Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS30058.roa
File: AS30058.roa (raw, json)
Hash identifier: c+Yp56MFyJgxY28vTbw8UrEbob3oWg99HdGpdilI8V4=
Subject key identifier: 65:F4:06:3C:29:1F:BA:BB:CC:E2:73:47:98:12:2A:EF:28:11:18:F9
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 201646606AD28D6218F1C66A149E336AB3F93F78
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS30058.roa
Signing time: Fri 06 Mar 2026 20:36:25 +0000
ROA not before: Fri 06 Mar 2026 20:31:25 +0000
ROA not after: Fri 05 Mar 2027 20:36:25 +0000
asID: 30058
IP address blocks: 82.21.1.0/24 maxlen: 24
82.21.253.0/24 maxlen: 24
82.21.254.0/24 maxlen: 24
82.22.254.0/24 maxlen: 24
82.23.244.0/24 maxlen: 24
82.24.254.0/24 maxlen: 24
82.25.25.0/24 maxlen: 24
82.25.254.0/24 maxlen: 24
82.26.78.0/23 maxlen: 24
82.26.169.0/24 maxlen: 24
82.26.254.0/24 maxlen: 24
82.26.255.0/24 maxlen: 24
82.27.254.0/24 maxlen: 24
82.27.255.0/24 maxlen: 24
82.29.253.0/24 maxlen: 24
82.29.254.0/24 maxlen: 24
82.41.41.0/24 maxlen: 24
2a13:9500:10a::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 15:17:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
20:16:46:60:6a:d2:8d:62:18:f1:c6:6a:14:9e:33:6a:b3:f9:3f:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Mar 6 20:31:25 2026 GMT
Not After : Mar 5 20:36:25 2027 GMT
Subject: CN=65F4063C291FBABBCCE2734798122AEF281118F9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:c3:46:69:1f:5d:54:01:fd:b2:e2:ed:a3:43:
66:b6:9c:a4:ce:2d:e7:a3:93:5e:44:ac:2b:3e:5d:
a7:5d:54:26:b5:c1:d1:4b:93:c6:3c:22:97:45:7b:
8c:f7:ce:50:b0:8a:10:fc:04:ee:99:69:74:a0:b3:
5d:55:9c:98:11:2b:89:7a:9f:92:7e:13:21:5d:a9:
9e:75:a7:a3:1a:d1:25:b2:c6:ff:bb:71:58:d6:65:
db:9a:7a:09:14:72:f4:ce:8e:e5:31:de:55:89:9f:
95:8e:02:75:fb:4d:f7:b7:83:c5:d9:c7:8e:72:10:
7a:64:47:1a:f8:f6:e6:72:ad:17:2e:1e:fa:0b:83:
85:be:f2:fe:6d:7f:77:e7:f2:be:b0:7c:10:43:7f:
b8:e5:f9:26:d6:9f:ef:09:3e:bb:42:36:64:a3:bc:
92:4b:f9:7e:04:a9:d1:eb:1d:f1:03:35:9a:89:fe:
ef:63:c4:fe:d4:e9:ae:99:c2:a9:88:49:50:f0:7d:
d4:35:f9:7a:c9:a2:8b:d7:ef:a2:85:cc:dd:f8:3f:
e0:f5:57:3f:c2:58:11:a7:94:b0:50:33:d1:25:28:
e8:65:e3:a6:bd:ae:96:0c:9f:0e:8e:db:b8:76:46:
03:76:be:f2:ed:5f:37:b6:ed:5c:ee:dc:3a:a1:ce:
69:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:F4:06:3C:29:1F:BA:BB:CC:E2:73:47:98:12:2A:EF:28:11:18:F9
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS30058.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.1.0/24
82.21.253.0-82.21.254.255
82.22.254.0/24
