Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS28753.roa
File: AS28753.roa (raw, json)
Hash identifier: ssXTPjqf2QEN0Lshm2/q107YLxNei/14VRwLUNhi84c=
Subject key identifier: 5A:FA:5C:56:38:00:7D:22:B7:3F:0E:A3:DF:BA:27:20:C4:8B:BD:45
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 6D68F34879D10BEAE0847EDE8582E838500A8BD4
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS28753.roa
Signing time: Fri 31 Jan 2025 15:34:11 +0000
ROA not before: Fri 31 Jan 2025 15:29:11 +0000
ROA not after: Fri 30 Jan 2026 15:34:11 +0000
asID: 28753
IP address blocks: 82.21.230.0/24 maxlen: 24
82.21.250.0/24 maxlen: 24
82.21.251.0/24 maxlen: 24
82.21.252.0/24 maxlen: 24
82.22.221.0/24 maxlen: 24
82.22.234.0/24 maxlen: 24
82.22.251.0/24 maxlen: 24
82.22.252.0/24 maxlen: 24
82.23.200.0/24 maxlen: 24
82.23.241.0/24 maxlen: 24
82.23.242.0/24 maxlen: 24
82.24.251.0/24 maxlen: 24
82.24.252.0/24 maxlen: 24
82.25.251.0/24 maxlen: 24
82.25.252.0/24 maxlen: 24
82.26.224.0/24 maxlen: 24
82.26.251.0/24 maxlen: 24
82.26.252.0/24 maxlen: 24
82.27.221.0/24 maxlen: 24
82.27.251.0/24 maxlen: 24
82.27.252.0/24 maxlen: 24
82.29.250.0/24 maxlen: 24
82.29.251.0/24 maxlen: 24
82.29.252.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6d:68:f3:48:79:d1:0b:ea:e0:84:7e:de:85:82:e8:38:50:0a:8b:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Jan 31 15:29:11 2025 GMT
Not After : Jan 30 15:34:11 2026 GMT
Subject: CN=5AFA5C5638007D22B73F0EA3DFBA2720C48BBD45
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:37:7b:aa:5f:b5:96:e8:25:4e:14:a0:b4:d2:
d5:94:be:db:cb:a9:6a:ac:96:cc:79:b1:d9:3f:21:
18:d4:3d:e5:d6:ff:fc:3d:34:0f:9a:c5:50:56:4b:
2f:c4:e5:43:0c:b3:21:ae:bb:a8:c2:ca:c6:1b:3b:
db:d7:b8:15:4a:47:f7:92:12:1d:2a:d7:77:36:b8:
fb:19:fe:96:67:80:e0:9f:0a:46:ad:a0:67:4c:3e:
97:88:1e:70:bb:a8:df:86:bb:e2:e4:b2:4f:12:05:
46:8a:db:17:4a:75:7d:3f:ab:41:60:1c:94:f5:ee:
ca:b2:3c:a5:ed:01:95:89:15:74:55:5b:c8:cd:20:
da:c8:df:f1:fe:bd:8a:aa:7e:06:a2:c2:46:52:4c:
b3:44:9c:da:fa:58:70:fa:0b:d8:91:3a:90:f9:0e:
77:15:f6:c0:f2:30:55:87:36:ab:d9:4b:6d:66:9d:
0e:27:95:00:7a:d9:d6:9a:fc:33:13:1d:92:0a:a3:
b4:35:9c:a4:96:86:76:4f:b5:fa:da:f6:79:01:35:
02:19:04:dc:b2:6a:fb:0b:22:41:fe:2e:69:2e:f9:
53:45:1b:83:2a:aa:3f:5f:f8:31:3a:18:1c:09:0a:
e9:82:bb:fb:52:4d:c2:22:b7:49:15:46:da:c9:cb:
ee:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:FA:5C:56:38:00:7D:22:B7:3F:0E:A3:DF:BA:27:20:C4:8B:BD:45
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS28753.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.230.0/24
82.21.250.0-82.21.252.255
82.22.221.0/24
82.22.234.0/24
