Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS7029.roa
File: AS7029.roa (raw, json)
Hash identifier: UCojnVgb0bHwREwoJ062pfzA8ZVtsfU59yOANhF8Lz0=
Subject key identifier: B1:85:A9:FC:91:14:03:F1:40:DF:22:A8:A6:53:E8:F8:71:8F:C8:D5
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 3D93802A56816D0F3C67E9371CC8E979A9B0F93C
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS7029.roa
Signing time: Fri 04 Jul 2025 13:45:56 +0000
ROA not before: Fri 04 Jul 2025 13:40:56 +0000
ROA not after: Fri 03 Jul 2026 13:45:56 +0000
asID: 7029
IP address blocks: 46.202.200.0/24 maxlen: 24
46.202.206.0/24 maxlen: 24
46.203.6.0/24 maxlen: 24
91.124.228.0/23 maxlen: 24
91.124.230.0/23 maxlen: 24
91.124.232.0/23 maxlen: 24
91.124.234.0/23 maxlen: 24
92.112.32.0/24 maxlen: 24
92.112.33.0/24 maxlen: 24
92.112.34.0/24 maxlen: 24
92.112.35.0/24 maxlen: 24
92.112.40.0/21 maxlen: 24
92.112.79.0/24 maxlen: 24
92.112.157.0/24 maxlen: 24
92.113.170.0/24 maxlen: 24
92.113.171.0/24 maxlen: 24
92.113.175.0/24 maxlen: 24
92.113.215.0/24 maxlen: 24
92.113.224.0/24 maxlen: 24
92.113.230.0/24 maxlen: 24
178.95.208.0/20 maxlen: 20
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Jul 2025 06:21:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3d:93:80:2a:56:81:6d:0f:3c:67:e9:37:1c:c8:e9:79:a9:b0:f9:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Jul 4 13:40:56 2025 GMT
Not After : Jul 3 13:45:56 2026 GMT
Subject: CN=B185A9FC911403F140DF22A8A653E8F8718FC8D5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:d8:97:0e:8d:ba:8c:92:ba:1c:e4:8a:61:8e:
75:5e:02:ed:2e:0b:92:38:5d:f7:4b:22:a3:f1:30:
5e:d4:c0:d2:4d:d2:c8:d8:a7:96:b1:c5:be:a9:50:
00:b3:10:28:83:97:36:4e:de:92:a6:e4:df:a2:2a:
41:9e:5f:13:68:0f:38:6e:ff:66:da:58:87:45:ec:
3c:3b:f8:5c:ca:55:ed:fb:66:04:61:d5:13:12:5e:
eb:63:48:0a:ee:48:08:90:3e:9a:32:a6:d9:20:72:
9b:1d:24:c3:55:64:82:f2:46:74:a9:5a:dc:47:c1:
14:26:d0:03:d8:cf:94:33:87:6b:eb:31:19:39:22:
0b:7c:c3:23:24:8e:cf:70:47:5e:0a:60:6f:21:b4:
2c:b8:f1:3c:df:b4:58:2d:e1:70:4f:3b:99:79:e7:
9a:0a:da:cb:6b:0c:28:ea:6b:a0:4d:12:1e:3c:09:
17:2d:d4:7f:08:bb:f7:2d:0f:06:8f:ef:f7:05:50:
a8:7f:68:47:f5:d3:56:aa:3c:7b:97:4e:e5:57:a8:
2b:ac:05:f6:34:17:ad:d4:16:27:3e:b3:45:08:79:
46:23:3b:e9:d7:92:3b:8c:c8:3e:e5:d2:58:03:86:
41:46:be:69:f9:17:04:68:07:06:d7:01:d6:d1:e6:
d6:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:85:A9:FC:91:14:03:F1:40:DF:22:A8:A6:53:E8:F8:71:8F:C8:D5
