Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS59729.roa
File: AS59729.roa (raw, json)
Hash identifier: 8lAeE8Z+zdzEubAxF1kF2DX8Qe7MauiCPP4zdhX9iek=
Subject key identifier: 49:E0:5F:F1:5F:1F:FB:2B:CD:A2:6E:A8:59:B5:65:9A:79:C2:26:A8
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 54285E8ABF5A28C837B36E9B500BADB28D23F433
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS59729.roa
Signing time: Mon 20 Jan 2025 12:42:09 +0000
ROA not before: Mon 20 Jan 2025 12:37:09 +0000
ROA not after: Mon 19 Jan 2026 12:42:09 +0000
asID: 59729
IP address blocks: 82.21.253.0/24 maxlen: 24
82.21.254.0/24 maxlen: 24
82.22.254.0/24 maxlen: 24
82.23.244.0/24 maxlen: 24
82.24.254.0/24 maxlen: 24
82.25.254.0/24 maxlen: 24
82.26.254.0/24 maxlen: 24
82.26.255.0/24 maxlen: 24
82.27.254.0/24 maxlen: 24
82.27.255.0/24 maxlen: 24
82.29.253.0/24 maxlen: 24
82.29.254.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
54:28:5e:8a:bf:5a:28:c8:37:b3:6e:9b:50:0b:ad:b2:8d:23:f4:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Jan 20 12:37:09 2025 GMT
Not After : Jan 19 12:42:09 2026 GMT
Subject: CN=49E05FF15F1FFB2BCDA26EA859B5659A79C226A8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:00:44:db:7c:9d:ef:a1:1a:59:ae:bc:b6:0c:
a6:1b:cc:01:a2:eb:33:99:ec:5f:f2:ac:de:a1:76:
cd:93:bc:36:c8:77:d1:2f:f4:cd:d0:26:6b:a3:90:
4f:b7:04:03:6c:5f:cc:5d:3f:79:26:af:cf:bf:dc:
0d:55:3b:7d:48:db:c6:61:dc:b2:fa:0b:3c:8d:d2:
c4:7a:68:a9:de:8d:b6:ef:3b:d6:86:3c:c5:2a:6b:
c4:90:bf:8c:cf:af:c7:94:7b:6d:94:4b:9c:6e:9f:
67:14:4c:7b:64:22:20:c2:4e:7e:8c:be:dd:fd:4d:
ce:0d:76:f9:93:8c:36:03:ea:e7:0c:a2:7f:5b:71:
2e:e6:4f:2d:bf:52:b7:b3:7b:20:2d:73:2f:c8:ba:
9d:75:db:46:54:a1:2c:ea:29:b8:34:d4:ed:fd:1d:
e7:de:2f:38:b1:60:71:1a:ba:92:5a:aa:df:3a:f5:
1a:92:e2:78:63:63:bd:db:60:db:5c:c1:e6:11:1e:
14:23:ea:3b:ed:b7:55:33:e2:e5:a6:10:97:d7:a0:
f3:7e:11:4e:fb:8e:0f:3d:0b:25:b6:08:35:18:76:
45:dc:27:3e:74:e9:09:c9:6f:82:38:7e:4b:c5:9e:
b8:93:62:6e:fc:71:73:d7:cb:a3:3d:87:42:65:85:
8e:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:E0:5F:F1:5F:1F:FB:2B:CD:A2:6E:A8:59:B5:65:9A:79:C2:26:A8
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS59729.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.253.0-82.21.254.255
82.22.254.0/24
82.23.244.0/24
82.24.254.0/24
82.25.254.0/24
