Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/AS21859.roa
File: AS21859.roa (raw, json)
Hash identifier: PDnsbfRwJRRo5k9wR3ipxl8w7Xk6oKwrwiF2Clb6gEE=
Subject key identifier: 20:EA:88:FB:DB:51:EC:A2:F4:DD:F0:F0:A3:B9:EE:34:D2:2E:FD:61
Certificate issuer: /CN=03b1ba3fdb91d8d9ea76c5776320eb7eb2d6ed9d
Certificate serial: 0D4FB557EF0F5B2782D690C283C942D9F1AE9574
Authority key identifier: 03:B1:BA:3F:DB:91:D8:D9:EA:76:C5:77:63:20:EB:7E:B2:D6:ED:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/A7G6P9uR2NnqdsV3YyDrfrLW7Z0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/AS21859.roa
Signing time: Tue 20 May 2025 03:33:07 +0000
ROA not before: Tue 20 May 2025 03:28:07 +0000
ROA not after: Tue 19 May 2026 03:33:07 +0000
asID: 21859
IP address blocks: 147.78.121.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/03B1BA3FDB91D8D9EA76C5776320EB7EB2D6ED9D.crl
rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/03B1BA3FDB91D8D9EA76C5776320EB7EB2D6ED9D.mft
rsync://rpki.ripe.net/repository/DEFAULT/A7G6P9uR2NnqdsV3YyDrfrLW7Z0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 06 Jun 2025 02:13:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0d:4f:b5:57:ef:0f:5b:27:82:d6:90:c2:83:c9:42:d9:f1:ae:95:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=03b1ba3fdb91d8d9ea76c5776320eb7eb2d6ed9d
Validity
Not Before: May 20 03:28:07 2025 GMT
Not After : May 19 03:33:07 2026 GMT
Subject: CN=20EA88FBDB51ECA2F4DDF0F0A3B9EE34D22EFD61
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:c8:b4:3f:d6:4b:f6:0d:ba:0c:1e:6b:b0:ed:
bb:f1:89:38:f5:8e:00:7d:ee:66:cf:dc:85:b8:31:
10:d1:67:5c:6c:6e:ac:58:5f:43:76:70:b2:cc:ec:
86:2b:e7:2e:bd:5c:80:f8:21:d8:3b:05:95:aa:dc:
8e:34:99:33:bf:e1:84:9d:cc:ec:4d:9e:03:3d:f0:
48:b9:3a:6c:d7:5e:30:2f:84:78:67:4e:67:85:ea:
1a:8a:c9:8d:61:e3:c2:30:fa:42:4d:b9:b5:27:86:
64:88:b6:cb:70:cd:1e:13:0c:1a:1d:da:1b:ba:a5:
ba:3d:1d:3c:18:3f:70:05:1f:ed:f6:cb:4c:74:e7:
61:c5:23:2c:47:96:c3:f1:12:20:db:a6:6c:57:b8:
59:5b:6d:13:2a:26:b3:2e:a1:fd:ee:a8:9f:53:b2:
e7:03:a6:8a:74:66:60:f2:6c:e1:f5:a3:9a:a4:aa:
de:5b:6b:d2:31:ae:9a:25:1f:08:9d:a3:5d:76:67:
6b:13:db:9c:0e:ce:33:b7:16:3e:06:3e:3b:de:49:
75:75:f4:63:0b:79:b8:9a:b2:53:08:2b:ae:f3:20:
51:7a:58:b8:d8:ad:5b:ee:52:d8:7f:63:7a:87:e0:
d3:6a:33:98:31:1f:f0:c5:7d:b8:66:32:8a:00:b8:
9a:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:EA:88:FB:DB:51:EC:A2:F4:DD:F0:F0:A3:B9:EE:34:D2:2E:FD:61
X509v3 Authority Key Identifier:
keyid:03:B1:BA:3F:DB:91:D8:D9:EA:76:C5:77:63:20:EB:7E:B2:D6:ED:9D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/03B1BA3FDB91D8D9EA76C5776320EB7EB2D6ED9D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A7G6P9uR2NnqdsV3YyDrfrLW7Z0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/AS21859.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.78.121.0/24
