Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS30900.roa
File: AS30900.roa (raw, json)
Hash identifier: 9hArdMEM3vYHFi8ovBS/H5lRsN6bfPMoLqbCYP6JJ2U=
Subject key identifier: DF:7E:0B:A0:67:E5:E5:0B:4A:0E:E5:45:B6:DB:96:3B:7D:B6:1F:08
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 22279BA9B5FF17D9E1D400AC3F029C16575783EA
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS30900.roa
Signing time: Fri 11 Apr 2025 09:06:41 +0000
ROA not before: Fri 11 Apr 2025 09:01:41 +0000
ROA not after: Fri 10 Apr 2026 09:06:41 +0000
asID: 30900
IP address blocks: 82.21.217.0/24 maxlen: 24
82.21.218.0/24 maxlen: 24
82.21.246.0/24 maxlen: 24
82.21.247.0/24 maxlen: 24
82.21.248.0/24 maxlen: 24
82.22.214.0/24 maxlen: 24
82.22.219.0/24 maxlen: 24
82.22.223.0/24 maxlen: 24
82.22.246.0/24 maxlen: 24
82.22.248.0/24 maxlen: 24
82.23.202.0/24 maxlen: 24
82.23.225.0/24 maxlen: 24
82.23.236.0/24 maxlen: 24
82.23.238.0/24 maxlen: 24
82.24.19.0/24 maxlen: 24
82.24.33.0/24 maxlen: 24
82.24.221.0/24 maxlen: 24
82.24.223.0/24 maxlen: 24
82.24.237.0/24 maxlen: 24
82.24.246.0/24 maxlen: 24
82.24.248.0/24 maxlen: 24
82.25.213.0/24 maxlen: 24
82.25.214.0/24 maxlen: 24
82.25.215.0/24 maxlen: 24
82.25.235.0/24 maxlen: 24
82.25.246.0/24 maxlen: 24
82.25.248.0/24 maxlen: 24
82.26.217.0/24 maxlen: 24
82.26.248.0/24 maxlen: 24
82.26.249.0/24 maxlen: 24
82.27.231.0/24 maxlen: 24
82.27.248.0/24 maxlen: 24
82.27.249.0/24 maxlen: 24
82.29.214.0/24 maxlen: 24
82.29.235.0/24 maxlen: 24
82.29.246.0/24 maxlen: 24
82.29.247.0/24 maxlen: 24
82.29.248.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 16 Apr 2025 15:22:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
22:27:9b:a9:b5:ff:17:d9:e1:d4:00:ac:3f:02:9c:16:57:57:83:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Apr 11 09:01:41 2025 GMT
Not After : Apr 10 09:06:41 2026 GMT
Subject: CN=DF7E0BA067E5E50B4A0EE545B6DB963B7DB61F08
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:f8:23:50:62:e2:0a:55:4b:a3:bc:22:4d:54:
d9:de:b4:ce:96:cd:bb:b5:0e:01:b5:9c:c2:de:36:
e7:54:bd:71:ba:23:f6:52:ba:b5:93:d7:f7:b2:a0:
29:9a:22:2e:bb:86:68:0d:0d:c5:b5:35:90:09:ff:
bf:75:58:1e:f2:db:1b:0f:4d:56:e5:01:c3:c9:1b:
95:aa:fb:b7:c4:3a:a7:53:d1:e3:2a:6b:36:a1:45:
64:b5:99:42:23:58:c6:84:cd:7b:02:aa:03:cc:71:
63:aa:fb:c5:9e:09:c8:37:8c:04:f2:e3:b3:84:50:
e5:e7:dd:1a:cc:d3:db:78:d4:df:b7:7d:3b:81:6d:
7e:6b:df:72:7c:86:49:82:03:b3:1f:09:28:17:fa:
80:f4:44:b8:a4:8f:d3:dc:4b:17:4a:9d:3a:83:1e:
d1:b6:3d:25:ec:06:5d:f4:2f:76:b7:09:da:9c:dc:
a2:79:99:38:0a:e8:6d:07:57:97:29:c8:29:c1:ff:
82:f5:0c:51:7b:84:71:ad:42:63:ae:c7:52:fe:c2:
d6:e5:dc:ad:41:a8:5b:d5:cb:12:cb:64:0d:c3:7b:
26:7b:0d:71:82:45:e4:53:79:70:ee:70:2b:25:99:
ae:a7:4f:61:9d:6b:13:64:ac:c1:34:c9:6f:ef:16:
58:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:7E:0B:A0:67:E5:E5:0B:4A:0E:E5:45:B6:DB:96:3B:7D:B6:1F:08
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS30900.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.217.0-82.21.218.255
