Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS30900.roa
File: AS30900.roa (raw, json)
Hash identifier: iLeRFxbPZoIivQEbD6igHf/c6+hyADoQGodIwdKo93o=
Subject key identifier: 30:DF:4B:4E:6D:91:B1:57:A3:3E:E4:E3:FF:E0:84:5B:0B:DB:3D:13
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 5ED6BA79105D91EB5449DC595BE3D3FD6FAD531C
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS30900.roa
Signing time: Thu 30 Jan 2025 08:07:11 +0000
ROA not before: Thu 30 Jan 2025 08:02:11 +0000
ROA not after: Thu 29 Jan 2026 08:07:11 +0000
asID: 30900
IP address blocks: 82.21.218.0/24 maxlen: 24
82.22.214.0/24 maxlen: 24
82.22.223.0/24 maxlen: 24
82.23.202.0/24 maxlen: 24
82.23.225.0/24 maxlen: 24
82.24.221.0/24 maxlen: 24
82.24.237.0/24 maxlen: 24
82.25.213.0/24 maxlen: 24
82.25.215.0/24 maxlen: 24
82.25.235.0/24 maxlen: 24
82.29.214.0/24 maxlen: 24
82.29.235.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5e:d6:ba:79:10:5d:91:eb:54:49:dc:59:5b:e3:d3:fd:6f:ad:53:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Jan 30 08:02:11 2025 GMT
Not After : Jan 29 08:07:11 2026 GMT
Subject: CN=30DF4B4E6D91B157A33EE4E3FFE0845B0BDB3D13
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:b0:7b:e7:3a:78:1e:fa:be:9d:e8:4e:69:92:
40:65:89:12:aa:14:0d:1f:2f:28:c9:cb:7e:a0:56:
0d:8d:bc:ac:8a:70:03:66:d8:a4:3f:71:2b:78:fc:
d9:d7:be:0d:77:19:27:de:8a:26:85:37:bc:df:40:
95:a6:c3:a7:36:e2:47:84:cb:9b:f3:be:ed:9d:d9:
65:60:32:d8:b7:fb:39:76:3a:7e:b6:96:06:af:d4:
80:7e:cd:a5:30:c3:d1:6b:82:0a:26:e5:ae:e1:ca:
91:e8:94:80:b1:f1:97:93:eb:02:73:9b:30:96:8b:
1f:33:2a:c3:56:ca:ec:c4:31:e2:37:89:0a:7a:5d:
83:a9:c3:f7:9e:cb:f3:99:67:36:3a:02:90:eb:61:
b1:c9:23:a7:be:47:c1:53:e4:ed:c7:91:f1:25:f2:
7b:1f:ae:69:32:e1:6c:d1:81:3e:93:d4:ea:46:ed:
e0:01:bd:b7:64:71:67:24:94:f6:c6:1c:f6:fb:2b:
67:0c:d5:da:24:c5:8d:b7:35:07:9a:be:5c:37:f7:
0f:6f:c7:09:d2:7c:1c:c4:e1:f2:db:60:c7:6d:83:
08:64:cc:ca:aa:68:f6:77:05:6f:8e:ea:e4:59:0d:
37:75:e3:dd:2d:fc:ff:79:39:1a:57:42:0c:54:76:
a3:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:DF:4B:4E:6D:91:B1:57:A3:3E:E4:E3:FF:E0:84:5B:0B:DB:3D:13
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS30900.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.218.0/24
82.22.214.0/24
82.22.223.0/24
82.23.202.0/24
82.23.225.0/24
82.24.221.0/24
82.24.237.0/24
