Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS30860.roa
File: AS30860.roa (raw, json)
Hash identifier: HkRL7Xzp+dvfX19Y7gZxPbKml8IPV78Xhb49OqAcF9M=
Subject key identifier: 48:B9:D1:03:BC:56:B2:1C:DD:A4:FB:C4:72:B9:41:75:06:BC:0B:02
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 3A60E30CB0FB7E9448B13CA9B1E5CB2EC7523D59
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS30860.roa
Signing time: Tue 21 Jan 2025 15:55:05 +0000
ROA not before: Tue 21 Jan 2025 15:50:05 +0000
ROA not after: Tue 20 Jan 2026 15:55:05 +0000
asID: 30860
IP address blocks: 82.21.224.0/24 maxlen: 24
82.21.236.0/24 maxlen: 24
82.22.216.0/24 maxlen: 24
82.22.220.0/24 maxlen: 24
82.22.227.0/24 maxlen: 24
82.24.210.0/24 maxlen: 24
82.24.224.0/24 maxlen: 24
82.24.234.0/24 maxlen: 24
82.25.228.0/24 maxlen: 24
82.25.237.0/24 maxlen: 24
82.25.238.0/24 maxlen: 24
82.26.226.0/24 maxlen: 24
82.26.239.0/24 maxlen: 24
82.27.235.0/24 maxlen: 24
82.27.239.0/24 maxlen: 24
82.29.221.0/24 maxlen: 24
82.29.225.0/24 maxlen: 24
82.29.229.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3a:60:e3:0c:b0:fb:7e:94:48:b1:3c:a9:b1:e5:cb:2e:c7:52:3d:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Jan 21 15:50:05 2025 GMT
Not After : Jan 20 15:55:05 2026 GMT
Subject: CN=48B9D103BC56B21CDDA4FBC472B9417506BC0B02
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:db:44:a7:9c:02:d3:f4:9b:ff:47:ab:ad:71:
a2:74:71:46:14:e5:03:b4:9b:77:48:14:67:8a:c7:
2e:5e:31:6d:a6:90:4e:2a:ee:37:fa:ad:0e:e7:c5:
4f:6e:fa:fa:4c:dc:9e:aa:85:ed:55:92:47:a9:70:
a3:d0:39:05:3c:12:dd:fc:2b:c2:9c:9b:c1:95:43:
98:cf:ff:21:3b:f6:b5:7a:37:db:5d:3a:58:53:98:
8e:b2:75:24:cc:c4:a7:3f:3f:b0:4a:67:8c:c2:31:
97:e8:2b:16:17:39:47:3a:6f:98:32:df:eb:6e:21:
1a:51:b9:54:44:bb:4f:84:c2:39:0e:d6:7e:f3:0f:
1f:d3:fa:f2:4e:e1:14:7d:75:a4:19:e7:f8:94:87:
ba:da:6c:9e:0c:76:b4:c6:75:f5:ae:32:7f:8f:08:
b1:32:ad:a3:c9:65:be:ba:8b:93:42:23:9e:83:7d:
21:ad:b9:36:70:b1:2c:45:d0:e9:96:31:92:68:9d:
63:e2:e6:a9:7a:db:a3:77:e2:6a:32:3a:b9:0b:de:
bc:0f:20:33:e9:39:14:9f:61:3d:bd:d1:48:e7:c4:
79:48:2b:61:9a:50:cf:05:b6:7a:da:c9:b7:be:4a:
9b:ea:f2:e6:21:21:3e:86:95:4d:b9:71:7a:21:ca:
c1:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:B9:D1:03:BC:56:B2:1C:DD:A4:FB:C4:72:B9:41:75:06:BC:0B:02
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS30860.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.224.0/24
82.21.236.0/24
82.22.216.0/24
82.22.220.0/24
82.22.227.0/24
82.24.210.0/24
