Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS51765.roa
File: AS51765.roa (raw, json)
Hash identifier: QVww5IG+5nFQAVRW7/p5bll3aMVZSuozbWWoA3d5WOQ=
Subject key identifier: 03:88:81:52:95:FE:29:21:EC:FE:F5:D9:38:1A:05:F3:13:B9:23:C6
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 11A8D29935ADE4ACD1D7C910856562E979D0CC29
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS51765.roa
Signing time: Mon 24 Mar 2025 12:30:42 +0000
ROA not before: Mon 24 Mar 2025 12:25:42 +0000
ROA not after: Mon 23 Mar 2026 12:30:42 +0000
asID: 51765
IP address blocks: 82.21.220.0/24 maxlen: 24
82.21.233.0/24 maxlen: 24
82.21.249.0/24 maxlen: 24
82.22.230.0/24 maxlen: 24
82.22.231.0/24 maxlen: 24
82.22.232.0/24 maxlen: 24
82.22.249.0/24 maxlen: 24
82.23.208.0/24 maxlen: 24
82.23.239.0/24 maxlen: 24
82.24.208.0/24 maxlen: 24
82.24.211.0/24 maxlen: 24
82.24.213.0/24 maxlen: 24
82.24.218.0/24 maxlen: 24
82.24.228.0/24 maxlen: 24
82.24.236.0/24 maxlen: 24
82.24.249.0/24 maxlen: 24
82.25.217.0/24 maxlen: 24
82.25.249.0/24 maxlen: 24
82.26.225.0/24 maxlen: 24
82.26.229.0/24 maxlen: 24
82.27.223.0/24 maxlen: 24
82.29.213.0/24 maxlen: 24
82.29.237.0/24 maxlen: 24
82.29.249.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 19:12:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
11:a8:d2:99:35:ad:e4:ac:d1:d7:c9:10:85:65:62:e9:79:d0:cc:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Mar 24 12:25:42 2025 GMT
Not After : Mar 23 12:30:42 2026 GMT
Subject: CN=0388815295FE2921ECFEF5D9381A05F313B923C6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:c1:09:cb:6a:df:7d:21:cd:fc:7c:a8:a9:e4:
3f:75:21:73:8a:68:a9:1d:c7:62:94:4d:c0:6f:7e:
f6:bb:a3:32:31:55:65:c0:db:9a:58:b9:52:a5:32:
92:c0:83:eb:d0:88:1a:a4:31:88:98:ba:b0:12:2d:
12:f7:6e:98:f5:ba:cb:59:86:f3:59:f0:9b:f4:23:
7b:ec:47:51:fb:a0:0e:17:2c:c6:58:16:1c:12:11:
c0:97:f5:3e:b0:99:a8:88:60:1f:17:2f:97:e4:37:
e8:79:0d:0a:e4:1f:5c:95:a6:7e:c4:73:43:d7:46:
45:89:1e:e6:1f:d4:47:04:af:0e:f7:ba:61:1c:6d:
71:de:8f:1e:2e:ac:50:f1:fe:a9:05:c9:60:c8:49:
dc:74:e8:8a:c6:64:22:fe:27:91:68:e8:f2:de:83:
66:00:d8:1a:2b:61:24:3c:da:79:2d:93:e2:fd:e9:
db:44:93:80:f8:a4:b2:fc:e3:63:8d:59:38:f7:53:
d3:e3:e8:04:bb:19:e4:c5:70:5b:b0:d4:48:7a:db:
28:b2:f9:65:28:94:48:31:18:37:ab:9c:42:a2:15:
95:3d:15:38:19:f9:7a:9f:fe:89:5c:62:81:3e:6e:
c5:b9:0c:47:ca:07:a9:7c:45:76:03:70:06:b8:f7:
cd:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:88:81:52:95:FE:29:21:EC:FE:F5:D9:38:1A:05:F3:13:B9:23:C6
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS51765.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.220.0/24
82.21.233.0/24
82.21.249.0/24
