Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS21840.roa
File: AS21840.roa (raw, json)
Hash identifier: ZSeY4yfN8OSicZtLHiYqbr9dfsDhSQBzhQuCmLhTGm0=
Subject key identifier: D6:53:DF:46:B4:77:FD:FF:FC:E4:0E:5A:FA:54:81:37:EC:5C:04:3E
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 2F44A0B1166667A16357EF89FCD43742D5FCCC0F
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS21840.roa
Signing time: Fri 15 May 2026 01:49:37 +0000
ROA not before: Fri 15 May 2026 01:44:37 +0000
ROA not after: Fri 14 May 2027 01:49:37 +0000
asID: 21840
IP address blocks: 92.112.37.0/24 maxlen: 24
95.134.29.0/24 maxlen: 24
95.134.143.0/24 maxlen: 24
178.92.184.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 02 Jun 2026 07:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2f:44:a0:b1:16:66:67:a1:63:57:ef:89:fc:d4:37:42:d5:fc:cc:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: May 15 01:44:37 2026 GMT
Not After : May 14 01:49:37 2027 GMT
Subject: CN=D653DF46B477FDFFFCE40E5AFA548137EC5C043E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:ea:eb:4f:25:b1:24:9f:4b:a5:45:f7:ce:f0:
d4:48:19:24:5e:0e:ba:56:5f:9e:be:8d:e5:ad:6b:
07:d1:3f:45:b4:f1:09:f3:cc:58:0c:84:0e:40:26:
ac:2f:53:9d:48:be:da:e6:8e:4b:11:09:d4:df:dd:
5e:17:61:96:cd:d4:82:cd:5c:71:75:cb:2e:48:91:
96:54:81:90:7f:65:24:17:b4:e3:d3:41:c6:c1:06:
1a:c2:94:d0:84:4e:e4:ca:cc:31:19:35:4e:8e:e4:
a8:7f:86:33:94:3d:c2:a1:de:dd:ef:7b:f8:6b:cf:
ac:81:3b:7f:13:87:2e:89:32:98:fd:92:08:91:22:
a2:f0:fb:64:15:36:70:0d:6f:ed:15:24:20:f3:ae:
55:66:36:a6:ea:e2:99:30:4f:f6:00:62:2b:f4:ee:
e8:e1:23:89:1a:61:63:cf:ad:2e:f6:5e:d3:c9:81:
c1:38:f7:b0:65:d7:b3:b6:42:bb:9c:e4:fe:d0:66:
e4:9c:93:e1:ad:e0:ed:76:86:e6:c5:2d:ef:ef:5c:
5b:2d:21:ad:87:71:c4:9c:7a:a4:4b:7d:bf:47:de:
6c:af:de:4e:6b:ae:40:b4:d7:85:30:24:d4:55:46:
57:71:fe:3e:e7:6e:90:ad:2a:37:97:3b:5d:18:79:
3b:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:53:DF:46:B4:77:FD:FF:FC:E4:0E:5A:FA:54:81:37:EC:5C:04:3E
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS21840.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.112.37.0/24
95.134.29.0/24
95.134.143.0/24
178.92.184.0/24
Signature Algorithm: sha256WithRSAEncryption
3e:c8:cf:de:75:b9:1b:98:ae:cf:30:09:58:1b:2f:27:c7:0b:
7f:c5:b8:fe:21:40:fe:54:41:52:96:81:d3:ff:09:8b:43:be:
14:5a:8f:ec:b2:9c:b8:23:b1:a6:29:04:00:8d:45:30:6d:31:
80:9c:4c:09:c3:1a:b7:17:e8:6f:fc:b9:bc:d2:26:11:48:97:
f0:d8:f5:b3:74:b5:8b:eb:1a:00:a9:2a:e9:5d:31:40:50:5d:
ff:12:a3:33:c1:48:0d:d7:ee:fe:58:d2:4e:0d:2e:ba:23:1d:
8b:d4:7f:76:76:0b:03:f2:7c:22:48:e5:fd:b0:05:45:4e:e8:
2f:20:98:7d:a4:b1:e3:e6:48:f8:87:ce:8d:c1:8d:d2:10:d2:
bd:f5:05:4e:00:73:73:ba:dc:27:52:06:b7:7b:33:40:83:45:
d0:df:3d:e9:47:3c:96:f3:1e:ec:2f:dc:a2:7c:5d:7e:e7:cb:
e3:0b:0d:30:53:27:a7:5a:a9:ca:a9:e2:91:b8:e6:a6:bb:c6:
85:0e:74:b7:ee:6d:60:6d:92:25:e9:c9:1a:33:44:73:5f:ec:
12:f3:a3:e4:0f:d5:cb:3e:6a:de:7a:03:a9:43:1a:27:f9:72:
61:58:ef:5f:4a:99:ce:bd:86:ed:51:01:2e:1e:ae:ca:c1:86:
d5:67:3a:11
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgIUL0SgsRZmZ6FjV++J/NQ3QtX8zA8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNjA1MTUwMTQ0MzdaFw0yNzA1MTQwMTQ5MzdaMDMxMTAvBgNV
BAMTKEQ2NTNERjQ2QjQ3N0ZERkZGQ0U0MEU1QUZBNTQ4MTM3RUM1QzA0M0UwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDZ6utPJbEkn0ulRffO8NRIGSRe
DrpWX56+jeWtawfRP0W08QnzzFgMhA5AJqwvU51IvtrmjksRCdTf3V4XYZbN1ILN
XHF1yy5IkZZUgZB/ZSQXtOPTQcbBBhrClNCETuTKzDEZNU6O5Kh/hjOUPcKh3t3v
e/hrz6yBO38Thy6JMpj9kgiRIqLw+2QVNnANb+0VJCDzrlVmNqbq4pkwT/YAYiv0
7ujhI4kaYWPPrS72XtPJgcE497Bl17O2Qruc5P7QZuSck+Gt4O12hubFLe/vXFst
Ia2HccSceqRLfb9H3myv3k5rrkC014UwJNRVRldx/j7nbpCtKjeXO10YeTvfAgMB
AAGjggIbMIICFzAdBgNVHQ4EFgQU1lPfRrR3/f/85A5a+lSBN+xcBD4wHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTMjE4NDAucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwMQYIKwYBBQUHAQcBAf8EIjAgMB4EAgABMBgDBABccCUD
BABfhh0DBABfho8DBACyXLgwDQYJKoZIhvcNAQELBQADggEBAD7Iz951uRuYrs8w
CVgbLyfHC3/FuP4hQP5UQVKWgdP/CYtDvhRaj+yynLgjsaYpBACNRTBtMYCcTAnD
GrcX6G/8ubzSJhFIl/DY9bN0tYvrGgCpKuldMUBQXf8SozPBSA3X7v5Y0k4NLroj
HYvUf3Z2CwPyfCJI5f2wBUVO6C8gmH2ksePmSPiHzo3BjdIQ0r31BU4Ac3O63CdS
Brd7M0CDRdDfPelHPJbzHuwv3KJ8XX7ny+MLDTBTJ6daqcqp4pG45qa7xoUOdLfu
bWBtkiXpyRozRHNf7BLzo+QP1cs+at56A6lDGif5cmFY719Kmc69hu1RAS4ersrB
htVnOhE=
-----END CERTIFICATE-----
Generated at Mon Jun 1 16:20:15 2026 by rpki-client