82.24.224.0/24
82.24.234.0/24
82.25.228.0/24
82.25.237.0-82.25.238.255
82.26.226.0/24
82.26.239.0/24
82.27.235.0/24
82.27.239.0/24
82.29.221.0/24
82.29.225.0/24
82.29.229.0/24
Signature Algorithm: sha256WithRSAEncryption
94:27:ff:3e:74:35:fd:76:17:20:a4:f2:29:54:52:b4:ef:0c:
67:0a:21:ce:c0:6e:9b:a8:22:5f:58:a4:7e:df:ab:30:02:5c:
9e:96:f5:9c:7e:32:34:4c:cf:c1:80:60:6c:13:90:93:3a:a0:
bc:19:1f:e5:2f:dd:5d:4b:4c:a3:c0:46:e9:c7:13:46:fb:56:
e6:3e:ad:72:ed:4f:30:61:53:52:d0:d9:a0:e3:ea:dd:cd:79:
7d:19:c3:62:36:df:c4:29:88:f2:2d:11:ce:97:a6:90:9c:65:
24:3b:40:da:31:7e:c2:4d:b8:86:a6:40:e9:bc:a7:cd:b5:8d:
6e:39:78:35:a6:5b:52:97:76:cb:fa:19:a4:90:a3:f4:26:99:
51:0e:87:ad:05:27:f6:df:b1:32:a2:d4:e6:cf:f4:db:a5:32:
16:cb:88:7d:80:32:7e:a9:e9:2f:b4:c2:90:12:0e:fd:33:06:
70:be:8a:fa:bb:a9:01:fb:21:f5:cb:7c:1a:ed:ea:25:78:47:
82:43:1b:ae:7d:ad:da:5c:ae:94:81:84:d3:f2:d4:3f:23:c1:
b7:8a:71:50:e4:e1:57:0a:2e:e9:fb:77:5b:f0:c2:97:8d:b6:
c4:20:09:0e:04:8f:fc:8c:38:49:03:20:61:61:01:cf:49:8b:
10:73:6a:3c
-----BEGIN CERTIFICATE-----
MIIFaDCCBFCgAwIBAgIUOmDjDLD7fpRIsTypseXLLsdSPVkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTAxMjExNTUwMDVaFw0yNjAxMjAxNTU1MDVaMDMxMTAvBgNV
BAMTKDQ4QjlEMTAzQkM1NkIyMUNEREE0RkJDNDcyQjk0MTc1MDZCQzBCMDIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCT20SnnALT9Jv/R6utcaJ0cUYU
5QO0m3dIFGeKxy5eMW2mkE4q7jf6rQ7nxU9u+vpM3J6qhe1VkkepcKPQOQU8Et38
K8Kcm8GVQ5jP/yE79rV6N9tdOlhTmI6ydSTMxKc/P7BKZ4zCMZfoKxYXOUc6b5gy
3+tuIRpRuVREu0+EwjkO1n7zDx/T+vJO4RR9daQZ5/iUh7rabJ4MdrTGdfWuMn+P
CLEyraPJZb66i5NCI56DfSGtuTZwsSxF0OmWMZJonWPi5ql626N34moyOrkL3rwP
IDPpORSfYT290UjnxHlIK2GaUM8Ftnraybe+Spvq8uYhIT6GlU25cXohysF7AgMB
AAGjggJyMIICbjAdBgNVHQ4EFgQUSLnRA7xWshzdpPvEcrlBdQa8CwIwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMzA4NjAucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwgYcGCCsGAQUFBwEHAQH/BHgwdjB0BAIAATBuAwQAUhXg
AwQAUhXsAwQAUhbYAwQAUhbcAwQAUhbjAwQAUhjSAwQAUhjgAwQAUhjqAwQAUhnk
MAwDBABSGe0DBABSGe4DBABSGuIDBABSGu8DBABSG+sDBABSG+8DBABSHd0DBABS
HeEDBABSHeUwDQYJKoZIhvcNAQELBQADggEBAJQn/z50Nf12FyCk8ilUUrTvDGcK
Ic7AbpuoIl9YpH7fqzACXJ6W9Zx+MjRMz8GAYGwTkJM6oLwZH+Uv3V1LTKPARunH
E0b7VuY+rXLtTzBhU1LQ2aDj6t3NeX0Zw2I238QpiPItEc6XppCcZSQ7QNoxfsJN
uIamQOm8p821jW45eDWmW1KXdsv6GaSQo/QmmVEOh60FJ/bfsTKi1ObP9NulMhbL
iH2AMn6p6S+0wpASDv0zBnC+ivq7qQH7IfXLfBrt6iV4R4JDG659rdpcrpSBhNPy
1D8jwbeKcVDk4VcKLun7d1vwwpeNtsQgCQ4Ej/yMOEkDIGFhAc9JixBzajw=
-----END CERTIFICATE-----
Generated at Sun Feb 2 09:44:15 2025 by rpki-client