Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS30058.roa
File: AS30058.roa (raw, json)
Hash identifier: DUZE5dGAezGViaZRtkCTajLYv1+0Xt9zkbT7/L5e65k=
Subject key identifier: 14:87:23:9D:95:9D:F8:8E:FD:9D:37:E4:6C:C2:6D:8F:61:5B:E2:C8
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 78D3AE63207FD2B6D1E8AB27A02B0BFB24D2B86F
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS30058.roa
Signing time: Mon 06 Apr 2026 00:04:08 +0000
ROA not before: Sun 05 Apr 2026 23:59:08 +0000
ROA not after: Mon 05 Apr 2027 00:04:08 +0000
asID: 30058
IP address blocks: 82.21.1.0/24 maxlen: 24
82.21.253.0/24 maxlen: 24
82.21.254.0/24 maxlen: 24
82.22.254.0/24 maxlen: 24
82.23.244.0/24 maxlen: 24
82.24.254.0/24 maxlen: 24
82.25.25.0/24 maxlen: 24
82.25.254.0/24 maxlen: 24
82.26.78.0/23 maxlen: 24
82.26.254.0/24 maxlen: 24
82.26.255.0/24 maxlen: 24
82.27.254.0/24 maxlen: 24
82.27.255.0/24 maxlen: 24
82.29.253.0/24 maxlen: 24
82.29.254.0/24 maxlen: 24
82.41.41.0/24 maxlen: 24
2a13:9500:10a::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 22:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
78:d3:ae:63:20:7f:d2:b6:d1:e8:ab:27:a0:2b:0b:fb:24:d2:b8:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Apr 5 23:59:08 2026 GMT
Not After : Apr 5 00:04:08 2027 GMT
Subject: CN=1487239D959DF88EFD9D37E46CC26D8F615BE2C8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:11:2f:67:36:26:09:d9:9c:33:d9:5d:2a:2c:
f2:9c:af:f6:43:c9:a2:30:67:6d:98:16:e3:74:7e:
ac:f7:0d:e2:e0:2f:1e:5d:47:cf:d5:1f:11:bc:66:
66:4d:ad:58:1f:a9:4f:b6:0e:a0:dd:bd:db:18:58:
ad:ee:79:d6:1c:bd:1d:c4:1a:c4:84:90:55:55:4f:
f2:1c:c5:d3:e5:fb:c5:15:65:23:5a:a4:6d:a1:f4:
59:30:64:97:f5:ff:73:dd:1f:46:f2:36:84:da:0e:
d4:40:d7:83:30:1e:c4:56:7e:bd:99:27:ca:9a:c4:
86:d8:54:99:81:98:70:dc:76:5e:62:06:d0:07:af:
d3:bb:4c:95:ba:56:bf:0b:bd:94:17:5f:9b:30:68:
c1:a7:25:74:9d:49:f2:b7:69:8f:04:23:8e:13:a1:
1b:42:f9:1f:8d:b7:4a:37:b9:8a:d4:c9:7c:22:e0:
12:a5:a0:17:85:22:82:7e:d3:52:44:ec:ac:6e:93:
06:3b:cc:58:a4:9a:ce:6d:6d:e4:4f:97:f9:67:40:
82:be:4f:4e:64:35:f8:2b:36:9f:ba:22:5b:4c:1a:
51:7f:73:1b:cc:05:23:3d:b9:9e:52:6d:83:93:f0:
74:8f:db:a6:94:54:0d:af:2c:73:c0:0e:dc:21:b0:
5c:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:87:23:9D:95:9D:F8:8E:FD:9D:37:E4:6C:C2:6D:8F:61:5B:E2:C8
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS30058.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.1.0/24
82.21.253.0-82.21.254.255
82.22.254.0/24
