Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS21859.roa
File: AS21859.roa (raw, json)
Hash identifier: hkrnmJNxrsumiIvzjx2KzG60xCgVlBtx2yLlvkdF0Jg=
Subject key identifier: 9B:6C:AC:B7:1F:6A:56:FD:EA:CE:EB:A4:B9:17:C7:7C:EB:AC:BB:E0
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 7BBB9121F87B0A87D9754446334D01FFA751E9D8
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS21859.roa
Signing time: Thu 26 Jun 2025 06:59:13 +0000
ROA not before: Thu 26 Jun 2025 06:54:13 +0000
ROA not after: Thu 25 Jun 2026 06:59:13 +0000
asID: 21859
IP address blocks: 46.203.215.0/24 maxlen: 24
46.203.217.0/24 maxlen: 24
46.203.219.0/24 maxlen: 24
46.203.221.0/24 maxlen: 24
92.112.157.0/24 maxlen: 24
92.113.66.0/24 maxlen: 24
95.134.194.0/24 maxlen: 24
95.135.71.0/24 maxlen: 24
95.135.103.0/24 maxlen: 24
95.135.111.0/24 maxlen: 24
95.135.112.0/24 maxlen: 24
95.135.113.0/24 maxlen: 24
95.135.119.0/24 maxlen: 24
95.135.126.0/24 maxlen: 24
178.92.59.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 15:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7b:bb:91:21:f8:7b:0a:87:d9:75:44:46:33:4d:01:ff:a7:51:e9:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Jun 26 06:54:13 2025 GMT
Not After : Jun 25 06:59:13 2026 GMT
Subject: CN=9B6CACB71F6A56FDEACEEBA4B917C77CEBACBBE0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:a0:40:5b:33:b6:f5:53:da:95:fe:66:72:21:
45:8f:81:14:21:d9:60:ad:d9:8b:b2:ae:3e:05:21:
dc:98:aa:93:1d:92:7d:2e:18:6b:05:02:5a:a3:64:
08:b3:c8:38:3f:4d:f4:1a:c6:0a:26:4c:ed:78:e3:
32:c1:a6:65:3d:32:e2:ec:62:b7:88:c2:9b:ad:d0:
fb:f6:e4:b8:04:37:db:86:f9:6d:c5:06:ac:83:33:
22:bb:34:c9:84:29:99:ad:85:69:30:36:2f:55:0f:
2b:64:e8:59:fa:78:3d:58:64:5f:16:f3:27:67:b6:
bf:68:de:4e:c3:51:03:6a:a0:25:e2:0b:88:ba:78:
bf:ea:84:c8:08:0f:0e:43:3f:42:fc:cc:cf:ee:e3:
f4:53:42:19:cc:a7:1b:fd:9f:11:32:85:3d:92:f5:
68:25:95:87:4a:16:c3:a5:d5:85:10:a0:27:71:23:
ab:ed:a3:36:70:0a:fd:34:94:f5:15:55:70:9b:ae:
f5:4c:56:60:8d:aa:45:88:be:3a:10:f0:21:af:f5:
de:3b:e7:44:7d:d6:fb:c1:bb:53:fc:97:91:d1:33:
4a:6c:07:d1:37:c3:88:f6:f9:9f:e1:13:ed:00:44:
8d:4d:c5:a3:99:5f:42:2c:2c:cd:46:95:38:11:ed:
d1:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:6C:AC:B7:1F:6A:56:FD:EA:CE:EB:A4:B9:17:C7:7C:EB:AC:BB:E0
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS21859.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.203.215.0/24
46.203.217.0/24
46.203.219.0/24
46.203.221.0/24
