Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS29802.roa
File: AS29802.roa (raw, json)
Hash identifier: HncAwPGssBMbgKDYCRpYnaaGK06s9mkKUsjaytw672w=
Subject key identifier: 69:70:1D:0B:1A:CF:D8:67:20:42:C9:4F:1E:5B:B8:1A:A9:0B:3E:9E
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 3374A7F643B12D689F72B7B1565480F187160629
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS29802.roa
Signing time: Tue 08 Jul 2025 15:55:06 +0000
ROA not before: Tue 08 Jul 2025 15:50:06 +0000
ROA not after: Tue 07 Jul 2026 15:55:06 +0000
asID: 29802
IP address blocks: 2.57.22.0/24 maxlen: 24
2.58.28.0/24 maxlen: 24
5.252.68.0/24 maxlen: 24
5.252.69.0/24 maxlen: 24
5.252.70.0/24 maxlen: 24
5.252.73.0/24 maxlen: 24
5.252.161.0/24 maxlen: 24
45.87.186.0/24 maxlen: 24
141.98.88.0/24 maxlen: 24
141.98.90.0/24 maxlen: 24
179.61.195.0/24 maxlen: 24
179.61.225.0/24 maxlen: 24
181.41.211.0/24 maxlen: 24
181.41.213.0/24 maxlen: 24
181.41.222.0/23 maxlen: 24
181.214.35.0/24 maxlen: 24
181.214.52.0/24 maxlen: 24
181.214.123.0/24 maxlen: 24
181.214.219.0/24 maxlen: 24
181.214.242.0/24 maxlen: 24
181.215.46.0/24 maxlen: 24
181.215.61.0/24 maxlen: 24
181.215.89.0/24 maxlen: 24
181.215.183.0/24 maxlen: 24
185.34.40.0/24 maxlen: 24
185.34.41.0/24 maxlen: 24
185.130.204.0/22 maxlen: 24
185.135.11.0/24 maxlen: 24
185.139.237.0/24 maxlen: 24
185.141.164.0/23 maxlen: 24
185.142.26.0/24 maxlen: 24
185.142.27.0/24 maxlen: 24
185.143.228.0/24 maxlen: 24
185.158.148.0/24 maxlen: 24
185.172.58.0/23 maxlen: 24
185.173.24.0/23 maxlen: 24
185.173.32.0/23 maxlen: 24
185.174.62.0/24 maxlen: 24
191.96.42.0/23 maxlen: 24
191.96.50.0/23 maxlen: 24
191.96.70.0/23 maxlen: 24
191.96.97.0/24 maxlen: 24
191.96.192.0/24 maxlen: 24
191.101.62.0/24 maxlen: 24
191.101.164.0/23 maxlen: 24
191.101.204.0/24 maxlen: 24
191.101.253.0/24 maxlen: 24
193.31.40.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Jul 2025 22:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
33:74:a7:f6:43:b1:2d:68:9f:72:b7:b1:56:54:80:f1:87:16:06:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Jul 8 15:50:06 2025 GMT
Not After : Jul 7 15:55:06 2026 GMT
Subject: CN=69701D0B1ACFD8672042C94F1E5BB81AA90B3E9E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:22:6d:60:54:7f:76:dd:4a:46:7b:f9:bc:0d:
33:7b:d9:d9:6a:1a:f9:34:01:d3:2f:67:a4:71:d9:
3e:45:0c:4e:d3:92:0e:85:19:1f:f0:98:14:ad:61:
22:15:05:d9:a7:50:89:6f:50:c8:79:93:d4:b5:0e:
8c:6c:e1:16:22:7c:dd:0f:14:e3:a1:30:0e:62:15:
9f:47:0e:70:0c:0e:a6:a2:71:97:04:6b:b6:b7:e5:
5f:e1:25:05:b3:28:b7:2b:86:6a:61:3d:49:8c:71:
24:7a:9f:40:d1:6b:e2:75:36:df:ff:05:2e:c9:26:
e5:09:e9:75:5b:6c:fe:84:7c:79:9c:dd:a6:ee:2a:
37:ce:53:a2:13:ef:05:2b:b0:35:a5:f6:0c:6b:3a:
3d:d4:a9:85:dd:3b:70:ac:87:b8:08:a4:e6:f3:5c:
16:7f:d7:d7:f7:d4:0a:65:01:44:37:2f:d2:b2:8e:
15:18:99:54:2b:e8:21:ec:63:6f:2f:ac:50:dd:dd:
3c:c7:4a:51:6d:bf:80:77:56:b9:c8:0c:96:24:cf:
da:a7:1d:b5:17:7c:e5:93:fd:03:e6:31:cc:67:1b:
94:62:56:59:c6:e2:bb:08:19:ef:a6:6f:35:29:85:
3b:ca:82:88:2b:ad:27:2b:3c:09:6d:f8:5d:6d:10:
77:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:70:1D:0B:1A:CF:D8:67:20:42:C9:4F:1E:5B:B8:1A:A9:0B:3E:9E
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS29802.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.57.22.0/24
