Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS30058.roa
File: AS30058.roa (raw, json)
Hash identifier: otDQKSYB0woisoa/M8XdFtjLkTJ6GvDz0ejYpqBAIY0=
Subject key identifier: E5:1F:B6:69:F1:32:AA:37:4A:AB:5C:11:02:4D:B5:FF:A8:C2:FB:9D
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 0F6FBDA1C3689762B8B123F9900C3321EDF1AFE7
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS30058.roa
Signing time: Sat 28 Feb 2026 19:05:53 +0000
ROA not before: Sat 28 Feb 2026 19:00:53 +0000
ROA not after: Sat 27 Feb 2027 19:05:53 +0000
asID: 30058
IP address blocks: 82.21.1.0/24 maxlen: 24
82.21.253.0/24 maxlen: 24
82.21.254.0/24 maxlen: 24
82.22.254.0/24 maxlen: 24
82.23.244.0/24 maxlen: 24
82.24.254.0/24 maxlen: 24
82.25.25.0/24 maxlen: 24
82.25.254.0/24 maxlen: 24
82.26.78.0/23 maxlen: 24
82.26.169.0/24 maxlen: 24
82.26.254.0/24 maxlen: 24
82.26.255.0/24 maxlen: 24
82.27.254.0/24 maxlen: 24
82.27.255.0/24 maxlen: 24
82.29.253.0/24 maxlen: 24
82.29.254.0/24 maxlen: 24
2a13:9500:10a::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 09:38:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0f:6f:bd:a1:c3:68:97:62:b8:b1:23:f9:90:0c:33:21:ed:f1:af:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Feb 28 19:00:53 2026 GMT
Not After : Feb 27 19:05:53 2027 GMT
Subject: CN=E51FB669F132AA374AAB5C11024DB5FFA8C2FB9D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:07:46:22:84:47:20:07:98:13:ab:41:4d:18:
00:c2:7f:b2:9f:60:18:d2:e4:75:f3:0e:3b:fb:13:
ea:d2:86:fe:5e:02:a5:41:de:98:a3:51:6c:07:db:
a2:48:e2:c1:41:38:7a:b8:9f:69:68:9d:b4:d3:9d:
24:2f:f4:ae:cf:2b:96:f0:45:50:ed:9c:ba:35:94:
b0:6a:3c:f8:37:18:57:cf:9e:95:84:3a:37:ec:fa:
85:d5:53:76:06:ed:93:bf:fa:bb:77:e8:9b:c3:8b:
53:b3:43:56:19:14:ae:dd:36:21:f3:dd:1a:2c:53:
15:7d:db:e5:1c:68:32:d6:a1:aa:1c:ab:25:dc:fd:
a8:9c:1c:16:a1:32:9b:00:12:7e:63:00:7b:cf:7f:
8d:40:53:8f:af:8f:37:4c:cf:5d:d6:6c:f8:d2:89:
44:4a:21:69:74:fe:d1:13:9f:66:57:0e:d8:9d:9f:
22:e6:35:fc:27:27:14:0b:f6:3a:7a:b3:76:d7:30:
b6:57:5a:90:b0:6c:b2:d3:37:1d:8a:8d:78:85:20:
dc:a0:26:d4:e3:9d:71:47:e2:10:cb:13:8e:5f:0b:
0d:a1:14:2b:70:6b:3b:1b:f1:f0:3f:5f:31:6b:9f:
13:b9:30:cd:52:bb:57:97:dd:76:a9:82:6e:96:3c:
46:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:1F:B6:69:F1:32:AA:37:4A:AB:5C:11:02:4D:B5:FF:A8:C2:FB:9D
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS30058.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.1.0/24
82.21.253.0-82.21.254.255
82.22.254.0/24
