Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS21859.roa
File: AS21859.roa (raw, json)
Hash identifier: IfRnSiGULLrWmYSdJLyGphLikmHhcVQMQtKUFC7bXss=
Subject key identifier: 11:8F:3E:38:5C:8E:86:60:DD:FF:00:F8:8F:AA:D7:9A:B8:96:14:DB
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 07A1ED3656090CF9C2FDB5F2648A2DD84662EADF
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS21859.roa
Signing time: Tue 02 Jun 2026 02:30:25 +0000
ROA not before: Tue 02 Jun 2026 02:25:25 +0000
ROA not after: Tue 01 Jun 2027 02:30:25 +0000
asID: 21859
IP address blocks: 82.21.111.0/24 maxlen: 24
82.22.162.0/24 maxlen: 24
82.22.193.0/24 maxlen: 24
82.22.196.0/24 maxlen: 24
82.23.171.0/24 maxlen: 24
82.25.35.0/24 maxlen: 24
82.26.87.0/24 maxlen: 24
82.26.196.0/24 maxlen: 24
82.27.108.0/24 maxlen: 24
82.27.124.0/24 maxlen: 24
82.27.129.0/24 maxlen: 24
82.27.197.0/24 maxlen: 24
82.29.41.0/24 maxlen: 24
82.38.100.0/24 maxlen: 24
82.38.180.0/24 maxlen: 24
82.38.200.0/24 maxlen: 24
82.39.114.0/24 maxlen: 24
82.39.146.0/24 maxlen: 24
82.39.148.0/24 maxlen: 24
82.39.188.0/24 maxlen: 24
82.39.208.0/24 maxlen: 24
82.40.48.0/24 maxlen: 24
82.40.59.0/24 maxlen: 24
82.41.99.0/24 maxlen: 24
82.41.130.0/24 maxlen: 24
82.47.29.0/24 maxlen: 24
84.75.215.0/24 maxlen: 24
84.75.216.0/24 maxlen: 24
178.83.18.0/24 maxlen: 24
178.83.58.0/24 maxlen: 24
178.83.100.0/24 maxlen: 24
178.83.199.0/24 maxlen: 24
178.83.222.0/24 maxlen: 24
2a13:9500:aa::/48 maxlen: 48
2a13:9500:13f::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 03 Jun 2026 15:55:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
07:a1:ed:36:56:09:0c:f9:c2:fd:b5:f2:64:8a:2d:d8:46:62:ea:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Jun 2 02:25:25 2026 GMT
Not After : Jun 1 02:30:25 2027 GMT
Subject: CN=118F3E385C8E8660DDFF00F88FAAD79AB89614DB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:20:9d:f2:04:75:e3:b4:d6:8d:4a:a7:b5:d9:
9f:32:cb:ed:a9:ec:fa:6f:47:d4:35:f1:56:8c:fd:
ad:d0:e6:77:f6:49:16:e3:b8:e7:dc:a2:1f:e3:bb:
f0:5c:f2:6a:9f:23:93:28:af:33:0a:1c:4d:a2:7f:
bf:91:4c:05:73:96:10:be:c0:9b:d0:ad:cc:a3:09:
44:53:a6:13:ad:93:e9:1f:89:c3:07:d4:09:42:f5:
50:8d:5e:a0:fc:1b:a6:5b:46:95:6d:73:2d:29:48:
99:7c:78:3f:f1:df:94:69:31:d6:48:d4:b9:09:34:
d9:39:e3:e8:52:b8:9c:15:64:4f:82:e5:d4:e2:48:
af:6b:7e:01:a6:96:e5:78:ff:20:f2:3c:e3:c7:0f:
1a:17:0c:cb:85:8e:31:16:21:7b:c6:53:6d:df:34:
4d:0a:7f:38:e2:58:4b:2a:43:74:a8:06:32:c5:d9:
a0:e4:bb:cf:47:0e:16:0a:5b:c3:58:06:3e:96:91:
31:04:c7:c2:01:c6:ac:2d:42:d9:51:3b:2f:42:53:
7f:58:c4:c1:6d:ad:2a:ab:2e:69:1e:97:8b:d4:85:
f9:af:fc:04:42:ce:c4:5d:11:93:7f:70:e8:cd:db:
a1:36:ea:ab:23:27:6e:33:d7:38:2a:b6:ca:35:00:
ab:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:8F:3E:38:5C:8E:86:60:DD:FF:00:F8:8F:AA:D7:9A:B8:96:14:DB
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS21859.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.111.0/24
82.22.162.0/24
82.22.193.0/24
