Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS28110.roa
File: AS28110.roa (raw, json)
Hash identifier: XAynb3Ztj2EkH8CrRV5d7f5k6OBvIx04XnTYkNASYbs=
Subject key identifier: 3E:F6:54:61:73:87:4B:29:CA:2B:C7:D7:EA:E9:7F:F3:07:AA:BE:24
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 463C8AE6D1DBDEF3CBD104911833BCC7862934C6
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS28110.roa
Signing time: Mon 31 Mar 2025 07:03:34 +0000
ROA not before: Mon 31 Mar 2025 06:58:34 +0000
ROA not after: Mon 30 Mar 2026 07:03:34 +0000
asID: 28110
IP address blocks: 82.21.238.0/24 maxlen: 24
82.22.213.0/24 maxlen: 24
82.22.218.0/24 maxlen: 24
82.22.238.0/24 maxlen: 24
82.23.227.0/24 maxlen: 24
82.24.229.0/24 maxlen: 24
82.24.235.0/24 maxlen: 24
82.25.222.0/24 maxlen: 24
82.25.232.0/24 maxlen: 24
82.26.223.0/24 maxlen: 24
82.27.217.0/24 maxlen: 24
82.27.232.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 16 Apr 2025 15:22:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
46:3c:8a:e6:d1:db:de:f3:cb:d1:04:91:18:33:bc:c7:86:29:34:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Mar 31 06:58:34 2025 GMT
Not After : Mar 30 07:03:34 2026 GMT
Subject: CN=3EF6546173874B29CA2BC7D7EAE97FF307AABE24
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:57:72:21:d6:ee:c9:28:a2:9d:c6:13:7c:94:
70:cc:72:28:53:ad:43:76:4c:43:78:dd:36:a5:56:
a8:3a:28:3b:f7:46:ae:84:b4:91:65:d4:c6:39:5d:
2d:25:3d:88:69:4e:5f:00:c0:72:07:40:8b:35:6a:
42:de:7e:d0:ec:d8:a8:75:33:2e:58:90:d2:e6:ad:
1b:f6:1b:a0:24:8a:89:32:bf:50:b8:6d:96:c1:1f:
f3:1a:bc:82:9e:98:81:20:aa:0e:11:68:e2:1d:11:
6a:c1:4d:f8:29:3c:2f:21:75:7f:66:80:19:ba:63:
c6:0d:1a:e8:bc:70:08:39:e1:72:23:cb:f3:2b:e8:
24:3d:72:74:8d:38:18:e5:66:8d:2d:c3:4d:1d:a9:
2a:3b:4c:81:a0:e5:77:7c:d1:99:46:9b:94:e7:4e:
f8:f4:30:0a:ab:1d:9f:3a:93:f2:ff:10:66:3d:ac:
f6:67:df:ba:47:44:40:f8:01:cc:ee:80:33:83:06:
b4:fc:53:c4:7d:f9:55:74:88:d4:c6:5f:87:23:50:
56:ec:17:31:41:d6:e8:52:0e:68:34:c3:ed:db:2d:
b5:56:3e:ad:5c:ba:c6:b3:6b:bb:9b:73:ae:b4:86:
c5:a1:9e:48:60:eb:36:45:b0:aa:79:7a:0e:b7:f7:
cf:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:F6:54:61:73:87:4B:29:CA:2B:C7:D7:EA:E9:7F:F3:07:AA:BE:24
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS28110.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.238.0/24
82.22.213.0/24
82.22.218.0/24
82.22.238.0/24
82.23.227.0/24
