Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS21840.roa
File: AS21840.roa (raw, json)
Hash identifier: w2M4IMEHxDlPqfx6l/CquyY9u42Uef2zEkYvspcjb5E=
Subject key identifier: F1:5E:B0:37:B5:38:ED:AB:62:37:B1:2B:5E:60:3F:61:39:E1:A2:E8
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 6AB2FDC408161A00B0DFE886BF78DDB3D3C74EF0
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS21840.roa
Signing time: Fri 06 Jun 2025 01:54:37 +0000
ROA not before: Fri 06 Jun 2025 01:49:37 +0000
ROA not after: Fri 05 Jun 2026 01:54:37 +0000
asID: 21840
IP address blocks: 96.62.247.0/24 maxlen: 24
143.14.132.0/24 maxlen: 24
148.135.173.0/24 maxlen: 24
150.241.198.0/24 maxlen: 24
167.148.196.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 06 Jun 2025 20:42:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6a:b2:fd:c4:08:16:1a:00:b0:df:e8:86:bf:78:dd:b3:d3:c7:4e:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Jun 6 01:49:37 2025 GMT
Not After : Jun 5 01:54:37 2026 GMT
Subject: CN=F15EB037B538EDAB6237B12B5E603F6139E1A2E8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:1b:ac:8b:ac:3e:4d:00:90:ba:0a:7a:82:92:
73:48:db:96:74:5f:ed:99:81:be:da:09:0e:6a:cf:
b8:f6:e2:71:da:d7:76:de:23:ff:96:b6:31:0a:03:
3f:30:ae:21:45:7e:55:93:b6:bc:ea:42:1e:65:b4:
b2:3d:67:4e:ee:6f:ba:93:7f:4f:d0:f1:e9:de:f5:
91:39:d4:9b:15:75:01:95:93:79:47:73:24:89:b4:
15:59:f9:dc:38:6d:73:dd:2c:ee:02:a1:05:4e:43:
18:62:62:cb:e3:41:98:ed:cc:67:41:f0:87:62:00:
68:a3:dc:30:b6:e6:19:56:2b:be:b7:cf:68:c4:cf:
4d:e6:3d:9a:aa:44:1c:ca:56:bf:c1:eb:4a:cf:70:
96:be:02:b1:2a:78:26:50:4d:b4:db:bb:14:d9:82:
fa:1f:67:fd:7d:4d:81:00:e4:d0:0f:50:4d:5d:e2:
33:c6:aa:e1:9c:c0:66:29:1d:aa:da:9a:21:bf:1d:
0b:19:89:54:bc:dd:33:89:a9:71:fb:45:14:57:e1:
94:e3:fb:e6:06:40:34:b8:85:5d:08:48:54:00:97:
50:18:9a:5c:4a:ca:d2:e0:48:c8:55:a7:86:7a:61:
a1:69:8b:33:85:86:aa:66:fb:f2:4a:88:8d:bd:09:
91:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:5E:B0:37:B5:38:ED:AB:62:37:B1:2B:5E:60:3F:61:39:E1:A2:E8
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS21840.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
96.62.247.0/24
143.14.132.0/24
148.135.173.0/24
150.241.198.0/24
167.148.196.0/24
Signature Algorithm: sha256WithRSAEncryption
2f:a5:4d:74:5c:4a:47:9f:b0:43:90:a9:83:a2:f9:f9:fb:a7:
4f:73:34:aa:3e:f6:43:d4:4e:c6:73:3a:2a:92:bb:51:3f:10:
25:bf:7b:2e:74:95:a7:11:8c:e3:28:95:49:1d:15:26:da:1b:
95:29:2b:07:c4:87:f5:6f:81:ce:78:ea:37:29:ec:b8:62:62:
9e:52:13:b0:83:8c:a9:8b:41:be:25:59:58:ac:5f:51:02:f7:
b7:30:fc:93:a9:e2:5b:0f:00:5e:06:fc:49:f9:d9:6f:a7:fc:
25:ee:f4:92:81:e9:2a:9c:f2:67:d7:6f:d0:21:99:7c:5d:0c:
80:6b:7d:29:eb:cb:b3:fd:92:b1:2a:25:99:fd:b4:c4:25:af:
0f:2c:e9:40:24:3c:ce:c2:cc:2f:71:70:76:67:97:e6:f9:11:
94:46:78:af:ca:c4:e7:64:99:05:ed:76:2d:79:b8:e0:d4:1d:
50:ca:1c:7e:46:af:32:d8:a3:97:c2:d2:2f:dd:d4:5d:b1:79:
f7:d0:cd:96:05:da:2f:69:91:b1:8d:b4:7a:07:3e:d7:ff:e8:
f0:10:a6:71:e5:9d:0a:c2:aa:2f:49:8c:c4:e9:f4:00:d7:2f:
9c:c6:72:2c:e2:2a:e2:ff:fb:25:9b:72:40:eb:c8:25:3f:9b:
a9:7d:ea:14
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgIUarL9xAgWGgCw3+iGv3jds9PHTvAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTA2MDYwMTQ5MzdaFw0yNjA2MDUwMTU0MzdaMDMxMTAvBgNV
BAMTKEYxNUVCMDM3QjUzOEVEQUI2MjM3QjEyQjVFNjAzRjYxMzlFMUEyRTgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDmG6yLrD5NAJC6CnqCknNI25Z0
X+2Zgb7aCQ5qz7j24nHa13beI/+WtjEKAz8wriFFflWTtrzqQh5ltLI9Z07ub7qT
f0/Q8ene9ZE51JsVdQGVk3lHcySJtBVZ+dw4bXPdLO4CoQVOQxhiYsvjQZjtzGdB
8IdiAGij3DC25hlWK763z2jEz03mPZqqRBzKVr/B60rPcJa+ArEqeCZQTbTbuxTZ
gvofZ/19TYEA5NAPUE1d4jPGquGcwGYpHaramiG/HQsZiVS83TOJqXH7RRRX4ZTj
++YGQDS4hV0ISFQAl1AYmlxKytLgSMhVp4Z6YaFpizOFhqpm+/JKiI29CZGzAgMB
AAGjggIhMIICHTAdBgNVHQ4EFgQU8V6wN7U47atiN7ErXmA/YTnhougwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMjE4NDAucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwNwYIKwYBBQUHAQcBAf8EKDAmMCQEAgABMB4DBABgPvcD
BACPDoQDBACUh60DBACW8cYDBACnlMQwDQYJKoZIhvcNAQELBQADggEBAC+lTXRc
SkefsEOQqYOi+fn7p09zNKo+9kPUTsZzOiqSu1E/ECW/ey50lacRjOMolUkdFSba
G5UpKwfEh/Vvgc546jcp7LhiYp5SE7CDjKmLQb4lWVisX1EC97cw/JOp4lsPAF4G
/En52W+n/CXu9JKB6Sqc8mfXb9AhmXxdDIBrfSnry7P9krEqJZn9tMQlrw8s6UAk
PM7CzC9xcHZnl+b5EZRGeK/KxOdkmQXtdi15uODUHVDKHH5GrzLYo5fC0i/d1F2x
effQzZYF2i9pkbGNtHoHPtf/6PAQpnHlnQrCqi9JjMTp9ADXL5zGciziKuL/+yWb
ckDryCU/m6l96hQ=
-----END CERTIFICATE-----
Generated at Fri Jun 6 04:57:29 2025 by rpki-client