Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS51430.roa
File: AS51430.roa (raw, json)
Hash identifier: e977MWcoUmnL/UpoUEgrpcmP0jrbdruQ++PixJ+1Ono=
Subject key identifier: 55:4E:B4:88:34:A4:E4:74:E1:84:26:9E:01:BF:A9:69:F1:47:3C:DD
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 4996351139C6DC616101860D54E0FF567DB39CDC
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS51430.roa
Signing time: Wed 26 Mar 2025 10:51:54 +0000
ROA not before: Wed 26 Mar 2025 10:46:54 +0000
ROA not after: Wed 25 Mar 2026 10:51:54 +0000
asID: 51430
IP address blocks: 82.21.212.0/24 maxlen: 24
82.22.212.0/24 maxlen: 24
82.22.222.0/24 maxlen: 24
82.22.247.0/24 maxlen: 24
82.23.201.0/24 maxlen: 24
82.23.217.0/24 maxlen: 24
82.23.230.0/24 maxlen: 24
82.23.237.0/24 maxlen: 24
82.24.247.0/24 maxlen: 24
82.25.212.0/24 maxlen: 24
82.25.219.0/24 maxlen: 24
82.25.240.0/24 maxlen: 24
82.25.247.0/24 maxlen: 24
82.26.232.0/24 maxlen: 24
82.26.247.0/24 maxlen: 24
82.27.213.0/24 maxlen: 24
82.27.222.0/24 maxlen: 24
82.27.227.0/24 maxlen: 24
82.27.228.0/24 maxlen: 24
82.27.234.0/24 maxlen: 24
82.27.247.0/24 maxlen: 24
82.29.215.0/24 maxlen: 24
82.29.217.0/24 maxlen: 24
82.29.228.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 16 Apr 2025 15:22:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
49:96:35:11:39:c6:dc:61:61:01:86:0d:54:e0:ff:56:7d:b3:9c:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Mar 26 10:46:54 2025 GMT
Not After : Mar 25 10:51:54 2026 GMT
Subject: CN=554EB48834A4E474E184269E01BFA969F1473CDD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:be:cf:82:79:d0:91:6a:28:69:be:72:77:0c:
70:91:ff:39:bd:48:26:74:c9:dc:2b:85:df:c9:5e:
56:01:95:e9:ce:d6:ba:d5:44:ea:2c:74:b6:09:65:
f1:b1:2c:0b:e7:1e:4b:75:79:87:7a:80:8d:89:8e:
98:ee:2f:70:6d:f2:0d:9a:bc:9d:27:10:02:bf:b3:
04:21:c6:56:42:c2:24:68:14:1a:cf:03:f7:04:ff:
91:19:b6:8a:ee:35:25:a7:0c:b5:09:c0:cd:96:5a:
61:5a:39:5b:1c:e5:cf:90:3f:7f:7b:5f:54:7a:42:
0f:0a:ec:a6:77:6f:54:1b:52:62:73:5e:61:ee:c1:
b8:ec:7c:f7:03:89:c2:c4:1b:78:1a:db:91:02:3a:
cc:88:82:b5:55:9c:5b:19:1b:5a:4d:14:ed:06:de:
91:f9:fe:1a:84:66:2d:92:4f:a0:5d:c6:5e:1d:91:
ec:33:35:6f:22:a8:45:08:a7:c8:33:5b:f6:38:8f:
2d:10:99:c0:2b:f4:d9:4b:7f:76:48:3d:cb:c0:79:
77:a5:cc:64:c7:e9:8c:2a:e0:91:66:34:54:9a:db:
68:10:53:35:fb:56:e9:ff:02:c1:19:04:8e:8b:d8:
62:96:22:d8:c0:22:6b:15:88:08:a6:81:a7:da:02:
ae:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:4E:B4:88:34:A4:E4:74:E1:84:26:9E:01:BF:A9:69:F1:47:3C:DD
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS51430.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.212.0/24
82.22.212.0/24
82.22.222.0/24
82.22.247.0/24
