Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/AS29262.roa
File: AS29262.roa (raw, json)
Hash identifier: ofqAyKKMLYnYshqLRMI8ryvy73vZRGPwzLE4kSGvo08=
Subject key identifier: EF:0A:74:B5:AA:B0:45:FF:7F:8D:C9:31:54:BC:CF:73:95:D9:C9:29
Certificate issuer: /CN=7051b4c2f7ae9ef80b53000b32ab8f5d2f2f415b
Certificate serial: 6FF142EA95AF18F28931778205B1C05F429ACD43
Authority key identifier: 70:51:B4:C2:F7:AE:9E:F8:0B:53:00:0B:32:AB:8F:5D:2F:2F:41:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cFG0wveunvgLUwALMquPXS8vQVs.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/AS29262.roa
Signing time: Mon 07 Jul 2025 05:44:42 +0000
ROA not before: Mon 07 Jul 2025 05:39:42 +0000
ROA not after: Mon 06 Jul 2026 05:44:42 +0000
asID: 29262
IP address blocks: 77.241.72.0/24 maxlen: 24
77.241.73.0/24 maxlen: 24
77.241.74.0/24 maxlen: 24
77.241.75.0/24 maxlen: 24
139.28.240.0/24 maxlen: 24
139.28.241.0/24 maxlen: 24
193.187.134.0/24 maxlen: 24
193.187.135.0/24 maxlen: 24
194.169.92.0/24 maxlen: 24
194.169.93.0/24 maxlen: 24
194.169.94.0/24 maxlen: 24
194.169.95.0/24 maxlen: 24
2a02:f240::/29 maxlen: 29
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/7051B4C2F7AE9EF80B53000B32AB8F5D2F2F415B.crl
rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/7051B4C2F7AE9EF80B53000B32AB8F5D2F2F415B.mft
rsync://rpki.ripe.net/repository/DEFAULT/cFG0wveunvgLUwALMquPXS8vQVs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 12:27:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6f:f1:42:ea:95:af:18:f2:89:31:77:82:05:b1:c0:5f:42:9a:cd:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7051b4c2f7ae9ef80b53000b32ab8f5d2f2f415b
Validity
Not Before: Jul 7 05:39:42 2025 GMT
Not After : Jul 6 05:44:42 2026 GMT
Subject: CN=EF0A74B5AAB045FF7F8DC93154BCCF7395D9C929
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:fc:39:61:1b:9c:22:1d:aa:5e:17:6e:f2:7c:
df:88:19:44:84:ff:78:bd:aa:ca:02:81:4a:ee:d6:
04:10:2b:95:8e:60:4c:79:1d:00:ba:fb:29:29:9e:
7f:d4:be:87:52:f5:41:cd:c9:c1:a7:4d:4d:04:a1:
44:a1:c3:58:25:fa:4f:51:4f:b1:12:21:ab:3c:5b:
17:bc:50:b7:56:36:e5:36:dd:f8:9a:57:eb:03:c2:
00:3a:98:2b:9c:f5:9e:04:d9:49:0b:af:fb:31:cf:
f6:8c:b8:e9:d5:31:64:6b:7d:0c:c5:cb:10:c1:ea:
aa:2a:d6:f9:c3:13:09:21:d3:b3:2e:83:d8:98:e8:
0e:31:23:3c:88:27:f4:3d:09:7b:e2:ba:cf:10:47:
9f:07:2c:30:a8:1c:8c:d4:cc:3e:09:fe:bd:e3:08:
64:13:fd:26:20:3b:98:ed:c3:7d:6a:fb:b9:9c:47:
49:af:dd:fa:8b:1e:aa:77:d7:85:64:3c:a7:42:40:
d3:8e:38:3f:14:c1:bc:79:7f:40:48:0e:d2:3e:7f:
89:38:46:4c:59:98:bd:5c:01:3c:ff:52:64:4d:20:
3b:13:d1:c1:c0:a8:a0:c3:76:5c:f8:f9:1f:66:32:
d9:90:9d:42:cc:9f:37:39:08:e7:fb:5c:fb:92:b7:
28:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:0A:74:B5:AA:B0:45:FF:7F:8D:C9:31:54:BC:CF:73:95:D9:C9:29
X509v3 Authority Key Identifier:
