Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS29802.roa
File: AS29802.roa (raw, json)
Hash identifier: uFbuDazcPZJ3LIF4ZXDwEcaMXnRniQnB0jeVUc/0U88=
Subject key identifier: D3:81:39:B6:A5:04:F7:B9:99:48:FB:C7:AB:E1:1E:21:2A:09:F1:B1
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 3F96E17DEE2A2421B9E5577AC6386CE82AE3514C
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS29802.roa
Signing time: Wed 17 Apr 2024 06:53:38 +0000
ROA not before: Wed 17 Apr 2024 06:48:38 +0000
ROA not after: Wed 16 Apr 2025 06:53:38 +0000
asID: 29802
IP address blocks: 2.57.22.0/24 maxlen: 24
2.58.28.0/24 maxlen: 24
5.252.68.0/24 maxlen: 24
5.252.69.0/24 maxlen: 24
5.252.70.0/24 maxlen: 24
5.252.73.0/24 maxlen: 24
5.252.161.0/24 maxlen: 24
45.87.186.0/24 maxlen: 24
85.208.74.0/24 maxlen: 24
85.208.75.0/24 maxlen: 24
92.242.185.0/24 maxlen: 24
141.98.88.0/24 maxlen: 24
141.98.90.0/24 maxlen: 24
179.61.195.0/24 maxlen: 24
181.41.211.0/24 maxlen: 24
181.41.213.0/24 maxlen: 24
181.41.222.0/23 maxlen: 24
181.214.35.0/24 maxlen: 24
181.214.52.0/24 maxlen: 24
181.214.72.0/24 maxlen: 24
181.214.91.0/24 maxlen: 24
181.214.98.0/24 maxlen: 24
181.214.121.0/24 maxlen: 24
181.214.123.0/24 maxlen: 24
181.214.233.0/24 maxlen: 24
181.214.242.0/24 maxlen: 24
181.214.243.0/24 maxlen: 24
181.214.254.0/24 maxlen: 24
181.215.46.0/24 maxlen: 24
181.215.89.0/24 maxlen: 24
181.215.137.0/24 maxlen: 24
181.215.151.0/24 maxlen: 24
181.215.157.0/24 maxlen: 24
181.215.183.0/24 maxlen: 24
181.215.192.0/24 maxlen: 24
181.215.194.0/24 maxlen: 24
181.215.199.0/24 maxlen: 24
181.215.201.0/24 maxlen: 24
181.215.203.0/24 maxlen: 24
181.215.228.0/24 maxlen: 24
181.215.235.0/24 maxlen: 24
181.215.247.0/24 maxlen: 24
181.215.251.0/24 maxlen: 24
185.34.40.0/24 maxlen: 24
185.34.41.0/24 maxlen: 24
185.130.204.0/22 maxlen: 24
185.135.11.0/24 maxlen: 24
185.139.237.0/24 maxlen: 24
185.141.164.0/23 maxlen: 24
185.142.26.0/24 maxlen: 24
185.142.27.0/24 maxlen: 24
185.158.135.0/24 maxlen: 24
185.158.148.0/24 maxlen: 24
185.172.58.0/23 maxlen: 24
185.173.24.0/23 maxlen: 24
185.173.32.0/23 maxlen: 24
185.174.62.0/24 maxlen: 24
191.96.42.0/23 maxlen: 24
191.96.50.0/23 maxlen: 24
191.96.70.0/23 maxlen: 24
191.96.97.0/24 maxlen: 24
191.96.170.0/24 maxlen: 24
191.96.192.0/24 maxlen: 24
191.96.195.0/24 maxlen: 24
191.96.202.0/24 maxlen: 24
191.96.213.0/24 maxlen: 24
191.96.222.0/24 maxlen: 24
191.101.22.0/24 maxlen: 24
191.101.49.0/24 maxlen: 24
191.101.62.0/24 maxlen: 24
191.101.156.0/24 maxlen: 24
191.101.164.0/23 maxlen: 24
191.101.204.0/24 maxlen: 24
191.101.236.0/24 maxlen: 24
191.101.238.0/24 maxlen: 24
193.31.40.0/24 maxlen: 24
2a03:fbc6::/47 maxlen: 48
2a03:fbc6:1::/48 maxlen: 48
2a09:4b40::/29 maxlen: 48
2a09:4b44::/48 maxlen: 48
2a09:4b44:2::/48 maxlen: 48
2a09:4b44:3::/48 maxlen: 48
2a09:4b44:4::/48 maxlen: 48