82.23.244.0/24
82.24.254.0/24
82.25.25.0/24
82.25.254.0/24
82.26.78.0/23
82.26.169.0/24
82.26.254.0/23
82.27.254.0/23
82.29.253.0-82.29.254.255
IPv6:
2a13:9500:10a::/48
Signature Algorithm: sha256WithRSAEncryption
35:96:bf:fa:de:d4:77:fe:7b:c1:f9:44:d5:db:0b:17:d5:03:
66:cc:82:eb:51:02:58:42:95:be:da:b4:e3:3f:7e:4b:ad:62:
dd:31:92:c3:60:7c:74:48:70:3c:50:c5:42:d9:3c:a6:48:73:
8b:89:64:2b:f2:2e:29:b6:66:9c:49:ff:dc:5a:db:62:ad:81:
c7:08:5f:1d:ff:d5:17:a0:c2:79:bf:88:a5:08:c7:40:ec:b3:
b2:71:33:a4:21:6a:2e:d6:6c:79:38:66:0a:5a:cf:26:60:78:
00:f5:40:f5:40:c7:3e:23:a2:03:56:da:f0:3d:a9:5a:cd:17:
5f:10:df:93:84:a3:23:38:17:39:d6:8b:40:8a:27:06:11:2a:
d9:d1:6f:cc:89:44:a8:9b:5d:e8:0f:12:4a:fd:2b:cb:b6:5f:
6a:6e:a7:a9:47:ac:41:6d:ad:5b:61:97:a8:c2:82:f2:dc:02:
92:4e:f1:f4:9d:57:ff:69:04:9b:3e:2a:39:78:55:1b:35:d4:
ac:b3:a4:69:11:08:15:11:6d:56:d5:d2:3e:1a:57:84:e3:34:
37:2a:52:9a:08:ee:28:1b:8b:4a:73:c1:f5:0e:6e:e3:f5:90:
ae:e0:40:ec:71:e9:20:82:4d:7b:0c:44:96:d8:62:de:dc:e9:
b8:7f:a5:d6
-----BEGIN CERTIFICATE-----
MIIFYzCCBEugAwIBAgIUD2+9ocNol2K4sSP5kAwzIe3xr+cwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjAyMjgxOTAwNTNaFw0yNzAyMjcxOTA1NTNaMDMxMTAvBgNV
BAMTKEU1MUZCNjY5RjEzMkFBMzc0QUFCNUMxMTAyNERCNUZGQThDMkZCOUQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC7B0YihEcgB5gTq0FNGADCf7Kf
YBjS5HXzDjv7E+rShv5eAqVB3pijUWwH26JI4sFBOHq4n2lonbTTnSQv9K7PK5bw
RVDtnLo1lLBqPPg3GFfPnpWEOjfs+oXVU3YG7ZO/+rt36JvDi1OzQ1YZFK7dNiHz
3RosUxV92+UcaDLWoaocqyXc/aicHBahMpsAEn5jAHvPf41AU4+vjzdMz13WbPjS
iURKIWl0/tETn2ZXDtidnyLmNfwnJxQL9jp6s3bXMLZXWpCwbLLTNx2KjXiFINyg
JtTjnXFH4hDLE45fCw2hFCtwazsb8fA/XzFrnxO5MM1Su1eX3Xapgm6WPEbjAgMB
AAGjggJtMIICaTAdBgNVHQ4EFgQU5R+2afEyqjdKq1wRAk21/6jC+50wHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMzAwNTgucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwgYIGCCsGAQUFBwEHAQH/BHMwcTBeBAIAATBYAwQAUhUB
MAwDBABSFf0DBABSFf4DBABSFv4DBABSF/QDBABSGP4DBABSGRkDBABSGf4DBAFS
Gk4DBABSGqkDBAFSGv4DBAFSG/4wDAMEAFId/QMEAFId/jAPBAIAAjAJAwcAKhOV
AAEKMA0GCSqGSIb3DQEBCwUAA4IBAQA1lr/63tR3/nvB+UTV2wsX1QNmzILrUQJY
QpW+2rTjP35LrWLdMZLDYHx0SHA8UMVC2TymSHOLiWQr8i4ptmacSf/cWttirYHH
CF8d/9UXoMJ5v4ilCMdA7LOycTOkIWou1mx5OGYKWs8mYHgA9UD1QMc+I6IDVtrw
PalazRdfEN+ThKMjOBc51otAiicGESrZ0W/MiUSom13oDxJK/SvLtl9qbqepR6xB
ba1bYZeowoLy3AKSTvH0nVf/aQSbPio5eFUbNdSss6RpEQgVEW1W1dI+GleE4zQ3
KlKaCO4oG4tKc8H1Dm7j9ZCu4EDscekggk17DESW2GLe3Om4f6XW
-----END CERTIFICATE-----
Generated at Sun Mar 1 20:12:51 2026 by rpki-client