82.23.244.0/24
82.24.254.0/24
82.25.25.0/24
82.25.254.0/24
82.26.78.0/23
82.26.254.0/23
82.27.254.0/23
82.29.253.0-82.29.254.255
82.41.41.0/24
IPv6:
2a13:9500:10a::/48
Signature Algorithm: sha256WithRSAEncryption
97:07:0f:bb:cc:54:ad:d8:27:f9:c4:39:bc:c4:cb:17:1e:76:
22:ac:39:6d:b9:7f:ef:9e:22:6e:f1:3e:93:2e:1c:46:a8:6b:
68:c2:4f:20:ab:81:a4:3f:76:1e:2b:c1:4a:58:dd:1d:23:a2:
28:a8:2d:be:99:86:39:54:0d:ee:dc:8f:56:23:a7:c2:83:12:
db:2d:c2:56:6c:11:90:57:2a:27:ce:e8:ec:1b:4b:b8:4a:f7:
03:ff:6e:d6:00:ea:97:92:3c:ca:2d:b7:02:74:c2:8d:8e:88:
f7:93:b9:69:14:b9:c6:f8:3c:db:ee:fc:98:6c:7d:93:04:2e:
8e:f0:ad:a9:3c:a5:cc:b1:d3:9a:58:21:b4:25:3b:27:67:50:
ef:a3:75:73:10:96:f4:ef:13:a0:16:27:5d:0f:13:44:78:fe:
3e:21:47:66:14:2a:db:fb:e4:66:df:db:32:11:aa:61:1d:df:
c9:29:52:45:64:f4:b7:21:1f:51:5a:8e:52:f0:d9:23:e5:67:
fe:d6:7e:e2:92:cd:22:27:c4:a1:29:f4:74:a4:46:3e:63:46:
b6:c6:2b:f0:67:2c:d1:c9:4a:9c:0e:03:9d:69:da:4a:d3:69:
f7:2e:0b:45:ab:a7:2f:74:58:d5:30:e9:56:31:e0:83:cc:86:
0d:dd:96:c2
-----BEGIN CERTIFICATE-----
MIIFYzCCBEugAwIBAgIUeNOuYyB/0rbR6KsnoCsL+yTSuG8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjA0MDUyMzU5MDhaFw0yNzA0MDUwMDA0MDhaMDMxMTAvBgNV
BAMTKDE0ODcyMzlEOTU5REY4OEVGRDlEMzdFNDZDQzI2RDhGNjE1QkUyQzgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5ES9nNiYJ2Zwz2V0qLPKcr/ZD
yaIwZ22YFuN0fqz3DeLgLx5dR8/VHxG8ZmZNrVgfqU+2DqDdvdsYWK3uedYcvR3E
GsSEkFVVT/IcxdPl+8UVZSNapG2h9FkwZJf1/3PdH0byNoTaDtRA14MwHsRWfr2Z
J8qaxIbYVJmBmHDcdl5iBtAHr9O7TJW6Vr8LvZQXX5swaMGnJXSdSfK3aY8EI44T
oRtC+R+Nt0o3uYrUyXwi4BKloBeFIoJ+01JE7KxukwY7zFikms5tbeRPl/lnQIK+
T05kNfgrNp+6IltMGlF/cxvMBSM9uZ5SbYOT8HSP26aUVA2vLHPADtwhsFxpAgMB
AAGjggJtMIICaTAdBgNVHQ4EFgQUFIcjnZWd+I79nTfkbMJtj2Fb4sgwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMzAwNTgucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwgYIGCCsGAQUFBwEHAQH/BHMwcTBeBAIAATBYAwQAUhUB
MAwDBABSFf0DBABSFf4DBABSFv4DBABSF/QDBABSGP4DBABSGRkDBABSGf4DBAFS
Gk4DBAFSGv4DBAFSG/4wDAMEAFId/QMEAFId/gMEAFIpKTAPBAIAAjAJAwcAKhOV
AAEKMA0GCSqGSIb3DQEBCwUAA4IBAQCXBw+7zFSt2Cf5xDm8xMsXHnYirDltuX/v
niJu8T6TLhxGqGtowk8gq4GkP3YeK8FKWN0dI6IoqC2+mYY5VA3u3I9WI6fCgxLb
LcJWbBGQVyonzujsG0u4SvcD/27WAOqXkjzKLbcCdMKNjoj3k7lpFLnG+Dzb7vyY
bH2TBC6O8K2pPKXMsdOaWCG0JTsnZ1Dvo3VzEJb07xOgFiddDxNEeP4+IUdmFCrb
++Rm39syEaphHd/JKVJFZPS3IR9RWo5S8Nkj5Wf+1n7iks0iJ8ShKfR0pEY+Y0a2
xivwZyzRyUqcDgOdadpK02n3LgtFq6cvdFjVMOlWMeCDzIYN3ZbC
-----END CERTIFICATE-----
Generated at Fri Apr 17 06:09:18 2026 by rpki-client