Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS59711.roa
File: AS59711.roa (raw, json)
Hash identifier: Fb5G3dnBaQUk0J0FvR3ijSI11rW6k/BUikARX4RXxew=
Subject key identifier: 7A:3E:77:E1:3D:0A:D4:24:54:E4:21:35:CC:9A:A6:52:D6:AC:01:E1
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 70EA5E739A55ADF54AE187C48AD009F74ED3F0E5
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS59711.roa
Signing time: Wed 26 Mar 2025 11:21:00 +0000
ROA not before: Wed 26 Mar 2025 11:16:00 +0000
ROA not after: Wed 25 Mar 2026 11:21:00 +0000
asID: 59711
IP address blocks: 82.21.210.0/24 maxlen: 24
82.21.213.0/24 maxlen: 24
82.21.216.0/24 maxlen: 24
82.21.255.0/24 maxlen: 24
82.22.208.0/24 maxlen: 24
82.22.250.0/24 maxlen: 24
82.22.255.0/24 maxlen: 24
82.23.205.0/24 maxlen: 24
82.23.223.0/24 maxlen: 24
82.23.240.0/24 maxlen: 24
82.23.245.0/24 maxlen: 24
82.24.209.0/24 maxlen: 24
82.24.216.0/24 maxlen: 24
82.24.250.0/24 maxlen: 24
82.24.255.0/24 maxlen: 24
82.25.209.0/24 maxlen: 24
82.25.211.0/24 maxlen: 24
82.25.220.0/24 maxlen: 24
82.25.225.0/24 maxlen: 24
82.25.229.0/24 maxlen: 24
82.25.233.0/24 maxlen: 24
82.25.250.0/24 maxlen: 24
82.25.255.0/24 maxlen: 24
82.26.210.0/24 maxlen: 24
82.26.234.0/24 maxlen: 24
82.26.250.0/24 maxlen: 24
82.27.88.0/24 maxlen: 24
82.27.89.0/24 maxlen: 24
82.27.107.0/24 maxlen: 24
82.27.109.0/24 maxlen: 24
82.27.229.0/24 maxlen: 24
82.27.250.0/24 maxlen: 24
82.29.210.0/24 maxlen: 24
82.29.255.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 16 Apr 2025 15:22:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
70:ea:5e:73:9a:55:ad:f5:4a:e1:87:c4:8a:d0:09:f7:4e:d3:f0:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Mar 26 11:16:00 2025 GMT
Not After : Mar 25 11:21:00 2026 GMT
Subject: CN=7A3E77E13D0AD42454E42135CC9AA652D6AC01E1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:dd:24:cb:c9:14:64:4d:f2:43:2b:cf:69:ab:
0b:1e:30:77:ae:1d:74:d1:e0:9d:36:bf:1c:47:fb:
b7:c1:69:5b:a4:19:e3:2a:29:c2:a6:aa:00:95:6c:
a8:60:5d:94:c0:46:96:88:df:04:5f:74:93:40:2a:
53:5c:ca:61:9c:61:0b:eb:5e:f3:2a:81:cb:14:8e:
38:3e:a3:87:00:2b:9e:ff:14:1d:4d:60:c9:86:e5:
bd:c9:da:54:c7:84:f3:cc:fc:0b:0f:e0:c6:ec:18:
d5:fa:26:4b:e7:3c:cb:d1:22:1b:93:ab:fd:69:27:
93:a3:7b:f0:37:27:81:4e:eb:de:3d:25:6f:d4:0a:
5e:6f:da:65:ab:b4:e4:64:83:17:9f:0b:8f:c2:89:
d8:82:2c:85:0f:a2:d6:3e:dd:38:07:0c:3e:c2:59:
89:37:cc:19:b2:42:0e:0d:4d:9d:f0:60:b5:f1:41:
7e:ab:e3:cd:dd:18:7a:17:79:5f:82:e3:52:04:c6:
38:b9:e7:00:1b:e5:e7:5e:fb:2a:70:d6:23:2a:94:
78:98:a4:96:04:03:ca:71:10:99:67:b8:6b:df:4a:
b5:2b:d2:b5:ce:5f:5d:da:c6:08:27:1e:1f:48:f2:
bf:d3:5e:28:0a:b9:37:23:c0:d0:54:88:2c:a0:a5:
97:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:3E:77:E1:3D:0A:D4:24:54:E4:21:35:CC:9A:A6:52:D6:AC:01:E1
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS59711.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.210.0/24
82.21.213.0/24
