Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS29802.roa
File: AS29802.roa (raw, json)
Hash identifier: aGF6p+BypoohFDQIL4c+7b8NiMjqjw7aui3jAj7JFfk=
Subject key identifier: 48:DF:E8:D9:71:85:41:43:3A:DE:44:F4:C5:76:C6:FC:63:A7:93:90
Certificate issuer: /CN=c2302af143c15daad50042d8455e689d0828eca9
Certificate serial: 6DA9973F3C561053AFF12E449855856261A718FA
Authority key identifier: C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS29802.roa
Signing time: Wed 02 Jul 2025 12:20:04 +0000
ROA not before: Wed 02 Jul 2025 12:15:04 +0000
ROA not after: Wed 01 Jul 2026 12:20:04 +0000
asID: 29802
IP address blocks: 141.11.35.0/24 maxlen: 24
141.11.38.0/24 maxlen: 24
141.11.115.0/24 maxlen: 24
194.60.90.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.crl
rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.mft
rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Jul 2025 13:53:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6d:a9:97:3f:3c:56:10:53:af:f1:2e:44:98:55:85:62:61:a7:18:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2302af143c15daad50042d8455e689d0828eca9
Validity
Not Before: Jul 2 12:15:04 2025 GMT
Not After : Jul 1 12:20:04 2026 GMT
Subject: CN=48DFE8D9718541433ADE44F4C576C6FC63A79390
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:ce:af:25:17:53:e0:3a:ef:93:d8:d1:7a:63:
fc:59:70:cb:6a:91:06:68:23:10:49:7f:5b:9d:0c:
8c:02:4c:c2:5b:b0:67:ce:73:ac:ff:54:8d:e8:1a:
a9:0f:fb:cf:4b:0b:d8:b8:78:03:07:e2:9d:be:7b:
c4:c1:5c:23:04:91:43:e1:81:69:1f:21:6b:66:a9:
c3:1a:68:18:d6:cd:63:40:56:48:13:c1:e2:fc:73:
b8:af:79:b1:ec:c8:42:61:35:41:f0:81:d3:83:af:
4e:62:f2:af:b4:ca:69:80:34:c4:2b:ff:46:e3:86:
4e:56:3d:5e:14:e2:8a:2c:54:52:12:89:dc:85:20:
bd:96:93:4e:12:19:e9:82:0f:c2:5a:2a:80:d4:07:
32:fa:83:25:80:3b:15:52:5c:95:45:b5:5e:81:e9:
38:17:63:79:62:4a:0f:a4:e1:a7:65:e8:10:f6:67:
7d:a1:ab:3d:f8:31:fa:5d:5f:83:2b:92:4a:93:d4:
ad:6f:2b:4d:51:ed:b7:03:c3:17:db:e8:6a:40:64:
73:63:8c:ad:42:1b:9e:8f:a5:ea:7d:8c:24:77:36:
68:c0:84:bf:66:53:4a:fa:56:ae:09:d4:b8:b0:a8:
65:43:23:fb:eb:0a:05:84:9b:d1:71:83:f6:ae:b9:
eb:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:DF:E8:D9:71:85:41:43:3A:DE:44:F4:C5:76:C6:FC:63:A7:93:90
X509v3 Authority Key Identifier:
keyid:C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS29802.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.11.35.0/24
141.11.38.0/24
141.11.115.0/24
194.60.90.0/24
Signature Algorithm: sha256WithRSAEncryption
8a:1b:78:3d:5b:1c:12:0d:83:8c:97:3e:74:10:f4:cf:83:eb:
54:fe:91:d0:a9:88:c6:7b:56:42:4d:e7:a2:86:64:96:c4:32:
e0:25:e9:13:8c:9c:17:b3:d1:36:8e:4f:ba:85:d1:75:7e:95:
4c:c8:75:bd:d4:44:f3:f4:a8:7f:ed:6f:91:a6:0a:89:3c:8a:
6f:95:4a:c1:e0:b4:1a:9d:68:9d:2a:92:a7:39:e5:85:9b:5a:
32:18:a8:bd:a9:d1:09:1b:70:14:d2:ab:65:14:75:49:53:0c:
74:5d:06:4c:4c:0e:6a:25:c9:e3:9d:de:c2:11:31:20:de:52:
d5:5f:c6:d8:03:24:be:c2:52:cb:66:e2:d5:16:74:73:5c:6b:
2b:da:6d:12:9a:df:65:4f:87:5a:09:4f:0b:81:30:37:4f:00:
ba:39:31:0a:01:2a:d2:62:ef:a0:58:bb:f1:43:14:7a:40:de:
c3:a4:c0:0d:53:d4:17:0c:08:5b:e7:53:12:b9:37:70:1c:f0:
08:24:b7:9f:56:5d:36:dd:6d:e5:fd:9f:d5:8c:d0:8f:e7:81:
5c:49:0f:d4:a8:61:8c:be:10:10:5d:87:1b:cd:2c:0a:20:14:
74:91:c0:ba:39:79:0c:0d:92:54:64:af:9f:78:dc:e1:f7:27:
7a:ea:d0:d2
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgIUbamXPzxWEFOv8S5EmFWFYmGnGPowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYzIzMDJhZjE0M2MxNWRhYWQ1MDA0MmQ4NDU1ZTY4OWQw
ODI4ZWNhOTAeFw0yNTA3MDIxMjE1MDRaFw0yNjA3MDExMjIwMDRaMDMxMTAvBgNV
BAMTKDQ4REZFOEQ5NzE4NTQxNDMzQURFNDRGNEM1NzZDNkZDNjNBNzkzOTAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCUzq8lF1PgOu+T2NF6Y/xZcMtq
kQZoIxBJf1udDIwCTMJbsGfOc6z/VI3oGqkP+89LC9i4eAMH4p2+e8TBXCMEkUPh
gWkfIWtmqcMaaBjWzWNAVkgTweL8c7ivebHsyEJhNUHwgdODr05i8q+0ymmANMQr
/0bjhk5WPV4U4oosVFISidyFIL2Wk04SGemCD8JaKoDUBzL6gyWAOxVSXJVFtV6B
6TgXY3liSg+k4adl6BD2Z32hqz34MfpdX4MrkkqT1K1vK01R7bcDwxfb6GpAZHNj
jK1CG56Ppep9jCR3NmjAhL9mU0r6Vq4J1LiwqGVDI/vrCgWEm9Fxg/auuevbAgMB
AAGjggIbMIICFzAdBgNVHQ4EFgQUSN/o2XGFQUM63kT0xXbG/GOnk5AwHwYDVR0j
BBgwFoAUwjAq8UPBXarVAELYRV5onQgo7KkwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYTkzY2I1NWMtOTU3MS00NGM4LTkwZTEtOTY1YjkyNzY5
ZTRlLzAvQzIzMDJBRjE0M0MxNURBQUQ1MDA0MkQ4NDU1RTY4OUQwODI4RUNBOS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3dqQXE4VVBCWGFyVkFFTFlSVjVvblFn
bzdLay5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2E5M2NiNTVjLTk1NzEt
NDRjOC05MGUxLTk2NWI5Mjc2OWU0ZS8wL0FTMjk4MDIucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwMQYIKwYBBQUHAQcBAf8EIjAgMB4EAgABMBgDBACNCyMD
BACNCyYDBACNC3MDBADCPFowDQYJKoZIhvcNAQELBQADggEBAIobeD1bHBINg4yX
PnQQ9M+D61T+kdCpiMZ7VkJN56KGZJbEMuAl6ROMnBez0TaOT7qF0XV+lUzIdb3U
RPP0qH/tb5GmCok8im+VSsHgtBqdaJ0qkqc55YWbWjIYqL2p0QkbcBTSq2UUdUlT
DHRdBkxMDmolyeOd3sIRMSDeUtVfxtgDJL7CUstm4tUWdHNcayvabRKa32VPh1oJ
TwuBMDdPALo5MQoBKtJi76BYu/FDFHpA3sOkwA1T1BcMCFvnUxK5N3Ac8Agkt59W
XTbdbeX9n9WM0I/ngVxJD9SoYYy+EBBdhxvNLAogFHSRwLo5eQwNklRkr5943OH3
J3rq0NI=
-----END CERTIFICATE-----
Generated at Mon Jul 7 03:13:47 2025 by rpki-client