Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS21859.roa
File: AS21859.roa (raw, json)
Hash identifier: Aux6x6aD8qXYgL/DkEivgvx7EWQHY3hd7AAOcihSqZc=
Subject key identifier: 43:82:F2:B1:5C:FD:A9:FF:FC:88:71:7C:CA:13:67:1C:7B:17:AB:12
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 21F6AE10C5BAE09B67005BE7DD8AF0391562AD58
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS21859.roa
Signing time: Mon 15 Sep 2025 02:57:05 +0000
ROA not before: Mon 15 Sep 2025 02:52:05 +0000
ROA not after: Mon 14 Sep 2026 02:57:05 +0000
asID: 21859
IP address blocks: 46.203.215.0/24 maxlen: 24
46.203.217.0/24 maxlen: 24
46.203.219.0/24 maxlen: 24
46.203.221.0/24 maxlen: 24
91.124.145.0/24 maxlen: 24
92.112.157.0/24 maxlen: 24
92.113.66.0/24 maxlen: 24
95.135.111.0/24 maxlen: 24
95.135.112.0/24 maxlen: 24
95.135.113.0/24 maxlen: 24
178.92.59.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 16 Sep 2025 13:46:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
21:f6:ae:10:c5:ba:e0:9b:67:00:5b:e7:dd:8a:f0:39:15:62:ad:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Sep 15 02:52:05 2025 GMT
Not After : Sep 14 02:57:05 2026 GMT
Subject: CN=4382F2B15CFDA9FFFC88717CCA13671C7B17AB12
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:93:58:23:46:ca:e5:ca:bf:1c:86:53:48:ab:
21:c8:e7:42:24:b1:b8:da:60:b8:33:3d:8b:03:e4:
28:63:29:74:81:92:80:80:57:41:b7:41:ea:6b:6a:
8b:ba:be:cc:65:c7:94:67:4f:73:f7:04:13:dd:70:
b5:2f:14:c4:b9:0f:84:07:c0:09:77:d1:60:f5:c7:
34:98:60:2e:05:cc:01:da:d5:27:12:3e:b9:a5:95:
16:c5:00:49:c2:d6:13:8f:6d:be:09:d3:bb:49:ba:
e9:38:cb:8f:20:ee:86:cb:65:3b:d0:82:e9:c9:ca:
cf:48:62:97:8f:24:a2:09:a4:0b:d3:07:37:e5:14:
20:d8:a6:e8:a8:bf:58:43:6d:a7:bf:ae:8b:3c:10:
3d:73:5a:ff:72:c2:4f:8f:96:80:97:d4:41:75:99:
a8:9a:02:3b:09:86:e1:7c:5c:11:b8:a4:71:95:c9:
3e:db:13:58:10:06:ce:39:a1:46:5b:51:f8:d6:34:
4d:93:e9:10:43:2c:14:22:7d:01:9f:12:9d:57:50:
69:a8:7d:1e:fe:40:22:86:fd:cd:a5:5c:25:9e:02:
87:83:66:b4:73:e9:71:54:b6:e7:bb:a6:f0:17:44:
02:78:4a:ca:2a:b5:df:b6:13:23:cc:ed:c8:17:b8:
ac:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:82:F2:B1:5C:FD:A9:FF:FC:88:71:7C:CA:13:67:1C:7B:17:AB:12
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS21859.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.203.215.0/24
46.203.217.0/24
46.203.219.0/24
46.203.221.0/24
91.124.145.0/24
