Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS30860.roa
File: AS30860.roa (raw, json)
Hash identifier: D29fLQ5uIGeT18Zv3lNDQc00BS/GgY3SzNdFVd9VGcs=
Subject key identifier: 94:03:A4:09:92:DD:79:B7:6A:BA:21:61:BA:14:C8:B0:52:A9:B3:63
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 43A5C1752EA6A35966A1DBA249AB19FF73696D3D
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS30860.roa
Signing time: Fri 07 Feb 2025 08:33:55 +0000
ROA not before: Fri 07 Feb 2025 08:28:55 +0000
ROA not after: Fri 06 Feb 2026 08:33:55 +0000
asID: 30860
IP address blocks: 82.21.219.0/24 maxlen: 24
82.21.223.0/24 maxlen: 24
82.21.224.0/24 maxlen: 24
82.21.236.0/24 maxlen: 24
82.22.210.0/24 maxlen: 24
82.22.216.0/24 maxlen: 24
82.22.217.0/24 maxlen: 24
82.22.220.0/24 maxlen: 24
82.22.227.0/24 maxlen: 24
82.23.209.0/24 maxlen: 24
82.24.210.0/24 maxlen: 24
82.24.224.0/24 maxlen: 24
82.24.225.0/24 maxlen: 24
82.24.234.0/24 maxlen: 24
82.25.216.0/24 maxlen: 24
82.25.228.0/24 maxlen: 24
82.25.237.0/24 maxlen: 24
82.25.238.0/24 maxlen: 24
82.26.221.0/24 maxlen: 24
82.26.226.0/24 maxlen: 24
82.26.239.0/24 maxlen: 24
82.27.214.0/24 maxlen: 24
82.27.233.0/24 maxlen: 24
82.27.235.0/24 maxlen: 24
82.27.239.0/24 maxlen: 24
82.29.221.0/24 maxlen: 24
82.29.225.0/24 maxlen: 24
82.29.226.0/24 maxlen: 24
82.29.229.0/24 maxlen: 24
82.29.230.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 16 Apr 2025 15:22:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
43:a5:c1:75:2e:a6:a3:59:66:a1:db:a2:49:ab:19:ff:73:69:6d:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Feb 7 08:28:55 2025 GMT
Not After : Feb 6 08:33:55 2026 GMT
Subject: CN=9403A40992DD79B76ABA2161BA14C8B052A9B363
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:99:40:00:46:80:3b:44:25:53:4d:56:d2:33:
71:d2:86:cd:9c:98:34:45:b9:96:3e:4b:dd:b7:40:
4b:c5:e4:b8:02:21:7d:ff:f8:f1:56:96:07:73:ef:
1d:85:dd:be:65:2d:26:64:50:db:da:a8:03:e6:c5:
bf:99:de:2d:20:62:b3:ba:43:1a:8a:72:17:c2:f0:
83:68:a4:10:c0:1e:fa:14:f9:26:7c:eb:22:4c:cf:
99:71:3c:78:aa:f3:97:03:db:9a:a1:6e:e7:05:6e:
cf:e5:56:7b:06:a6:ba:8e:8c:47:96:cd:a8:fa:45:
e4:68:56:65:73:b5:ed:57:c1:11:32:ec:cf:ac:c8:
1c:66:bd:58:26:d5:10:2c:44:f7:ce:1b:c8:d7:3a:
91:ff:52:01:1e:f8:22:a9:89:50:1c:c0:51:27:7e:
6b:3f:e5:34:c1:d0:13:b3:93:74:61:29:df:2b:8e:
31:57:d3:6c:0e:76:e2:17:b1:d4:1f:d6:19:92:e1:
13:c3:ce:6b:6b:1f:45:3f:7e:a9:9f:00:2f:8b:b3:
1e:2e:ff:4a:ec:ab:bc:37:46:e5:e6:f1:b0:99:e2:
a1:58:8b:91:96:4b:10:d2:b1:7f:d4:aa:e9:6c:83:
f3:ea:ce:aa:51:bc:de:44:6e:5b:71:30:ff:65:24:
b9:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:03:A4:09:92:DD:79:B7:6A:BA:21:61:BA:14:C8:B0:52:A9:B3:63
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS30860.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.219.0/24
