Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS29802.roa
File: AS29802.roa (raw, json)
Hash identifier: JRi6u4rKp+1z6E8kTf0WiPJs4ymc/AKfEe4e40RMIf0=
Subject key identifier: B9:50:75:0E:B0:62:EC:C6:C2:F8:87:F0:A5:29:B4:7C:CE:38:10:15
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 783788C5068DCA9482F63925D700FB3FDC6DE47F
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS29802.roa
Signing time: Fri 18 Jul 2025 14:03:10 +0000
ROA not before: Fri 18 Jul 2025 13:58:10 +0000
ROA not after: Fri 17 Jul 2026 14:03:10 +0000
asID: 29802
IP address blocks: 96.62.140.0/24 maxlen: 24
96.62.216.0/24 maxlen: 24
140.233.167.0/24 maxlen: 24
143.14.110.0/24 maxlen: 24
143.14.210.0/24 maxlen: 24
143.14.213.0/24 maxlen: 24
145.223.50.0/24 maxlen: 24
145.223.55.0/24 maxlen: 24
145.223.60.0/24 maxlen: 24
145.223.62.0/24 maxlen: 24
145.223.63.0/24 maxlen: 24
146.103.4.0/24 maxlen: 24
146.103.19.0/24 maxlen: 24
148.135.178.0/24 maxlen: 24
148.135.179.0/24 maxlen: 24
148.135.190.0/24 maxlen: 24
148.135.191.0/24 maxlen: 24
148.135.193.0/24 maxlen: 24
148.135.254.0/24 maxlen: 24
150.241.128.0/24 maxlen: 24
150.241.232.0/24 maxlen: 24
150.241.233.0/24 maxlen: 24
150.241.254.0/24 maxlen: 24
155.117.121.0/24 maxlen: 24
155.117.140.0/22 maxlen: 24
155.117.196.0/24 maxlen: 24
155.117.226.0/24 maxlen: 24
162.141.52.0/24 maxlen: 24
162.141.141.0/24 maxlen: 24
167.148.178.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
78:37:88:c5:06:8d:ca:94:82:f6:39:25:d7:00:fb:3f:dc:6d:e4:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Jul 18 13:58:10 2025 GMT
Not After : Jul 17 14:03:10 2026 GMT
Subject: CN=B950750EB062ECC6C2F887F0A529B47CCE381015
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:f6:72:94:46:a2:0c:cd:24:d1:75:a5:57:d5:
c1:a7:2e:73:d3:55:c1:dd:82:ea:c1:a3:dc:dc:dd:
e4:fd:01:16:d4:c2:df:9c:ce:f5:13:0b:76:f0:4f:
35:17:c5:df:7b:2e:a7:e6:36:24:fc:e8:dc:50:74:
f8:c7:47:a8:fc:12:1f:81:0b:49:6c:06:13:f4:a8:
fd:ca:ea:f5:85:8f:fb:1c:73:36:76:b3:8a:01:99:
41:fb:81:d0:d1:69:fa:11:78:2f:5c:1a:8d:75:f1:
17:b6:e0:89:1d:e1:83:b6:4b:65:0a:c5:a3:e6:9e:
84:7e:11:dc:a7:28:23:c8:8b:96:75:2c:61:8e:10:
fd:87:aa:f2:ff:90:14:42:1a:a8:7b:9b:8e:65:4e:
b9:b2:46:26:ae:68:5d:b1:fe:d6:be:37:74:24:12:
94:7d:5b:ce:17:ec:8c:50:07:41:31:9d:de:28:e9:
a9:f6:b5:82:d6:c7:3c:c0:cd:49:9d:33:53:e8:35:
b3:2e:7e:36:39:61:0d:20:10:06:6a:2c:fe:3a:a9:
12:0f:bd:3a:d0:27:61:0b:30:3e:bf:e2:d7:8f:69:
fe:7e:1c:38:81:61:a0:f4:43:bd:f9:3a:de:4e:07:
95:b6:c6:7d:c2:9a:23:de:fd:7c:f4:27:d0:20:f6:
72:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:50:75:0E:B0:62:EC:C6:C2:F8:87:F0:A5:29:B4:7C:CE:38:10:15
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS29802.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
96.62.140.0/24
96.62.216.0/24