82.26.254.0/23
82.27.254.0/23
82.29.253.0-82.29.254.255
Signature Algorithm: sha256WithRSAEncryption
0d:94:8c:b4:27:49:0e:59:54:f4:11:59:1e:c4:06:60:54:43:
36:b1:6a:1a:e8:ed:08:ef:5f:29:67:c4:81:0a:d3:49:b7:60:
af:99:03:2f:86:0a:6e:68:48:9a:f9:eb:d7:56:00:8e:b3:92:
27:ff:8e:ac:1c:a7:53:7d:3a:4c:a5:87:c6:a9:35:b0:08:71:
dd:ab:f5:cc:5f:ed:12:04:c6:39:60:14:06:ab:e0:54:15:76:
cc:4c:11:57:bb:05:4b:10:48:f8:e0:65:ff:3a:f1:c9:5f:51:
fd:fe:89:a5:4e:17:f9:0f:2f:04:22:ab:36:56:4b:46:65:89:
ba:46:76:b4:c9:9e:ae:37:28:e0:03:5b:ab:2d:a5:37:2c:d9:
90:7f:47:8f:9c:c8:3a:52:12:d5:9a:21:59:67:31:6a:be:ae:
fe:13:36:85:1b:6f:93:d3:7b:61:74:d7:8b:13:43:ef:2c:6b:
c7:e2:61:6f:f0:9a:c1:58:e7:c0:c3:b9:23:66:4c:03:07:4b:
0b:4d:76:61:77:ec:3e:06:37:39:d1:2b:07:ed:af:e5:74:e0:
ba:59:67:60:8a:06:d0:d8:41:80:2a:0b:82:da:45:4d:b3:56:
9d:4a:76:a5:f7:5f:d3:12:50:9c:2a:30:fd:8c:4e:63:2e:79:
97:dc:93:2d
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgIUVCheir9aKMg3s26bUAutso0j9DMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTAxMjAxMjM3MDlaFw0yNjAxMTkxMjQyMDlaMDMxMTAvBgNV
BAMTKDQ5RTA1RkYxNUYxRkZCMkJDREEyNkVBODU5QjU2NTlBNzlDMjI2QTgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDCAETbfJ3voRpZrry2DKYbzAGi
6zOZ7F/yrN6hds2TvDbId9Ev9M3QJmujkE+3BANsX8xdP3kmr8+/3A1VO31I28Zh
3LL6CzyN0sR6aKnejbbvO9aGPMUqa8SQv4zPr8eUe22US5xun2cUTHtkIiDCTn6M
vt39Tc4NdvmTjDYD6ucMon9bcS7mTy2/UrezeyAtcy/Iup1120ZUoSzqKbg01O39
HefeLzixYHEaupJaqt869RqS4nhjY73bYNtcweYRHhQj6jvtt1Uz4uWmEJfXoPN+
EU77jg89CyW2CDUYdkXcJz506QnJb4I4fkvFnriTYm78cXPXy6M9h0JlhY6JAgMB
AAGjggJDMIICPzAdBgNVHQ4EFgQUSeBf8V8f+yvNom6oWbVlmnnCJqgwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTNTk3Mjkucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwWQYIKwYBBQUHAQcBAf8ESjBIMEYEAgABMEAwDAMEAFIV
/QMEAFIV/gMEAFIW/gMEAFIX9AMEAFIY/gMEAFIZ/gMEAVIa/gMEAVIb/jAMAwQA
Uh39AwQAUh3+MA0GCSqGSIb3DQEBCwUAA4IBAQANlIy0J0kOWVT0EVkexAZgVEM2
sWoa6O0I718pZ8SBCtNJt2CvmQMvhgpuaEia+evXVgCOs5In/46sHKdTfTpMpYfG
qTWwCHHdq/XMX+0SBMY5YBQGq+BUFXbMTBFXuwVLEEj44GX/OvHJX1H9/omlThf5
Dy8EIqs2VktGZYm6Rna0yZ6uNyjgA1urLaU3LNmQf0ePnMg6UhLVmiFZZzFqvq7+
EzaFG2+T03thdNeLE0PvLGvH4mFv8JrBWOfAw7kjZkwDB0sLTXZhd+w+Bjc50SsH
7a/ldOC6WWdgigbQ2EGAKguC2kVNs1adSnal91/TElCcKjD9jE5jLnmX3JMt
-----END CERTIFICATE-----
Generated at Sun Feb 2 09:53:15 2025 by rpki-client