82.23.201.0/24
82.23.217.0/24
82.23.230.0/24
82.23.237.0/24
82.24.247.0/24
82.25.212.0/24
82.25.219.0/24
82.25.240.0/24
82.25.247.0/24
82.26.232.0/24
82.26.247.0/24
82.27.213.0/24
82.27.222.0/24
82.27.227.0-82.27.228.255
82.27.234.0/24
82.27.247.0/24
82.29.215.0/24
82.29.217.0/24
82.29.228.0/24
Signature Algorithm: sha256WithRSAEncryption
4b:4d:32:2d:f2:c8:41:9f:69:bd:5d:f8:a9:73:32:d5:6d:79:
0d:9b:59:dd:ea:01:ca:9e:21:dc:1c:f1:21:65:ff:6e:ec:89:
84:5b:d3:1e:e1:15:f7:89:41:4a:0c:c5:8d:02:eb:20:29:11:
1e:57:ba:86:f6:48:cb:f6:a3:8a:14:6f:04:2a:c0:65:2e:58:
06:d6:b0:24:00:cd:df:f9:d6:87:80:de:c7:82:74:60:6b:7e:
a5:01:17:e3:9a:94:85:47:b3:68:33:e1:33:2e:3b:e8:32:8f:
f7:3f:a4:ad:c7:cc:7f:52:66:25:43:71:7e:cd:08:b1:e1:fa:
5d:8c:45:cb:2b:9b:22:2c:b7:bd:c2:f2:82:0e:53:70:25:77:
11:1a:e8:29:77:f5:4f:de:26:93:e8:2c:07:27:3e:d9:f7:6a:
a9:c0:c7:51:b6:99:d2:0c:8b:2c:40:97:a0:ad:9f:74:9a:7e:
96:07:38:a4:52:a8:82:5b:02:30:60:6b:61:b2:c0:19:e7:bb:
38:0a:d1:8f:95:25:7c:64:f0:d1:55:6c:9b:70:7c:bc:3f:65:
5e:43:f0:9b:71:c8:4a:c2:1c:d9:8d:c9:d6:2f:9f:c4:6e:d1:
83:fe:ec:3a:80:65:41:f9:c6:43:ef:9d:a8:e7:58:44:c3:4b:
f4:6e:f4:83
-----BEGIN CERTIFICATE-----
MIIFkDCCBHigAwIBAgIUSZY1ETnG3GFhAYYNVOD/Vn2znNwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTAzMjYxMDQ2NTRaFw0yNjAzMjUxMDUxNTRaMDMxMTAvBgNV
BAMTKDU1NEVCNDg4MzRBNEU0NzRFMTg0MjY5RTAxQkZBOTY5RjE0NzNDREQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC4vs+CedCRaihpvnJ3DHCR/zm9
SCZ0ydwrhd/JXlYBlenO1rrVROosdLYJZfGxLAvnHkt1eYd6gI2JjpjuL3Bt8g2a
vJ0nEAK/swQhxlZCwiRoFBrPA/cE/5EZtoruNSWnDLUJwM2WWmFaOVsc5c+QP397
X1R6Qg8K7KZ3b1QbUmJzXmHuwbjsfPcDicLEG3ga25ECOsyIgrVVnFsZG1pNFO0G
3pH5/hqEZi2ST6Bdxl4dkewzNW8iqEUIp8gzW/Y4jy0QmcAr9NlLf3ZIPcvAeXel
zGTH6Ywq4JFmNFSa22gQUzX7Vun/AsEZBI6L2GKWItjAImsViAimgafaAq6HAgMB
AAGjggKaMIICljAdBgNVHQ4EFgQUVU60iDSk5HThhCaeAb+pafFHPN0wHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTNTE0MzAucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwga8GCCsGAQUFBwEHAQH/BIGfMIGcMIGZBAIAATCBkgME
AFIV1AMEAFIW1AMEAFIW3gMEAFIW9wMEAFIXyQMEAFIX2QMEAFIX5gMEAFIX7QME
AFIY9wMEAFIZ1AMEAFIZ2wMEAFIZ8AMEAFIZ9wMEAFIa6AMEAFIa9wMEAFIb1QME
AFIb3jAMAwQAUhvjAwQAUhvkAwQAUhvqAwQAUhv3AwQAUh3XAwQAUh3ZAwQAUh3k
MA0GCSqGSIb3DQEBCwUAA4IBAQBLTTIt8shBn2m9XfipczLVbXkNm1nd6gHKniHc
HPEhZf9u7ImEW9Me4RX3iUFKDMWNAusgKREeV7qG9kjL9qOKFG8EKsBlLlgG1rAk
AM3f+daHgN7HgnRga36lARfjmpSFR7NoM+EzLjvoMo/3P6Stx8x/UmYlQ3F+zQix
4fpdjEXLK5siLLe9wvKCDlNwJXcRGugpd/VP3iaT6CwHJz7Z92qpwMdRtpnSDIss
QJegrZ90mn6WBzikUqiCWwIwYGthssAZ57s4CtGPlSV8ZPDRVWybcHy8P2VeQ/Cb
cchKwhzZjcnWL5/EbtGD/uw6gGVB+cZD752o51hEw0v0bvSD
-----END CERTIFICATE-----
Generated at Tue Apr 15 23:19:54 2025 by rpki-client