92.112.157.0/24
92.113.66.0/24
95.135.111.0-95.135.113.255
178.92.59.0/24
Signature Algorithm: sha256WithRSAEncryption
1b:7c:d8:8f:e4:1c:55:f3:8f:ad:8f:d1:04:0d:73:f8:7b:2b:
70:ca:2f:e0:88:56:28:3c:cf:ac:55:ea:57:48:09:f0:2e:f6:
43:50:43:de:ef:f2:49:a1:3a:80:43:36:27:42:ec:4c:e5:2e:
66:41:da:5a:16:98:29:99:bc:14:47:94:4b:a3:85:a5:23:9f:
8c:10:07:81:a6:ba:ba:80:19:bc:17:a3:24:76:cd:a4:ef:21:
e0:3c:bf:49:b4:7c:45:ce:1d:c3:e7:11:e9:35:55:45:03:d5:
66:42:b3:86:39:69:10:d2:c1:0c:d4:20:b9:26:79:05:1c:cd:
08:d6:c6:8e:0c:6a:1c:95:d8:35:2c:3a:7d:88:14:75:9f:3b:
b2:9a:54:f5:f0:58:d7:f1:53:42:6e:5c:45:4f:0d:5f:5d:82:
02:9e:d1:3a:ae:c3:2c:86:1c:f7:63:33:de:4a:8b:60:e7:8e:
0b:12:46:57:fc:37:b5:7c:75:b6:e7:0d:f7:fb:5c:2b:58:a1:
ac:2e:33:92:f0:b1:76:bd:b7:71:29:08:d0:1b:66:86:16:72:
a4:8f:df:ac:c3:15:e2:59:27:5c:b8:67:9c:6c:00:00:7b:00:
89:3b:6e:bf:95:c8:f3:52:fb:cb:f0:eb:ce:75:2f:b5:31:06:
cc:c3:bb:71
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUIfauEMW64JtnAFvn3YrwORVirVgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNTA5MTUwMjUyMDVaFw0yNjA5MTQwMjU3MDVaMDMxMTAvBgNV
BAMTKDQzODJGMkIxNUNGREE5RkZGQzg4NzE3Q0NBMTM2NzFDN0IxN0FCMTIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCUk1gjRsrlyr8chlNIqyHI50Ik
sbjaYLgzPYsD5ChjKXSBkoCAV0G3Qepraou6vsxlx5RnT3P3BBPdcLUvFMS5D4QH
wAl30WD1xzSYYC4FzAHa1ScSPrmllRbFAEnC1hOPbb4J07tJuuk4y48g7obLZTvQ
gunJys9IYpePJKIJpAvTBzflFCDYpuiov1hDbae/ros8ED1zWv9ywk+PloCX1EF1
maiaAjsJhuF8XBG4pHGVyT7bE1gQBs45oUZbUfjWNE2T6RBDLBQifQGfEp1XUGmo
fR7+QCKG/c2lXCWeAoeDZrRz6XFUtue7pvAXRAJ4Ssoqtd+2EyPM7cgXuKydAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUQ4LysVz9qf/8iHF8yhNnHHsXqxIwHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTMjE4NTkucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwVwYIKwYBBQUHAQcBAf8ESDBGMEQEAgABMD4DBAAuy9cD
BAAuy9kDBAAuy9sDBAAuy90DBABbfJEDBABccJ0DBABccUIwDAMEAF+HbwMEAV+H
cAMEALJcOzANBgkqhkiG9w0BAQsFAAOCAQEAG3zYj+QcVfOPrY/RBA1z+HsrcMov
4IhWKDzPrFXqV0gJ8C72Q1BD3u/ySaE6gEM2J0LsTOUuZkHaWhaYKZm8FEeUS6OF
pSOfjBAHgaa6uoAZvBejJHbNpO8h4Dy/SbR8Rc4dw+cR6TVVRQPVZkKzhjlpENLB
DNQguSZ5BRzNCNbGjgxqHJXYNSw6fYgUdZ87sppU9fBY1/FTQm5cRU8NX12CAp7R
Oq7DLIYc92Mz3kqLYOeOCxJGV/w3tXx1tucN9/tcK1ihrC4zkvCxdr23cSkI0Btm
hhZypI/frMMV4lknXLhnnGwAAHsAiTtuv5XI81L7y/DrznUvtTEGzMO7cQ==
-----END CERTIFICATE-----
Generated at Mon Sep 15 20:32:22 2025 by rpki-client