46.203.217.0/24 maxlen: 24
46.203.219.0/24 maxlen: 24
46.203.221.0/24 maxlen: 24
91.124.205.0/24 maxlen: 24
92.112.109.0/24 maxlen: 24
92.112.157.0/24 maxlen: 24
92.113.66.0/24 maxlen: 24
95.135.43.0/24 maxlen: 24
95.135.111.0/24 maxlen: 24
95.135.112.0/24 maxlen: 24
95.135.113.0/24 maxlen: 24
178.92.11.0/24 maxlen: 24
178.92.24.0/24 maxlen: 24
178.92.59.0/24 maxlen: 24
178.93.41.0/24 maxlen: 24
178.93.252.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
25:1d:6f:fa:0e:1e:1e:24:fa:50:a1:b7:55:71:af:a7:85:42:8a:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Oct 16 06:16:10 2025 GMT
Not After : Oct 15 06:21:10 2026 GMT
Subject: CN=9B9F46D0B3C399A9A6259542208B58B9DB9AF022
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:b7:6c:1b:fc:a1:1d:e0:f3:ba:9f:ac:3f:0c:
8a:e2:26:6d:12:2f:9b:e0:41:86:22:8f:aa:cb:65:
0f:4f:80:bc:85:54:fc:23:2e:ed:74:30:0c:83:1c:
5c:1e:7b:e9:7c:0d:a6:c9:61:f2:23:37:20:3c:a2:
97:28:a2:70:07:e5:62:86:82:c6:dd:fb:92:a3:06:
44:b9:be:05:77:b0:1b:b7:e3:db:b4:1a:3c:8b:b6:
6f:4f:a6:9e:0d:20:e4:0c:c8:db:7d:3f:d9:63:af:
0b:bc:e1:04:3d:7e:e6:fe:eb:69:54:58:3e:49:36:
e9:3e:c7:ec:7f:4a:9b:31:17:f1:b1:56:05:45:81:
d5:da:fa:54:62:43:3e:f8:31:2a:b8:35:aa:14:4b:
a2:53:a4:2f:6b:09:94:56:4f:c2:87:f5:6a:6b:83:
40:e0:80:d0:28:11:81:4e:a6:59:ef:ff:0e:54:99:
97:7f:30:8b:61:9a:c7:9d:5d:39:b0:51:0b:bb:95:
d4:8b:2e:41:84:17:0a:d7:18:69:bd:9a:8a:12:36:
cf:68:a5:42:74:94:b7:fc:7d:a7:60:2e:e5:e7:3b:
d4:a9:f9:4d:00:27:7b:cc:c0:22:a0:c4:ef:e4:1e:
d6:9a:06:f9:c3:69:e1:0c:8f:3c:d0:fb:35:65:47:
d6:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:9F:46:D0:B3:C3:99:A9:A6:25:95:42:20:8B:58:B9:DB:9A:F0:22
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS21859.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.203.215.0/24
46.203.217.0/24
46.203.219.0/24
46.203.221.0/24
91.124.205.0/24
92.112.109.0/24
92.112.157.0/24
92.113.66.0/24
95.135.43.0/24
95.135.111.0-95.135.113.255
178.92.11.0/24
178.92.24.0/24
178.92.59.0/24
178.93.41.0/24
178.93.252.0/24
Signature Algorithm: sha256WithRSAEncryption
96:5a:8b:21:36:a4:0c:4f:e7:c1:21:fe:f4:f6:04:98:4b:58:
01:71:4c:68:4c:e2:8e:53:d3:69:5f:56:a9:2f:48:9a:e6:18:
19:9c:f5:06:49:a7:e3:43:f6:72:8b:dc:29:23:e8:f5:52:20:
3b:35:48:fc:3b:48:d0:ca:73:12:df:d6:d0:cb:f9:3e:9e:09:
39:64:87:d0:db:0b:5d:83:80:01:39:e4:4a:4a:82:67:7e:80:
11:8c:1e:a1:cf:81:e0:16:a8:d5:b8:62:b9:89:08:73:4f:91:
c9:f5:0a:7b:68:04:bd:75:f0:b3:0b:14:a9:a3:92:f3:3b:b6:
fe:6b:e0:aa:3d:74:ed:f2:bd:b7:d3:6b:0e:f9:61:2a:fd:af:
fd:56:1b:73:68:f9:1b:4d:e0:02:d0:f9:96:2d:22:f1:ff:34:
ec:96:04:28:41:5d:d7:47:02:c9:6e:d7:61:eb:8e:d4:df:72:
be:da:0d:63:6b:c7:cf:86:43:03:86:68:2f:4f:99:c0:66:e1:
e5:42:f0:98:43:22:c9:18:cd:6d:45:7e:3e:7b:a4:49:b4:51:
be:b6:3b:7f:29:a3:74:a1:7f:cf:90:db:3b:0c:b0:15:f0:e2:
ae:a9:13:6d:42:f8:25:5f:9c:99:d4:2f:6f:ec:17:5f:73:fd:
95:25:77:ef
-----BEGIN CERTIFICATE-----
MIIFWzCCBEOgAwIBAgIUJR1v+g4eHiT6UKG3VXGvp4VCivswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNTEwMTYwNjE2MTBaFw0yNjEwMTUwNjIxMTBaMDMxMTAvBgNV
BAMTKDlCOUY0NkQwQjNDMzk5QTlBNjI1OTU0MjIwOEI1OEI5REI5QUYwMjIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDgt2wb/KEd4PO6n6w/DIriJm0S
L5vgQYYij6rLZQ9PgLyFVPwjLu10MAyDHFwee+l8DabJYfIjNyA8opcoonAH5WKG
gsbd+5KjBkS5vgV3sBu349u0GjyLtm9Ppp4NIOQMyNt9P9ljrwu84QQ9fub+62lU
WD5JNuk+x+x/SpsxF/GxVgVFgdXa+lRiQz74MSq4NaoUS6JTpC9rCZRWT8KH9Wpr
g0DggNAoEYFOplnv/w5UmZd/MIthmsedXTmwUQu7ldSLLkGEFwrXGGm9mooSNs9o
pUJ0lLf8fadgLuXnO9Sp+U0AJ3vMwCKgxO/kHtaaBvnDaeEMjzzQ+zVlR9ZtAgMB
AAGjggJlMIICYTAdBgNVHQ4EFgQUm59G0LPDmammJZVCIItYudua8CIwHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTMjE4NTkucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwewYIKwYBBQUHAQcBAf8EbDBqMGgEAgABMGIDBAAuy9cD
BAAuy9kDBAAuy9sDBAAuy90DBABbfM0DBABccG0DBABccJ0DBABccUIDBABfhysw
DAMEAF+HbwMEAV+HcAMEALJcCwMEALJcGAMEALJcOwMEALJdKQMEALJd/DANBgkq
hkiG9w0BAQsFAAOCAQEAllqLITakDE/nwSH+9PYEmEtYAXFMaEzijlPTaV9WqS9I
muYYGZz1Bkmn40P2covcKSPo9VIgOzVI/DtI0MpzEt/W0Mv5Pp4JOWSH0NsLXYOA
ATnkSkqCZ36AEYweoc+B4Bao1bhiuYkIc0+RyfUKe2gEvXXwswsUqaOS8zu2/mvg
qj107fK9t9NrDvlhKv2v/VYbc2j5G03gAtD5li0i8f807JYEKEFd10cCyW7XYeuO
1N9yvtoNY2vHz4ZDA4ZoL0+ZwGbh5ULwmEMiyRjNbUV+PnukSbRRvrY7fymjdKF/
z5DbOwywFfDirqkTbUL4JV+cmdQvb+wXX3P9lSV37w==
-----END CERTIFICATE-----
Generated at Sun Oct 19 19:36:27 2025 by rpki-client