Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS51430.roa
File: AS51430.roa (raw, json)
Hash identifier: 9lpa1IXFK3hFzYMSpsnoYk7/ncirumrQIcX1gacm+6A=
Subject key identifier: D7:16:4C:F3:6D:2D:FC:9D:66:5B:1C:82:33:78:E6:59:79:F6:1B:56
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 54F44779A2726A1DB5A2B8BF68B0D06C771DB66A
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS51430.roa
Signing time: Thu 11 Sep 2025 13:28:59 +0000
ROA not before: Thu 11 Sep 2025 13:23:59 +0000
ROA not after: Thu 10 Sep 2026 13:28:59 +0000
asID: 51430
IP address blocks: 82.21.212.0/24 maxlen: 24
82.22.222.0/24 maxlen: 24
82.22.247.0/24 maxlen: 24
82.23.201.0/24 maxlen: 24
82.23.230.0/24 maxlen: 24
82.23.237.0/24 maxlen: 24
82.24.247.0/24 maxlen: 24
82.25.212.0/24 maxlen: 24
82.25.219.0/24 maxlen: 24
82.25.240.0/24 maxlen: 24
82.25.247.0/24 maxlen: 24
82.26.232.0/24 maxlen: 24
82.26.247.0/24 maxlen: 24
82.27.213.0/24 maxlen: 24
82.27.222.0/24 maxlen: 24
82.27.228.0/24 maxlen: 24
82.27.234.0/24 maxlen: 24
82.27.247.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
54:f4:47:79:a2:72:6a:1d:b5:a2:b8:bf:68:b0:d0:6c:77:1d:b6:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Sep 11 13:23:59 2025 GMT
Not After : Sep 10 13:28:59 2026 GMT
Subject: CN=D7164CF36D2DFC9D665B1C823378E65979F61B56
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:19:9c:cf:4c:f0:f4:d1:a2:16:aa:bd:f1:b4:
e5:8c:ce:0d:d8:0f:b8:2b:41:a8:b8:9d:0a:67:be:
1e:19:80:d3:c7:b4:61:cc:89:25:48:0f:dd:d3:96:
5b:1c:8b:7e:d3:49:bb:8f:c0:f9:f5:cf:b2:1b:66:
df:47:1c:b6:09:85:80:97:6c:19:7f:bb:cc:9a:35:
a2:1a:80:4d:67:f0:6f:40:de:d2:bc:c2:6a:54:35:
c5:3a:e5:29:d6:8c:b7:42:89:db:54:ef:b8:1c:3c:
ec:77:d8:72:de:e4:aa:c4:d9:b1:96:d3:16:7e:e2:
8c:ef:af:45:ea:41:fc:86:c9:e0:86:ca:14:e6:90:
b3:c6:e5:25:36:fe:95:dc:93:3e:e3:f9:2a:a4:c6:
03:7a:f7:b6:4d:41:80:f9:73:d6:cb:db:38:a2:21:
b3:d4:51:72:00:6b:8d:57:ea:fa:18:f5:79:da:eb:
92:9c:22:c9:5b:60:96:95:af:e7:97:c3:3c:81:a3:
23:6e:20:62:fd:db:94:26:04:44:bf:c3:2a:19:76:
2d:07:56:65:73:64:1e:e9:bc:ba:42:fb:75:b8:92:
f0:82:14:02:04:91:2e:d6:37:d7:3a:c9:ce:fd:e6:
2c:5d:fe:be:b7:3d:34:a1:d3:7f:00:fa:b0:53:cf:
98:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:16:4C:F3:6D:2D:FC:9D:66:5B:1C:82:33:78:E6:59:79:F6:1B:56
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS51430.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.212.0/24
82.22.222.0/24
82.22.247.0/24
82.23.201.0/24
82.23.230.0/24
82.23.237.0/24
