Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS21859.roa
File: AS21859.roa (raw, json)
Hash identifier: LFYotTLZ0s8xN08gV/jJgwz1ITzF9diqu924uouiPLU=
Subject key identifier: 27:DC:FA:A9:7F:51:0B:F4:7E:2F:94:26:B0:94:6F:88:AB:C4:FC:EC
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 4480A758433A7E43A44B338FAB54BD8AA60B9C87
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS21859.roa
Signing time: Fri 01 May 2026 04:28:21 +0000
ROA not before: Fri 01 May 2026 04:23:21 +0000
ROA not after: Fri 30 Apr 2027 04:28:21 +0000
asID: 21859
IP address blocks: 46.203.46.0/24 maxlen: 24
46.203.215.0/24 maxlen: 24
46.203.217.0/24 maxlen: 24
46.203.219.0/24 maxlen: 24
46.203.221.0/24 maxlen: 24
91.124.15.0/24 maxlen: 24
95.135.111.0/24 maxlen: 24
95.135.112.0/24 maxlen: 24
95.135.113.0/24 maxlen: 24
178.92.11.0/24 maxlen: 24
178.92.24.0/24 maxlen: 24
178.92.59.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 May 2026 10:48:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
44:80:a7:58:43:3a:7e:43:a4:4b:33:8f:ab:54:bd:8a:a6:0b:9c:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: May 1 04:23:21 2026 GMT
Not After : Apr 30 04:28:21 2027 GMT
Subject: CN=27DCFAA97F510BF47E2F9426B0946F88ABC4FCEC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:b7:48:34:99:fa:53:98:a2:f7:b5:64:94:dd:
43:b4:d2:fc:e6:22:8f:f5:3e:fc:81:da:61:a9:b7:
a3:8d:8f:09:80:48:15:56:9c:b4:f2:fd:84:2f:da:
9c:4a:53:f3:4d:ab:06:e2:b8:88:62:33:13:8c:e9:
62:bb:fb:6c:b1:22:18:06:a1:cd:19:e7:5a:78:be:
75:a2:a8:1f:9e:81:4c:9d:72:0b:e5:b3:5b:3e:8f:
3b:9b:9c:7f:b1:a6:96:f4:62:8b:e2:9f:1a:99:e1:
a9:ba:25:49:3e:0c:ec:62:3e:89:b6:f9:24:03:b9:
8b:b8:5c:a9:79:5a:fa:81:ab:29:da:84:96:48:58:
7e:3f:de:2d:21:1a:c7:6a:af:c0:6b:96:88:89:62:
ed:3e:cc:b6:47:96:8c:04:0f:05:b8:82:a6:be:07:
43:04:f0:d1:5e:d2:81:60:f0:6d:bd:76:bb:c3:09:
cc:b8:86:b2:fe:5e:ae:7a:2d:ff:ed:b7:b2:67:23:
f3:9e:fe:e9:40:f6:26:43:b2:05:1a:3a:96:fe:6d:
5c:0e:e5:98:d3:5b:21:33:4a:ad:e7:7b:b8:58:e6:
a3:6a:11:9d:c9:5d:39:ed:db:3f:97:c2:19:d9:2f:
6b:63:1d:0e:11:be:d2:cb:7e:46:98:48:e0:ee:ad:
65:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:DC:FA:A9:7F:51:0B:F4:7E:2F:94:26:B0:94:6F:88:AB:C4:FC:EC
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS21859.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.203.46.0/24
46.203.215.0/24
46.203.217.0/24
46.203.219.0/24