82.22.230.0-82.22.232.255
82.22.249.0/24
82.23.208.0/24
82.23.239.0/24
82.24.208.0/24
82.24.211.0/24
82.24.213.0/24
82.24.218.0/24
82.24.228.0/24
82.24.236.0/24
82.24.249.0/24
82.25.217.0/24
82.25.249.0/24
82.26.225.0/24
82.26.229.0/24
82.27.223.0/24
82.29.213.0/24
82.29.237.0/24
82.29.249.0/24
Signature Algorithm: sha256WithRSAEncryption
69:3e:0f:4a:23:f5:41:a2:0f:23:d0:6d:99:31:29:bb:71:9b:
8e:21:c9:5d:c1:c3:c4:f5:02:66:9e:8f:38:11:7d:5e:c4:42:
c1:43:bb:bd:b3:72:ef:1d:6c:90:13:b0:fe:47:a6:12:bc:72:
da:f2:6c:84:4a:a1:a6:38:1e:d7:1b:70:62:e8:b2:bd:21:a9:
90:da:d3:fd:2d:f3:bf:dd:c5:41:97:02:d6:99:98:38:3d:4e:
2f:2b:a0:0e:1f:f7:c5:22:cb:29:73:6d:92:5f:fe:1e:c6:80:
21:6f:79:05:8d:6f:da:a0:71:84:81:65:93:d2:4d:40:ee:ab:
ee:5e:3e:2d:6b:fc:77:d2:27:9d:a7:51:da:8e:27:c1:d6:8b:
64:5c:ce:ac:5b:a6:4b:78:fe:b8:36:a4:e1:fd:5e:fd:e9:7f:
83:0b:e8:d2:a5:17:78:27:97:e8:38:fe:40:a2:43:69:ad:b8:
8c:93:2e:cc:8d:31:a2:da:07:34:22:2e:92:0e:42:d6:34:b4:
37:3a:81:ae:f0:95:57:53:8d:56:bc:0f:ca:9f:bb:dd:0e:74:
d3:1d:5e:d3:a1:4b:fc:f9:62:1e:28:a6:64:c1:86:c9:76:6b:
cf:60:1d:18:32:6d:d7:5f:53:09:ac:93:4d:4c:be:ca:4e:8a:
7c:24:35:e4
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgIUEajSmTWt5KzR18kQhWVi6XnQzCkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTAzMjQxMjI1NDJaFw0yNjAzMjMxMjMwNDJaMDMxMTAvBgNV
BAMTKDAzODg4MTUyOTVGRTI5MjFFQ0ZFRjVEOTM4MUEwNUYzMTNCOTIzQzYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCVwQnLat99Ic38fKip5D91IXOK
aKkdx2KUTcBvfva7ozIxVWXA25pYuVKlMpLAg+vQiBqkMYiYurASLRL3bpj1ustZ
hvNZ8Jv0I3vsR1H7oA4XLMZYFhwSEcCX9T6wmaiIYB8XL5fkN+h5DQrkH1yVpn7E
c0PXRkWJHuYf1EcErw73umEcbXHejx4urFDx/qkFyWDISdx06IrGZCL+J5Fo6PLe
g2YA2BorYSQ82nktk+L96dtEk4D4pLL842ONWTj3U9Pj6AS7GeTFcFuw1Eh62yiy
+WUolEgxGDernEKiFZU9FTgZ+Xqf/olcYoE+bsW5DEfKB6l8RXYDcAa49831AgMB
AAGjggKUMIICkDAdBgNVHQ4EFgQUA4iBUpX+KSHs/vXZOBoF8xO5I8YwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTNTE3NjUucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwgakGCCsGAQUFBwEHAQH/BIGZMIGWMIGTBAIAATCBjAME
AFIV3AMEAFIV6QMEAFIV+TAMAwQBUhbmAwQAUhboAwQAUhb5AwQAUhfQAwQAUhfv
AwQAUhjQAwQAUhjTAwQAUhjVAwQAUhjaAwQAUhjkAwQAUhjsAwQAUhj5AwQAUhnZ
AwQAUhn5AwQAUhrhAwQAUhrlAwQAUhvfAwQAUh3VAwQAUh3tAwQAUh35MA0GCSqG
SIb3DQEBCwUAA4IBAQBpPg9KI/VBog8j0G2ZMSm7cZuOIcldwcPE9QJmno84EX1e
xELBQ7u9s3LvHWyQE7D+R6YSvHLa8myESqGmOB7XG3Bi6LK9IamQ2tP9LfO/3cVB
lwLWmZg4PU4vK6AOH/fFIsspc22SX/4exoAhb3kFjW/aoHGEgWWT0k1A7qvuXj4t
a/x30iedp1HajifB1otkXM6sW6ZLeP64NqTh/V796X+DC+jSpRd4J5foOP5AokNp
rbiMky7MjTGi2gc0Ii6SDkLWNLQ3OoGu8JVXU41WvA/Kn7vdDnTTHV7ToUv8+WIe
KKZkwYbJdmvPYB0YMm3XX1MJrJNNTL7KTop8JDXk
-----END CERTIFICATE-----
Generated at Sun Apr 6 05:51:08 2025 by rpki-client