Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS29802.roa
File: AS29802.roa (raw, json)
Hash identifier: h/iVMmEkJ57OO/THDm+0RF+Q77atAfHm5HcbCBnTITk=
Subject key identifier: 94:E9:59:2D:3D:98:83:A5:5D:1D:A9:DF:DD:33:31:C9:AC:DF:5A:BD
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 709C8C46F4360D1B2E9E07E51569DA65315A3DED
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS29802.roa
Signing time: Thu 06 Nov 2025 14:32:40 +0000
ROA not before: Thu 06 Nov 2025 14:27:40 +0000
ROA not after: Thu 05 Nov 2026 14:32:40 +0000
asID: 29802
IP address blocks: 96.62.140.0/24 maxlen: 24
96.62.216.0/24 maxlen: 24
143.14.110.0/24 maxlen: 24
143.14.210.0/24 maxlen: 24
143.14.213.0/24 maxlen: 24
145.223.50.0/24 maxlen: 24
145.223.55.0/24 maxlen: 24
145.223.60.0/24 maxlen: 24
145.223.62.0/24 maxlen: 24
145.223.63.0/24 maxlen: 24
146.103.4.0/24 maxlen: 24
146.103.19.0/24 maxlen: 24
148.135.178.0/24 maxlen: 24
148.135.179.0/24 maxlen: 24
148.135.190.0/24 maxlen: 24
148.135.191.0/24 maxlen: 24
148.135.254.0/24 maxlen: 24
150.241.233.0/24 maxlen: 24
155.117.121.0/24 maxlen: 24
162.141.52.0/24 maxlen: 24
162.141.141.0/24 maxlen: 24
167.148.178.0/24 maxlen: 24
168.222.1.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 18 Nov 2025 23:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
70:9c:8c:46:f4:36:0d:1b:2e:9e:07:e5:15:69:da:65:31:5a:3d:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Nov 6 14:27:40 2025 GMT
Not After : Nov 5 14:32:40 2026 GMT
Subject: CN=94E9592D3D9883A55D1DA9DFDD3331C9ACDF5ABD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:20:7f:15:a3:33:89:f5:69:5f:b7:e3:0a:61:
34:b6:f0:c0:82:31:6b:66:18:57:d9:a7:2c:dd:94:
93:f1:df:76:ed:06:d5:18:15:91:be:a6:a0:ac:80:
51:99:55:71:c5:f1:b0:9b:d0:ea:72:6e:e5:1b:e9:
15:53:b5:99:ec:62:19:2d:c5:19:c5:a2:81:d3:84:
d6:6f:0b:aa:78:f3:07:8c:db:68:a1:86:cd:1c:11:
42:2e:5a:ab:60:95:c7:21:55:a0:d8:ac:ac:91:bd:
9e:af:31:ce:e0:f5:3f:27:ea:9a:24:c0:98:6f:d1:
5d:a6:08:8f:94:b0:ea:54:90:86:8b:36:08:31:86:
9b:d7:06:21:b3:42:f2:94:62:23:3b:39:66:bd:0c:
a9:36:96:13:48:86:c0:e2:32:1e:62:f3:42:a0:de:
2d:15:fc:01:5d:8d:f2:75:6d:8a:c7:91:60:35:32:
97:b4:cb:74:aa:b8:8e:bc:67:7d:c7:22:48:bf:5c:
08:19:f1:ef:e9:74:b5:f3:84:ed:37:d9:6c:b0:20:
8f:4b:25:cf:7c:01:87:41:1d:f2:1c:b5:62:1f:11:
54:fc:2d:ac:d2:1f:6e:0a:ab:1d:05:6c:b9:9c:ce:
ac:2c:a9:e2:71:b7:11:33:5e:56:a8:5a:35:32:32:
4f:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:E9:59:2D:3D:98:83:A5:5D:1D:A9:DF:DD:33:31:C9:AC:DF:5A:BD
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS29802.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
96.62.140.0/24
