Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS21840.roa
File: AS21840.roa (raw, json)
Hash identifier: Vcv02K34wVTRYc6vVqJ+CLKpuUozwLAhU5Pg3dDxs8k=
Subject key identifier: 84:DA:94:BE:2A:60:A2:CF:69:8F:E3:35:2E:42:B0:98:44:CB:90:D8
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 23F77796F3348E356CC21C4298F05719FF7083A0
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS21840.roa
Signing time: Mon 13 Oct 2025 08:09:17 +0000
ROA not before: Mon 13 Oct 2025 08:04:17 +0000
ROA not after: Mon 12 Oct 2026 08:09:17 +0000
asID: 21840
IP address blocks: 92.112.37.0/24 maxlen: 24
178.92.66.0/24 maxlen: 24
178.92.184.0/24 maxlen: 24
178.95.123.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Oct 2025 15:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
23:f7:77:96:f3:34:8e:35:6c:c2:1c:42:98:f0:57:19:ff:70:83:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Oct 13 08:04:17 2025 GMT
Not After : Oct 12 08:09:17 2026 GMT
Subject: CN=84DA94BE2A60A2CF698FE3352E42B09844CB90D8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:66:14:43:2e:4e:8f:40:12:73:14:69:ac:7c:
55:d5:14:43:76:a0:79:2c:4d:68:fd:f0:dd:d6:bd:
7b:68:21:c7:30:6b:38:2f:e6:96:68:06:58:5a:bc:
1a:df:ea:f5:78:f5:8b:05:bd:50:9e:96:bb:ec:20:
fe:84:06:43:01:d9:50:70:50:dc:64:8d:09:1e:60:
30:53:8b:69:b8:a1:c3:72:17:46:18:0f:7c:ed:a4:
cf:c7:b7:9f:66:cf:c2:a8:7f:63:33:f7:6c:52:21:
29:58:ed:ba:3f:11:a2:c9:74:6d:08:5b:0c:25:46:
ce:e4:75:1e:74:13:7d:36:c7:c3:9d:be:78:92:5f:
0b:dc:70:b0:77:62:0e:5a:c3:c9:e6:36:c4:53:7a:
c9:a5:06:87:78:a0:d2:17:71:0f:50:d0:e0:11:a9:
d4:0e:32:03:8b:8e:49:11:63:c1:27:b8:b8:6a:99:
57:5c:6e:a0:4d:6f:4b:4c:2d:d9:41:87:4e:21:b3:
05:4f:ed:ba:e0:cd:53:b8:a2:9f:ac:be:f8:c8:22:
35:db:a5:35:8f:11:7f:db:56:5f:dc:04:04:27:cf:
08:ae:df:b6:c4:af:cd:e0:7c:60:c6:3a:22:d3:10:
54:75:ae:2d:da:05:3c:dc:8d:35:c7:a0:0a:4f:34:
07:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:DA:94:BE:2A:60:A2:CF:69:8F:E3:35:2E:42:B0:98:44:CB:90:D8
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS21840.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.112.37.0/24
178.92.66.0/24
178.92.184.0/24
178.95.123.0/24
Signature Algorithm: sha256WithRSAEncryption
6a:b2:43:7c:4b:9d:bf:37:1b:71:c1:9b:53:f0:e1:7b:cc:dc:
b7:7a:96:fc:c7:58:8c:a6:8b:00:f4:f8:95:ec:1a:76:6f:4a:
1e:c4:33:d2:3f:ad:15:36:f9:ce:9e:0e:f0:e8:67:50:59:78:
16:d3:bb:b8:eb:38:a9:ef:a0:90:d6:b6:1c:a9:51:03:50:eb:
05:16:e6:98:52:40:ba:14:9c:c1:fa:f9:7d:b7:78:77:9a:27:
f7:e1:b8:58:dd:ee:4c:49:d0:3d:2c:47:9f:ec:b8:45:b8:a3:
d7:cb:11:64:59:fe:e3:28:86:c2:30:cb:06:09:32:75:31:52:
42:0c:4a:39:d7:81:4d:bc:4b:56:eb:e5:65:34:f5:26:07:ea:
b3:90:f3:fb:16:57:f8:76:e8:67:5d:35:bb:5e:43:31:a6:08:
d9:57:e6:a0:87:73:43:84:88:54:b5:48:46:25:6d:78:0a:87:
24:cc:16:7d:1c:58:82:c7:2d:84:f7:24:ec:4d:9d:92:ed:60:
45:37:91:78:15:df:34:c2:71:12:0e:70:0e:fd:41:2b:cd:87:
30:0e:bf:b7:1c:ac:e7:ba:e2:2a:0e:70:21:c8:1b:12:3c:74:
ed:a1:47:70:41:ef:4c:c8:3b:f7:ff:85:3c:35:25:0f:e4:75:
bf:68:5d:6a
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgIUI/d3lvM0jjVswhxCmPBXGf9wg6AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNTEwMTMwODA0MTdaFw0yNjEwMTIwODA5MTdaMDMxMTAvBgNV
BAMTKDg0REE5NEJFMkE2MEEyQ0Y2OThGRTMzNTJFNDJCMDk4NDRDQjkwRDgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCdZhRDLk6PQBJzFGmsfFXVFEN2
oHksTWj98N3WvXtoIccwazgv5pZoBlhavBrf6vV49YsFvVCelrvsIP6EBkMB2VBw
UNxkjQkeYDBTi2m4ocNyF0YYD3ztpM/Ht59mz8Kof2Mz92xSISlY7bo/EaLJdG0I
WwwlRs7kdR50E302x8OdvniSXwvccLB3Yg5aw8nmNsRTesmlBod4oNIXcQ9Q0OAR
qdQOMgOLjkkRY8EnuLhqmVdcbqBNb0tMLdlBh04hswVP7brgzVO4op+svvjIIjXb
pTWPEX/bVl/cBAQnzwiu37bEr83gfGDGOiLTEFR1ri3aBTzcjTXHoApPNAetAgMB
AAGjggIbMIICFzAdBgNVHQ4EFgQUhNqUvipgos9pj+M1LkKwmETLkNgwHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTMjE4NDAucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwMQYIKwYBBQUHAQcBAf8EIjAgMB4EAgABMBgDBABccCUD
BACyXEIDBACyXLgDBACyX3swDQYJKoZIhvcNAQELBQADggEBAGqyQ3xLnb83G3HB
m1Pw4XvM3Ld6lvzHWIymiwD0+JXsGnZvSh7EM9I/rRU2+c6eDvDoZ1BZeBbTu7jr
OKnvoJDWthypUQNQ6wUW5phSQLoUnMH6+X23eHeaJ/fhuFjd7kxJ0D0sR5/suEW4
o9fLEWRZ/uMohsIwywYJMnUxUkIMSjnXgU28S1br5WU09SYH6rOQ8/sWV/h26Gdd
NbteQzGmCNlX5qCHc0OEiFS1SEYlbXgKhyTMFn0cWILHLYT3JOxNnZLtYEU3kXgV
3zTCcRIOcA79QSvNhzAOv7ccrOe64ioOcCHIGxI8dO2hR3BB70zIO/f/hTw1JQ/k
db9oXWo=
-----END CERTIFICATE-----
Generated at Thu Oct 16 21:31:15 2025 by rpki-client