2a09:4b44:5::/48 maxlen: 48
2a09:4b44:6::/48 maxlen: 48
2a09:4b44:7::/48 maxlen: 48
2a09:4b44:8::/48 maxlen: 48
2a09:4b44:9::/48 maxlen: 48
2a09:4b44:b::/48 maxlen: 48
2a09:4b44:d::/48 maxlen: 48
2a09:4b44:21::/48 maxlen: 48
2a09:4b44:23::/48 maxlen: 48
2a0e:1c00::/29 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 30 Apr 2024 19:05:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3f:96:e1:7d:ee:2a:24:21:b9:e5:57:7a:c6:38:6c:e8:2a:e3:51:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Apr 17 06:48:38 2024 GMT
Not After : Apr 16 06:53:38 2025 GMT
Subject: CN=D38139B6A504F7B99948FBC7ABE11E212A09F1B1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:3b:d9:69:d3:46:bd:50:46:c6:20:ef:35:6c:
ff:08:d0:0e:51:81:9d:a4:a0:6d:8c:df:a1:43:e4:
2b:6e:12:0a:55:cf:22:5d:ce:ee:98:43:cb:1d:a7:
5e:03:f0:74:23:60:5c:a4:46:54:59:ac:a5:a0:16:
d2:44:01:7b:a2:dd:83:c4:ad:03:5a:be:75:49:0a:
23:2d:b2:b7:52:05:b8:ab:7b:d5:e3:08:e1:7c:9e:
4e:a8:ae:5a:b8:68:1c:34:25:d9:3b:e6:ad:4e:99:
be:2e:eb:94:1e:cd:75:00:d4:b9:3c:27:4b:e0:aa:
ea:29:47:e5:f5:c7:73:f3:6c:56:a7:70:ea:69:79:
c4:9e:13:64:25:cf:f2:ae:48:67:81:79:37:56:7d:
d5:3d:9c:33:e3:44:74:6f:fd:8e:b2:de:40:84:23:
86:8b:9e:b6:e7:bf:7f:fb:8f:90:fa:0f:8c:50:03:
0c:0d:e4:90:88:c0:9b:a9:25:ac:bf:25:bd:72:51:
cd:e0:67:95:a9:db:7b:fc:c7:f4:b9:1f:da:29:43:
e7:91:af:4a:ee:76:ac:6f:81:a2:a5:4d:e7:a1:a1:
73:b8:85:e1:38:94:2d:71:7a:61:a1:f9:4f:ee:8e:
1f:45:79:35:8c:19:cf:45:02:e9:a7:f7:d3:ac:d6:
d5:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:81:39:B6:A5:04:F7:B9:99:48:FB:C7:AB:E1:1E:21:2A:09:F1:B1
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS29802.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.57.22.0/24
2.58.28.0/24
5.252.68.0-5.252.70.255
5.252.73.0/24
5.252.161.0/24
45.87.186.0/24
85.208.74.0/23
92.242.185.0/24
141.98.88.0/24
141.98.90.0/24
179.61.195.0/24
181.41.211.0/24
181.41.213.0/24
181.41.222.0/23
181.214.35.0/24
181.214.52.0/24
181.214.72.0/24
181.214.91.0/24
181.214.98.0/24
181.214.121.0/24
181.214.123.0/24
181.214.233.0/24
181.214.242.0/23
181.214.254.0/24
181.215.46.0/24
181.215.89.0/24
181.215.137.0/24
181.215.151.0/24
181.215.157.0/24
181.215.183.0/24
181.215.192.0/24
181.215.194.0/24
181.215.199.0/24
181.215.201.0/24
181.215.203.0/24
181.215.228.0/24
181.215.235.0/24
181.215.247.0/24
181.215.251.0/24
185.34.40.0/23
185.130.204.0/22
185.135.11.0/24
185.139.237.0/24
185.141.164.0/23
185.142.26.0/23
185.158.135.0/24
185.158.148.0/24
185.172.58.0/23
185.173.24.0/23
185.173.32.0/23
185.174.62.0/24
191.96.42.0/23
191.96.50.0/23
191.96.70.0/23
191.96.97.0/24
191.96.170.0/24
191.96.192.0/24
191.96.195.0/24
191.96.202.0/24
191.96.213.0/24
191.96.222.0/24
191.101.22.0/24
191.101.49.0/24
191.101.62.0/24
191.101.156.0/24
191.101.164.0/23
191.101.204.0/24
191.101.236.0/24
191.101.238.0/24
193.31.40.0/24
IPv6:
2a03:fbc6::/47