82.21.216.0/24
82.21.255.0/24
82.22.208.0/24
82.22.250.0/24
82.22.255.0/24
82.23.205.0/24
82.23.223.0/24
82.23.240.0/24
82.23.245.0/24
82.24.209.0/24
82.24.216.0/24
82.24.250.0/24
82.24.255.0/24
82.25.209.0/24
82.25.211.0/24
82.25.220.0/24
82.25.225.0/24
82.25.229.0/24
82.25.233.0/24
82.25.250.0/24
82.25.255.0/24
82.26.210.0/24
82.26.234.0/24
82.26.250.0/24
82.27.88.0/23
82.27.107.0/24
82.27.109.0/24
82.27.229.0/24
82.27.250.0/24
82.29.210.0/24
82.29.255.0/24
Signature Algorithm: sha256WithRSAEncryption
8f:0c:9f:4e:ec:1d:b6:33:e9:5f:0b:6b:24:86:99:37:bb:a3:
39:5f:7e:3b:9a:62:3a:a1:4a:a3:d7:25:5a:1e:57:c6:3b:79:
cc:c8:e2:4d:58:57:bd:73:2e:6c:39:57:34:98:c5:5a:a5:d5:
a6:b8:40:05:b8:e4:6c:ae:81:51:2d:68:e7:36:98:67:92:8b:
5c:7c:43:bf:06:b7:43:88:bc:e6:71:d7:0b:4d:5e:cb:b9:8c:
e1:d5:a4:74:9f:86:5d:fe:01:a6:8f:cc:7d:01:85:c8:27:56:
85:24:8a:51:66:8e:74:43:5e:c6:8b:47:17:e2:ec:3d:e9:2b:
8b:f9:1a:95:23:11:66:d7:44:26:6f:95:1f:a0:00:ac:03:c1:
85:35:33:d6:ee:c3:77:c5:29:1a:74:43:38:de:7f:b1:93:be:
1c:4f:ee:94:a2:e4:91:5f:1a:f5:08:43:6d:24:d7:22:87:80:
77:d9:75:51:22:4c:50:06:d9:6c:4c:88:95:e5:ed:0b:62:f0:
8c:e3:25:d7:b7:88:ba:ce:41:88:9b:42:15:e8:45:a2:18:37:
42:4b:be:b1:af:44:22:4e:42:e2:1c:23:95:c3:3e:03:fc:f7:
8e:4b:01:b7:eb:07:0a:39:27:8a:41:aa:d9:8f:19:fd:18:1a:
ff:53:2b:2b
-----BEGIN CERTIFICATE-----
MIIFxDCCBKygAwIBAgIUcOpec5pVrfVK4YfEitAJ907T8OUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTAzMjYxMTE2MDBaFw0yNjAzMjUxMTIxMDBaMDMxMTAvBgNV
BAMTKDdBM0U3N0UxM0QwQUQ0MjQ1NEU0MjEzNUNDOUFBNjUyRDZBQzAxRTEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDA3STLyRRkTfJDK89pqwseMHeu
HXTR4J02vxxH+7fBaVukGeMqKcKmqgCVbKhgXZTARpaI3wRfdJNAKlNcymGcYQvr
XvMqgcsUjjg+o4cAK57/FB1NYMmG5b3J2lTHhPPM/AsP4MbsGNX6JkvnPMvRIhuT
q/1pJ5Oje/A3J4FO6949JW/UCl5v2mWrtORkgxefC4/CidiCLIUPotY+3TgHDD7C
WYk3zBmyQg4NTZ3wYLXxQX6r483dGHoXeV+C41IExji55wAb5ede+ypw1iMqlHiY
pJYEA8pxEJlnuGvfSrUr0rXOX13axggnHh9I8r/TXigKuTcjwNBUiCygpZcRAgMB
AAGjggLOMIICyjAdBgNVHQ4EFgQUej534T0K1CRU5CE1zJqmUtasAeEwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTNTk3MTEucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwgeMGCCsGAQUFBwEHAQH/BIHTMIHQMIHNBAIAATCBxgME
AFIV0gMEAFIV1QMEAFIV2AMEAFIV/wMEAFIW0AMEAFIW+gMEAFIW/wMEAFIXzQME
AFIX3wMEAFIX8AMEAFIX9QMEAFIY0QMEAFIY2AMEAFIY+gMEAFIY/wMEAFIZ0QME
AFIZ0wMEAFIZ3AMEAFIZ4QMEAFIZ5QMEAFIZ6QMEAFIZ+gMEAFIZ/wMEAFIa0gME
AFIa6gMEAFIa+gMEAVIbWAMEAFIbawMEAFIbbQMEAFIb5QMEAFIb+gMEAFId0gME
AFId/zANBgkqhkiG9w0BAQsFAAOCAQEAjwyfTuwdtjPpXwtrJIaZN7ujOV9+O5pi
OqFKo9clWh5Xxjt5zMjiTVhXvXMubDlXNJjFWqXVprhABbjkbK6BUS1o5zaYZ5KL
XHxDvwa3Q4i85nHXC01ey7mM4dWkdJ+GXf4Bpo/MfQGFyCdWhSSKUWaOdENexotH
F+LsPekri/kalSMRZtdEJm+VH6AArAPBhTUz1u7Dd8UpGnRDON5/sZO+HE/ulKLk
kV8a9QhDbSTXIoeAd9l1USJMUAbZbEyIleXtC2LwjOMl17eIus5BiJtCFehFohg3
Qku+sa9EIk5C4hwjlcM+A/z3jksBt+sHCjknikGq2Y8Z/Rga/1MrKw==
-----END CERTIFICATE-----
Generated at Tue Apr 15 23:19:52 2025 by rpki-client