46.203.221.0/24
91.124.15.0/24
95.135.111.0-95.135.113.255
178.92.11.0/24
178.92.24.0/24
178.92.59.0/24
Signature Algorithm: sha256WithRSAEncryption
45:4e:aa:c9:63:20:87:62:ba:64:3f:5c:70:61:11:38:0e:f5:
50:fe:38:8a:1e:b6:06:6c:db:20:88:f3:31:3b:82:c1:a8:24:
e1:39:ea:b3:18:a6:46:66:b2:df:5a:7e:03:03:00:47:f6:cb:
bd:68:47:37:8f:79:26:d2:0c:01:91:d0:6d:e7:6b:8d:d8:03:
61:ef:a8:cf:99:9c:17:33:fc:46:3d:62:ae:be:a5:a4:fc:0a:
9b:fd:29:85:97:12:e5:a9:1f:67:07:9d:73:84:72:35:3f:a4:
2d:bf:50:6d:64:b8:ee:f9:e4:bb:28:f6:51:06:13:7e:85:4e:
1a:2e:f1:a0:fe:cf:0f:a9:fe:4e:53:35:5f:41:59:ec:03:84:
c7:fe:27:fc:90:82:c7:51:8b:60:f3:b9:24:b8:40:ff:8b:d6:
89:54:77:5c:56:ed:fd:be:38:49:e5:5c:89:30:e3:b5:7f:6a:
e3:b8:ea:67:2d:e8:38:5c:65:27:49:af:4a:f6:47:47:d6:ec:
79:4d:f0:0c:55:35:8e:65:01:1d:12:18:f3:60:0d:26:2c:b9:
b4:d8:d8:0f:4d:82:b1:2b:f2:05:d8:53:ad:dc:3f:51:a3:c6:
d4:f8:f7:64:62:e7:7d:3d:9d:eb:37:8e:cb:72:08:86:5b:8e:
ec:f0:f8:2d
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgIURICnWEM6fkOkSzOPq1S9iqYLnIcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNjA1MDEwNDIzMjFaFw0yNzA0MzAwNDI4MjFaMDMxMTAvBgNV
BAMTKDI3RENGQUE5N0Y1MTBCRjQ3RTJGOTQyNkIwOTQ2Rjg4QUJDNEZDRUMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCUt0g0mfpTmKL3tWSU3UO00vzm
Io/1PvyB2mGpt6ONjwmASBVWnLTy/YQv2pxKU/NNqwbiuIhiMxOM6WK7+2yxIhgG
oc0Z51p4vnWiqB+egUydcgvls1s+jzubnH+xppb0YovinxqZ4am6JUk+DOxiPom2
+SQDuYu4XKl5WvqBqynahJZIWH4/3i0hGsdqr8BrloiJYu0+zLZHlowEDwW4gqa+
B0ME8NFe0oFg8G29drvDCcy4hrL+Xq56Lf/tt7JnI/Oe/ulA9iZDsgUaOpb+bVwO
5ZjTWyEzSq3ne7hY5qNqEZ3JXTnt2z+XwhnZL2tjHQ4RvtLLfkaYSODurWX3AgMB
AAGjggJHMIICQzAdBgNVHQ4EFgQUJ9z6qX9RC/R+L5QmsJRviKvE/OwwHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTMjE4NTkucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwXQYIKwYBBQUHAQcBAf8ETjBMMEoEAgABMEQDBAAuyy4D
BAAuy9cDBAAuy9kDBAAuy9sDBAAuy90DBABbfA8wDAMEAF+HbwMEAV+HcAMEALJc
CwMEALJcGAMEALJcOzANBgkqhkiG9w0BAQsFAAOCAQEARU6qyWMgh2K6ZD9ccGER
OA71UP44ih62BmzbIIjzMTuCwagk4TnqsximRmay31p+AwMAR/bLvWhHN495JtIM
AZHQbedrjdgDYe+oz5mcFzP8Rj1irr6lpPwKm/0phZcS5akfZwedc4RyNT+kLb9Q
bWS47vnkuyj2UQYTfoVOGi7xoP7PD6n+TlM1X0FZ7AOEx/4n/JCCx1GLYPO5JLhA
/4vWiVR3XFbt/b44SeVciTDjtX9q47jqZy3oOFxlJ0mvSvZHR9bseU3wDFU1jmUB
HRIY82ANJiy5tNjYD02CsSvyBdhTrdw/UaPG1Pj3ZGLnfT2d6zeOy3IIhluO7PD4
LQ==
-----END CERTIFICATE-----
Generated at Mon May 4 19:41:51 2026 by rpki-client