Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/AS21859.roa
File: AS21859.roa (raw, json)
Hash identifier: Z8FimRvccB5iR3JHQhlZILhSWpBTPIcAZYF3luCk6oI=
Subject key identifier: B9:84:A8:23:84:42:E4:F5:9F:82:47:87:97:4F:AB:AF:4E:32:43:0E
Certificate issuer: /CN=03b1ba3fdb91d8d9ea76c5776320eb7eb2d6ed9d
Certificate serial: 71E1F17B25E4B8923FA1485D63C0CB7BA2B6E6B2
Authority key identifier: 03:B1:BA:3F:DB:91:D8:D9:EA:76:C5:77:63:20:EB:7E:B2:D6:ED:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/A7G6P9uR2NnqdsV3YyDrfrLW7Z0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/AS21859.roa
Signing time: Mon 09 Feb 2026 08:55:32 +0000
ROA not before: Mon 09 Feb 2026 08:50:32 +0000
ROA not after: Mon 08 Feb 2027 08:55:32 +0000
asID: 21859
IP address blocks: 193.29.98.0/24 maxlen: 24
194.104.156.0/24 maxlen: 24
195.206.235.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/03B1BA3FDB91D8D9EA76C5776320EB7EB2D6ED9D.crl
rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/03B1BA3FDB91D8D9EA76C5776320EB7EB2D6ED9D.mft
rsync://rpki.ripe.net/repository/DEFAULT/A7G6P9uR2NnqdsV3YyDrfrLW7Z0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 23 Feb 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
71:e1:f1:7b:25:e4:b8:92:3f:a1:48:5d:63:c0:cb:7b:a2:b6:e6:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=03b1ba3fdb91d8d9ea76c5776320eb7eb2d6ed9d
Validity
Not Before: Feb 9 08:50:32 2026 GMT
Not After : Feb 8 08:55:32 2027 GMT
Subject: CN=B984A8238442E4F59F824787974FABAF4E32430E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:65:e0:c8:90:ec:47:35:4a:09:f0:c7:13:60:
58:3f:62:3d:eb:29:b7:84:52:94:14:60:e4:9d:31:
3a:4a:62:0f:29:5f:83:0d:94:46:8c:84:34:98:14:
01:a0:ec:1c:65:87:2e:82:03:17:ff:30:81:4d:10:
92:0e:fd:2d:91:aa:3d:c8:78:bb:3e:b0:0d:2c:a4:
d3:17:9c:85:96:2c:b8:49:3f:7d:c1:ce:de:a8:d2:
ce:f1:92:d8:e6:93:c9:d4:01:d9:37:eb:d6:9d:22:
c2:2e:77:5e:c8:d2:a0:66:41:d2:04:11:c8:c2:3a:
c9:22:90:9a:e8:f3:42:db:2f:4f:79:a0:5f:af:d4:
fe:75:36:68:fe:3c:b3:65:93:93:f1:30:e9:0f:3d:
f3:53:6c:d1:83:12:5e:3b:db:e0:45:0d:39:31:d9:
76:12:56:44:6f:94:d3:32:48:02:c2:1d:23:f7:86:
55:55:19:6a:63:89:9a:6a:02:ca:b2:14:b6:8b:14:
7a:af:08:66:6f:91:2b:4d:f4:d3:ba:dc:f2:8c:f9:
bc:86:c0:e8:16:a4:53:46:c9:17:53:6b:5c:03:af:
0c:26:a8:a4:4c:21:da:66:1d:e2:44:2d:43:03:91:
81:f2:0e:e8:56:c6:97:fb:66:57:6e:6d:10:02:d3:
d9:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:84:A8:23:84:42:E4:F5:9F:82:47:87:97:4F:AB:AF:4E:32:43:0E
X509v3 Authority Key Identifier:
keyid:03:B1:BA:3F:DB:91:D8:D9:EA:76:C5:77:63:20:EB:7E:B2:D6:ED:9D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/03B1BA3FDB91D8D9EA76C5776320EB7EB2D6ED9D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A7G6P9uR2NnqdsV3YyDrfrLW7Z0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/AS21859.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.29.98.0/24