96.62.216.0/24
143.14.110.0/24
143.14.210.0/24
143.14.213.0/24
145.223.50.0/24
145.223.55.0/24
145.223.60.0/24
145.223.62.0/23
146.103.4.0/24
146.103.19.0/24
148.135.178.0/23
148.135.190.0/23
148.135.254.0/24
150.241.233.0/24
155.117.121.0/24
162.141.52.0/24
162.141.141.0/24
167.148.178.0/24
168.222.1.0/24
Signature Algorithm: sha256WithRSAEncryption
6c:f0:f0:df:5d:38:7d:15:90:b3:79:09:90:7a:b3:57:ca:dd:
06:2f:10:89:cc:33:8d:21:d4:fc:3a:c6:b1:dc:f7:f9:60:4d:
4f:37:31:90:72:81:04:5f:5f:66:b5:3d:10:1f:e2:93:d7:e6:
9a:11:03:68:31:70:88:c1:66:f9:7b:c1:20:08:b2:be:1d:76:
a6:29:f6:79:51:48:e8:98:bf:41:31:2a:75:b4:d5:bd:12:bd:
af:bd:f5:31:09:a5:65:63:0a:8f:86:a4:e6:93:81:bd:d6:91:
86:b2:13:19:59:1c:b7:6d:8b:b7:1e:d1:be:4e:42:35:27:a4:
a6:9b:b3:0c:a6:ab:cc:fd:4b:a9:a7:66:65:7e:12:5b:cc:2a:
03:bb:df:e5:01:2a:42:27:2b:db:10:c8:b2:d5:ca:bb:12:5c:
b0:a3:60:7c:4d:9f:dc:c5:57:45:3c:68:0f:77:be:2d:e8:4c:
76:3c:f7:3d:57:bb:b3:9a:25:ec:84:a8:33:2f:61:62:51:1f:
be:d2:6f:37:80:74:4c:b6:da:a8:d5:a3:14:4c:ce:86:05:10:
26:ef:17:f5:b4:fe:f9:7f:4a:a3:de:29:46:9f:1f:bf:52:c4:
46:7f:3c:06:79:e7:5e:c6:78:cb:ef:9a:c4:1f:61:b8:fa:74:
6e:91:89:70
-----BEGIN CERTIFICATE-----
MIIFdDCCBFygAwIBAgIUcJyMRvQ2DRsungflFWnaZTFaPe0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTExMDYxNDI3NDBaFw0yNjExMDUxNDMyNDBaMDMxMTAvBgNV
BAMTKDk0RTk1OTJEM0Q5ODgzQTU1RDFEQTlERkREMzMzMUM5QUNERjVBQkQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCyIH8VozOJ9Wlft+MKYTS28MCC
MWtmGFfZpyzdlJPx33btBtUYFZG+pqCsgFGZVXHF8bCb0OpybuUb6RVTtZnsYhkt
xRnFooHThNZvC6p48weM22ihhs0cEUIuWqtglcchVaDYrKyRvZ6vMc7g9T8n6pok
wJhv0V2mCI+UsOpUkIaLNggxhpvXBiGzQvKUYiM7OWa9DKk2lhNIhsDiMh5i80Kg
3i0V/AFdjfJ1bYrHkWA1Mpe0y3SquI68Z33HIki/XAgZ8e/pdLXzhO032WywII9L
Jc98AYdBHfIctWIfEVT8LazSH24Kqx0FbLmczqwsqeJxtxEzXlaoWjUyMk+dAgMB
AAGjggJ+MIICejAdBgNVHQ4EFgQUlOlZLT2Yg6VdHanf3TMxyazfWr0wHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMjk4MDIucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwgZMGCCsGAQUFBwEHAQH/BIGDMIGAMH4EAgABMHgDBABg
PowDBABgPtgDBACPDm4DBACPDtIDBACPDtUDBACR3zIDBACR3zcDBACR3zwDBAGR
3z4DBACSZwQDBACSZxMDBAGUh7IDBAGUh74DBACUh/4DBACW8ekDBACbdXkDBACi
jTQDBACijY0DBACnlLIDBACo3gEwDQYJKoZIhvcNAQELBQADggEBAGzw8N9dOH0V
kLN5CZB6s1fK3QYvEInMM40h1Pw6xrHc9/lgTU83MZBygQRfX2a1PRAf4pPX5poR
A2gxcIjBZvl7wSAIsr4ddqYp9nlRSOiYv0ExKnW01b0Sva+99TEJpWVjCo+GpOaT
gb3WkYayExlZHLdti7ce0b5OQjUnpKabswymq8z9S6mnZmV+ElvMKgO73+UBKkIn
K9sQyLLVyrsSXLCjYHxNn9zFV0U8aA93vi3oTHY89z1Xu7OaJeyEqDMvYWJRH77S
bzeAdEy22qjVoxRMzoYFECbvF/W0/vl/SqPeKUafH79SxEZ/PAZ5517GeMvvmsQf
Ybj6dG6RiXA=
-----END CERTIFICATE-----
Generated at Tue Nov 18 06:24:22 2025 by rpki-client