Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/AS29802.roa
File: AS29802.roa (raw, json)
Hash identifier: c4KfUDtFtWgvff+cTItDeVyP4Oo3w4kVHQGLqM54XE8=
Subject key identifier: 87:06:0E:C7:72:7C:78:3F:6A:88:68:50:42:C5:94:49:A7:57:1D:7E
Certificate issuer: /CN=03b1ba3fdb91d8d9ea76c5776320eb7eb2d6ed9d
Certificate serial: 27A22B6632DBE6B5411FA219BF62E0AD9E7DC7ED
Authority key identifier: 03:B1:BA:3F:DB:91:D8:D9:EA:76:C5:77:63:20:EB:7E:B2:D6:ED:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/A7G6P9uR2NnqdsV3YyDrfrLW7Z0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/AS29802.roa
Signing time: Tue 09 Apr 2024 10:04:24 +0000
ROA not before: Tue 09 Apr 2024 09:59:24 +0000
ROA not after: Tue 08 Apr 2025 10:04:24 +0000
asID: 29802
IP address blocks: 45.135.250.0/24 maxlen: 24
176.105.227.0/24 maxlen: 24
193.29.98.0/24 maxlen: 24
193.151.181.0/24 maxlen: 24
194.113.226.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/03B1BA3FDB91D8D9EA76C5776320EB7EB2D6ED9D.crl
rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/03B1BA3FDB91D8D9EA76C5776320EB7EB2D6ED9D.mft
rsync://rpki.ripe.net/repository/DEFAULT/A7G6P9uR2NnqdsV3YyDrfrLW7Z0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 01 May 2024 08:00:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
27:a2:2b:66:32:db:e6:b5:41:1f:a2:19:bf:62:e0:ad:9e:7d:c7:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=03b1ba3fdb91d8d9ea76c5776320eb7eb2d6ed9d
Validity
Not Before: Apr 9 09:59:24 2024 GMT
Not After : Apr 8 10:04:24 2025 GMT
Subject: CN=87060EC7727C783F6A88685042C59449A7571D7E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:a4:46:a8:ae:1f:27:7a:5a:04:ce:e9:dc:f7:
71:2e:97:c8:71:05:36:91:86:39:f7:34:4c:18:e0:
d6:1c:c1:15:6e:8d:ae:75:cd:2b:2d:5a:e3:77:64:
ff:e4:e6:11:2a:84:2c:e6:72:e0:9b:a8:1b:2b:3b:
35:68:9b:83:b2:cc:10:78:e9:aa:f4:c3:7c:3e:a3:
27:b5:e2:5b:04:2f:98:72:d7:da:81:6c:39:bb:cd:
bb:b9:f9:65:1a:d2:37:90:0d:cc:9f:5c:c8:30:b8:
ca:8d:f3:9c:9f:35:4c:5e:18:73:a7:db:ee:2e:dd:
71:a7:c7:65:60:ce:1d:7f:04:60:60:5a:b3:40:84:
63:ea:76:dd:1e:76:45:a5:84:40:2c:4a:de:0a:c9:
85:5c:56:00:86:b9:22:75:0e:2b:66:8f:c7:e8:0e:
c4:89:3b:7e:a5:e1:02:4e:cc:b4:52:e3:06:91:99:
73:17:39:ff:97:b1:b5:ce:3f:85:a2:2a:f9:36:f3:
a9:b2:af:ca:38:cf:cf:9e:b4:74:cd:9d:ee:5b:4d:
13:d2:89:5a:dd:1f:b5:58:3f:5c:9c:14:47:c9:e6:
e0:a0:0f:04:29:a5:c5:b2:9e:0e:89:42:39:17:a1:
e4:c4:fa:10:7d:01:b7:b7:e6:f6:77:7d:37:79:14:
63:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:06:0E:C7:72:7C:78:3F:6A:88:68:50:42:C5:94:49:A7:57:1D:7E
X509v3 Authority Key Identifier:
keyid:03:B1:BA:3F:DB:91:D8:D9:EA:76:C5:77:63:20:EB:7E:B2:D6:ED:9D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/03B1BA3FDB91D8D9EA76C5776320EB7EB2D6ED9D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A7G6P9uR2NnqdsV3YyDrfrLW7Z0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/AS29802.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.135.250.0/24
