Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS21859.roa
File: AS21859.roa (raw, json)
Hash identifier: /oyPTIeV9BYMwUQPoE9tV8IE7NZ4RAuTkrFngrRyfuc=
Subject key identifier: 31:E0:11:C8:11:EE:16:79:9A:EF:AF:4B:0C:D3:EA:4F:53:0A:33:8F
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 3B5B1BD935458F02E212B1C045C76A966E1BC275
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS21859.roa
Signing time: Fri 14 Mar 2025 00:01:07 +0000
ROA not before: Thu 13 Mar 2025 23:56:07 +0000
ROA not after: Fri 13 Mar 2026 00:01:07 +0000
asID: 21859
IP address blocks: 46.203.215.0/24 maxlen: 24
46.203.217.0/24 maxlen: 24
46.203.219.0/24 maxlen: 24
46.203.221.0/24 maxlen: 24
91.124.37.0/24 maxlen: 24
92.112.157.0/24 maxlen: 24
92.113.66.0/24 maxlen: 24
95.135.71.0/24 maxlen: 24
95.135.103.0/24 maxlen: 24
95.135.111.0/24 maxlen: 24
95.135.112.0/24 maxlen: 24
95.135.113.0/24 maxlen: 24
95.135.119.0/24 maxlen: 24
95.135.126.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3b:5b:1b:d9:35:45:8f:02:e2:12:b1:c0:45:c7:6a:96:6e:1b:c2:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Mar 13 23:56:07 2025 GMT
Not After : Mar 13 00:01:07 2026 GMT
Subject: CN=31E011C811EE16799AEFAF4B0CD3EA4F530A338F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:d6:64:a7:96:71:f8:62:3a:7b:3f:ab:05:cc:
07:52:45:1f:28:0a:2b:2b:b6:4d:8d:e6:a1:53:e4:
ed:c2:20:7f:87:9e:20:1f:da:cc:7d:6a:a8:bd:44:
35:46:39:9e:72:f2:fb:90:57:8a:c6:1c:ad:5b:c0:
53:39:85:95:b2:ba:cd:e4:62:cd:3e:60:0f:d3:6a:
fb:55:51:e9:03:4b:6c:53:cd:75:ee:a8:43:fa:49:
89:5a:e9:fe:39:51:eb:41:84:d5:22:9f:56:d8:40:
55:99:fd:af:dd:9c:d2:70:63:8e:cc:9d:90:e1:ff:
8b:00:fa:53:07:67:03:dd:84:05:d5:66:52:19:4f:
59:00:25:38:b1:38:4d:41:c7:8d:30:fb:ad:e3:70:
ac:34:91:75:e2:d6:af:fb:1e:22:b3:57:b0:13:86:
39:10:14:06:b8:13:70:86:65:db:2c:76:fd:be:6a:
dc:1f:26:9e:58:b4:c9:40:7a:4e:e0:16:56:7c:13:
b2:d6:9d:58:bf:c3:1c:f8:c3:f3:98:6b:8f:7c:ec:
94:75:05:c6:9d:b8:14:46:5e:c1:45:78:d9:dd:12:
47:60:36:39:31:6a:71:bc:99:a3:a3:4f:47:4f:41:
82:56:a1:60:2f:66:cd:ef:94:ac:12:85:7a:ff:85:
56:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:E0:11:C8:11:EE:16:79:9A:EF:AF:4B:0C:D3:EA:4F:53:0A:33:8F
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS21859.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.203.215.0/24
46.203.217.0/24
46.203.219.0/24
46.203.221.0/24
91.124.37.0/24
92.112.157.0/24