82.23.244.0/24
82.24.254.0/24
82.25.25.0/24
82.25.254.0/24
82.26.78.0/23
82.26.169.0/24
82.26.254.0/23
82.27.254.0/23
82.29.253.0-82.29.254.255
82.41.41.0/24
IPv6:
2a13:9500:10a::/48
Signature Algorithm: sha256WithRSAEncryption
7a:cf:db:99:63:f8:4a:12:02:40:1b:04:3c:65:48:39:64:5b:
54:3b:1e:5d:5e:c1:75:93:aa:c5:c9:7d:4c:3b:ef:57:96:02:
ec:74:a4:5f:71:0a:96:5f:c6:f3:d1:65:42:7c:50:c6:9e:05:
25:7a:61:4e:8b:17:a7:b6:ac:10:2f:1b:4c:76:4b:34:2f:b9:
e8:92:79:16:52:b0:77:d2:69:cb:36:48:27:bf:9c:b0:b0:33:
97:6e:90:d2:27:27:48:74:60:f4:c9:23:17:4e:c5:b6:3b:04:
a6:74:9b:00:bf:31:c4:e7:5e:cc:67:22:23:57:44:40:f0:31:
65:e1:29:95:2f:15:f1:6d:29:75:39:72:f9:84:ff:22:e2:f8:
f2:0f:aa:a2:75:a7:a8:e8:ea:5d:24:31:f5:e5:4f:a0:8a:cc:
25:67:1e:ac:15:f6:2f:9e:14:00:97:a9:16:10:04:45:89:ed:
b7:54:32:c3:be:5b:51:47:ab:bc:54:36:2a:bf:43:bb:75:0f:
42:e0:c0:14:56:43:58:48:92:47:5d:de:bc:c0:33:d5:bc:b1:
8a:5d:0f:b5:55:d4:9e:27:79:32:fb:46:85:a2:e6:e1:a5:b7:
09:db:c2:87:0a:72:90:3e:e9:8d:38:e2:ed:d1:6f:29:a8:f7:
91:da:a1:32
-----BEGIN CERTIFICATE-----
MIIFaTCCBFGgAwIBAgIUIBZGYGrSjWIY8cZqFJ4zarP5P3gwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjAzMDYyMDMxMjVaFw0yNzAzMDUyMDM2MjVaMDMxMTAvBgNV
BAMTKDY1RjQwNjNDMjkxRkJBQkJDQ0UyNzM0Nzk4MTIyQUVGMjgxMTE4RjkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCow0ZpH11UAf2y4u2jQ2a2nKTO
Leejk15ErCs+XaddVCa1wdFLk8Y8IpdFe4z3zlCwihD8BO6ZaXSgs11VnJgRK4l6
n5J+EyFdqZ51p6Ma0SWyxv+7cVjWZduaegkUcvTOjuUx3lWJn5WOAnX7Tfe3g8XZ
x45yEHpkRxr49uZyrRcuHvoLg4W+8v5tf3fn8r6wfBBDf7jl+SbWn+8JPrtCNmSj
vJJL+X4EqdHrHfEDNZqJ/u9jxP7U6a6ZwqmISVDwfdQ1+XrJoovX76KFzN34P+D1
Vz/CWBGnlLBQM9ElKOhl46a9rpYMnw6O27h2RgN2vvLtXze27Vzu3DqhzmmxAgMB
AAGjggJzMIICbzAdBgNVHQ4EFgQUZfQGPCkfurvM4nNHmBIq7ygRGPkwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMzAwNTgucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwgYgGCCsGAQUFBwEHAQH/BHkwdzBkBAIAATBeAwQAUhUB
MAwDBABSFf0DBABSFf4DBABSFv4DBABSF/QDBABSGP4DBABSGRkDBABSGf4DBAFS
Gk4DBABSGqkDBAFSGv4DBAFSG/4wDAMEAFId/QMEAFId/gMEAFIpKTAPBAIAAjAJ
AwcAKhOVAAEKMA0GCSqGSIb3DQEBCwUAA4IBAQB6z9uZY/hKEgJAGwQ8ZUg5ZFtU
Ox5dXsF1k6rFyX1MO+9XlgLsdKRfcQqWX8bz0WVCfFDGngUlemFOixentqwQLxtM
dks0L7noknkWUrB30mnLNkgnv5ywsDOXbpDSJydIdGD0ySMXTsW2OwSmdJsAvzHE
517MZyIjV0RA8DFl4SmVLxXxbSl1OXL5hP8i4vjyD6qidaeo6OpdJDH15U+giswl
Zx6sFfYvnhQAl6kWEARFie23VDLDvltRR6u8VDYqv0O7dQ9C4MAUVkNYSJJHXd68
wDPVvLGKXQ+1VdSeJ3ky+0aFoubhpbcJ28KHCnKQPumNOOLt0W8pqPeR2qEy
-----END CERTIFICATE-----
Generated at Thu Mar 26 01:29:29 2026 by rpki-client