194.104.156.0/24
195.206.235.0/24
Signature Algorithm: sha256WithRSAEncryption
bb:14:ba:fb:2b:68:28:a4:d7:5f:f8:90:26:9d:95:83:1f:1c:
8d:cd:21:c3:ce:53:ca:af:de:c2:2a:d2:4b:9c:46:ed:4d:5f:
03:e6:32:45:a0:eb:ad:72:90:b3:41:25:32:1b:e1:7c:7e:28:
05:ec:b5:1f:16:41:24:d3:8a:de:4c:8c:31:ae:4a:fe:6e:d1:
65:aa:c6:b8:00:ed:f0:e3:7c:2c:95:e0:04:67:e8:18:d8:97:
46:ad:7b:e4:39:41:d3:32:54:8e:9a:f6:08:be:45:08:5a:50:
01:b0:2d:d1:14:3e:35:13:62:a2:1c:89:d4:7f:fd:d8:8c:57:
a1:26:ad:be:32:8f:17:69:98:0c:e2:28:76:03:4c:d0:01:b5:
3d:ac:af:c9:c9:03:8b:29:cb:43:bf:e6:3c:14:04:54:ed:94:
d8:64:87:d5:95:b6:66:fe:9c:5c:cb:49:0f:a1:f6:45:08:01:
b3:20:ae:ea:96:8d:35:e1:8e:e7:77:08:5f:bc:66:16:42:5d:
8a:ac:d6:6c:a0:b6:7f:d4:8e:ca:9c:e9:54:4a:1c:25:96:78:
28:e3:15:b7:9b:b4:93:e7:16:5e:8c:05:af:3d:96:b1:86:a8:
0b:ac:3c:c0:7c:9d:f8:d2:af:f7:33:08:13:e9:ec:2a:16:9b:
f0:02:9d:a0
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgIUceHxeyXkuJI/oUhdY8DLe6K25rIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDNiMWJhM2ZkYjkxZDhkOWVhNzZjNTc3NjMyMGViN2Vi
MmQ2ZWQ5ZDAeFw0yNjAyMDkwODUwMzJaFw0yNzAyMDgwODU1MzJaMDMxMTAvBgNV
BAMTKEI5ODRBODIzODQ0MkU0RjU5RjgyNDc4Nzk3NEZBQkFGNEUzMjQzMEUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC+ZeDIkOxHNUoJ8McTYFg/Yj3r
KbeEUpQUYOSdMTpKYg8pX4MNlEaMhDSYFAGg7Bxlhy6CAxf/MIFNEJIO/S2Rqj3I
eLs+sA0spNMXnIWWLLhJP33Bzt6o0s7xktjmk8nUAdk369adIsIud17I0qBmQdIE
EcjCOskikJro80LbL095oF+v1P51Nmj+PLNlk5PxMOkPPfNTbNGDEl472+BFDTkx
2XYSVkRvlNMySALCHSP3hlVVGWpjiZpqAsqyFLaLFHqvCGZvkStN9NO63PKM+byG
wOgWpFNGyRdTa1wDrwwmqKRMIdpmHeJELUMDkYHyDuhWxpf7ZldubRAC09ltAgMB
AAGjggIVMIICETAdBgNVHQ4EFgQUuYSoI4RC5PWfgkeHl0+rr04yQw4wHwYDVR0j
BBgwFoAUA7G6P9uR2NnqdsV3YyDrfrLW7Z0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvN2ZmMGY1NTUtZGJhNy00MTkyLWEwMWQtZjY5MTZkNWJi
ODRlLzAvMDNCMUJBM0ZEQjkxRDhEOUVBNzZDNTc3NjMyMEVCN0VCMkQ2RUQ5RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0E3RzZQOXVSMk5ucWRzVjNZeURyZnJM
VzdaMC5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzdmZjBmNTU1LWRiYTct
NDE5Mi1hMDFkLWY2OTE2ZDViYjg0ZS8wL0FTMjE4NTkucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBIDBADBHWID
BADCaJwDBADDzuswDQYJKoZIhvcNAQELBQADggEBALsUuvsraCik11/4kCadlYMf
HI3NIcPOU8qv3sIq0kucRu1NXwPmMkWg661ykLNBJTIb4Xx+KAXstR8WQSTTit5M
jDGuSv5u0WWqxrgA7fDjfCyV4ARn6BjYl0ate+Q5QdMyVI6a9gi+RQhaUAGwLdEU
PjUTYqIcidR//diMV6Emrb4yjxdpmAziKHYDTNABtT2sr8nJA4spy0O/5jwUBFTt
lNhkh9WVtmb+nFzLSQ+h9kUIAbMgruqWjTXhjud3CF+8ZhZCXYqs1mygtn/Ujsqc
6VRKHCWWeCjjFbebtJPnFl6MBa89lrGGqAusPMB8nfjSr/czCBPp7CoWm/ACnaA=
-----END CERTIFICATE-----
Generated at Sun Feb 22 22:06:01 2026 by rpki-client