82.22.196.0/24
82.23.171.0/24
82.25.35.0/24
82.26.87.0/24
82.26.196.0/24
82.27.108.0/24
82.27.124.0/24
82.27.129.0/24
82.27.197.0/24
82.29.41.0/24
82.38.100.0/24
82.38.180.0/24
82.38.200.0/24
82.39.114.0/24
82.39.146.0/24
82.39.148.0/24
82.39.188.0/24
82.39.208.0/24
82.40.48.0/24
82.40.59.0/24
82.41.99.0/24
82.41.130.0/24
82.47.29.0/24
84.75.215.0-84.75.216.255
178.83.18.0/24
178.83.58.0/24
178.83.100.0/24
178.83.199.0/24
178.83.222.0/24
IPv6:
2a13:9500:aa::/48
2a13:9500:13f::/48
Signature Algorithm: sha256WithRSAEncryption
38:de:be:cf:42:41:62:2c:a3:ac:af:cd:90:01:7d:04:52:09:
e6:a0:94:13:6b:c4:38:7e:b0:b1:1c:38:3f:ee:29:a6:24:e6:
b5:cb:56:31:90:a1:2c:9f:7a:11:a0:bd:67:83:32:75:3f:91:
85:55:b9:43:43:c2:1b:59:6e:c1:0d:fe:70:bd:5c:ec:19:0d:
05:f3:cc:3e:d8:fa:02:01:79:3c:2f:22:57:b1:e9:99:fa:5c:
84:9f:9b:20:44:cd:f1:c7:ed:0f:3b:e7:aa:ba:ab:af:36:a6:
ca:43:0d:70:a6:62:e9:bb:f5:87:c6:19:57:69:36:d0:d8:6f:
96:93:84:46:83:eb:a7:b3:72:f0:72:79:c8:aa:f8:eb:d1:4f:
6f:38:51:fb:18:73:9e:f5:bd:84:9b:b5:61:06:53:fb:da:73:
df:dd:2c:43:f7:cf:c5:dd:01:eb:b3:d2:12:be:e4:e0:91:e1:
df:c0:f0:69:48:8d:73:82:9a:f7:6e:27:4e:7c:9f:dc:37:5d:
a0:f7:98:ee:e6:15:8e:c7:14:a2:53:6a:e3:62:bb:6d:9e:37:
60:ed:97:5a:14:4d:92:48:94:ed:31:70:db:36:c7:40:e2:04:
90:6f:08:89:5f:c9:5c:da:f9:74:34:dc:db:ae:64:ad:e0:0b:
a8:52:bc:b9
-----BEGIN CERTIFICATE-----
MIIF4DCCBMigAwIBAgIUB6HtNlYJDPnC/bXyZIot2EZi6t8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjA2MDIwMjI1MjVaFw0yNzA2MDEwMjMwMjVaMDMxMTAvBgNV
BAMTKDExOEYzRTM4NUM4RTg2NjBEREZGMDBGODhGQUFENzlBQjg5NjE0REIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC3IJ3yBHXjtNaNSqe12Z8yy+2p
7PpvR9Q18VaM/a3Q5nf2SRbjuOfcoh/ju/Bc8mqfI5MorzMKHE2if7+RTAVzlhC+
wJvQrcyjCURTphOtk+kficMH1AlC9VCNXqD8G6ZbRpVtcy0pSJl8eD/x35RpMdZI
1LkJNNk54+hSuJwVZE+C5dTiSK9rfgGmluV4/yDyPOPHDxoXDMuFjjEWIXvGU23f
NE0KfzjiWEsqQ3SoBjLF2aDku89HDhYKW8NYBj6WkTEEx8IBxqwtQtlROy9CU39Y
xMFtrSqrLmkel4vUhfmv/ARCzsRdEZN/cOjN26E26qsjJ24z1zgqtso1AKvFAgMB
AAGjggLqMIIC5jAdBgNVHQ4EFgQUEY8+OFyOhmDd/wD4j6rXmriWFNswHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMjE4NTkucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwgf8GCCsGAQUFBwEHAQH/BIHvMIHsMIHPBAIAATCByAME
AFIVbwMEAFIWogMEAFIWwQMEAFIWxAMEAFIXqwMEAFIZIwMEAFIaVwMEAFIaxAME
AFIbbAMEAFIbfAMEAFIbgQMEAFIbxQMEAFIdKQMEAFImZAMEAFImtAMEAFImyAME
AFIncgMEAFInkgMEAFInlAMEAFInvAMEAFIn0AMEAFIoMAMEAFIoOwMEAFIpYwME
AFIpggMEAFIvHTAMAwQAVEvXAwQAVEvYAwQAslMSAwQAslM6AwQAslNkAwQAslPH
AwQAslPeMBgEAgACMBIDBwAqE5UAAKoDBwAqE5UAAT8wDQYJKoZIhvcNAQELBQAD
ggEBADjevs9CQWIso6yvzZABfQRSCeaglBNrxDh+sLEcOD/uKaYk5rXLVjGQoSyf
ehGgvWeDMnU/kYVVuUNDwhtZbsEN/nC9XOwZDQXzzD7Y+gIBeTwvIlex6Zn6XISf
myBEzfHH7Q8756q6q682pspDDXCmYum79YfGGVdpNtDYb5aThEaD66ezcvByeciq
+OvRT284UfsYc571vYSbtWEGU/vac9/dLEP3z8XdAeuz0hK+5OCR4d/A8GlIjXOC
mvduJ058n9w3XaD3mO7mFY7HFKJTauNiu22eN2Dtl1oUTZJIlO0xcNs2x0DiBJBv
CIlfyVza+XQ03NuuZK3gC6hSvLk=
-----END CERTIFICATE-----
Generated at Tue Jun 2 21:18:14 2026 by rpki-client