Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS51430.roa
File: AS51430.roa (raw, json)
Hash identifier: ZLuOOlaOfnX5UsWtqeesLl3BDr0xIppZmAFrXshljOI=
Subject key identifier: 64:87:4A:F1:F7:97:A1:CE:15:EB:B5:FF:91:A5:C7:3E:94:47:BF:D8
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 12A9C8C6A19C60FEE6470A1725D413EF928D2DBF
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS51430.roa
Signing time: Fri 14 Feb 2025 10:33:18 +0000
ROA not before: Fri 14 Feb 2025 10:28:18 +0000
ROA not after: Fri 13 Feb 2026 10:33:18 +0000
asID: 51430
IP address blocks: 82.22.212.0/24 maxlen: 24
82.22.247.0/24 maxlen: 24
82.23.217.0/24 maxlen: 24
82.23.237.0/24 maxlen: 24
82.24.247.0/24 maxlen: 24
82.25.247.0/24 maxlen: 24
82.26.247.0/24 maxlen: 24
82.27.227.0/24 maxlen: 24
82.27.247.0/24 maxlen: 24
82.29.215.0/24 maxlen: 24
82.29.217.0/24 maxlen: 24
82.29.228.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 14:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
12:a9:c8:c6:a1:9c:60:fe:e6:47:0a:17:25:d4:13:ef:92:8d:2d:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Feb 14 10:28:18 2025 GMT
Not After : Feb 13 10:33:18 2026 GMT
Subject: CN=64874AF1F797A1CE15EBB5FF91A5C73E9447BFD8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:df:e3:1f:fc:a3:ee:a3:92:cd:0f:ea:82:99:
9a:5b:1e:84:31:3e:98:94:5a:f7:71:17:3b:63:f0:
de:3f:c0:22:38:e4:8f:74:46:c2:06:50:29:66:50:
4b:ec:86:69:c4:83:55:a8:df:7b:b1:b5:35:01:0f:
18:76:e7:ac:50:d7:9a:dd:28:74:af:81:c7:8f:ca:
17:05:60:18:ad:52:90:b6:3f:44:2f:fc:31:dc:9b:
67:c9:ea:40:4f:de:66:7d:aa:8e:1e:19:bd:79:db:
b0:60:69:14:c3:51:d4:9c:ca:cb:ef:4b:e2:86:ce:
4b:cf:f2:54:60:e3:a3:18:05:5a:15:6b:18:80:c5:
26:22:68:ea:ac:e3:9b:92:98:73:97:8e:5f:d4:ef:
91:71:80:22:4f:58:95:6f:3e:62:83:74:1f:0a:62:
dd:8e:90:c4:85:7f:ac:f7:d9:63:f5:ec:79:1c:18:
4d:77:ab:e9:b1:c0:a0:1a:d3:81:ae:20:82:31:48:
1b:a6:67:5f:da:38:e2:19:66:45:5f:86:da:65:88:
0d:4e:32:4e:8c:78:02:cc:36:65:19:8c:93:60:52:
be:de:ad:f4:a3:e8:a3:68:6e:c3:2a:2c:63:44:50:
06:94:32:91:00:75:c4:cf:0a:99:19:66:9b:f5:da:
ae:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:87:4A:F1:F7:97:A1:CE:15:EB:B5:FF:91:A5:C7:3E:94:47:BF:D8
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS51430.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.22.212.0/24
82.22.247.0/24
82.23.217.0/24
82.23.237.0/24
82.24.247.0/24