82.21.246.0-82.21.248.255
82.22.214.0/24
82.22.219.0/24
82.22.223.0/24
82.22.246.0/24
82.22.248.0/24
82.23.202.0/24
82.23.225.0/24
82.23.236.0/24
82.23.238.0/24
82.24.19.0/24
82.24.33.0/24
82.24.221.0/24
82.24.223.0/24
82.24.237.0/24
82.24.246.0/24
82.24.248.0/24
82.25.213.0-82.25.215.255
82.25.235.0/24
82.25.246.0/24
82.25.248.0/24
82.26.217.0/24
82.26.248.0/23
82.27.231.0/24
82.27.248.0/23
82.29.214.0/24
82.29.235.0/24
82.29.246.0-82.29.248.255
Signature Algorithm: sha256WithRSAEncryption
75:0a:60:f2:96:bc:9b:2c:6e:3d:0e:c7:d9:85:c8:5a:ed:ef:
15:71:4e:3c:e6:55:7b:81:88:5b:1b:6d:bf:e5:1d:e1:80:77:
bc:e5:c5:00:a1:7d:05:5a:86:7f:03:fd:eb:d2:c3:09:77:5e:
98:67:37:8a:33:dc:7c:9d:44:c3:f6:77:0f:e8:a2:34:2c:11:
67:72:e5:b1:0a:c1:a5:76:8f:30:18:b6:f5:08:cc:93:f5:ca:
e1:5d:34:88:4e:e6:7d:bf:63:33:6a:5b:3e:94:0d:6c:64:ca:
ea:88:dd:a3:b0:fb:2c:6c:6f:2c:bf:47:28:d6:91:25:b5:71:
e2:79:cb:21:72:1a:d7:56:20:67:b7:e4:45:c1:91:a4:fd:8f:
13:45:ad:81:38:bc:73:d9:e2:e0:0c:73:09:5b:f0:d4:8a:ff:
40:d5:e9:3c:46:72:24:ac:a6:61:f4:07:59:e1:6e:e9:ec:d2:
42:4b:d2:bb:ca:2f:c9:db:83:d6:f2:2c:d6:10:67:9b:9e:87:
39:cb:19:f1:e6:25:21:cf:24:c8:80:46:fc:d2:cc:07:53:8b:
02:15:a6:3f:2c:79:e5:28:ac:d5:5d:0a:08:fa:ec:06:db:fb:
4d:ea:aa:e3:38:c6:0c:78:ac:d3:f7:90:9e:34:25:04:c9:83:
c2:a0:2c:9a
-----BEGIN CERTIFICATE-----
MIIFzDCCBLSgAwIBAgIUIiebqbX/F9nh1ACsPwKcFldXg+owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTA0MTEwOTAxNDFaFw0yNjA0MTAwOTA2NDFaMDMxMTAvBgNV
BAMTKERGN0UwQkEwNjdFNUU1MEI0QTBFRTU0NUI2REI5NjNCN0RCNjFGMDgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDT+CNQYuIKVUujvCJNVNnetM6W
zbu1DgG1nMLeNudUvXG6I/ZSurWT1/eyoCmaIi67hmgNDcW1NZAJ/791WB7y2xsP
TVblAcPJG5Wq+7fEOqdT0eMqazahRWS1mUIjWMaEzXsCqgPMcWOq+8WeCcg3jATy
47OEUOXn3RrM09t41N+3fTuBbX5r33J8hkmCA7MfCSgX+oD0RLikj9PcSxdKnTqD
HtG2PSXsBl30L3a3Cdqc3KJ5mTgK6G0HV5cpyCnB/4L1DFF7hHGtQmOux1L+wtbl
3K1BqFvVyxLLZA3DeyZ7DXGCReRTeXDucCslma6nT2GdaxNkrME0yW/vFlgrAgMB
AAGjggLWMIIC0jAdBgNVHQ4EFgQU334LoGfl5QtKDuVFttuWO322HwgwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMzA5MDAucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwgesGCCsGAQUFBwEHAQH/BIHbMIHYMIHVBAIAATCBzjAM
AwQAUhXZAwQAUhXaMAwDBAFSFfYDBABSFfgDBABSFtYDBABSFtsDBABSFt8DBABS
FvYDBABSFvgDBABSF8oDBABSF+EDBABSF+wDBABSF+4DBABSGBMDBABSGCEDBABS
GN0DBABSGN8DBABSGO0DBABSGPYDBABSGPgwDAMEAFIZ1QMEA1IZ0AMEAFIZ6wME
AFIZ9gMEAFIZ+AMEAFIa2QMEAVIa+AMEAFIb5wMEAVIb+AMEAFId1gMEAFId6zAM
AwQBUh32AwQAUh34MA0GCSqGSIb3DQEBCwUAA4IBAQB1CmDylrybLG49DsfZhcha
7e8VcU485lV7gYhbG22/5R3hgHe85cUAoX0FWoZ/A/3r0sMJd16YZzeKM9x8nUTD
9ncP6KI0LBFncuWxCsGldo8wGLb1CMyT9crhXTSITuZ9v2Mzals+lA1sZMrqiN2j
sPssbG8sv0co1pEltXHiecshchrXViBnt+RFwZGk/Y8TRa2BOLxz2eLgDHMJW/DU
iv9A1ek8RnIkrKZh9AdZ4W7p7NJCS9K7yi/J24PW8izWEGebnoc5yxnx5iUhzyTI
gEb80swHU4sCFaY/LHnlKKzVXQoI+uwG2/tN6qrjOMYMeKzT95CeNCUEyYPCoCya
-----END CERTIFICATE-----
Generated at Tue Apr 15 23:19:53 2025 by rpki-client