Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS21859.roa
File: AS21859.roa (raw, json)
Hash identifier: Kj03H1V2fF5GReOeo3rVYCLr+4Ptj9X8PIIMI92PhuE=
Subject key identifier: B0:0A:EE:03:59:66:5B:53:DF:5A:96:40:1A:FD:4E:E4:09:64:88:5E
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 6AE9755DAD33A152038844E44759B951CA633E0E
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS21859.roa
Signing time: Wed 17 Sep 2025 00:06:25 +0000
ROA not before: Wed 17 Sep 2025 00:01:25 +0000
ROA not after: Wed 16 Sep 2026 00:06:25 +0000
asID: 21859
IP address blocks: 96.62.218.0/24 maxlen: 24
96.62.255.0/24 maxlen: 24
140.233.187.0/24 maxlen: 24
143.14.142.0/24 maxlen: 24
146.103.30.0/24 maxlen: 24
148.135.193.0/24 maxlen: 24
148.135.196.0/23 maxlen: 23
148.135.204.0/23 maxlen: 23
148.135.207.0/24 maxlen: 24
150.241.237.0/24 maxlen: 24
155.117.63.0/24 maxlen: 24
155.117.240.0/24 maxlen: 24
167.148.194.0/24 maxlen: 24
167.148.223.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 19 Sep 2025 11:24:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6a:e9:75:5d:ad:33:a1:52:03:88:44:e4:47:59:b9:51:ca:63:3e:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Sep 17 00:01:25 2025 GMT
Not After : Sep 16 00:06:25 2026 GMT
Subject: CN=B00AEE0359665B53DF5A96401AFD4EE40964885E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:51:1d:7e:f6:35:7c:d4:2f:a3:93:5f:6b:31:
6b:a1:37:c6:ba:ed:e6:77:57:72:a4:74:0f:fd:be:
02:85:41:07:9f:15:6b:3d:b4:f3:3f:ba:9f:cf:53:
27:8b:8f:9c:9a:26:a6:c9:4e:09:8a:e1:47:4a:66:
72:eb:d7:9a:41:59:75:ac:54:56:57:19:74:34:4a:
9e:d3:5f:f6:77:fb:c2:11:b7:d3:b5:8f:f3:f2:03:
02:11:05:05:ca:dd:2c:12:d2:b0:fe:ce:1a:43:3c:
96:b8:de:83:2c:a9:33:dc:76:a2:a5:33:f4:db:81:
a3:bd:f3:4e:e1:91:96:ba:4d:5b:7b:fd:07:11:b1:
78:5a:75:6e:28:50:0b:0a:49:ce:6c:56:30:4d:f3:
12:6a:65:49:95:42:a1:62:9c:d0:15:7c:4b:77:72:
55:e1:75:69:44:b4:7e:0b:21:b1:da:2b:7a:d6:bd:
59:ab:2d:f0:01:6d:97:10:ed:e2:bd:cb:ad:d0:23:
d4:2e:0f:1c:b9:e2:69:0b:26:b0:f7:07:5d:cb:cd:
3e:41:63:96:5f:e0:7f:de:a5:94:74:c9:c5:c5:7f:
c0:fb:7a:65:1c:e1:b4:85:88:2b:ec:94:b9:fc:d0:
23:38:26:67:0f:a1:5a:47:86:ff:ee:63:04:4d:8c:
43:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:0A:EE:03:59:66:5B:53:DF:5A:96:40:1A:FD:4E:E4:09:64:88:5E
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS21859.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
96.62.218.0/24
96.62.255.0/24
140.233.187.0/24
143.14.142.0/24