82.24.229.0/24
82.24.235.0/24
82.25.222.0/24
82.25.232.0/24
82.26.223.0/24
82.27.217.0/24
82.27.232.0/24
Signature Algorithm: sha256WithRSAEncryption
11:a4:8a:2d:63:4f:f2:f1:cd:3d:9f:b8:02:db:b8:69:25:73:
cf:be:f0:20:8b:0d:7d:9f:64:ac:5c:78:3f:aa:0a:03:d7:b6:
27:95:6b:d7:ba:7c:47:c0:93:d7:e6:5d:a4:33:c6:cd:89:8f:
62:c3:fe:57:5e:2b:9b:74:89:63:4f:7b:71:5b:53:5a:f1:73:
76:08:51:88:a2:84:f7:f4:10:9b:b5:69:eb:d5:fb:e8:64:b2:
5e:ca:64:77:e4:6c:8a:ef:f4:b5:f3:20:d2:18:99:36:a2:9b:
27:3a:69:31:f9:43:4f:62:b3:04:6f:60:81:a5:80:9d:22:6f:
52:b0:31:65:27:98:9f:50:23:24:73:20:69:cf:cb:47:84:4b:
92:03:e6:e4:0e:23:ef:8f:f3:32:27:0b:d4:a6:ec:7e:0e:f9:
ba:b6:e2:c9:e8:ea:7b:7d:15:35:ed:06:1f:7f:08:f2:9b:39:
49:fd:33:7f:fd:4a:ba:6a:3f:1e:e1:37:66:00:09:c9:36:4c:
26:2f:d3:94:b6:08:18:01:a0:11:aa:b8:d2:6d:a1:34:fb:01:
b1:83:2c:d6:7e:a6:d2:79:b3:a7:5f:36:f1:86:7d:6f:53:56:
d9:ed:a6:64:41:f3:c7:37:41:5a:ca:d6:67:73:dd:91:4b:dc:
46:bb:47:9e
-----BEGIN CERTIFICATE-----
MIIFQTCCBCmgAwIBAgIURjyK5tHb3vPL0QSRGDO8x4YpNMYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTAzMzEwNjU4MzRaFw0yNjAzMzAwNzAzMzRaMDMxMTAvBgNV
BAMTKDNFRjY1NDYxNzM4NzRCMjlDQTJCQzdEN0VBRTk3RkYzMDdBQUJFMjQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCTV3Ih1u7JKKKdxhN8lHDMcihT
rUN2TEN43TalVqg6KDv3Rq6EtJFl1MY5XS0lPYhpTl8AwHIHQIs1akLeftDs2Kh1
My5YkNLmrRv2G6Akiokyv1C4bZbBH/MavIKemIEgqg4RaOIdEWrBTfgpPC8hdX9m
gBm6Y8YNGui8cAg54XIjy/Mr6CQ9cnSNOBjlZo0tw00dqSo7TIGg5Xd80ZlGm5Tn
Tvj0MAqrHZ86k/L/EGY9rPZn37pHRED4AczugDODBrT8U8R9+VV0iNTGX4cjUFbs
FzFB1uhSDmg0w+3bLbVWPq1cusaza7ubc660hsWhnkhg6zZFsKp5eg63989xAgMB
AAGjggJLMIICRzAdBgNVHQ4EFgQUPvZUYXOHSynKK8fX6ul/8weqviQwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMjgxMTAucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwYQYIKwYBBQUHAQcBAf8EUjBQME4EAgABMEgDBABSFe4D
BABSFtUDBABSFtoDBABSFu4DBABSF+MDBABSGOUDBABSGOsDBABSGd4DBABSGegD
BABSGt8DBABSG9kDBABSG+gwDQYJKoZIhvcNAQELBQADggEBABGkii1jT/LxzT2f
uALbuGklc8++8CCLDX2fZKxceD+qCgPXtieVa9e6fEfAk9fmXaQzxs2Jj2LD/lde
K5t0iWNPe3FbU1rxc3YIUYiihPf0EJu1aevV++hksl7KZHfkbIrv9LXzINIYmTai
myc6aTH5Q09iswRvYIGlgJ0ib1KwMWUnmJ9QIyRzIGnPy0eES5ID5uQOI++P8zIn
C9Sm7H4O+bq24sno6nt9FTXtBh9/CPKbOUn9M3/9SrpqPx7hN2YACck2TCYv05S2
CBgBoBGquNJtoTT7AbGDLNZ+ptJ5s6dfNvGGfW9TVtntpmRB88c3QVrK1mdz3ZFL
3Ea7R54=
-----END CERTIFICATE-----
Generated at Tue Apr 15 23:18:41 2025 by rpki-client