Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS30058.roa
File: AS30058.roa (raw, json)
Hash identifier: 0x/TE4qNk1/XNDUxnFJMRv51S5t9XfzfmDHIyya+mic=
Subject key identifier: 49:B1:FB:2C:BF:F2:91:09:AA:DB:C0:38:63:76:05:2A:38:03:9E:96
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 217396434FA25BC4939E5E8F2133399D52ADCBA4
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS30058.roa
Signing time: Mon 14 Apr 2025 14:45:48 +0000
ROA not before: Mon 14 Apr 2025 14:40:48 +0000
ROA not after: Mon 13 Apr 2026 14:45:48 +0000
asID: 30058
IP address blocks: 148.135.201.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 06 May 2025 21:31:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
21:73:96:43:4f:a2:5b:c4:93:9e:5e:8f:21:33:39:9d:52:ad:cb:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Apr 14 14:40:48 2025 GMT
Not After : Apr 13 14:45:48 2026 GMT
Subject: CN=49B1FB2CBFF29109AADBC0386376052A38039E96
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:0b:9a:aa:db:64:e6:6c:47:71:86:8a:6e:f5:
22:f0:48:25:21:2e:17:69:9c:1d:f4:73:2b:6e:d6:
c1:07:ac:1d:54:39:1b:f2:8e:ad:5f:2a:09:ed:ab:
54:fd:d4:16:b0:7f:86:51:2a:61:99:29:7c:c9:ca:
ce:29:08:02:f2:2a:17:5e:db:1e:39:c3:fb:9b:be:
ad:0d:a7:58:aa:67:8b:bf:4c:3e:f6:c9:83:5e:a6:
b7:22:70:9a:80:99:33:a0:4a:b7:f7:5e:a7:a2:c7:
eb:8f:3b:d1:98:8c:2d:22:92:c5:06:b7:e7:bc:a3:
a9:16:06:91:53:97:7b:f0:ed:96:16:34:9c:a8:d3:
50:1a:b4:97:e7:c0:6c:8c:f5:b2:a2:57:50:7c:e8:
cb:50:50:d0:49:30:1a:e8:29:97:fa:f3:56:8e:d3:
47:2e:28:30:05:ac:70:da:3e:ac:ce:c4:65:ff:6a:
4f:62:92:e8:15:eb:e6:dd:4a:2d:d6:ac:2c:ae:1e:
1a:7d:74:3d:9c:88:0b:4f:f9:be:48:bf:b6:b9:b9:
7a:dd:14:13:0f:2e:19:f4:0e:aa:bf:aa:76:b4:d0:
cc:94:a5:9b:39:f6:18:e7:1f:44:20:79:a5:5c:c4:
22:29:76:e4:87:2d:29:ee:4f:6f:0d:24:c5:87:11:
7a:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:B1:FB:2C:BF:F2:91:09:AA:DB:C0:38:63:76:05:2A:38:03:9E:96
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS30058.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
148.135.201.0/24
Signature Algorithm: sha256WithRSAEncryption
85:54:4e:13:7c:37:e0:43:e9:f4:6f:1d:c9:2a:9f:eb:6d:3f:
44:e0:48:9c:68:86:9a:8e:53:11:39:cf:d6:97:29:1f:07:3f:
b7:ee:dd:15:bd:bd:e2:49:d7:fd:b1:02:6d:98:59:a6:3e:ff:
8e:ed:ca:30:b3:d5:be:85:48:f9:fb:ea:47:4c:69:c3:4a:60:
fc:96:04:b9:43:9d:5f:64:f1:82:da:a8:35:22:73:ea:70:e5:
7d:3b:4b:47:a3:a8:42:47:6d:4d:b1:01:c5:4b:d3:b2:8b:ad:
4e:5a:b8:3a:d6:95:26:7a:9a:e0:78:a1:ff:bd:7d:4d:ed:a2:
de:2a:73:2a:05:7e:73:69:52:8e:60:12:4b:d7:85:5d:d7:9f:
bf:6a:4b:c8:83:16:0d:c9:f4:1b:42:c1:0e:97:5e:f9:7c:ee:
b4:db:14:b2:ee:48:c0:98:c0:01:55:af:cd:5b:32:29:fa:fd:
f1:9e:2d:84:a4:49:9f:b6:7a:86:8a:4a:21:16:93:63:96:6f:
e9:6b:53:90:fd:7a:3f:b4:77:d8:32:36:99:8d:90:ff:be:4c:
f3:9e:d8:8f:3d:5b:ee:0f:b8:77:a3:e3:c5:3e:8d:39:0e:a8:
4e:d9:0d:c4:ab:29:99:6a:38:79:de:f6:ed:0d:78:74:40:aa:
ca:26:a4:7d
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgIUIXOWQ0+iW8STnl6PITM5nVKty6QwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTA0MTQxNDQwNDhaFw0yNjA0MTMxNDQ1NDhaMDMxMTAvBgNV
BAMTKDQ5QjFGQjJDQkZGMjkxMDlBQURCQzAzODYzNzYwNTJBMzgwMzlFOTYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC+C5qq22TmbEdxhopu9SLwSCUh
LhdpnB30cytu1sEHrB1UORvyjq1fKgntq1T91Bawf4ZRKmGZKXzJys4pCALyKhde
2x45w/ubvq0Np1iqZ4u/TD72yYNeprcicJqAmTOgSrf3Xqeix+uPO9GYjC0iksUG
t+e8o6kWBpFTl3vw7ZYWNJyo01AatJfnwGyM9bKiV1B86MtQUNBJMBroKZf681aO
00cuKDAFrHDaPqzOxGX/ak9ikugV6+bdSi3WrCyuHhp9dD2ciAtP+b5Iv7a5uXrd
FBMPLhn0Dqq/qna00MyUpZs59hjnH0QgeaVcxCIpduSHLSnuT28NJMWHEXp9AgMB
AAGjggIJMIICBTAdBgNVHQ4EFgQUSbH7LL/ykQmq28A4Y3YFKjgDnpYwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMzAwNTgucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACUh8kw
DQYJKoZIhvcNAQELBQADggEBAIVUThN8N+BD6fRvHckqn+ttP0TgSJxohpqOUxE5
z9aXKR8HP7fu3RW9veJJ1/2xAm2YWaY+/47tyjCz1b6FSPn76kdMacNKYPyWBLlD
nV9k8YLaqDUic+pw5X07S0ejqEJHbU2xAcVL07KLrU5auDrWlSZ6muB4of+9fU3t
ot4qcyoFfnNpUo5gEkvXhV3Xn79qS8iDFg3J9BtCwQ6XXvl87rTbFLLuSMCYwAFV
r81bMin6/fGeLYSkSZ+2eoaKSiEWk2OWb+lrU5D9ej+0d9gyNpmNkP++TPOe2I89
W+4PuHej48U+jTkOqE7ZDcSrKZlqOHne9u0NeHRAqsompH0=
-----END CERTIFICATE-----
Generated at Tue May 6 05:19:18 2025 by rpki-client