92.112.157.0/24
92.113.66.0/24
95.134.194.0/24
95.135.71.0/24
95.135.103.0/24
95.135.111.0-95.135.113.255
95.135.119.0/24
95.135.126.0/24
178.92.59.0/24
Signature Algorithm: sha256WithRSAEncryption
3f:e9:02:c8:f5:fe:01:a2:3b:3d:e4:35:a7:c3:ca:e4:93:15:
a6:8f:2a:b8:2f:25:c4:d2:8a:85:04:8e:23:48:40:99:47:49:
e6:e3:9c:4d:d7:79:1f:de:84:49:f3:70:08:05:57:d8:9c:73:
7e:44:47:cc:7a:f8:7d:55:dd:ee:f8:4b:71:a2:30:86:97:7e:
17:d0:07:6e:d5:dc:b4:82:f3:44:a1:74:b5:69:df:d0:23:44:
ca:a3:18:86:14:40:75:25:50:98:72:a4:56:25:f2:8f:a9:7b:
01:ba:8b:ea:2d:28:ac:bb:5e:ad:74:c8:78:b6:97:64:65:b3:
04:0e:6b:11:00:63:97:72:ff:2f:7c:3e:91:84:a4:63:b5:08:
ba:dc:f8:c7:a7:09:e3:ee:3b:38:64:b3:bc:5b:55:d8:10:b3:
1b:8a:52:9c:5a:37:bb:7d:71:8f:0e:2c:d8:24:f0:97:2a:04:
26:e9:9b:38:83:a2:7b:49:98:c2:27:11:ad:05:fc:fb:00:0c:
99:c4:f9:68:d0:2e:04:95:84:29:0e:79:ff:e5:0f:fc:50:2d:
aa:4a:89:a6:f2:ad:0e:e9:d1:dc:1a:f2:64:a0:8d:5e:20:88:
a8:c1:94:2f:5d:61:e8:f1:ab:fc:85:3d:99:0a:8c:1f:13:9b:
f6:2c:1a:36
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgIUe7uRIfh7CofZdURGM00B/6dR6dgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNTA2MjYwNjU0MTNaFw0yNjA2MjUwNjU5MTNaMDMxMTAvBgNV
BAMTKDlCNkNBQ0I3MUY2QTU2RkRFQUNFRUJBNEI5MTdDNzdDRUJBQ0JCRTAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC3oEBbM7b1U9qV/mZyIUWPgRQh
2WCt2Yuyrj4FIdyYqpMdkn0uGGsFAlqjZAizyDg/TfQaxgomTO144zLBpmU9MuLs
YreIwput0Pv25LgEN9uG+W3FBqyDMyK7NMmEKZmthWkwNi9VDytk6Fn6eD1YZF8W
8ydntr9o3k7DUQNqoCXiC4i6eL/qhMgIDw5DP0L8zM/u4/RTQhnMpxv9nxEyhT2S
9WgllYdKFsOl1YUQoCdxI6vtozZwCv00lPUVVXCbrvVMVmCNqkWIvjoQ8CGv9d47
50R91vvBu1P8l5HRM0psB9E3w4j2+Z/hE+0ARI1NxaOZX0IsLM1GlTgR7dGbAgMB
AAGjggJZMIICVTAdBgNVHQ4EFgQUm2ystx9qVv3qzuukuRfHfOusu+AwHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTMjE4NTkucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwbwYIKwYBBQUHAQcBAf8EYDBeMFwEAgABMFYDBAAuy9cD
BAAuy9kDBAAuy9sDBAAuy90DBABccJ0DBABccUIDBABfhsIDBABfh0cDBABfh2cw
DAMEAF+HbwMEAV+HcAMEAF+HdwMEAF+HfgMEALJcOzANBgkqhkiG9w0BAQsFAAOC
AQEAP+kCyPX+AaI7PeQ1p8PK5JMVpo8quC8lxNKKhQSOI0hAmUdJ5uOcTdd5H96E
SfNwCAVX2JxzfkRHzHr4fVXd7vhLcaIwhpd+F9AHbtXctILzRKF0tWnf0CNEyqMY
hhRAdSVQmHKkViXyj6l7AbqL6i0orLterXTIeLaXZGWzBA5rEQBjl3L/L3w+kYSk
Y7UIutz4x6cJ4+47OGSzvFtV2BCzG4pSnFo3u31xjw4s2CTwlyoEJumbOIOie0mY
wicRrQX8+wAMmcT5aNAuBJWEKQ55/+UP/FAtqkqJpvKtDunR3BryZKCNXiCIqMGU
L11h6PGr/IU9mQqMHxOb9iwaNg==
-----END CERTIFICATE-----
Generated at Sat Jun 28 23:55:28 2025 by rpki-client