Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS21641.roa
File: AS21641.roa (raw, json)
Hash identifier: +c3fhdVXEjcyi7HbY+NEwWMuwiWFkpDT8R3eFHxFClM=
Subject key identifier: DC:99:49:CF:8D:7E:44:14:2E:AC:AF:7C:48:DB:44:1E:62:58:50:E5
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 03A07D77C5D7C06F95054AFE8758FDA65F9A9A31
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS21641.roa
Signing time: Wed 27 May 2026 09:49:14 +0000
ROA not before: Wed 27 May 2026 09:44:14 +0000
ROA not after: Wed 26 May 2027 09:49:14 +0000
asID: 21641
IP address blocks: 168.222.87.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 04 Jun 2026 15:08:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
03:a0:7d:77:c5:d7:c0:6f:95:05:4a:fe:87:58:fd:a6:5f:9a:9a:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: May 27 09:44:14 2026 GMT
Not After : May 26 09:49:14 2027 GMT
Subject: CN=DC9949CF8D7E44142EACAF7C48DB441E625850E5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:b9:06:6a:69:7d:b3:e0:45:35:37:25:dc:8b:
fc:39:31:8a:87:f3:fa:ff:23:4b:98:d1:eb:13:64:
6d:5f:dd:ae:e5:31:b1:2a:fe:1e:d4:9c:9c:31:87:
75:c2:ce:05:2a:76:ab:47:15:59:d2:b9:c7:8a:c9:
c0:e1:eb:51:f9:b6:d1:0b:b9:9e:91:aa:03:85:61:
34:46:31:b8:e7:eb:2a:69:9e:e6:bf:59:a7:67:20:
0a:84:87:ce:e6:6f:3c:c3:5c:ac:fb:9c:5f:54:82:
d8:60:71:44:25:61:fb:1c:ba:3e:71:87:49:40:a9:
c1:3b:08:19:9d:ed:95:29:26:4f:58:b8:5d:67:bc:
63:d3:54:12:67:23:ae:7c:9e:c8:4c:b2:05:8f:f4:
83:8b:b2:0d:14:71:a2:77:19:05:46:57:89:9d:0b:
92:d6:c9:64:64:ca:dd:3b:59:c6:80:0b:e1:8d:71:
ff:44:bf:59:fe:0f:a2:d4:54:b3:82:10:5f:7e:86:
58:2d:ed:11:9a:36:ab:04:bd:dc:34:a6:ac:81:4d:
60:0b:4a:70:03:86:a0:0c:e8:ea:f4:aa:da:db:88:
ec:ba:5c:66:34:ac:d1:95:a1:cc:8b:16:88:f7:31:
3a:47:81:28:bd:54:97:1b:65:45:45:d3:dd:43:b7:
8f:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:99:49:CF:8D:7E:44:14:2E:AC:AF:7C:48:DB:44:1E:62:58:50:E5
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS21641.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
168.222.87.0/24
Signature Algorithm: sha256WithRSAEncryption
22:a2:04:7c:40:57:a9:27:f9:73:86:69:5e:76:b2:cf:b6:fa:
1d:19:49:13:ad:56:4f:a5:04:64:94:04:37:25:32:5a:6e:d4:
a1:37:97:d2:73:22:e8:47:75:54:e9:0d:50:7f:90:c4:d9:b0:
72:d7:54:c9:15:99:41:38:dd:41:fe:99:18:f1:57:fc:00:d5:
5c:df:ae:0d:d6:73:28:56:e5:d9:46:59:90:c1:c7:1e:08:3a:
8e:04:31:90:b5:5f:53:b4:85:8c:1c:ca:ac:7a:f8:06:9a:9f:
39:cb:92:c4:66:ee:e1:ff:a5:38:01:3c:74:33:be:c1:fe:a3:
03:85:ba:5a:54:87:7f:9b:a7:30:72:21:27:9f:01:8d:c8:9c:
51:6f:0a:1b:6a:b7:39:61:10:97:92:ed:e7:34:76:e5:4b:f7:
bc:8d:e2:c2:1c:e7:13:5a:cb:47:ca:0f:35:e0:54:7d:68:e1:
79:e6:ff:13:92:9e:ad:c7:7a:50:4e:c6:e4:06:f4:e9:4b:ee:
7e:79:eb:28:99:83:d4:33:14:42:25:12:39:56:48:eb:f4:0b:
25:59:3e:a2:22:1e:c0:61:aa:6e:dd:1b:dd:b7:9a:8d:c2:28:
00:2d:a1:ef:05:c8:be:c5:6d:d5:1e:54:d0:68:de:95:71:eb:
9e:b5:be:d9
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgIUA6B9d8XXwG+VBUr+h1j9pl+amjEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNjA1MjcwOTQ0MTRaFw0yNzA1MjYwOTQ5MTRaMDMxMTAvBgNV
BAMTKERDOTk0OUNGOEQ3RTQ0MTQyRUFDQUY3QzQ4REI0NDFFNjI1ODUwRTUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDiuQZqaX2z4EU1NyXci/w5MYqH
8/r/I0uY0esTZG1f3a7lMbEq/h7UnJwxh3XCzgUqdqtHFVnSuceKycDh61H5ttEL
uZ6RqgOFYTRGMbjn6yppnua/WadnIAqEh87mbzzDXKz7nF9UgthgcUQlYfscuj5x
h0lAqcE7CBmd7ZUpJk9YuF1nvGPTVBJnI658nshMsgWP9IOLsg0UcaJ3GQVGV4md
C5LWyWRkyt07WcaAC+GNcf9Ev1n+D6LUVLOCEF9+hlgt7RGaNqsEvdw0pqyBTWAL
SnADhqAM6Or0qtrbiOy6XGY0rNGVocyLFoj3MTpHgSi9VJcbZUVF091Dt49XAgMB
AAGjggIJMIICBTAdBgNVHQ4EFgQU3JlJz41+RBQurK98SNtEHmJYUOUwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMjE2NDEucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACo3lcw
DQYJKoZIhvcNAQELBQADggEBACKiBHxAV6kn+XOGaV52ss+2+h0ZSROtVk+lBGSU
BDclMlpu1KE3l9JzIuhHdVTpDVB/kMTZsHLXVMkVmUE43UH+mRjxV/wA1Vzfrg3W
cyhW5dlGWZDBxx4IOo4EMZC1X1O0hYwcyqx6+AaanznLksRm7uH/pTgBPHQzvsH+
owOFulpUh3+bpzByISefAY3InFFvChtqtzlhEJeS7ec0duVL97yN4sIc5xNay0fK
DzXgVH1o4Xnm/xOSnq3HelBOxuQG9OlL7n556yiZg9QzFEIlEjlWSOv0CyVZPqIi
HsBhqm7dG923mo3CKAAtoe8FyL7FbdUeVNBo3pVx6561vtk=
-----END CERTIFICATE-----
Generated at Thu Jun 4 01:15:20 2026 by rpki-client