Signature Algorithm: sha256WithRSAEncryption
cd:c5:f9:b6:7e:e6:d0:02:0f:a8:97:34:0b:80:66:b5:4f:db:
fa:bb:f9:aa:1c:3e:03:6f:c7:10:27:89:fd:79:94:a8:ae:ec:
7c:1f:20:d9:58:5b:56:80:88:67:dc:cc:23:d3:e1:5e:3f:da:
4c:19:48:41:ed:c2:11:5d:b2:af:9c:48:49:eb:5b:4c:52:ce:
36:ef:90:a3:b9:24:1f:a8:dc:94:ca:e4:ae:a8:5b:17:eb:52:
90:28:46:8f:b8:73:c7:a9:38:86:7e:5a:c1:3b:19:87:ca:65:
d1:0e:f8:3f:4d:a6:61:f3:c6:97:37:ba:3a:c8:ec:7c:a5:8f:
f5:a6:44:95:cd:ae:78:c5:20:c0:e2:3b:b7:bb:9d:dc:e8:da:
7d:a2:20:26:6c:f5:7c:8d:a5:74:f3:64:a0:af:b1:db:85:4f:
b9:36:14:70:7e:9b:13:ad:05:e5:93:b3:6f:23:52:3f:c9:08:
ce:85:a7:88:22:8b:1c:5c:48:c2:dc:3f:35:bb:6e:ea:1b:39:
1b:b8:e7:55:78:0b:63:ab:e0:8d:b6:b6:a5:65:dd:af:93:39:
a8:b2:b1:d7:2a:08:b0:82:a9:dd:54:92:34:e9:74:65:98:ab:
46:61:ad:b8:08:a4:5c:de:18:44:60:14:82:83:1c:10:b8:ac:
14:27:1f:67
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgIUDU+1V+8PWyeC1pDCg8lC2fGulXQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDNiMWJhM2ZkYjkxZDhkOWVhNzZjNTc3NjMyMGViN2Vi
MmQ2ZWQ5ZDAeFw0yNTA1MjAwMzI4MDdaFw0yNjA1MTkwMzMzMDdaMDMxMTAvBgNV
BAMTKDIwRUE4OEZCREI1MUVDQTJGNERERjBGMEEzQjlFRTM0RDIyRUZENjEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQClyLQ/1kv2DboMHmuw7bvxiTj1
jgB97mbP3IW4MRDRZ1xsbqxYX0N2cLLM7IYr5y69XID4Idg7BZWq3I40mTO/4YSd
zOxNngM98Ei5OmzXXjAvhHhnTmeF6hqKyY1h48Iw+kJNubUnhmSItstwzR4TDBod
2hu6pbo9HTwYP3AFH+32y0x052HFIyxHlsPxEiDbpmxXuFlbbRMqJrMuof3uqJ9T
sucDpop0ZmDybOH1o5qkqt5ba9IxrpolHwido112Z2sT25wOzjO3Fj4GPjveSXV1
9GMLebiaslMIK67zIFF6WLjYrVvuUth/Y3qH4NNqM5gxH/DFfbhmMooAuJq3AgMB
AAGjggIJMIICBTAdBgNVHQ4EFgQUIOqI+9tR7KL03fDwo7nuNNIu/WEwHwYDVR0j
BBgwFoAUA7G6P9uR2NnqdsV3YyDrfrLW7Z0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvN2ZmMGY1NTUtZGJhNy00MTkyLWEwMWQtZjY5MTZkNWJi
ODRlLzAvMDNCMUJBM0ZEQjkxRDhEOUVBNzZDNTc3NjMyMEVCN0VCMkQ2RUQ5RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0E3RzZQOXVSMk5ucWRzVjNZeURyZnJM
VzdaMC5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzdmZjBmNTU1LWRiYTct
NDE5Mi1hMDFkLWY2OTE2ZDViYjg0ZS8wL0FTMjE4NTkucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTTnkw
DQYJKoZIhvcNAQELBQADggEBAM3F+bZ+5tACD6iXNAuAZrVP2/q7+aocPgNvxxAn
if15lKiu7HwfINlYW1aAiGfczCPT4V4/2kwZSEHtwhFdsq+cSEnrW0xSzjbvkKO5
JB+o3JTK5K6oWxfrUpAoRo+4c8epOIZ+WsE7GYfKZdEO+D9NpmHzxpc3ujrI7Hyl
j/WmRJXNrnjFIMDiO7e7ndzo2n2iICZs9XyNpXTzZKCvsduFT7k2FHB+mxOtBeWT
s28jUj/JCM6Fp4giixxcSMLcPzW7buobORu451V4C2Or4I22tqVl3a+TOaiysdcq
CLCCqd1UkjTpdGWYq0ZhrbgIpFzeGERgFIKDHBC4rBQnH2c=
-----END CERTIFICATE-----
Generated at Thu Jun 5 18:10:37 2025 by rpki-client