82.21.223.0-82.21.224.255
82.21.236.0/24
82.22.210.0/24
82.22.216.0/23
82.22.220.0/24
82.22.227.0/24
82.23.209.0/24
82.24.210.0/24
82.24.224.0/23
82.24.234.0/24
82.25.216.0/24
82.25.228.0/24
82.25.237.0-82.25.238.255
82.26.221.0/24
82.26.226.0/24
82.26.239.0/24
82.27.214.0/24
82.27.233.0/24
82.27.235.0/24
82.27.239.0/24
82.29.221.0/24
82.29.225.0-82.29.226.255
82.29.229.0-82.29.230.255
Signature Algorithm: sha256WithRSAEncryption
18:63:fb:61:77:20:4f:d2:2b:25:bf:47:0e:dd:27:57:73:50:
9e:17:e9:f0:a8:54:47:98:c0:cd:93:3f:6d:98:60:b8:8a:ff:
8e:60:32:89:ea:9c:8b:6f:2f:5b:b1:ed:3d:18:03:c4:5f:83:
d5:bd:70:17:db:6f:76:b2:8c:8e:ef:11:ab:06:04:f9:09:c3:
9b:86:24:b5:68:7f:3d:c2:93:7b:87:7d:88:7f:41:fc:1d:e6:
d1:92:f8:e3:81:e7:d0:b6:87:67:b2:32:34:60:b5:f9:23:2c:
4a:47:4d:46:ef:e2:db:a9:32:3c:ea:ef:0b:95:9e:ec:c7:a8:
e4:f5:78:7d:f5:8b:51:db:05:6a:34:48:c9:63:11:7b:ad:71:
8a:75:5a:ad:2b:f4:8a:e9:57:a1:38:e4:6c:00:b4:06:8e:9f:
df:e3:cd:21:9e:cb:1e:5a:06:ec:a3:91:4a:b8:c6:da:34:f5:
05:ea:55:91:2b:17:05:13:59:46:89:dc:bd:c2:0c:98:c0:c0:
d3:79:cd:50:84:26:ef:ef:2d:67:69:78:a2:85:f7:de:ea:de:
9a:ac:2a:0e:e5:b6:29:44:3f:b8:a0:ed:14:fa:3b:01:b3:61:
94:86:77:be:49:34:99:13:ca:ca:79:bd:90:39:dd:2a:37:ac:
ba:6f:c2:df
-----BEGIN CERTIFICATE-----
MIIFrjCCBJagAwIBAgIUQ6XBdS6mo1lmoduiSasZ/3NpbT0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTAyMDcwODI4NTVaFw0yNjAyMDYwODMzNTVaMDMxMTAvBgNV
BAMTKDk0MDNBNDA5OTJERDc5Qjc2QUJBMjE2MUJBMTRDOEIwNTJBOUIzNjMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCqmUAARoA7RCVTTVbSM3HShs2c
mDRFuZY+S923QEvF5LgCIX3/+PFWlgdz7x2F3b5lLSZkUNvaqAPmxb+Z3i0gYrO6
QxqKchfC8INopBDAHvoU+SZ86yJMz5lxPHiq85cD25qhbucFbs/lVnsGprqOjEeW
zaj6ReRoVmVzte1XwREy7M+syBxmvVgm1RAsRPfOG8jXOpH/UgEe+CKpiVAcwFEn
fms/5TTB0BOzk3RhKd8rjjFX02wOduIXsdQf1hmS4RPDzmtrH0U/fqmfAC+Lsx4u
/0rsq7w3RuXm8bCZ4qFYi5GWSxDSsX/Uqulsg/PqzqpRvN5EbltxMP9lJLkLAgMB
AAGjggK4MIICtDAdBgNVHQ4EFgQUlAOkCZLdebdquiFhuhTIsFKps2MwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMzA4NjAucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwgc0GCCsGAQUFBwEHAQH/BIG9MIG6MIG3BAIAATCBsAME
AFIV2zAMAwQAUhXfAwQAUhXgAwQAUhXsAwQAUhbSAwQBUhbYAwQAUhbcAwQAUhbj
AwQAUhfRAwQAUhjSAwQBUhjgAwQAUhjqAwQAUhnYAwQAUhnkMAwDBABSGe0DBABS
Ge4DBABSGt0DBABSGuIDBABSGu8DBABSG9YDBABSG+kDBABSG+sDBABSG+8DBABS
Hd0wDAMEAFId4QMEAFId4jAMAwQAUh3lAwQAUh3mMA0GCSqGSIb3DQEBCwUAA4IB
AQAYY/thdyBP0islv0cO3SdXc1CeF+nwqFRHmMDNkz9tmGC4iv+OYDKJ6pyLby9b
se09GAPEX4PVvXAX2292soyO7xGrBgT5CcObhiS1aH89wpN7h32If0H8HebRkvjj
gefQtodnsjI0YLX5IyxKR01G7+LbqTI86u8LlZ7sx6jk9Xh99YtR2wVqNEjJYxF7
rXGKdVqtK/SK6VehOORsALQGjp/f480hnsseWgbso5FKuMbaNPUF6lWRKxcFE1lG
idy9wgyYwMDTec1QhCbv7y1naXiihffe6t6arCoO5bYpRD+4oO0U+jsBs2GUhne+
STSZE8rKeb2QOd0qN6y6b8Lf
-----END CERTIFICATE-----
Generated at Tue Apr 15 23:23:57 2025 by rpki-client