Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS21840.roa
File: AS21840.roa (raw, json)
Hash identifier: a/zRlOBADbGXm9YI934L9HlKowTKSeLV15U33n5D/ls=
Subject key identifier: 4C:68:F3:05:A0:B9:97:24:AD:EB:03:F6:E1:FF:99:90:60:44:03:2C
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 4663FB150F0EDC5AA5966ECC728DC88EE92AE14C
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS21840.roa
Signing time: Fri 03 Apr 2026 02:49:41 +0000
ROA not before: Fri 03 Apr 2026 02:44:41 +0000
ROA not after: Fri 02 Apr 2027 02:49:41 +0000
asID: 21840
IP address blocks: 92.112.37.0/24 maxlen: 24
95.134.29.0/24 maxlen: 24
95.134.143.0/24 maxlen: 24
95.135.199.0/24 maxlen: 24
178.92.184.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 07:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
46:63:fb:15:0f:0e:dc:5a:a5:96:6e:cc:72:8d:c8:8e:e9:2a:e1:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Apr 3 02:44:41 2026 GMT
Not After : Apr 2 02:49:41 2027 GMT
Subject: CN=4C68F305A0B99724ADEB03F6E1FF99906044032C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:53:23:98:7f:20:22:0a:eb:b2:c4:88:d8:f5:
c1:ca:14:41:1e:d4:5b:1c:b3:37:d1:9a:5e:a6:5e:
b4:27:a7:5a:0c:0e:15:ae:a8:d4:1f:d7:a6:6a:4d:
d6:e4:53:46:3d:72:c8:c4:e5:8d:dd:43:a8:c1:fc:
ae:d4:f2:db:48:11:c2:25:9c:6c:73:7e:47:7c:4b:
64:e7:fb:98:9e:db:42:9e:17:44:00:16:7e:97:78:
9f:80:b7:d9:ef:64:10:21:ad:7b:fc:b0:fe:f2:fb:
7c:ba:12:73:91:bb:b9:ae:90:9c:f9:27:fd:21:45:
69:65:e5:65:d0:ff:f6:ca:b2:a9:7d:a2:c2:38:d6:
9c:84:a1:8a:50:c8:eb:6e:7a:79:92:13:80:4b:96:
c7:6e:0b:1d:bb:00:92:6b:97:13:9f:24:c0:00:84:
03:1d:cf:ca:c3:9f:97:a0:13:fa:60:99:f6:57:33:
dc:77:eb:e9:cb:6e:12:0a:09:6f:df:70:c0:a3:ca:
09:9a:25:de:57:91:62:be:ba:af:7f:d7:ce:61:8f:
cc:bc:1d:07:06:32:32:22:be:20:e6:a3:4c:3d:60:
30:ce:0f:21:2a:cd:1c:9e:2a:32:5d:9c:06:2d:06:
e9:cb:14:c8:f6:5b:ac:b5:5d:08:b5:16:ba:00:f0:
5b:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:68:F3:05:A0:B9:97:24:AD:EB:03:F6:E1:FF:99:90:60:44:03:2C
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS21840.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.112.37.0/24
95.134.29.0/24
95.134.143.0/24
95.135.199.0/24
178.92.184.0/24
Signature Algorithm: sha256WithRSAEncryption
8a:73:36:4e:9f:20:c2:f0:db:6a:cf:72:9a:92:b4:c2:32:2f:
1b:a0:3c:af:82:e7:4e:98:84:4f:88:38:71:ea:f2:9d:a7:17:
92:11:b4:a6:03:be:02:f9:b0:03:1c:a0:55:7a:92:a1:a4:3f:
67:c5:88:c8:45:26:ad:b3:b4:a9:dc:35:69:59:dd:da:13:26:
0e:72:75:93:d4:2d:69:cf:4d:9b:6c:d3:95:03:58:5f:0c:7c:
5c:aa:d3:23:74:03:50:5d:bc:de:93:0c:ed:a8:6d:ec:20:0f:
5f:9d:8d:3a:6d:90:9f:08:09:c3:ef:15:33:34:b9:83:82:b3:
06:53:de:15:f4:8e:82:dd:9d:1d:86:00:2a:eb:f3:79:d4:99:
3e:e4:18:8b:56:da:b6:45:4c:ef:fa:2d:7f:69:8a:f7:17:12:
fc:bf:7b:73:60:fc:e8:b3:29:fb:44:8d:1a:b8:49:7b:be:3a:
ff:62:49:32:87:9a:fc:28:72:f2:f3:5f:36:51:08:17:a9:3c:
e1:95:86:66:82:f3:2c:dd:f1:29:98:36:84:ee:a6:ca:65:41:
7d:a3:cd:cf:1a:fc:bc:b5:eb:a1:c5:b7:d8:8b:87:05:ac:a2:
60:cd:f4:28:80:5e:39:fc:b0:6b:3c:97:31:8a:44:dd:5c:94:
1e:19:1c:9b
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgIURmP7FQ8O3Fqllm7Mco3Ijukq4UwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNjA0MDMwMjQ0NDFaFw0yNzA0MDIwMjQ5NDFaMDMxMTAvBgNV
BAMTKDRDNjhGMzA1QTBCOTk3MjRBREVCMDNGNkUxRkY5OTkwNjA0NDAzMkMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCVUyOYfyAiCuuyxIjY9cHKFEEe
1FscszfRml6mXrQnp1oMDhWuqNQf16ZqTdbkU0Y9csjE5Y3dQ6jB/K7U8ttIEcIl
nGxzfkd8S2Tn+5ie20KeF0QAFn6XeJ+At9nvZBAhrXv8sP7y+3y6EnORu7mukJz5
J/0hRWll5WXQ//bKsql9osI41pyEoYpQyOtuenmSE4BLlsduCx27AJJrlxOfJMAA
hAMdz8rDn5egE/pgmfZXM9x36+nLbhIKCW/fcMCjygmaJd5XkWK+uq9/185hj8y8
HQcGMjIiviDmo0w9YDDODyEqzRyeKjJdnAYtBunLFMj2W6y1XQi1FroA8Fs7AgMB
AAGjggIhMIICHTAdBgNVHQ4EFgQUTGjzBaC5lySt6wP24f+ZkGBEAywwHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTMjE4NDAucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwNwYIKwYBBQUHAQcBAf8EKDAmMCQEAgABMB4DBABccCUD
BABfhh0DBABfho8DBABfh8cDBACyXLgwDQYJKoZIhvcNAQELBQADggEBAIpzNk6f
IMLw22rPcpqStMIyLxugPK+C506YhE+IOHHq8p2nF5IRtKYDvgL5sAMcoFV6kqGk
P2fFiMhFJq2ztKncNWlZ3doTJg5ydZPULWnPTZts05UDWF8MfFyq0yN0A1BdvN6T
DO2obewgD1+djTptkJ8ICcPvFTM0uYOCswZT3hX0joLdnR2GACrr83nUmT7kGItW
2rZFTO/6LX9pivcXEvy/e3Ng/OizKftEjRq4SXu+Ov9iSTKHmvwocvLzXzZRCBep
POGVhmaC8yzd8SmYNoTupsplQX2jzc8a/Ly166HFt9iLhwWsomDN9CiAXjn8sGs8
lzGKRN1clB4ZHJs=
-----END CERTIFICATE-----
Generated at Fri Apr 17 11:51:52 2026 by rpki-client