Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS21859.roa
File: AS21859.roa (raw, json)
Hash identifier: kU3ZqT+6L5OZiiDGYZaHTQZZxWU/vX/we/SGwPmV/QM=
Subject key identifier: 0A:50:53:84:99:C2:AC:F7:C3:51:45:F4:13:39:F7:BD:14:5C:AD:BE
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 1FEBF6A72EF502333998D788F7087371A6DF7FD8
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS21859.roa
Signing time: Mon 20 Oct 2025 02:50:22 +0000
ROA not before: Mon 20 Oct 2025 02:45:22 +0000
ROA not after: Mon 19 Oct 2026 02:50:22 +0000
asID: 21859
IP address blocks: 46.203.46.0/24 maxlen: 24
46.203.215.0/24 maxlen: 24
46.203.217.0/24 maxlen: 24
46.203.219.0/24 maxlen: 24
46.203.221.0/24 maxlen: 24
91.124.205.0/24 maxlen: 24
92.112.109.0/24 maxlen: 24
92.112.157.0/24 maxlen: 24
92.113.66.0/24 maxlen: 24
95.135.43.0/24 maxlen: 24
95.135.111.0/24 maxlen: 24
95.135.112.0/24 maxlen: 24
95.135.113.0/24 maxlen: 24
178.92.11.0/24 maxlen: 24
178.92.24.0/24 maxlen: 24
178.92.59.0/24 maxlen: 24
178.93.41.0/24 maxlen: 24
178.93.252.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 04 Nov 2025 00:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1f:eb:f6:a7:2e:f5:02:33:39:98:d7:88:f7:08:73:71:a6:df:7f:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Oct 20 02:45:22 2025 GMT
Not After : Oct 19 02:50:22 2026 GMT
Subject: CN=0A50538499C2ACF7C35145F41339F7BD145CADBE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:5d:8d:b3:b5:57:91:a9:77:ab:30:a6:e0:54:
e7:cc:e6:3e:c8:b0:78:53:01:b4:6b:03:fd:56:60:
f6:98:98:2d:45:2e:14:17:05:aa:b5:60:4f:ee:44:
6d:fa:ca:d3:1d:59:28:e7:5b:b8:91:8c:79:a8:7c:
34:46:ee:1e:7f:42:cc:e2:46:75:f2:c2:74:87:40:
13:50:20:ab:28:f3:84:fa:2f:02:87:73:4a:dd:51:
e8:4e:4e:56:81:3e:e0:c0:58:cd:bb:5f:87:f9:2c:
17:0d:33:d1:c0:a8:c0:7c:07:25:67:02:a1:97:f7:
cd:76:4b:16:ae:f2:cd:5d:a3:b6:12:f5:a1:d3:1a:
3a:5b:8d:4d:32:dd:41:be:e9:2f:ae:97:fc:8c:26:
73:40:25:01:66:68:9c:e5:7e:b3:9c:df:1c:6b:43:
20:72:f7:df:86:eb:18:77:28:be:6c:ab:66:71:c8:
15:92:08:cf:7c:52:20:1f:ea:1e:68:52:27:33:04:
a6:9b:e1:b5:66:71:c7:ff:da:20:18:a5:a0:06:21:
f8:b0:c9:dd:fa:6a:f8:fd:01:6e:f5:6f:cd:07:7e:
d9:4f:42:44:f5:d4:47:55:b6:52:74:66:77:d5:bb:
25:6d:ca:b7:53:29:dc:69:82:b0:35:38:46:d5:cc:
01:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:50:53:84:99:C2:AC:F7:C3:51:45:F4:13:39:F7:BD:14:5C:AD:BE
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS21859.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.203.46.0/24
46.203.215.0/24
46.203.217.0/24