2a09:4b40::/29
2a0e:1c00::/29
Signature Algorithm: sha256WithRSAEncryption
86:39:55:8e:55:78:d1:d4:02:73:69:4f:6d:da:c7:fd:6b:41:
23:b6:86:97:3e:15:5d:ae:76:63:5a:a6:07:53:ce:f3:3a:ba:
eb:74:e4:ca:a5:21:c4:89:ea:eb:ef:c8:38:59:13:44:22:55:
59:71:bc:6d:a4:50:77:ee:ba:7c:6e:bc:0a:35:2d:ed:14:22:
4f:e0:f2:8f:f8:79:90:fc:44:49:72:81:c2:3a:8c:86:fb:22:
d0:d8:98:30:69:d1:99:ef:eb:2b:95:ec:a5:ee:62:75:a9:6c:
ee:55:9f:01:a0:fc:8d:a9:ef:a9:18:8e:32:6c:2b:37:1d:bb:
aa:04:f1:16:e7:f9:a2:73:a9:f9:9f:5b:99:88:2d:6a:17:e6:
0a:0c:1f:ce:31:8e:89:d1:1d:7a:44:ac:2c:0e:dd:0a:19:1e:
bf:da:d6:af:a6:cc:bc:ed:06:ef:70:66:f3:98:71:15:c1:aa:
74:ac:de:47:44:66:3e:76:c9:55:f8:f3:10:24:1f:c0:48:13:
14:1e:6c:0d:e2:7b:75:dc:fb:60:79:45:24:40:f0:8b:d7:57:
2a:89:be:97:3b:fd:4d:0a:cb:77:49:c4:7d:25:8d:31:ef:8c:
d5:b2:d5:5f:a4:8a:20:8d:80:bc:fd:65:72:b6:a1:55:ae:8f:
a7:c0:7c:51
-----BEGIN CERTIFICATE-----
MIIGzjCCBbagAwIBAgIUP5bhfe4qJCG55Vd6xjhs6CrjUUwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNDA0MTcwNjQ4MzhaFw0yNTA0MTYwNjUzMzhaMDMxMTAvBgNV
BAMTKEQzODEzOUI2QTUwNEY3Qjk5OTQ4RkJDN0FCRTExRTIxMkEwOUYxQjEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCjO9lp00a9UEbGIO81bP8I0A5R
gZ2koG2M36FD5CtuEgpVzyJdzu6YQ8sdp14D8HQjYFykRlRZrKWgFtJEAXui3YPE
rQNavnVJCiMtsrdSBbire9XjCOF8nk6orlq4aBw0Jdk75q1Omb4u65QezXUA1Lk8
J0vgquopR+X1x3PzbFancOppecSeE2Qlz/KuSGeBeTdWfdU9nDPjRHRv/Y6y3kCE
I4aLnrbnv3/7j5D6D4xQAwwN5JCIwJupJay/Jb1yUc3gZ5Wp23v8x/S5H9opQ+eR
r0rudqxvgaKlTeehoXO4heE4lC1xemGh+U/ujh9FeTWMGc9FAumn99Os1tXrAgMB
AAGjggPYMIID1DAdBgNVHQ4EFgQU04E5tqUE97mZSPvHq+EeISoJ8bEwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMjk4MDIucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwggHsBggrBgEFBQcBBwEB/wSCAdswggHXMIIBtAQCAAEw
ggGsAwQAAjkWAwQAAjocMAwDBAIF/EQDBAAF/EYDBAAF/EkDBAAF/KEDBAAtV7oD
BAFV0EoDBABc8rkDBACNYlgDBACNYloDBACzPcMDBAC1KdMDBAC1KdUDBAG1Kd4D
BAC11iMDBAC11jQDBAC11kgDBAC11lsDBAC11mIDBAC11nkDBAC11nsDBAC11ukD
BAG11vIDBAC11v4DBAC11y4DBAC111kDBAC114kDBAC115cDBAC1150DBAC117cD
BAC118ADBAC118IDBAC118cDBAC118kDBAC118sDBAC11+QDBAC11+sDBAC11/cD
BAC11/sDBAG5IigDBAK5gswDBAC5hwsDBAC5i+0DBAG5jaQDBAG5jhoDBAC5nocD
BAC5npQDBAG5rDoDBAG5rRgDBAG5rSADBAC5rj4DBAG/YCoDBAG/YDIDBAG/YEYD
BAC/YGEDBAC/YKoDBAC/YMADBAC/YMMDBAC/YMoDBAC/YNUDBAC/YN4DBAC/ZRYD
BAC/ZTEDBAC/ZT4DBAC/ZZwDBAG/ZaQDBAC/ZcwDBAC/ZewDBAC/Ze4DBADBHygw
HQQCAAIwFwMHASoD+8YAAAMFAyoJS0ADBQMqDhwAMA0GCSqGSIb3DQEBCwUAA4IB
AQCGOVWOVXjR1AJzaU9t2sf9a0EjtoaXPhVdrnZjWqYHU87zOrrrdOTKpSHEierr
78g4WRNEIlVZcbxtpFB37rp8brwKNS3tFCJP4PKP+HmQ/ERJcoHCOoyG+yLQ2Jgw
adGZ7+srleyl7mJ1qWzuVZ8BoPyNqe+pGI4ybCs3HbuqBPEW5/mic6n5n1uZiC1q
F+YKDB/OMY6J0R16RKwsDt0KGR6/2tavpsy87QbvcGbzmHEVwap0rN5HRGY+dslV
+PMQJB/ASBMUHmwN4nt13PtgeUUkQPCL11cqib6XO/1NCst3ScR9JY0x74zVstVf
pIogjYC8/WVytqFVro+nwHxR
-----END CERTIFICATE-----
Generated at Tue Apr 30 01:22:42 2024 by rpki-client on console-fra.rpki-client.org