keyid:70:51:B4:C2:F7:AE:9E:F8:0B:53:00:0B:32:AB:8F:5D:2F:2F:41:5B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/7051B4C2F7AE9EF80B53000B32AB8F5D2F2F415B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cFG0wveunvgLUwALMquPXS8vQVs.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/AS29262.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.241.72.0/22
139.28.240.0/23
193.187.134.0/23
194.169.92.0/22
IPv6:
2a02:f240::/29
Signature Algorithm: sha256WithRSAEncryption
7f:53:b4:02:84:7a:ee:3c:f2:68:6a:29:83:b9:e2:2e:75:01:
67:4d:fb:2e:7c:94:ac:8a:7e:f3:0c:9f:45:2c:7a:22:84:f8:
68:21:6f:c8:34:4e:73:df:c2:cb:69:47:c2:d0:2f:62:fc:21:
1a:55:3f:d4:31:aa:63:c5:34:89:bc:34:1d:01:1b:bf:44:33:
5b:33:dc:a1:48:08:af:f4:45:43:61:da:fe:87:dc:6b:47:fa:
dc:87:29:46:e5:23:4b:f8:28:b5:0a:68:73:4b:65:7f:79:14:
42:93:3d:69:77:00:95:3a:9d:26:8e:8a:91:25:31:78:96:a3:
36:f8:bf:29:34:b6:2d:4b:56:21:7a:06:fd:8b:78:74:70:ae:
61:0b:ae:50:6c:3e:84:8e:16:70:c4:73:f4:be:3b:bf:70:a0:
bf:0d:54:35:59:78:7b:6b:7c:cd:0e:66:80:7f:80:c5:66:7e:
51:ae:9d:f3:2f:0e:e3:32:6f:09:4d:b4:62:a2:a7:99:4c:66:
cd:25:1c:9f:38:00:b2:a3:ff:12:dd:d6:1b:7e:71:2c:48:9e:
c6:ce:b5:f9:62:10:f1:24:bf:60:aa:eb:9e:64:d6:a6:02:f3:
72:ef:b6:45:a8:55:bd:6b:0f:db:0d:15:46:35:5b:85:67:e9:
20:88:5b:2a
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgIUb/FC6pWvGPKJMXeCBbHAX0KazUMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzA1MWI0YzJmN2FlOWVmODBiNTMwMDBiMzJhYjhmNWQy
ZjJmNDE1YjAeFw0yNTA3MDcwNTM5NDJaFw0yNjA3MDYwNTQ0NDJaMDMxMTAvBgNV
BAMTKEVGMEE3NEI1QUFCMDQ1RkY3RjhEQzkzMTU0QkNDRjczOTVEOUM5MjkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC//DlhG5wiHapeF27yfN+IGUSE
/3i9qsoCgUru1gQQK5WOYEx5HQC6+ykpnn/UvodS9UHNycGnTU0EoUShw1gl+k9R
T7ESIas8Wxe8ULdWNuU23fiaV+sDwgA6mCuc9Z4E2UkLr/sxz/aMuOnVMWRrfQzF
yxDB6qoq1vnDEwkh07Mug9iY6A4xIzyIJ/Q9CXvius8QR58HLDCoHIzUzD4J/r3j
CGQT/SYgO5jtw31q+7mcR0mv3fqLHqp314VkPKdCQNOOOD8Uwbx5f0BIDtI+f4k4
RkxZmL1cATz/UmRNIDsT0cHAqKDDdlz4+R9mMtmQnULMnzc5COf7XPuStygtAgMB
AAGjggIqMIICJjAdBgNVHQ4EFgQU7wp0taqwRf9/jckxVLzPc5XZySkwHwYDVR0j
BBgwFoAUcFG0wveunvgLUwALMquPXS8vQVswDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOWM1Y2U5ZmEtOWE2Zi00ZTBjLTk4MDktN2E0Nzg4NzQ0
ODkzLzAvNzA1MUI0QzJGN0FFOUVGODBCNTMwMDBCMzJBQjhGNUQyRjJGNDE1Qi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NGRzB3dmV1bnZnTFV3QUxNcXVQWFM4
dlFWcy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzljNWNlOWZhLTlhNmYt
NGUwYy05ODA5LTdhNDc4ODc0NDg5My8wL0FTMjkyNjIucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwQAYIKwYBBQUHAQcBAf8EMTAvMB4EAgABMBgDBAJN8UgD
BAGLHPADBAHBu4YDBALCqVwwDQQCAAIwBwMFAyoC8kAwDQYJKoZIhvcNAQELBQAD
ggEBAH9TtAKEeu488mhqKYO54i51AWdN+y58lKyKfvMMn0UseiKE+Gghb8g0TnPf
wstpR8LQL2L8IRpVP9QxqmPFNIm8NB0BG79EM1sz3KFICK/0RUNh2v6H3GtH+tyH
KUblI0v4KLUKaHNLZX95FEKTPWl3AJU6nSaOipElMXiWozb4vyk0ti1LViF6Bv2L
eHRwrmELrlBsPoSOFnDEc/S+O79woL8NVDVZeHtrfM0OZoB/gMVmflGunfMvDuMy
bwlNtGKip5lMZs0lHJ84ALKj/xLd1ht+cSxInsbOtfliEPEkv2Cq655k1qYC83Lv
tkWoVb1rD9sNFUY1W4Vn6SCIWyo=
-----END CERTIFICATE-----
Generated at Wed Jul 23 01:22:54 2025 by rpki-client