Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS21840.roa
File:                     AS21840.roa (raw, json)
Hash identifier:          MEOBwQWQDx6gZccddFP/x3u9IeV1vOfTIxMUL+Np4jM=
Subject key identifier:   65:6D:7B:89:21:52:E1:A9:74:0D:46:55:82:65:C4:94:CB:90:E3:22
Certificate issuer:       /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial:       08BEC0EBA0B8A8CA5C88B374D612983FB290A280
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS21840.roa
Signing time:             Mon 13 Jul 2026 03:38:31 +0000
ROA not before:           Mon 13 Jul 2026 03:33:31 +0000
ROA not after:            Mon 12 Jul 2027 03:38:31 +0000
asID:                     21840
IP address blocks:        92.112.37.0/24 maxlen: 24
                          95.134.143.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 17 Jul 2026 23:00:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            08:be:c0:eb:a0:b8:a8:ca:5c:88:b3:74:d6:12:98:3f:b2:90:a2:80
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
        Validity
            Not Before: Jul 13 03:33:31 2026 GMT
            Not After : Jul 12 03:38:31 2027 GMT
        Subject: CN=656D7B892152E1A9740D46558265C494CB90E322
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f1:76:a3:44:86:c8:24:6f:d7:d6:31:79:9e:70:
                    3c:8f:e5:c8:c2:a4:9b:cb:35:8d:35:32:0b:16:bd:
                    48:d6:19:bf:27:5a:89:0c:f7:75:70:80:63:73:b1:
                    4b:1f:20:41:9a:cf:14:ca:70:e6:e3:ed:39:0c:88:
                    96:2f:6f:85:c3:7c:2f:ae:90:e5:2a:32:6c:0f:78:
                    d3:3a:31:01:ba:08:04:bb:f2:db:90:dd:e3:27:2e:
                    2e:0c:5c:62:74:96:d6:7c:4f:9e:be:60:e0:d0:0d:
                    1b:f7:3c:f3:6f:6d:66:fe:a0:68:be:08:d7:22:8c:
                    8e:52:31:fb:68:82:89:10:5c:71:e5:35:d1:05:13:
                    69:3e:2c:a3:71:eb:6b:c7:d4:36:0c:56:63:c4:8f:
                    e0:81:49:29:7f:8a:e4:dc:52:16:04:b1:00:f8:27:
                    16:56:b2:1f:97:53:bb:56:0a:75:e6:24:42:b4:a0:
                    d2:cf:2b:5b:ee:a4:9e:9a:2e:10:6d:5c:83:36:21:
                    b6:05:f2:b8:de:b0:e7:96:1d:19:71:85:5e:dc:18:
                    42:d8:90:d0:a8:1d:c0:20:ac:90:65:68:29:ea:95:
                    23:f1:e1:2f:dc:53:4a:ff:0e:d5:17:2f:46:f8:5d:
                    3b:9b:06:ee:6c:8b:ad:e4:bb:07:cd:dd:c1:f0:6d:
                    9a:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                65:6D:7B:89:21:52:E1:A9:74:0D:46:55:82:65:C4:94:CB:90:E3:22
            X509v3 Authority Key Identifier:
                keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS21840.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  92.112.37.0/24
                  95.134.143.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a5:a5:ff:f2:4c:11:6b:04:c6:ef:73:4b:be:3a:bf:bb:17:5a:
         47:aa:40:af:dc:4b:a7:17:e4:85:28:6b:9b:2a:5a:45:bc:f5:
         c4:bd:82:c0:fa:bb:4c:27:a2:ba:2c:85:3d:19:c6:79:44:b7:
         5b:c0:2f:ba:b0:cf:3f:b5:5b:ec:89:f5:87:74:6c:92:fd:bb:
         a2:4f:0e:3e:f6:a7:b7:eb:d0:88:9c:27:f2:e3:30:d6:74:b9:
         ea:8a:dc:d1:d7:41:6a:2a:d9:11:9b:02:da:9d:57:a2:19:24:
         47:ba:8b:c7:8f:5c:57:11:5c:2e:9a:ff:18:cd:ba:54:43:38:
         36:88:df:c9:e0:a3:dd:14:d4:1a:87:ad:06:f5:d1:e1:90:e5:
         b6:dc:05:e4:24:0c:de:ea:e0:ed:60:ff:4e:49:5e:6f:61:84:
         b5:de:ac:17:1c:4c:5f:c4:84:09:2c:eb:84:f9:cd:ee:7c:cc:
         5c:f1:3a:e3:20:93:bd:ae:b1:8f:1b:81:28:03:1e:6d:55:97:
         89:ba:b0:0f:86:b9:02:ad:0c:e8:a9:ae:85:1f:c1:fa:e0:b3:
         a1:86:d0:9f:c3:f4:1f:e7:15:19:7f:3e:0a:25:22:a8:c3:e1:
         d5:b6:20:e4:bd:98:5c:95:30:e5:3d:dc:e0:b3:c8:a2:63:c1:
         ff:7f:b7:18
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgIUCL7A66C4qMpciLN01hKYP7KQooAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNjA3MTMwMzMzMzFaFw0yNzA3MTIwMzM4MzFaMDMxMTAvBgNV
BAMTKDY1NkQ3Qjg5MjE1MkUxQTk3NDBENDY1NTgyNjVDNDk0Q0I5MEUzMjIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDxdqNEhsgkb9fWMXmecDyP5cjC
pJvLNY01MgsWvUjWGb8nWokM93VwgGNzsUsfIEGazxTKcObj7TkMiJYvb4XDfC+u
kOUqMmwPeNM6MQG6CAS78tuQ3eMnLi4MXGJ0ltZ8T56+YODQDRv3PPNvbWb+oGi+
CNcijI5SMftogokQXHHlNdEFE2k+LKNx62vH1DYMVmPEj+CBSSl/iuTcUhYEsQD4
JxZWsh+XU7tWCnXmJEK0oNLPK1vupJ6aLhBtXIM2IbYF8rjesOeWHRlxhV7cGELY
kNCoHcAgrJBlaCnqlSPx4S/cU0r/DtUXL0b4XTubBu5si63kuwfN3cHwbZqPAgMB
AAGjggIPMIICCzAdBgNVHQ4EFgQUZW17iSFS4al0DUZVgmXElMuQ4yIwHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTMjE4NDAucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwDBABccCUD
BABfho8wDQYJKoZIhvcNAQELBQADggEBAKWl//JMEWsExu9zS746v7sXWkeqQK/c
S6cX5IUoa5sqWkW89cS9gsD6u0wnoroshT0ZxnlEt1vAL7qwzz+1W+yJ9Yd0bJL9
u6JPDj72p7fr0IicJ/LjMNZ0ueqK3NHXQWoq2RGbAtqdV6IZJEe6i8ePXFcRXC6a
/xjNulRDODaI38ngo90U1BqHrQb10eGQ5bbcBeQkDN7q4O1g/05JXm9hhLXerBcc
TF/EhAks64T5ze58zFzxOuMgk72usY8bgSgDHm1Vl4m6sA+GuQKtDOiproUfwfrg
s6GG0J/D9B/nFRl/PgolIqjD4dW2IOS9mFyVMOU93OCzyKJjwf9/txg=
-----END CERTIFICATE-----
Generated at Fri Jul 17 06:45:02 2026 by rpki-client