Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS21859.roa
File: AS21859.roa (raw, json)
Hash identifier: KAwrDp+5POds2CnI+1J0MXFVL1oZ4MtaqNrRMhiMM3A=
Subject key identifier: 58:C2:9E:36:8B:FD:01:D2:15:4E:0C:CD:D5:06:EF:BB:34:3C:BC:44
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 7A4D816E7ACC3CA3B2D9A69790B5A9B7902CC726
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS21859.roa
Signing time: Tue 26 Aug 2025 03:21:48 +0000
ROA not before: Tue 26 Aug 2025 03:16:48 +0000
ROA not after: Tue 25 Aug 2026 03:21:48 +0000
asID: 21859
IP address blocks: 5.252.82.0/24 maxlen: 24
45.133.176.0/24 maxlen: 24
179.61.140.0/24 maxlen: 24
181.214.100.0/24 maxlen: 24
181.215.205.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 06 Sep 2025 10:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7a:4d:81:6e:7a:cc:3c:a3:b2:d9:a6:97:90:b5:a9:b7:90:2c:c7:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Aug 26 03:16:48 2025 GMT
Not After : Aug 25 03:21:48 2026 GMT
Subject: CN=58C29E368BFD01D2154E0CCDD506EFBB343CBC44
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f4:f2:15:ff:74:6f:40:6f:82:50:4e:ea:b4:88:
2c:b2:12:20:57:b7:9b:58:bb:0c:5e:a2:86:17:ea:
7a:fb:33:66:0b:e9:04:50:95:72:42:77:62:4e:f9:
1e:b2:c8:08:2e:8d:d1:28:89:9d:8d:7c:f7:f9:88:
cf:9f:4b:96:b7:49:98:18:94:4d:ef:e9:43:66:39:
1c:51:c4:9d:9a:e9:42:ad:53:26:ca:75:e2:d8:4a:
ec:93:80:04:e7:22:b0:bb:4d:4b:eb:16:8d:6e:a7:
7f:f7:33:e0:bd:ca:4f:c8:84:88:aa:86:5c:7a:19:
8d:10:5b:9e:aa:48:0e:d2:02:94:64:89:23:7f:61:
02:de:ef:68:10:aa:a8:15:94:08:0f:90:05:f6:01:
9d:22:22:da:77:72:96:9f:28:44:59:73:56:29:fa:
03:d2:4d:aa:79:c1:ae:00:eb:32:93:97:8a:92:14:
1c:12:ab:dd:25:89:ed:f1:b0:90:d7:80:17:7c:3a:
3e:cc:71:6f:e8:aa:19:bd:36:ee:5a:59:96:ed:c3:
29:26:45:53:fd:e4:ab:d9:9b:31:a9:1b:45:13:0a:
f7:89:be:2f:16:7e:79:f1:b1:42:79:6a:8c:f7:4c:
2b:d2:7a:8e:2f:57:e9:c7:37:e4:02:c7:4d:e2:4b:
67:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:C2:9E:36:8B:FD:01:D2:15:4E:0C:CD:D5:06:EF:BB:34:3C:BC:44
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS21859.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.252.82.0/24
45.133.176.0/24
179.61.140.0/24
181.214.100.0/24
181.215.205.0/24
Signature Algorithm: sha256WithRSAEncryption
65:d4:43:72:89:30:bf:b9:87:16:d0:90:e8:6a:56:c6:57:7f:
51:98:c1:74:f4:24:24:0d:76:67:47:8f:46:d4:c4:cf:16:e5:
77:42:39:6a:68:2b:3d:83:88:ad:a0:16:6d:4e:9e:9c:b7:8c:
ff:97:f6:da:14:29:db:11:ef:20:04:27:be:e2:8f:95:eb:bc:
90:08:3d:4b:b3:8a:a2:16:32:cc:e4:7a:27:5e:32:eb:b9:34:
9b:cb:ae:ea:32:9f:49:a3:41:ab:f8:83:f5:11:f3:d5:48:4d:
f2:a6:80:24:8f:6c:59:94:9f:a8:f6:d5:72:3a:bd:53:da:4c:
09:00:34:41:88:98:93:64:05:be:57:54:5b:06:8b:25:5a:3f:
a5:aa:af:d1:c2:76:7c:78:1e:c0:54:04:ab:99:35:8c:aa:6b:
90:55:ba:e3:eb:86:6b:5c:9e:5e:e2:2a:ee:a4:73:e3:23:a7:
9c:58:67:08:bf:17:15:98:f2:a0:77:a0:4e:c0:f1:e4:65:74:
23:43:65:69:14:59:fd:7e:6f:35:5a:e4:db:df:bf:24:70:ca:
00:f1:2f:95:db:95:8b:88:79:c1:a2:84:4d:4e:39:98:1d:0e:
4b:60:3d:e9:b2:40:ee:8b:45:0f:b7:bb:9c:36:27:f0:7d:2d:
80:5f:ad:04
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgIUek2BbnrMPKOy2aaXkLWpt5AsxyYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNTA4MjYwMzE2NDhaFw0yNjA4MjUwMzIxNDhaMDMxMTAvBgNV
BAMTKDU4QzI5RTM2OEJGRDAxRDIxNTRFMENDREQ1MDZFRkJCMzQzQ0JDNDQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQD08hX/dG9Ab4JQTuq0iCyyEiBX
t5tYuwxeooYX6nr7M2YL6QRQlXJCd2JO+R6yyAgujdEoiZ2NfPf5iM+fS5a3SZgY
lE3v6UNmORxRxJ2a6UKtUybKdeLYSuyTgATnIrC7TUvrFo1up3/3M+C9yk/IhIiq
hlx6GY0QW56qSA7SApRkiSN/YQLe72gQqqgVlAgPkAX2AZ0iItp3cpafKERZc1Yp
+gPSTap5wa4A6zKTl4qSFBwSq90lie3xsJDXgBd8Oj7McW/oqhm9Nu5aWZbtwykm
RVP95KvZmzGpG0UTCveJvi8WfnnxsUJ5aoz3TCvSeo4vV+nHN+QCx03iS2fpAgMB
AAGjggIhMIICHTAdBgNVHQ4EFgQUWMKeNov9AdIVTgzN1QbvuzQ8vEQwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMjE4NTkucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwNwYIKwYBBQUHAQcBAf8EKDAmMCQEAgABMB4DBAAF/FID
BAAthbADBACzPYwDBAC11mQDBAC1180wDQYJKoZIhvcNAQELBQADggEBAGXUQ3KJ
ML+5hxbQkOhqVsZXf1GYwXT0JCQNdmdHj0bUxM8W5XdCOWpoKz2DiK2gFm1Onpy3
jP+X9toUKdsR7yAEJ77ij5XrvJAIPUuziqIWMszkeideMuu5NJvLruoyn0mjQav4
g/UR89VITfKmgCSPbFmUn6j21XI6vVPaTAkANEGImJNkBb5XVFsGiyVaP6Wqr9HC
dnx4HsBUBKuZNYyqa5BVuuPrhmtcnl7iKu6kc+Mjp5xYZwi/FxWY8qB3oE7A8eRl
dCNDZWkUWf1+bzVa5NvfvyRwygDxL5XblYuIecGihE1OOZgdDktgPemyQO6LRQ+3
u5w2J/B9LYBfrQQ=
-----END CERTIFICATE-----
Generated at Fri Sep 5 12:03:28 2025 by rpki-client