140.233.167.0/24
143.14.110.0/24
143.14.210.0/24
143.14.213.0/24
145.223.50.0/24
145.223.55.0/24
145.223.60.0/24
145.223.62.0/23
146.103.4.0/24
146.103.19.0/24
148.135.178.0/23
148.135.190.0/23
148.135.193.0/24
148.135.254.0/24
150.241.128.0/24
150.241.232.0/23
150.241.254.0/24
155.117.121.0/24
155.117.140.0/22
155.117.196.0/24
155.117.226.0/24
162.141.52.0/24
162.141.141.0/24
167.148.178.0/24
Signature Algorithm: sha256WithRSAEncryption
40:03:7f:12:a3:96:c5:97:d2:50:f0:92:3c:9d:8d:a6:1e:93:
b2:ba:7b:40:f4:12:67:08:55:21:f0:3d:1c:50:76:8a:17:9f:
53:a0:f0:89:59:d0:d1:4d:4e:d3:06:90:df:60:d1:3c:bf:5b:
13:49:4f:ea:15:f6:78:71:a4:97:42:bd:be:8f:ea:d6:b1:26:
7a:9b:d9:af:18:96:a4:0d:ff:fb:0c:5d:5a:bd:2f:e3:a1:25:
9f:23:0a:31:a7:59:e7:d0:0e:c2:8c:2f:fc:50:17:69:f5:9a:
3c:64:50:9f:a3:98:39:9c:3b:f6:15:9f:81:c9:60:48:13:18:
07:8f:ea:89:2f:9f:dc:fc:36:0e:da:90:1b:73:3c:8f:d6:40:
42:5b:a5:09:a1:76:c7:e2:37:65:d6:11:a5:9c:51:a0:2e:04:
f7:cd:f7:2e:86:fb:ba:0c:80:80:81:8f:96:16:0d:66:85:7d:
6b:4f:09:ae:05:6e:21:86:e2:50:db:dd:e2:b3:a2:87:d2:15:
01:e5:b6:a6:7d:d9:ad:35:3e:bd:1c:07:4e:2c:01:a1:9d:33:
3b:36:79:f9:f8:f0:1c:aa:dc:f6:27:e2:a9:29:3e:f6:83:cf:
bd:2f:d9:1b:41:00:f0:79:85:ab:65:d5:28:2d:47:f4:23:7f:
9b:9a:fe:70
-----BEGIN CERTIFICATE-----
MIIFmjCCBIKgAwIBAgIUeDeIxQaNypSC9jkl1wD7P9xt5H8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTA3MTgxMzU4MTBaFw0yNjA3MTcxNDAzMTBaMDMxMTAvBgNV
BAMTKEI5NTA3NTBFQjA2MkVDQzZDMkY4ODdGMEE1MjlCNDdDQ0UzODEwMTUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCu9nKURqIMzSTRdaVX1cGnLnPT
VcHdgurBo9zc3eT9ARbUwt+czvUTC3bwTzUXxd97LqfmNiT86NxQdPjHR6j8Eh+B
C0lsBhP0qP3K6vWFj/scczZ2s4oBmUH7gdDRafoReC9cGo118Re24Ikd4YO2S2UK
xaPmnoR+EdynKCPIi5Z1LGGOEP2HqvL/kBRCGqh7m45lTrmyRiauaF2x/ta+N3Qk
EpR9W84X7IxQB0Exnd4o6an2tYLWxzzAzUmdM1PoNbMufjY5YQ0gEAZqLP46qRIP
vTrQJ2ELMD6/4tePaf5+HDiBYaD0Q735Ot5OB5W2xn3CmiPe/Xz0J9Ag9nJ/AgMB
AAGjggKkMIICoDAdBgNVHQ4EFgQUuVB1DrBi7MbC+IfwpSm0fM44EBUwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMjk4MDIucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwgbkGCCsGAQUFBwEHAQH/BIGpMIGmMIGjBAIAATCBnAME
AGA+jAMEAGA+2AMEAIzppwMEAI8ObgMEAI8O0gMEAI8O1QMEAJHfMgMEAJHfNwME
AJHfPAMEAZHfPgMEAJJnBAMEAJJnEwMEAZSHsgMEAZSHvgMEAJSHwQMEAJSH/gME
AJbxgAMEAZbx6AMEAJbx/gMEAJt1eQMEApt1jAMEAJt1xAMEAJt14gMEAKKNNAME
AKKNjQMEAKeUsjANBgkqhkiG9w0BAQsFAAOCAQEAQAN/EqOWxZfSUPCSPJ2Nph6T
srp7QPQSZwhVIfA9HFB2ihefU6DwiVnQ0U1O0waQ32DRPL9bE0lP6hX2eHGkl0K9
vo/q1rEmepvZrxiWpA3/+wxdWr0v46ElnyMKMadZ59AOwowv/FAXafWaPGRQn6OY
OZw79hWfgclgSBMYB4/qiS+f3Pw2DtqQG3M8j9ZAQlulCaF2x+I3ZdYRpZxRoC4E
9833Lob7ugyAgIGPlhYNZoV9a08JrgVuIYbiUNvd4rOih9IVAeW2pn3ZrTU+vRwH
TiwBoZ0zOzZ5+fjwHKrc9ifiqSk+9oPPvS/ZG0EA8HmFq2XVKC1H9CN/m5r+cA==
-----END CERTIFICATE-----
Generated at Tue Jul 22 18:57:47 2025 by rpki-client