82.22.251.0-82.22.252.255
82.23.200.0/24
82.23.241.0-82.23.242.255
82.24.251.0-82.24.252.255
82.25.251.0-82.25.252.255
82.26.224.0/24
82.26.251.0-82.26.252.255
82.27.221.0/24
82.27.251.0-82.27.252.255
82.29.250.0-82.29.252.255
Signature Algorithm: sha256WithRSAEncryption
37:11:2d:07:07:8d:7a:c5:49:89:86:6b:72:ea:24:da:f3:ca:
04:31:c3:26:f8:8b:93:e9:bb:61:48:03:86:f6:44:86:e0:0c:
6e:46:fc:ef:7e:3b:1b:07:1e:0b:59:7f:33:2a:c3:43:2c:db:
c1:54:01:a5:10:44:93:e8:0c:4f:f3:91:55:b8:c7:c3:c1:fc:
15:c4:83:e2:9c:be:4f:c5:6a:d4:00:d9:b8:ff:c8:47:5a:63:
77:03:71:88:be:51:89:9e:cb:50:b8:7b:87:f1:c4:25:cd:2d:
b4:87:be:4f:1d:00:03:ec:85:83:70:86:af:82:44:d3:74:0d:
3d:41:fb:b1:83:12:8c:ad:6e:87:88:f8:65:3b:b3:1f:10:ab:
6c:fe:f6:7e:6b:1d:fd:02:b5:9b:8d:5b:b7:16:98:ed:9f:8c:
a9:08:4b:b5:2c:5b:cb:9b:3d:99:9e:aa:58:f2:94:4e:ec:1d:
af:72:96:ef:33:74:5f:2a:e9:a8:b9:68:b1:3b:b6:ee:d0:21:
9a:4d:87:b6:c9:6a:5d:cd:24:dd:d8:1b:2a:cc:e3:54:2c:5b:
0c:dc:56:e6:78:16:6f:d9:bc:ec:ad:a8:fe:1c:18:8f:6a:9e:
f0:10:db:29:68:bc:6e:b0:bf:dd:a1:80:32:5e:a8:4a:7f:ca:
01:3e:c8:55
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgIUbWjzSHnRC+rghH7ehYLoOFAKi9QwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTAxMzExNTI5MTFaFw0yNjAxMzAxNTM0MTFaMDMxMTAvBgNV
BAMTKDVBRkE1QzU2MzgwMDdEMjJCNzNGMEVBM0RGQkEyNzIwQzQ4QkJENDUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDJN3uqX7WW6CVOFKC00tWUvtvL
qWqslsx5sdk/IRjUPeXW//w9NA+axVBWSy/E5UMMsyGuu6jCysYbO9vXuBVKR/eS
Eh0q13c2uPsZ/pZngOCfCkatoGdMPpeIHnC7qN+Gu+Lksk8SBUaK2xdKdX0/q0Fg
HJT17sqyPKXtAZWJFXRVW8jNINrI3/H+vYqqfgaiwkZSTLNEnNr6WHD6C9iROpD5
DncV9sDyMFWHNqvZS21mnQ4nlQB62daa/DMTHZIKo7Q1nKSWhnZPtfra9nkBNQIZ
BNyyavsLIkH+Lmku+VNFG4Mqqj9f+DE6GBwJCumCu/tSTcIit0kVRtrJy+6/AgMB
AAGjggKcMIICmDAdBgNVHQ4EFgQUWvpcVjgAfSK3Pw6j37onIMSLvUUwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMjg3NTMucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwgbEGCCsGAQUFBwEHAQH/BIGhMIGeMIGbBAIAATCBlAME
AFIV5jAMAwQBUhX6AwQAUhX8AwQAUhbdAwQAUhbqMAwDBABSFvsDBABSFvwDBABS
F8gwDAMEAFIX8QMEAFIX8jAMAwQAUhj7AwQAUhj8MAwDBABSGfsDBABSGfwDBABS
GuAwDAMEAFIa+wMEAFIa/AMEAFIb3TAMAwQAUhv7AwQAUhv8MAwDBAFSHfoDBABS
HfwwDQYJKoZIhvcNAQELBQADggEBADcRLQcHjXrFSYmGa3LqJNrzygQxwyb4i5Pp
u2FIA4b2RIbgDG5G/O9+OxsHHgtZfzMqw0Ms28FUAaUQRJPoDE/zkVW4x8PB/BXE
g+Kcvk/FatQA2bj/yEdaY3cDcYi+UYmey1C4e4fxxCXNLbSHvk8dAAPshYNwhq+C
RNN0DT1B+7GDEoytboeI+GU7sx8Qq2z+9n5rHf0CtZuNW7cWmO2fjKkIS7UsW8ub
PZmeqljylE7sHa9ylu8zdF8q6ai5aLE7tu7QIZpNh7bJal3NJN3YGyrM41QsWwzc
VuZ4Fm/ZvOytqP4cGI9qnvAQ2ylovG6wv92hgDJeqEp/ygE+yFU=
-----END CERTIFICATE-----
Generated at Sun Feb 2 09:56:25 2025 by rpki-client