176.105.227.0/24
193.29.98.0/24
193.151.181.0/24
194.113.226.0/24
Signature Algorithm: sha256WithRSAEncryption
5c:b3:c7:b5:14:ed:90:ef:1b:9b:e0:74:95:d2:1c:c5:aa:05:
9e:c0:7e:29:c9:c5:07:e4:e0:d6:4e:6f:76:5e:1b:b4:ba:f9:
cf:26:11:d4:c8:ab:7d:95:aa:d5:9b:14:2e:ef:69:f8:2d:68:
84:7b:03:b3:50:3e:35:18:36:1c:a2:f6:02:16:58:40:fd:de:
25:4e:35:93:06:57:5b:4c:3c:0e:9b:6e:85:5b:6f:71:86:ad:
bc:25:4b:dc:90:a3:95:ff:b8:11:9e:37:2c:78:3f:f2:62:1b:
db:5a:95:29:05:05:0f:45:9a:6f:43:db:e0:8e:5a:46:85:3c:
e6:86:43:65:66:98:d4:62:6c:80:da:65:20:7b:12:e8:2d:c7:
cb:a5:53:18:da:67:31:19:a0:87:99:c9:f7:9c:64:5d:de:ca:
07:98:59:f0:e1:9f:17:88:21:94:97:2b:fb:2e:11:1d:b4:4b:
48:ff:b1:a1:76:d2:56:79:90:c7:b0:a3:3d:30:03:3b:2e:c3:
88:31:a6:5b:8d:da:4e:54:17:71:23:1f:c4:aa:85:c6:73:62:
ef:df:d0:70:45:d5:1b:ca:ec:ad:97:54:81:30:d8:44:5b:af:
55:dc:28:40:9d:47:9e:a4:5d:c7:11:fc:57:c3:fa:18:0c:fb:
89:97:ad:9b
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgIUJ6IrZjLb5rVBH6IZv2LgrZ59x+0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDNiMWJhM2ZkYjkxZDhkOWVhNzZjNTc3NjMyMGViN2Vi
MmQ2ZWQ5ZDAeFw0yNDA0MDkwOTU5MjRaFw0yNTA0MDgxMDA0MjRaMDMxMTAvBgNV
BAMTKDg3MDYwRUM3NzI3Qzc4M0Y2QTg4Njg1MDQyQzU5NDQ5QTc1NzFEN0UwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCHpEaorh8neloEzunc93Eul8hx
BTaRhjn3NEwY4NYcwRVuja51zSstWuN3ZP/k5hEqhCzmcuCbqBsrOzVom4OyzBB4
6ar0w3w+oye14lsEL5hy19qBbDm7zbu5+WUa0jeQDcyfXMgwuMqN85yfNUxeGHOn
2+4u3XGnx2Vgzh1/BGBgWrNAhGPqdt0edkWlhEAsSt4KyYVcVgCGuSJ1Ditmj8fo
DsSJO36l4QJOzLRS4waRmXMXOf+XsbXOP4WiKvk286myr8o4z8+etHTNne5bTRPS
iVrdH7VYP1ycFEfJ5uCgDwQppcWyng6JQjkXoeTE+hB9Abe35vZ3fTd5FGOxAgMB
AAGjggIhMIICHTAdBgNVHQ4EFgQUhwYOx3J8eD9qiGhQQsWUSadXHX4wHwYDVR0j
BBgwFoAUA7G6P9uR2NnqdsV3YyDrfrLW7Z0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvN2ZmMGY1NTUtZGJhNy00MTkyLWEwMWQtZjY5MTZkNWJi
ODRlLzAvMDNCMUJBM0ZEQjkxRDhEOUVBNzZDNTc3NjMyMEVCN0VCMkQ2RUQ5RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0E3RzZQOXVSMk5ucWRzVjNZeURyZnJM
VzdaMC5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzdmZjBmNTU1LWRiYTct
NDE5Mi1hMDFkLWY2OTE2ZDViYjg0ZS8wL0FTMjk4MDIucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwNwYIKwYBBQUHAQcBAf8EKDAmMCQEAgABMB4DBAAth/oD
BACwaeMDBADBHWIDBADBl7UDBADCceIwDQYJKoZIhvcNAQELBQADggEBAFyzx7UU
7ZDvG5vgdJXSHMWqBZ7AfinJxQfk4NZOb3ZeG7S6+c8mEdTIq32VqtWbFC7vafgt
aIR7A7NQPjUYNhyi9gIWWED93iVONZMGV1tMPA6bboVbb3GGrbwlS9yQo5X/uBGe
Nyx4P/JiG9talSkFBQ9Fmm9D2+COWkaFPOaGQ2VmmNRibIDaZSB7Eugtx8ulUxja
ZzEZoIeZyfecZF3eygeYWfDhnxeIIZSXK/suER20S0j/saF20lZ5kMewoz0wAzsu
w4gxpluN2k5UF3EjH8SqhcZzYu/f0HBF1RvK7K2XVIEw2ERbr1XcKECdR56kXccR
/FfD+hgM+4mXrZs=
-----END CERTIFICATE-----
Generated at Tue Apr 30 15:11:48 2024 by rpki-client on console-fra.rpki-client.org