2.58.28.0/24
5.252.68.0-5.252.70.255
5.252.73.0/24
5.252.161.0/24
45.87.186.0/24
141.98.88.0/24
141.98.90.0/24
179.61.195.0/24
179.61.225.0/24
181.41.211.0/24
181.41.213.0/24
181.41.222.0/23
181.214.35.0/24
181.214.52.0/24
181.214.123.0/24
181.214.219.0/24
181.214.242.0/24
181.215.46.0/24
181.215.61.0/24
181.215.89.0/24
181.215.183.0/24
185.34.40.0/23
185.130.204.0/22
185.135.11.0/24
185.139.237.0/24
185.141.164.0/23
185.142.26.0/23
185.143.228.0/24
185.158.148.0/24
185.172.58.0/23
185.173.24.0/23
185.173.32.0/23
185.174.62.0/24
191.96.42.0/23
191.96.50.0/23
191.96.70.0/23
191.96.97.0/24
191.96.192.0/24
191.101.62.0/24
191.101.164.0/23
191.101.204.0/24
191.101.253.0/24
193.31.40.0/24
Signature Algorithm: sha256WithRSAEncryption
44:0b:ca:55:79:53:f4:1a:7c:85:7e:3b:02:a4:10:4b:8f:5d:
c8:f4:eb:8c:e5:c4:99:69:ac:11:28:9a:76:ea:ff:b9:8f:52:
3e:2d:f5:b8:f1:d1:d5:68:7a:5f:b6:4d:21:3f:a4:64:86:05:
e9:b6:73:83:f8:b5:0e:21:3e:5f:ce:a6:ff:99:cc:9e:03:0b:
95:a5:dc:ba:27:65:ee:10:b9:aa:b7:fe:49:aa:03:84:db:99:
99:7d:47:9d:16:78:14:3d:8f:70:d1:5c:95:06:f8:f3:f3:26:
24:b5:ce:c6:fb:6a:9a:e9:c0:72:09:8e:15:b2:c9:b2:fc:98:
81:ee:b4:1e:97:ea:e2:09:35:9f:85:10:06:cd:d8:68:07:88:
a2:43:68:b6:b0:40:d2:dc:d4:28:1c:b5:c2:68:36:27:fe:a4:
a9:8b:e0:30:bf:78:02:76:90:ca:3b:52:e8:e8:d5:95:61:4a:
59:5a:19:0c:62:47:71:70:2b:50:30:e9:70:c1:cb:6d:15:e8:
3b:83:99:27:79:90:1f:2e:a9:22:40:06:19:bc:e7:57:ab:ac:
b4:11:ba:dc:d9:fa:8e:6a:a8:88:ed:fa:db:84:38:81:4f:4d:
8a:4d:48:97:7b:b5:19:b0:90:cd:3e:b7:4e:13:c0:d2:40:44:
af:39:58:7a
-----BEGIN CERTIFICATE-----
MIIGEzCCBPugAwIBAgIUM3Sn9kOxLWifcrexVlSA8YcWBikwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNTA3MDgxNTUwMDZaFw0yNjA3MDcxNTU1MDZaMDMxMTAvBgNV
BAMTKDY5NzAxRDBCMUFDRkQ4NjcyMDQyQzk0RjFFNUJCODFBQTkwQjNFOUUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCiIm1gVH923UpGe/m8DTN72dlq
Gvk0AdMvZ6Rx2T5FDE7Tkg6FGR/wmBStYSIVBdmnUIlvUMh5k9S1Doxs4RYifN0P
FOOhMA5iFZ9HDnAMDqaicZcEa7a35V/hJQWzKLcrhmphPUmMcSR6n0DRa+J1Nt//
BS7JJuUJ6XVbbP6EfHmc3abuKjfOU6IT7wUrsDWl9gxrOj3UqYXdO3Csh7gIpObz
XBZ/19f31AplAUQ3L9KyjhUYmVQr6CHsY28vrFDd3TzHSlFtv4B3VrnIDJYkz9qn
HbUXfOWT/QPmMcxnG5RiVlnG4rsIGe+mbzUphTvKgogrrScrPAlt+F1tEHd1AgMB
AAGjggMdMIIDGTAdBgNVHQ4EFgQUaXAdCxrP2GcgQslPHlu4GqkLPp4wHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMjk4MDIucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwggExBggrBgEFBQcBBwEB/wSCASAwggEcMIIBGAQCAAEw
ggEQAwQAAjkWAwQAAjocMAwDBAIF/EQDBAAF/EYDBAAF/EkDBAAF/KEDBAAtV7oD
BACNYlgDBACNYloDBACzPcMDBACzPeEDBAC1KdMDBAC1KdUDBAG1Kd4DBAC11iMD
BAC11jQDBAC11nsDBAC11tsDBAC11vIDBAC11y4DBAC11z0DBAC111kDBAC117cD
BAG5IigDBAK5gswDBAC5hwsDBAC5i+0DBAG5jaQDBAG5jhoDBAC5j+QDBAC5npQD
BAG5rDoDBAG5rRgDBAG5rSADBAC5rj4DBAG/YCoDBAG/YDIDBAG/YEYDBAC/YGED
BAC/YMADBAC/ZT4DBAG/ZaQDBAC/ZcwDBAC/Zf0DBADBHygwDQYJKoZIhvcNAQEL
BQADggEBAEQLylV5U/QafIV+OwKkEEuPXcj064zlxJlprBEomnbq/7mPUj4t9bjx
0dVoel+2TSE/pGSGBem2c4P4tQ4hPl/Opv+ZzJ4DC5Wl3LonZe4Quaq3/kmqA4Tb
mZl9R50WeBQ9j3DRXJUG+PPzJiS1zsb7aprpwHIJjhWyybL8mIHutB6X6uIJNZ+F
EAbN2GgHiKJDaLawQNLc1CgctcJoNif+pKmL4DC/eAJ2kMo7Uujo1ZVhSllaGQxi
R3FwK1Aw6XDBy20V6DuDmSd5kB8uqSJABhm851errLQRutzZ+o5qqIjt+tuEOIFP
TYpNSJd7tRmwkM0+t04TwNJARK85WHo=
-----END CERTIFICATE-----
Generated at Mon Jul 21 03:08:48 2025 by rpki-client