92.113.66.0/24
95.135.71.0/24
95.135.103.0/24
95.135.111.0-95.135.113.255
95.135.119.0/24
95.135.126.0/24
Signature Algorithm: sha256WithRSAEncryption
a1:0e:0a:be:cf:76:ce:57:1e:b5:48:f8:99:e6:6e:b6:bb:66:
5a:ef:80:b5:8d:9d:b0:4c:b0:23:12:ee:84:7c:63:77:5e:b2:
ad:70:85:10:12:a1:cd:3d:47:b6:54:0f:02:17:98:91:e4:46:
e7:b9:4f:2b:56:eb:c2:77:c4:2f:a2:5a:f5:02:d9:87:19:c4:
55:df:2b:59:74:89:f1:38:7c:bc:9f:11:95:12:4f:bc:d9:92:
0a:c4:2c:92:3a:f9:8d:13:20:d7:42:b8:da:52:1c:a3:f3:fd:
4c:8a:49:bb:52:d6:d1:02:1c:00:14:73:54:c3:a1:6f:cc:23:
de:af:b3:c7:b7:20:e8:ff:8a:87:3f:4e:dc:20:c2:13:fb:3d:
36:5a:52:4f:17:87:2c:35:85:7c:ad:42:82:51:c2:16:42:99:
fb:33:d7:e4:62:48:a6:8c:16:98:12:a5:38:d3:38:70:76:cd:
2f:56:cb:b5:02:4a:f2:ad:c3:91:47:e4:d9:55:36:01:fa:7d:
8f:3a:8c:8e:95:62:e1:81:46:a6:e6:ba:a4:04:0d:be:b4:1d:
b9:41:1c:df:f0:5c:41:fe:4a:4c:74:14:7b:3f:bf:e4:1c:4d:
ff:71:44:73:4a:80:c7:9b:25:e7:52:54:f6:0a:58:38:ee:87:
84:b3:40:a0
-----BEGIN CERTIFICATE-----
MIIFSTCCBDGgAwIBAgIUO1sb2TVFjwLiErHARcdqlm4bwnUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNTAzMTMyMzU2MDdaFw0yNjAzMTMwMDAxMDdaMDMxMTAvBgNV
BAMTKDMxRTAxMUM4MTFFRTE2Nzk5QUVGQUY0QjBDRDNFQTRGNTMwQTMzOEYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCz1mSnlnH4Yjp7P6sFzAdSRR8o
Cisrtk2N5qFT5O3CIH+HniAf2sx9aqi9RDVGOZ5y8vuQV4rGHK1bwFM5hZWyus3k
Ys0+YA/TavtVUekDS2xTzXXuqEP6SYla6f45UetBhNUin1bYQFWZ/a/dnNJwY47M
nZDh/4sA+lMHZwPdhAXVZlIZT1kAJTixOE1Bx40w+63jcKw0kXXi1q/7HiKzV7AT
hjkQFAa4E3CGZdssdv2+atwfJp5YtMlAek7gFlZ8E7LWnVi/wxz4w/OYa4987JR1
BcaduBRGXsFFeNndEkdgNjkxanG8maOjT0dPQYJWoWAvZs3vlKwShXr/hVaRAgMB
AAGjggJTMIICTzAdBgNVHQ4EFgQUMeARyBHuFnma769LDNPqT1MKM48wHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTMjE4NTkucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwaQYIKwYBBQUHAQcBAf8EWjBYMFYEAgABMFADBAAuy9cD
BAAuy9kDBAAuy9sDBAAuy90DBABbfCUDBABccJ0DBABccUIDBABfh0cDBABfh2cw
DAMEAF+HbwMEAV+HcAMEAF+HdwMEAF+HfjANBgkqhkiG9w0BAQsFAAOCAQEAoQ4K
vs92zlcetUj4meZutrtmWu+AtY2dsEywIxLuhHxjd16yrXCFEBKhzT1HtlQPAheY
keRG57lPK1brwnfEL6Ja9QLZhxnEVd8rWXSJ8Th8vJ8RlRJPvNmSCsQskjr5jRMg
10K42lIco/P9TIpJu1LW0QIcABRzVMOhb8wj3q+zx7cg6P+Khz9O3CDCE/s9NlpS
TxeHLDWFfK1CglHCFkKZ+zPX5GJIpowWmBKlONM4cHbNL1bLtQJK8q3DkUfk2VU2
Afp9jzqMjpVi4YFGpua6pAQNvrQduUEc3/BcQf5KTHQUez+/5BxN/3FEc0qAx5sl
51JU9gpYOO6HhLNAoA==
-----END CERTIFICATE-----
Generated at Sat Apr 5 15:31:14 2025 by rpki-client