Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS21859.roa
File: AS21859.roa (raw, json)
Hash identifier: WsUkEASLPUPdLWZXYCUqRwU4oOdyJxoQd0EtWSroRUc=
Subject key identifier: 33:D4:59:AC:CA:3C:3C:1D:C9:B3:D6:B8:59:11:39:41:F6:5E:28:98
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 2E3C3FAF7828DE8BADCE180A5361338905AEAC78
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS21859.roa
Signing time: Wed 27 May 2026 08:05:53 +0000
ROA not before: Wed 27 May 2026 08:00:53 +0000
ROA not after: Wed 26 May 2027 08:05:53 +0000
asID: 21859
IP address blocks: 143.14.125.0/24 maxlen: 24
150.241.131.0/24 maxlen: 24
162.141.121.0/24 maxlen: 24
167.148.120.0/23 maxlen: 23
168.222.4.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 04 Jun 2026 15:08:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2e:3c:3f:af:78:28:de:8b:ad:ce:18:0a:53:61:33:89:05:ae:ac:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: May 27 08:00:53 2026 GMT
Not After : May 26 08:05:53 2027 GMT
Subject: CN=33D459ACCA3C3C1DC9B3D6B859113941F65E2898
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:65:3f:c0:43:20:8f:1c:a2:63:89:6d:12:c3:
cd:0f:28:bf:35:cf:f2:15:ea:da:35:58:a2:81:03:
7a:93:03:e9:ea:4e:db:26:58:95:fb:65:e5:06:43:
1e:f3:d6:9e:98:8b:4a:c9:b7:ce:62:d3:79:0b:bb:
02:55:e3:c6:b7:56:19:c1:da:e0:da:44:cf:a0:ca:
dd:3e:8e:1f:7e:eb:a3:f4:87:35:0f:b0:ab:02:68:
64:9c:59:b1:ff:f1:24:5f:71:82:fb:7e:a9:78:dc:
b8:f5:b6:8e:50:0d:8c:75:a7:c3:e5:34:94:62:04:
31:cb:25:1a:40:77:d4:4d:d3:21:dc:7c:24:f8:ed:
02:f2:25:28:30:84:19:fd:6e:4c:90:dd:42:63:2c:
68:f4:19:73:7c:a1:57:5c:19:17:ea:42:f5:25:92:
9b:56:d2:c9:ff:1b:b3:f9:b5:3f:91:ec:ae:de:a0:
0c:08:92:e6:81:e6:c6:35:ac:de:7a:d2:49:22:fd:
e0:3b:5e:e2:ed:4a:94:4c:de:db:9e:7b:5e:ba:0c:
8e:96:b0:44:f1:11:81:ff:f3:1a:d6:56:69:51:c9:
ae:e6:89:f2:a9:22:b9:ea:55:58:fa:91:d3:67:b0:
77:ca:89:b9:8d:b0:e4:0d:79:79:55:04:16:35:0f:
b9:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:D4:59:AC:CA:3C:3C:1D:C9:B3:D6:B8:59:11:39:41:F6:5E:28:98
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS21859.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.14.125.0/24
150.241.131.0/24
162.141.121.0/24
167.148.120.0/23
168.222.4.0/24
Signature Algorithm: sha256WithRSAEncryption
9e:f0:73:7e:96:3b:ef:54:23:77:a3:26:9c:a2:54:be:a5:6b:
fa:63:a2:cc:aa:b8:20:33:b9:6d:7a:b6:da:c1:8c:27:72:81:
58:7a:b4:d8:2b:d5:ef:a4:e2:60:fc:76:18:6a:73:88:f7:45:
5c:9f:c5:de:37:ef:d9:1e:76:67:55:a2:13:5d:ca:2b:21:38:
d4:bc:f8:42:9b:a5:fe:7d:c2:84:65:53:9d:16:f6:99:c3:39:
be:7a:05:4f:da:d5:6b:4e:4d:42:22:f7:db:a0:02:8e:7d:3d:
63:78:04:1c:9c:83:95:96:d5:d3:a7:af:0b:9a:a3:4b:2f:25:
a2:cd:e2:6d:86:2c:a1:42:c4:d8:a7:7d:11:e0:9f:78:0a:e6:
33:1e:57:d0:98:9e:13:bd:f1:84:b6:8f:b1:5c:d6:a8:c7:87:
50:ed:bf:8b:94:91:41:2c:b7:79:c6:c9:22:20:c4:96:1a:cb:
8c:a0:cf:01:c0:2d:6c:79:37:b1:de:23:c5:f0:07:1b:88:57:
0a:f0:50:89:e4:72:93:1f:59:3e:73:f0:c6:c7:61:8a:aa:ea:
fb:0c:d0:23:a3:62:c0:c6:13:9f:63:23:56:53:03:11:85:09:
71:b2:f5:b5:cf:9d:1f:86:fa:81:bf:10:fa:d6:53:b5:a3:ea:
5f:7a:fd:05
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgIULjw/r3go3outzhgKU2EziQWurHgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNjA1MjcwODAwNTNaFw0yNzA1MjYwODA1NTNaMDMxMTAvBgNV
BAMTKDMzRDQ1OUFDQ0EzQzNDMURDOUIzRDZCODU5MTEzOTQxRjY1RTI4OTgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCRZT/AQyCPHKJjiW0Sw80PKL81
z/IV6to1WKKBA3qTA+nqTtsmWJX7ZeUGQx7z1p6Yi0rJt85i03kLuwJV48a3VhnB
2uDaRM+gyt0+jh9+66P0hzUPsKsCaGScWbH/8SRfcYL7fql43Lj1to5QDYx1p8Pl
NJRiBDHLJRpAd9RN0yHcfCT47QLyJSgwhBn9bkyQ3UJjLGj0GXN8oVdcGRfqQvUl
kptW0sn/G7P5tT+R7K7eoAwIkuaB5sY1rN560kki/eA7XuLtSpRM3tuee166DI6W
sETxEYH/8xrWVmlRya7mifKpIrnqVVj6kdNnsHfKibmNsOQNeXlVBBY1D7lNAgMB
AAGjggIhMIICHTAdBgNVHQ4EFgQUM9RZrMo8PB3Js9a4WRE5QfZeKJgwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMjE4NTkucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwNwYIKwYBBQUHAQcBAf8EKDAmMCQEAgABMB4DBACPDn0D
BACW8YMDBACijXkDBAGnlHgDBACo3gQwDQYJKoZIhvcNAQELBQADggEBAJ7wc36W
O+9UI3ejJpyiVL6la/pjosyquCAzuW16ttrBjCdygVh6tNgr1e+k4mD8dhhqc4j3
RVyfxd4379kedmdVohNdyishONS8+EKbpf59woRlU50W9pnDOb56BU/a1WtOTUIi
99ugAo59PWN4BBycg5WW1dOnrwuao0svJaLN4m2GLKFCxNinfRHgn3gK5jMeV9CY
nhO98YS2j7Fc1qjHh1Dtv4uUkUEst3nGySIgxJYay4ygzwHALWx5N7HeI8XwBxuI
VwrwUInkcpMfWT5z8MbHYYqq6vsM0COjYsDGE59jI1ZTAxGFCXGy9bXPnR+G+oG/
EPrWU7Wj6l96/QU=
-----END CERTIFICATE-----
Generated at Thu Jun 4 01:17:06 2026 by rpki-client