82.25.247.0/24
82.26.247.0/24
82.27.227.0/24
82.27.247.0/24
82.29.215.0/24
82.29.217.0/24
82.29.228.0/24
Signature Algorithm: sha256WithRSAEncryption
14:bd:17:38:25:c8:e8:c0:93:e8:2d:b1:f7:ec:36:a3:73:40:
ba:64:1a:19:6f:60:de:e8:71:6a:42:d4:b2:09:61:0b:ae:83:
c7:4d:66:28:d4:f5:77:c6:78:ce:8c:73:bf:e5:c6:22:63:14:
5c:67:c5:19:ff:92:5b:c0:30:6e:35:e8:bb:db:9c:f7:c1:a1:
3b:65:8e:ad:5a:e8:b8:8f:f7:7e:15:52:ca:3e:5a:e0:aa:fc:
9a:fc:03:96:7d:f2:49:80:2a:32:6b:bf:d3:86:e5:f3:12:ce:
f2:5a:de:a8:bd:3a:5c:91:3d:06:3d:7a:c7:a8:61:63:e8:00:
83:f7:64:14:c1:b5:39:35:49:c2:64:55:b8:15:ae:5d:a0:0e:
21:ef:4a:d4:a1:30:91:26:25:2d:7c:c3:62:d9:8d:61:95:95:
67:39:25:7d:24:e2:4d:3e:e9:7b:32:2e:8a:d5:e5:51:74:fa:
34:e9:8f:3b:62:88:f8:2a:f1:46:a6:24:04:69:44:db:34:7f:
6d:7e:3f:dc:d9:54:9b:47:43:2a:95:61:32:c8:42:4b:98:0e:
c2:12:0d:34:c4:3a:10:0d:cd:0e:fd:0c:3b:b1:e3:3d:69:06:
93:2d:cb:61:49:5d:1a:7a:e4:e1:ae:74:01:0a:8d:a6:4f:37:
67:5d:b1:6e
-----BEGIN CERTIFICATE-----
MIIFQTCCBCmgAwIBAgIUEqnIxqGcYP7mRwoXJdQT75KNLb8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTAyMTQxMDI4MThaFw0yNjAyMTMxMDMzMThaMDMxMTAvBgNV
BAMTKDY0ODc0QUYxRjc5N0ExQ0UxNUVCQjVGRjkxQTVDNzNFOTQ0N0JGRDgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDM3+Mf/KPuo5LND+qCmZpbHoQx
PpiUWvdxFztj8N4/wCI45I90RsIGUClmUEvshmnEg1Wo33uxtTUBDxh256xQ15rd
KHSvgcePyhcFYBitUpC2P0Qv/DHcm2fJ6kBP3mZ9qo4eGb1527BgaRTDUdScysvv
S+KGzkvP8lRg46MYBVoVaxiAxSYiaOqs45uSmHOXjl/U75FxgCJPWJVvPmKDdB8K
Yt2OkMSFf6z32WP17HkcGE13q+mxwKAa04GuIIIxSBumZ1/aOOIZZkVfhtpliA1O
Mk6MeALMNmUZjJNgUr7erfSj6KNobsMqLGNEUAaUMpEAdcTPCpkZZpv12q4NAgMB
AAGjggJLMIICRzAdBgNVHQ4EFgQUZIdK8feXoc4V67X/kaXHPpRHv9gwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTNTE0MzAucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwYQYIKwYBBQUHAQcBAf8EUjBQME4EAgABMEgDBABSFtQD
BABSFvcDBABSF9kDBABSF+0DBABSGPcDBABSGfcDBABSGvcDBABSG+MDBABSG/cD
BABSHdcDBABSHdkDBABSHeQwDQYJKoZIhvcNAQELBQADggEBABS9FzglyOjAk+gt
sffsNqNzQLpkGhlvYN7ocWpC1LIJYQuug8dNZijU9XfGeM6Mc7/lxiJjFFxnxRn/
klvAMG416LvbnPfBoTtljq1a6LiP934VUso+WuCq/Jr8A5Z98kmAKjJrv9OG5fMS
zvJa3qi9OlyRPQY9eseoYWPoAIP3ZBTBtTk1ScJkVbgVrl2gDiHvStShMJEmJS18
w2LZjWGVlWc5JX0k4k0+6XsyLorV5VF0+jTpjztiiPgq8UamJARpRNs0f21+P9zZ
VJtHQyqVYTLIQkuYDsISDTTEOhANzQ79DDux4z1pBpMty2FJXRp65OGudAEKjaZP
N2ddsW4=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:31:40 2025 by rpki-client