Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS30058.roa
File: AS30058.roa (raw, json)
Hash identifier: M6U9LKPOU4JLCe77PJUn7CsnWTMSOwQqHTYJQcv+pAg=
Subject key identifier: A4:49:B2:7D:F5:23:F0:1B:BD:8C:F9:7A:23:56:FB:4E:DB:41:D3:C2
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 7400C43F4BC942C349416DFC4FAF65209CDD35B8
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS30058.roa
Signing time: Tue 09 Jun 2026 10:08:14 +0000
ROA not before: Tue 09 Jun 2026 10:03:14 +0000
ROA not after: Tue 08 Jun 2027 10:08:14 +0000
asID: 30058
IP address blocks: 82.21.1.0/24 maxlen: 24
82.21.253.0/24 maxlen: 24
82.21.254.0/24 maxlen: 24
82.22.254.0/24 maxlen: 24
82.23.244.0/24 maxlen: 24
82.24.254.0/24 maxlen: 24
82.25.25.0/24 maxlen: 24
82.25.254.0/24 maxlen: 24
82.26.78.0/23 maxlen: 24
82.26.254.0/24 maxlen: 24
82.26.255.0/24 maxlen: 24
82.27.254.0/24 maxlen: 24
82.27.255.0/24 maxlen: 24
82.29.253.0/24 maxlen: 24
82.29.254.0/24 maxlen: 24
82.41.41.0/24 maxlen: 24
82.47.245.0/24 maxlen: 24
2a13:9500:10a::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 13 Jun 2026 15:07:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
74:00:c4:3f:4b:c9:42:c3:49:41:6d:fc:4f:af:65:20:9c:dd:35:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Jun 9 10:03:14 2026 GMT
Not After : Jun 8 10:08:14 2027 GMT
Subject: CN=A449B27DF523F01BBD8CF97A2356FB4EDB41D3C2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:a0:57:2a:20:a6:2c:85:15:72:7f:4a:b0:58:
71:6d:b3:48:cc:32:f8:13:3c:b3:ba:ee:7e:78:dd:
29:49:45:a1:0d:7e:de:76:31:9f:1e:af:8f:8e:f5:
95:0a:17:fd:13:a4:e3:86:84:3c:5f:d8:f3:77:40:
0f:b2:7d:9c:c1:22:71:f7:a6:cf:e3:6d:84:99:38:
18:3c:d5:f4:d1:15:b4:c4:27:2a:8d:f5:f0:39:6d:
70:8d:b8:28:5c:03:a5:db:0c:7e:bc:72:87:cb:8a:
59:0b:c7:bf:a3:90:ac:2c:5d:fe:bf:b6:78:53:70:
12:8a:22:ce:fb:96:2e:93:3d:9e:7e:42:dd:4a:da:
f6:a8:e2:cf:4c:7e:d1:b7:71:1b:5b:a9:aa:86:67:
c2:bb:83:f2:12:bd:96:2f:83:ad:5b:30:b1:e3:a6:
2b:cc:2b:8c:a2:1f:f9:c4:d4:ef:c6:5f:b9:42:c2:
ed:7d:20:99:8d:e9:07:2f:83:fd:2c:cb:19:f8:bb:
40:01:11:43:7d:78:60:95:fa:21:e6:43:b6:93:0c:
61:48:9d:63:f9:db:20:a2:0c:88:8e:cd:c3:5b:43:
60:4b:e1:65:b5:4a:18:8f:25:d3:04:29:ab:4c:6d:
dd:70:82:06:c1:87:a2:7b:9d:27:e8:43:e6:81:be:
dd:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:49:B2:7D:F5:23:F0:1B:BD:8C:F9:7A:23:56:FB:4E:DB:41:D3:C2
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS30058.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.1.0/24
82.21.253.0-82.21.254.255
82.22.254.0/24
