Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS21859.roa
File: AS21859.roa (raw, json)
Hash identifier: RE9y/ZbE1+LkQtzrqP/R44EfcyXvJDFHmNT1tUntVm8=
Subject key identifier: CE:CE:D7:25:0B:08:0A:48:79:0F:B6:E3:61:3B:46:1E:50:DC:D0:E2
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 1B8E117DB99F662DC7D57D2CA2C0B5872BD9D4EA
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS21859.roa
Signing time: Tue 20 May 2025 03:33:53 +0000
ROA not before: Tue 20 May 2025 03:28:53 +0000
ROA not after: Tue 19 May 2026 03:33:53 +0000
asID: 21859
IP address blocks: 82.26.156.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 06 Jun 2025 10:57:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1b:8e:11:7d:b9:9f:66:2d:c7:d5:7d:2c:a2:c0:b5:87:2b:d9:d4:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: May 20 03:28:53 2025 GMT
Not After : May 19 03:33:53 2026 GMT
Subject: CN=CECED7250B080A48790FB6E3613B461E50DCD0E2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:b1:4e:06:b3:90:41:08:83:57:72:01:f0:1b:
2c:da:4a:ae:84:63:b4:b6:6d:bb:45:4c:71:91:ad:
35:9f:9d:1d:32:cd:37:60:a3:8a:7d:07:31:11:06:
7f:28:f8:07:9a:06:02:dd:6e:0c:1a:0f:7f:10:1c:
0e:2a:e6:d9:65:09:53:5b:2e:dd:a9:41:a9:3a:0e:
82:bc:5f:01:ba:4d:9b:b5:74:d4:91:0e:9f:59:87:
46:b4:7e:93:63:3a:c7:fc:e8:94:87:41:4e:76:73:
f5:f8:4a:f5:90:60:ce:4a:a5:f8:8c:33:ce:8a:55:
eb:0b:a8:e6:23:18:97:43:dc:28:cd:6c:31:04:8c:
12:41:2a:7d:4a:70:66:0d:af:86:08:9c:7c:c4:dc:
51:56:91:4f:aa:6e:94:e7:48:a8:9e:a8:58:49:bd:
e7:2b:ee:95:55:2b:4f:58:89:2d:85:06:3e:53:e8:
6c:58:d7:1c:e5:8a:d8:c0:11:38:8e:a9:5d:6d:e5:
f5:90:f7:1c:80:7e:6b:26:f4:00:ce:a2:fd:ec:f5:
c2:99:7e:e2:b5:fa:9c:3d:3e:f3:1f:dd:f8:0b:e0:
bd:ab:95:18:c1:0d:fb:01:13:65:d3:37:62:47:58:
7e:f4:67:e1:dc:9e:0e:5e:b2:e2:b2:b7:5d:9a:ec:
3b:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:CE:D7:25:0B:08:0A:48:79:0F:B6:E3:61:3B:46:1E:50:DC:D0:E2
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS21859.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.26.156.0/24
Signature Algorithm: sha256WithRSAEncryption
00:05:07:f6:b2:7e:1a:d1:95:79:27:c3:8d:31:8d:00:bb:fb:
12:98:9f:ae:ca:03:ac:68:4b:c0:93:c4:aa:55:5c:bd:5a:f2:
ba:ed:5f:0c:c1:b4:32:51:24:f2:26:91:b0:13:26:d6:9c:af:
df:90:c4:37:47:83:8c:12:8c:92:2d:8b:ab:36:49:59:95:56:
e9:b5:c0:94:cb:2f:34:53:09:25:e8:e4:e0:06:74:e4:e0:e9:
b2:1c:69:6d:d9:a3:16:64:e7:e1:6d:bf:3d:b3:47:c7:f6:fd:
5f:d7:0a:9b:d2:cc:d6:1f:6b:7f:79:fd:c7:d1:1f:6a:70:fa:
f2:cc:f0:21:1e:22:3d:77:ad:6f:aa:aa:d9:ee:50:9d:4a:d7:
a3:8a:c8:f1:43:de:28:2d:68:70:50:87:8b:32:97:d2:32:f8:
cf:44:38:59:2c:02:ff:74:c5:ca:8a:98:af:29:ef:c1:10:bf:
cb:fc:85:ed:00:c9:3c:f3:f0:ae:44:82:ea:34:1b:35:33:db:
4c:43:7e:1d:b5:bb:e0:3c:b8:b8:1e:3c:c3:24:d6:e9:a1:41:
07:8c:1a:16:f1:14:6b:f3:0b:02:f3:74:6c:a5:a8:a3:54:20:
e1:ba:bc:4e:4c:77:60:aa:26:7b:c2:c8:99:e8:d1:ed:82:29:
01:1b:f0:ef
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgIUG44RfbmfZi3H1X0sosC1hyvZ1OowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTA1MjAwMzI4NTNaFw0yNjA1MTkwMzMzNTNaMDMxMTAvBgNV
BAMTKENFQ0VENzI1MEIwODBBNDg3OTBGQjZFMzYxM0I0NjFFNTBEQ0QwRTIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDRsU4Gs5BBCINXcgHwGyzaSq6E
Y7S2bbtFTHGRrTWfnR0yzTdgo4p9BzERBn8o+AeaBgLdbgwaD38QHA4q5tllCVNb
Lt2pQak6DoK8XwG6TZu1dNSRDp9Zh0a0fpNjOsf86JSHQU52c/X4SvWQYM5KpfiM
M86KVesLqOYjGJdD3CjNbDEEjBJBKn1KcGYNr4YInHzE3FFWkU+qbpTnSKieqFhJ
vecr7pVVK09YiS2FBj5T6GxY1xzlitjAETiOqV1t5fWQ9xyAfmsm9ADOov3s9cKZ
fuK1+pw9PvMf3fgL4L2rlRjBDfsBE2XTN2JHWH70Z+Hcng5esuKyt12a7DsjAgMB
AAGjggIJMIICBTAdBgNVHQ4EFgQUzs7XJQsICkh5D7bjYTtGHlDc0OIwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMjE4NTkucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABSGpww
DQYJKoZIhvcNAQELBQADggEBAAAFB/ayfhrRlXknw40xjQC7+xKYn67KA6xoS8CT
xKpVXL1a8rrtXwzBtDJRJPImkbATJtacr9+QxDdHg4wSjJIti6s2SVmVVum1wJTL
LzRTCSXo5OAGdOTg6bIcaW3ZoxZk5+Ftvz2zR8f2/V/XCpvSzNYfa395/cfRH2pw
+vLM8CEeIj13rW+qqtnuUJ1K16OKyPFD3igtaHBQh4syl9Iy+M9EOFksAv90xcqK
mK8p78EQv8v8he0AyTzz8K5Eguo0GzUz20xDfh21u+A8uLgePMMk1umhQQeMGhbx
FGvzCwLzdGylqKNUIOG6vE5Md2CqJnvCyJno0e2CKQEb8O8=
-----END CERTIFICATE-----
Generated at Thu Jun 5 18:09:49 2025 by rpki-client