82.25.213.0/24
82.25.215.0/24
82.25.235.0/24
82.29.214.0/24
82.29.235.0/24
Signature Algorithm: sha256WithRSAEncryption
9d:48:b7:4d:fc:6c:10:29:90:89:0e:08:93:f2:3d:6e:80:e2:
40:74:ac:eb:ad:c9:45:91:a6:03:07:71:6b:d9:b1:04:5d:15:
0a:f9:4e:7f:d6:ed:5a:e6:69:ba:3d:e6:0a:9c:e2:2a:8a:d6:
57:3d:20:48:92:e6:d2:7a:3a:50:33:d5:3e:8b:3e:d3:b1:ce:
56:3b:3e:00:af:9e:3a:a6:08:49:0b:8b:80:28:58:2c:70:79:
9e:ca:df:db:66:ea:5e:95:df:e8:76:2d:2a:7a:a5:da:02:e2:
16:75:50:e4:b0:a5:7e:52:0e:75:82:60:5e:e5:9d:56:bf:81:
04:4e:bb:2f:de:e9:70:29:b4:88:75:b2:97:43:d3:ce:d8:8c:
f1:04:32:60:fa:b4:f2:71:6d:1c:34:47:fe:b0:f8:b4:50:7f:
99:0b:3f:ab:98:1c:d1:33:9f:c7:05:b5:9e:96:ea:2b:74:5e:
5d:67:8e:a5:12:13:d0:91:dd:ee:c7:d6:61:d5:96:9f:b6:93:
14:21:4e:5e:4d:a0:9b:78:24:eb:08:80:38:7a:e8:80:3b:70:
97:3a:29:d1:81:4e:a0:93:6e:0f:8b:4b:dc:de:30:4e:0e:4b:
a9:1a:08:4a:2d:89:ca:fa:b2:62:b0:0a:58:cb:24:10:b8:0b:
08:f4:d0:49
-----BEGIN CERTIFICATE-----
MIIFQTCCBCmgAwIBAgIUXta6eRBdketUSdxZW+PT/W+tUxwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTAxMzAwODAyMTFaFw0yNjAxMjkwODA3MTFaMDMxMTAvBgNV
BAMTKDMwREY0QjRFNkQ5MUIxNTdBMzNFRTRFM0ZGRTA4NDVCMEJEQjNEMTMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC8sHvnOnge+r6d6E5pkkBliRKq
FA0fLyjJy36gVg2NvKyKcANm2KQ/cSt4/NnXvg13GSfeiiaFN7zfQJWmw6c24keE
y5vzvu2d2WVgMti3+zl2On62lgav1IB+zaUww9Frggom5a7hypHolICx8ZeT6wJz
mzCWix8zKsNWyuzEMeI3iQp6XYOpw/eey/OZZzY6ApDrYbHJI6e+R8FT5O3HkfEl
8nsfrmky4WzRgT6T1OpG7eABvbdkcWcklPbGHPb7K2cM1dokxY23NQeavlw39w9v
xwnSfBzE4fLbYMdtgwhkzMqqaPZ3BW+O6uRZDTd1490t/P95ORpXQgxUdqNbAgMB
AAGjggJLMIICRzAdBgNVHQ4EFgQUMN9LTm2RsVejPuTj/+CEWwvbPRMwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMzA5MDAucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwYQYIKwYBBQUHAQcBAf8EUjBQME4EAgABMEgDBABSFdoD
BABSFtYDBABSFt8DBABSF8oDBABSF+EDBABSGN0DBABSGO0DBABSGdUDBABSGdcD
BABSGesDBABSHdYDBABSHeswDQYJKoZIhvcNAQELBQADggEBAJ1It038bBApkIkO
CJPyPW6A4kB0rOutyUWRpgMHcWvZsQRdFQr5Tn/W7Vrmabo95gqc4iqK1lc9IEiS
5tJ6OlAz1T6LPtOxzlY7PgCvnjqmCEkLi4AoWCxweZ7K39tm6l6V3+h2LSp6pdoC
4hZ1UOSwpX5SDnWCYF7lnVa/gQROuy/e6XAptIh1spdD087YjPEEMmD6tPJxbRw0
R/6w+LRQf5kLP6uYHNEzn8cFtZ6W6it0Xl1njqUSE9CR3e7H1mHVlp+2kxQhTl5N
oJt4JOsIgDh66IA7cJc6KdGBTqCTbg+LS9zeME4OS6kaCEoticr6smKwCljLJBC4
Cwj00Ek=
-----END CERTIFICATE-----
Generated at Sun Feb 2 09:49:00 2025 by rpki-client