46.203.219.0/24
46.203.221.0/24
91.124.205.0/24
92.112.109.0/24
92.112.157.0/24
92.113.66.0/24
95.135.43.0/24
95.135.111.0-95.135.113.255
178.92.11.0/24
178.92.24.0/24
178.92.59.0/24
178.93.41.0/24
178.93.252.0/24
Signature Algorithm: sha256WithRSAEncryption
63:58:d9:e6:43:3b:aa:74:14:e3:de:36:b7:a8:1f:d2:ce:f8:
db:9a:e8:e3:98:10:19:9f:07:cd:93:47:42:c5:e6:71:de:d3:
ce:ec:83:e0:b5:d7:ef:c4:c7:7a:ab:e7:c7:28:fb:58:81:77:
f3:06:32:65:1d:e2:32:14:56:a1:13:e1:ba:b0:bf:a5:6d:42:
16:29:c9:e4:13:f2:8f:98:e4:8b:99:6d:04:5e:e5:b4:6a:0a:
48:82:87:ef:c7:f8:3b:35:b0:da:55:74:67:f4:01:3e:3d:ff:
17:54:33:d8:b8:7c:16:d4:7f:c5:30:d9:45:50:a8:68:57:aa:
2d:6c:4c:da:58:00:09:ba:60:01:db:ba:79:9f:4d:4b:f3:8f:
b6:10:e4:37:02:31:e2:6f:43:c7:57:a7:a8:90:e4:7b:46:80:
24:c9:30:77:ae:16:da:30:a7:ad:25:a4:20:88:93:6e:df:b9:
6a:b6:d8:e0:82:72:c9:1b:8d:c8:66:a2:4a:0c:a9:51:aa:3d:
aa:55:23:1b:16:cb:d1:d7:3f:4e:7b:6e:a8:83:af:b4:63:41:
ac:2d:19:3a:23:62:92:88:d1:b6:12:b6:92:96:0e:e4:38:c2:
4d:ea:7e:3a:34:76:45:8b:27:a0:01:8d:4f:d4:2f:71:8e:6d:
9d:80:d4:3b
-----BEGIN CERTIFICATE-----
MIIFYjCCBEqgAwIBAgIUH+v2py71AjM5mNeI9whzcabff9gwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNTEwMjAwMjQ1MjJaFw0yNjEwMTkwMjUwMjJaMDMxMTAvBgNV
BAMTKDBBNTA1Mzg0OTlDMkFDRjdDMzUxNDVGNDEzMzlGN0JEMTQ1Q0FEQkUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCoXY2ztVeRqXerMKbgVOfM5j7I
sHhTAbRrA/1WYPaYmC1FLhQXBaq1YE/uRG36ytMdWSjnW7iRjHmofDRG7h5/Qszi
RnXywnSHQBNQIKso84T6LwKHc0rdUehOTlaBPuDAWM27X4f5LBcNM9HAqMB8ByVn
AqGX9812Sxau8s1do7YS9aHTGjpbjU0y3UG+6S+ul/yMJnNAJQFmaJzlfrOc3xxr
QyBy99+G6xh3KL5sq2ZxyBWSCM98UiAf6h5oUiczBKab4bVmccf/2iAYpaAGIfiw
yd36avj9AW71b80HftlPQkT11EdVtlJ0ZnfVuyVtyrdTKdxpgrA1OEbVzAEtAgMB
AAGjggJsMIICaDAdBgNVHQ4EFgQUClBThJnCrPfDUUX0Ezn3vRRcrb4wHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTMjE4NTkucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwgYEGCCsGAQUFBwEHAQH/BHIwcDBuBAIAATBoAwQALssu
AwQALsvXAwQALsvZAwQALsvbAwQALsvdAwQAW3zNAwQAXHBtAwQAXHCdAwQAXHFC
AwQAX4crMAwDBABfh28DBAFfh3ADBACyXAsDBACyXBgDBACyXDsDBACyXSkDBACy
XfwwDQYJKoZIhvcNAQELBQADggEBAGNY2eZDO6p0FOPeNreoH9LO+Nua6OOYEBmf
B82TR0LF5nHe087sg+C11+/Ex3qr58co+1iBd/MGMmUd4jIUVqET4bqwv6VtQhYp
yeQT8o+Y5IuZbQRe5bRqCkiCh+/H+Ds1sNpVdGf0AT49/xdUM9i4fBbUf8Uw2UVQ
qGhXqi1sTNpYAAm6YAHbunmfTUvzj7YQ5DcCMeJvQ8dXp6iQ5HtGgCTJMHeuFtow
p60lpCCIk27fuWq22OCCcskbjchmokoMqVGqPapVIxsWy9HXP057bqiDr7RjQawt
GTojYpKI0bYStpKWDuQ4wk3qfjo0dkWLJ6ABjU/UL3GObZ2A1Ds=
-----END CERTIFICATE-----
Generated at Mon Nov 3 09:34:51 2025 by rpki-client