82.23.244.0/24
82.24.254.0/24
82.25.25.0/24
82.25.254.0/24
82.26.78.0/23
82.26.254.0/23
82.27.254.0/23
82.29.253.0-82.29.254.255
82.41.41.0/24
82.47.245.0/24
IPv6:
2a13:9500:10a::/48
Signature Algorithm: sha256WithRSAEncryption
1e:24:19:4b:2d:a8:68:29:c8:a5:ea:0a:31:38:3f:4f:eb:d8:
18:26:45:ea:0b:bd:b7:f3:6c:4a:49:50:03:fd:ae:f2:84:f0:
7c:24:07:c1:0a:6b:d2:9f:cb:46:a6:f7:ce:d2:dd:9c:07:a4:
2a:65:3a:47:c8:01:c2:27:ef:b6:77:7f:19:46:82:0c:fa:64:
bd:1e:ea:c6:79:46:dd:e8:bb:0e:7b:f9:e8:8b:dc:e4:6c:de:
30:5f:ae:c9:f6:03:fc:1b:5b:63:6b:4f:0c:73:f8:97:04:10:
11:a2:8d:7b:80:e6:95:10:23:38:3a:5d:e2:84:f5:0d:c9:04:
b4:5b:a2:35:8a:8f:43:8e:b8:7c:53:0a:28:9a:c9:db:d2:f5:
f6:f1:ec:cd:49:82:c9:9b:1f:0d:c0:f0:b6:21:83:ce:2b:ee:
f3:be:b0:57:f2:7e:70:62:0d:7b:24:43:8b:85:0d:44:02:f2:
b0:1d:a0:74:c0:16:3b:c5:6c:1f:71:13:2e:25:46:cc:dc:ec:
56:5e:b4:54:53:5c:59:2f:a7:9c:e2:57:08:9b:7e:1d:54:2b:
1d:b6:12:0f:49:3f:a8:a2:13:2a:a0:93:11:79:66:69:2a:81:
49:df:ad:21:dc:71:ae:a9:80:b9:75:0c:5e:20:df:fd:5b:0b:
c6:a9:56:a6
-----BEGIN CERTIFICATE-----
MIIFaTCCBFGgAwIBAgIUdADEP0vJQsNJQW38T69lIJzdNbgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjA2MDkxMDAzMTRaFw0yNzA2MDgxMDA4MTRaMDMxMTAvBgNV
BAMTKEE0NDlCMjdERjUyM0YwMUJCRDhDRjk3QTIzNTZGQjRFREI0MUQzQzIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC3oFcqIKYshRVyf0qwWHFts0jM
MvgTPLO67n543SlJRaENft52MZ8er4+O9ZUKF/0TpOOGhDxf2PN3QA+yfZzBInH3
ps/jbYSZOBg81fTRFbTEJyqN9fA5bXCNuChcA6XbDH68cofLilkLx7+jkKwsXf6/
tnhTcBKKIs77li6TPZ5+Qt1K2vao4s9MftG3cRtbqaqGZ8K7g/ISvZYvg61bMLHj
pivMK4yiH/nE1O/GX7lCwu19IJmN6Qcvg/0syxn4u0ABEUN9eGCV+iHmQ7aTDGFI
nWP52yCiDIiOzcNbQ2BL4WW1ShiPJdMEKatMbd1wggbBh6J7nSfoQ+aBvt1fAgMB
AAGjggJzMIICbzAdBgNVHQ4EFgQUpEmyffUj8Bu9jPl6I1b7TttB08IwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMzAwNTgucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwgYgGCCsGAQUFBwEHAQH/BHkwdzBkBAIAATBeAwQAUhUB
MAwDBABSFf0DBABSFf4DBABSFv4DBABSF/QDBABSGP4DBABSGRkDBABSGf4DBAFS
Gk4DBAFSGv4DBAFSG/4wDAMEAFId/QMEAFId/gMEAFIpKQMEAFIv9TAPBAIAAjAJ
AwcAKhOVAAEKMA0GCSqGSIb3DQEBCwUAA4IBAQAeJBlLLahoKcil6goxOD9P69gY
JkXqC72382xKSVAD/a7yhPB8JAfBCmvSn8tGpvfO0t2cB6QqZTpHyAHCJ++2d38Z
RoIM+mS9HurGeUbd6LsOe/noi9zkbN4wX67J9gP8G1tja08Mc/iXBBARoo17gOaV
ECM4Ol3ihPUNyQS0W6I1io9Djrh8Uwoomsnb0vX28ezNSYLJmx8NwPC2IYPOK+7z
vrBX8n5wYg17JEOLhQ1EAvKwHaB0wBY7xWwfcRMuJUbM3OxWXrRUU1xZL6ec4lcI
m34dVCsdthIPST+oohMqoJMReWZpKoFJ360h3HGuqYC5dQxeIN/9WwvGqVam
-----END CERTIFICATE-----
Generated at Sat Jun 13 08:27:02 2026 by rpki-client