146.103.30.0/24
148.135.193.0/24
148.135.196.0/23
148.135.204.0/23
148.135.207.0/24
150.241.237.0/24
155.117.63.0/24
155.117.240.0/24
167.148.194.0/24
167.148.223.0/24
Signature Algorithm: sha256WithRSAEncryption
77:f9:82:2e:7e:7e:16:12:1f:37:38:fa:8c:9e:7d:d4:11:90:
fc:61:7b:30:68:cf:6c:e2:f4:c1:8c:23:ba:84:e4:f3:42:85:
41:86:38:07:09:99:51:dc:9b:96:f5:aa:a1:3e:fb:21:bd:db:
31:73:fa:09:c7:22:1e:ba:31:ec:59:ac:f3:cd:b2:3f:9f:68:
fb:09:74:42:e0:66:ae:f3:70:19:3b:5c:56:a1:56:62:ae:21:
e2:4a:c8:37:1e:09:10:d1:5f:08:09:41:a5:d2:af:df:da:9a:
8c:37:c3:f0:e3:6f:e2:7d:6f:4f:ea:d2:d9:f5:ad:fc:79:dd:
03:dc:e0:d2:a0:e6:5d:4a:e5:a4:8a:de:a0:5d:c2:da:b8:39:
4b:b9:ab:9d:8e:e2:2e:3c:aa:52:ae:a1:77:74:3c:2f:95:e0:
81:9d:36:b2:3e:ec:5a:76:b0:e5:ae:65:33:9e:06:a9:97:74:
b0:1a:0f:b2:50:f9:79:00:e8:7a:15:d5:37:c4:17:4c:e4:bb:
f9:df:43:9a:b9:7c:cd:b5:ca:ad:0f:7f:7c:4d:2d:f3:1f:a0:
0e:d5:8a:b0:bc:06:fd:91:db:1e:89:6b:e3:00:58:ed:b8:bd:
b6:f3:39:29:b3:4a:22:8e:f1:c8:6b:ce:8d:79:eb:30:01:82:
16:63:c7:e8
-----BEGIN CERTIFICATE-----
MIIFTTCCBDWgAwIBAgIUaul1Xa0zoVIDiETkR1m5UcpjPg4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTA5MTcwMDAxMjVaFw0yNjA5MTYwMDA2MjVaMDMxMTAvBgNV
BAMTKEIwMEFFRTAzNTk2NjVCNTNERjVBOTY0MDFBRkQ0RUU0MDk2NDg4NUUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDAUR1+9jV81C+jk19rMWuhN8a6
7eZ3V3KkdA/9vgKFQQefFWs9tPM/up/PUyeLj5yaJqbJTgmK4UdKZnLr15pBWXWs
VFZXGXQ0Sp7TX/Z3+8IRt9O1j/PyAwIRBQXK3SwS0rD+zhpDPJa43oMsqTPcdqKl
M/TbgaO9807hkZa6TVt7/QcRsXhadW4oUAsKSc5sVjBN8xJqZUmVQqFinNAVfEt3
clXhdWlEtH4LIbHaK3rWvVmrLfABbZcQ7eK9y63QI9QuDxy54mkLJrD3B13LzT5B
Y5Zf4H/epZR0ycXFf8D7emUc4bSFiCvslLn80CM4JmcPoVpHhv/uYwRNjEOxAgMB
AAGjggJXMIICUzAdBgNVHQ4EFgQUsAruA1lmW1PfWpZAGv1O5AlkiF4wHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMjE4NTkucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwbQYIKwYBBQUHAQcBAf8EXjBcMFoEAgABMFQDBABgPtoD
BABgPv8DBACM6bsDBACPDo4DBACSZx4DBACUh8EDBAGUh8QDBAGUh8wDBACUh88D
BACW8e0DBACbdT8DBACbdfADBACnlMIDBACnlN8wDQYJKoZIhvcNAQELBQADggEB
AHf5gi5+fhYSHzc4+oyefdQRkPxhezBoz2zi9MGMI7qE5PNChUGGOAcJmVHcm5b1
qqE++yG92zFz+gnHIh66MexZrPPNsj+faPsJdELgZq7zcBk7XFahVmKuIeJKyDce
CRDRXwgJQaXSr9/amow3w/Djb+J9b0/q0tn1rfx53QPc4NKg5l1K5aSK3qBdwtq4
OUu5q52O4i48qlKuoXd0PC+V4IGdNrI+7Fp2sOWuZTOeBqmXdLAaD7JQ+XkA6HoV
1TfEF0zku/nfQ5q5fM21yq0Pf3xNLfMfoA7VirC8Bv2R2x6Ja+MAWO24vbbzOSmz
SiKO8chrzo156zABghZjx+g=
-----END CERTIFICATE-----
Generated at Fri Sep 19 04:11:13 2025 by rpki-client