82.24.247.0/24
82.25.212.0/24
82.25.219.0/24
82.25.240.0/24
82.25.247.0/24
82.26.232.0/24
82.26.247.0/24
82.27.213.0/24
82.27.222.0/24
82.27.228.0/24
82.27.234.0/24
82.27.247.0/24
Signature Algorithm: sha256WithRSAEncryption
7a:0c:de:7e:fc:fa:57:9e:9e:37:26:0a:6b:73:16:55:ad:d8:
3c:3e:2d:19:da:9d:de:9d:cc:7e:92:c0:90:b1:81:0c:b7:04:
20:b7:03:8c:6b:4f:96:70:b3:be:71:f2:ba:c3:5e:4d:00:bf:
03:a6:ce:e9:26:1a:6e:7f:29:9e:bf:a8:8b:71:26:22:d9:24:
9a:a1:2d:74:03:d8:c1:f2:75:e7:61:d1:e0:b4:c4:3c:cf:5a:
de:23:37:93:0b:0c:68:63:d5:ec:6b:47:73:38:71:58:d3:f9:
db:3e:04:64:0b:13:5f:87:77:15:ca:87:21:48:33:97:02:7d:
cc:61:46:64:d3:cd:bc:00:c0:ff:b8:0f:2d:e6:69:0e:f5:87:
c0:50:3d:ce:65:ac:ac:bc:f3:f7:95:0d:3d:bd:22:ce:25:43:
1a:a6:08:74:89:98:11:12:1e:4a:0a:c4:58:53:29:62:4f:26:
80:79:0b:2c:46:e6:c7:3b:36:21:b0:75:70:fc:14:fc:54:9c:
d4:21:28:21:7c:56:78:b7:5c:dc:d8:06:19:a0:ea:c7:b4:f8:
cc:a4:fd:22:cb:13:f2:91:20:76:72:18:c1:aa:0f:25:84:c1:
7f:30:36:b5:c8:b4:77:53:5c:c1:4a:97:e9:b4:f1:9b:45:a6:
ea:50:ca:f0
-----BEGIN CERTIFICATE-----
MIIFZjCCBE6gAwIBAgIUVPRHeaJyah21ori/aLDQbHcdtmowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTA5MTExMzIzNTlaFw0yNjA5MTAxMzI4NTlaMDMxMTAvBgNV
BAMTKEQ3MTY0Q0YzNkQyREZDOUQ2NjVCMUM4MjMzNzhFNjU5NzlGNjFCNTYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC4GZzPTPD00aIWqr3xtOWMzg3Y
D7grQai4nQpnvh4ZgNPHtGHMiSVID93Tllsci37TSbuPwPn1z7IbZt9HHLYJhYCX
bBl/u8yaNaIagE1n8G9A3tK8wmpUNcU65SnWjLdCidtU77gcPOx32HLe5KrE2bGW
0xZ+4ozvr0XqQfyGyeCGyhTmkLPG5SU2/pXckz7j+SqkxgN697ZNQYD5c9bL2zii
IbPUUXIAa41X6voY9Xna65KcIslbYJaVr+eXwzyBoyNuIGL925QmBES/wyoZdi0H
VmVzZB7pvLpC+3W4kvCCFAIEkS7WN9c6yc795ixd/r63PTSh038A+rBTz5iPAgMB
AAGjggJwMIICbDAdBgNVHQ4EFgQU1xZM820t/J1mWxyCM3jmWXn2G1YwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTNTE0MzAucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwgYUGCCsGAQUFBwEHAQH/BHYwdDByBAIAATBsAwQAUhXU
AwQAUhbeAwQAUhb3AwQAUhfJAwQAUhfmAwQAUhftAwQAUhj3AwQAUhnUAwQAUhnb
AwQAUhnwAwQAUhn3AwQAUhroAwQAUhr3AwQAUhvVAwQAUhveAwQAUhvkAwQAUhvq
AwQAUhv3MA0GCSqGSIb3DQEBCwUAA4IBAQB6DN5+/PpXnp43JgprcxZVrdg8Pi0Z
2p3encx+ksCQsYEMtwQgtwOMa0+WcLO+cfK6w15NAL8Dps7pJhpufymev6iLcSYi
2SSaoS10A9jB8nXnYdHgtMQ8z1reIzeTCwxoY9Xsa0dzOHFY0/nbPgRkCxNfh3cV
yochSDOXAn3MYUZk0828AMD/uA8t5mkO9YfAUD3OZaysvPP3lQ09vSLOJUMapgh0
iZgREh5KCsRYUyliTyaAeQssRubHOzYhsHVw/BT8VJzUISghfFZ4t1zc2AYZoOrH
tPjMpP0iyxPykSB2chjBqg8lhMF/MDa1yLR3U1zBSpfptPGbRabqUMrw
-----END CERTIFICATE-----
Generated at Sun Oct 19 19:23:05 2025 by rpki-client