Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS30058.roa
File: AS30058.roa (raw, json)
Hash identifier: AVctPqCwq23UWzndVO+5fJofVp8gs+MCyjkcdPbeaj0=
Subject key identifier: 2C:CA:50:9A:65:95:8F:63:1A:25:67:F7:DF:D2:4A:B5:33:32:C3:3D
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 592DDEABE461F971A5E3458F1BF61660BB0BB92D
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS30058.roa
Signing time: Wed 16 Jul 2025 13:05:14 +0000
ROA not before: Wed 16 Jul 2025 13:00:14 +0000
ROA not after: Wed 15 Jul 2026 13:05:14 +0000
asID: 30058
IP address blocks: 148.135.201.0/24 maxlen: 24
155.117.151.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
59:2d:de:ab:e4:61:f9:71:a5:e3:45:8f:1b:f6:16:60:bb:0b:b9:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Jul 16 13:00:14 2025 GMT
Not After : Jul 15 13:05:14 2026 GMT
Subject: CN=2CCA509A65958F631A2567F7DFD24AB53332C33D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:c2:55:1b:11:ef:de:4e:49:17:c5:cd:d9:25:
aa:83:77:d3:73:c7:24:09:1c:ad:e5:eb:58:d3:6a:
34:a3:0e:a8:28:96:a9:dc:7d:d5:75:9f:96:d2:83:
dd:80:e5:8b:d6:f8:b2:39:0b:22:da:dc:ea:74:75:
17:0c:11:d6:51:16:d8:8c:a6:d7:f2:5d:ff:c6:15:
a7:56:b0:48:bb:4b:53:9f:94:7e:7c:14:e0:5c:ea:
29:98:eb:79:10:56:73:fa:5f:7a:70:16:32:02:cb:
f5:0e:9f:a3:02:97:58:9f:aa:fb:e1:8d:ed:86:23:
3a:88:27:91:dd:ab:1d:32:6f:34:6b:ed:53:98:f5:
b5:50:e7:5f:a7:86:60:74:ec:ea:72:1a:47:56:1b:
99:87:6e:c7:0f:9e:d5:2a:6f:2e:3f:8c:fd:e5:ea:
d8:60:2d:b8:0d:02:ae:12:7d:42:2e:49:b9:77:87:
33:a7:9a:01:79:15:bb:fe:b6:07:50:5e:5a:87:84:
8b:cd:2b:fb:df:26:b3:7f:cf:57:3a:6d:23:b4:e9:
39:29:69:1b:2d:c7:b2:87:f7:ea:50:54:6a:a7:4a:
31:58:2b:9b:42:65:e2:47:7c:bd:b9:6d:00:a1:11:
93:82:3c:b2:53:88:5e:65:16:84:62:2a:8a:56:13:
09:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:CA:50:9A:65:95:8F:63:1A:25:67:F7:DF:D2:4A:B5:33:32:C3:3D
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS30058.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
148.135.201.0/24
155.117.151.0/24
Signature Algorithm: sha256WithRSAEncryption
5b:de:89:a3:8e:0d:a4:28:84:ed:2c:f7:57:08:fb:fa:2b:e5:
b5:35:a5:e1:a9:68:46:8a:58:29:35:4d:c0:62:6c:58:b4:ea:
57:89:ed:b0:10:5a:95:83:39:8c:be:27:f1:26:25:8f:15:21:
1b:e4:32:6d:de:f3:fd:70:03:c7:52:c8:c1:54:c9:74:22:44:
36:78:c5:f6:49:6a:72:e1:68:dc:c9:8d:ab:dc:57:7d:82:71:
85:fc:71:ad:a7:fd:90:e2:ab:63:00:ce:53:60:a5:e1:80:9b:
35:96:36:14:c5:fc:24:59:a2:0c:5f:22:4f:d6:42:07:04:15:
63:ed:26:27:b6:01:c8:cc:c7:c2:cd:48:58:de:b2:ff:d8:db:
19:0e:4a:29:bf:ef:f2:07:af:35:4d:a2:82:86:f0:f6:b0:e1:
68:33:7b:ec:50:f9:ae:11:6e:db:0b:e6:a5:14:b7:7f:28:f0:
e9:46:93:53:11:d3:aa:53:e3:07:91:3e:18:a5:91:31:48:da:
3f:9b:8d:43:bb:9a:28:82:c4:db:66:f8:6c:ff:e3:36:74:b7:
fc:21:97:8e:30:16:2f:0b:09:3e:a5:f9:19:1b:ca:46:08:a4:
3f:ce:b6:86:97:6e:93:e4:e4:a8:be:8e:09:0b:75:ea:ca:ba:
ad:05:a0:ce
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgIUWS3eq+Rh+XGl40WPG/YWYLsLuS0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTA3MTYxMzAwMTRaFw0yNjA3MTUxMzA1MTRaMDMxMTAvBgNV
BAMTKDJDQ0E1MDlBNjU5NThGNjMxQTI1NjdGN0RGRDI0QUI1MzMzMkMzM0QwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCWwlUbEe/eTkkXxc3ZJaqDd9Nz
xyQJHK3l61jTajSjDqgolqncfdV1n5bSg92A5YvW+LI5CyLa3Op0dRcMEdZRFtiM
ptfyXf/GFadWsEi7S1OflH58FOBc6imY63kQVnP6X3pwFjICy/UOn6MCl1ifqvvh
je2GIzqIJ5Hdqx0ybzRr7VOY9bVQ51+nhmB07OpyGkdWG5mHbscPntUqby4/jP3l
6thgLbgNAq4SfUIuSbl3hzOnmgF5Fbv+tgdQXlqHhIvNK/vfJrN/z1c6bSO06Tkp
aRstx7KH9+pQVGqnSjFYK5tCZeJHfL25bQChEZOCPLJTiF5lFoRiKopWEwmlAgMB
AAGjggIPMIICCzAdBgNVHQ4EFgQULMpQmmWVj2MaJWf339JKtTMywz0wHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMzAwNTgucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwDBACUh8kD
BACbdZcwDQYJKoZIhvcNAQELBQADggEBAFveiaOODaQohO0s91cI+/or5bU1peGp
aEaKWCk1TcBibFi06leJ7bAQWpWDOYy+J/EmJY8VIRvkMm3e8/1wA8dSyMFUyXQi
RDZ4xfZJanLhaNzJjavcV32CcYX8ca2n/ZDiq2MAzlNgpeGAmzWWNhTF/CRZogxf
Ik/WQgcEFWPtJie2AcjMx8LNSFjesv/Y2xkOSim/7/IHrzVNooKG8Paw4Wgze+xQ
+a4RbtsL5qUUt38o8OlGk1MR06pT4weRPhilkTFI2j+bjUO7miiCxNtm+Gz/4zZ0
t/whl44wFi8LCT6l+RkbykYIpD/OtoaXbpPk5Ki+jgkLderKuq0FoM4=
-----END CERTIFICATE-----
Generated at Tue Jul 22 19:00:38 2025 by rpki-client