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS7029.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.202.200.0/24
46.202.206.0/24
46.203.6.0/24
91.124.228.0-91.124.235.255
92.112.32.0/22
92.112.40.0/21
92.112.79.0/24
92.112.157.0/24
92.113.170.0/23
92.113.175.0/24
92.113.215.0/24
92.113.224.0/24
92.113.230.0/24
178.95.208.0/20
Signature Algorithm: sha256WithRSAEncryption
00:13:e8:e0:57:e9:0b:f5:dc:4d:5e:26:a7:09:3d:19:3b:bb:
6e:95:31:ec:7c:c4:05:9c:90:e5:a1:3d:9c:44:b5:d4:8b:9d:
f7:0a:29:41:20:61:d5:ed:fb:eb:79:e9:87:31:f2:b2:0b:a0:
c5:36:63:18:68:ca:32:30:4b:64:c6:ee:41:f5:41:48:ff:3a:
ea:29:a9:a4:e6:09:64:18:c0:1a:c1:dc:61:e8:ea:eb:e0:1f:
f8:eb:fa:e3:33:9d:18:73:20:06:34:43:6f:bd:05:a8:f6:78:
28:49:28:d9:d2:8d:16:39:a7:8f:c3:c8:8d:f8:cd:bb:06:8e:
00:c1:68:1e:53:aa:02:a0:b4:27:d2:eb:5d:d4:00:f0:74:bc:
c3:04:15:4d:f0:d2:c1:0e:87:e6:ed:0e:0a:26:0e:56:a0:03:
a1:09:a4:3a:03:23:6d:aa:7d:80:e0:68:06:55:7d:48:13:43:
80:6b:42:21:c1:ba:2e:5b:a4:57:5d:fc:f8:b8:0b:d9:34:c4:
17:16:ba:a1:d4:d3:02:64:e7:76:4f:f1:58:4f:30:cb:9c:02:
33:8d:e8:cf:f3:80:54:b3:c9:00:5d:9c:56:e5:d0:22:0b:b9:
b3:e8:28:c6:ea:7f:5d:45:07:88:33:ac:5f:d9:54:79:ef:60:
39:89:67:a9
-----BEGIN CERTIFICATE-----
MIIFVDCCBDygAwIBAgIUPZOAKlaBbQ88Z+k3HMjpeamw+TwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNTA3MDQxMzQwNTZaFw0yNjA3MDMxMzQ1NTZaMDMxMTAvBgNV
BAMTKEIxODVBOUZDOTExNDAzRjE0MERGMjJBOEE2NTNFOEY4NzE4RkM4RDUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCV2JcOjbqMkroc5IphjnVeAu0u
C5I4XfdLIqPxMF7UwNJN0sjYp5axxb6pUACzECiDlzZO3pKm5N+iKkGeXxNoDzhu
/2baWIdF7Dw7+FzKVe37ZgRh1RMSXutjSAruSAiQPpoyptkgcpsdJMNVZILyRnSp
WtxHwRQm0APYz5Qzh2vrMRk5Igt8wyMkjs9wR14KYG8htCy48TzftFgt4XBPO5l5
55oK2strDCjqa6BNEh48CRct1H8Iu/ctDwaP7/cFUKh/aEf101aqPHuXTuVXqCus
BfY0F63UFic+s0UIeUYjO+nXkjuMyD7l0lgDhkFGvmn5FwRoBwbXAdbR5tZzAgMB
AAGjggJeMIICWjAdBgNVHQ4EFgQUsYWp/JEUA/FA3yKoplPo+HGPyNUwHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTNzAyOS5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjB1BggrBgEFBQcBBwEB/wRmMGQwYgQCAAEwXAMEAC7KyAME
AC7KzgMEAC7LBjAMAwQCW3zkAwQCW3zoAwQCXHAgAwQDXHAoAwQAXHBPAwQAXHCd
AwQBXHGqAwQAXHGvAwQAXHHXAwQAXHHgAwQAXHHmAwQEsl/QMA0GCSqGSIb3DQEB
CwUAA4IBAQAAE+jgV+kL9dxNXianCT0ZO7tulTHsfMQFnJDloT2cRLXUi533CilB
IGHV7fvreemHMfKyC6DFNmMYaMoyMEtkxu5B9UFI/zrqKamk5glkGMAawdxh6Orr
4B/46/rjM50YcyAGNENvvQWo9ngoSSjZ0o0WOaePw8iN+M27Bo4AwWgeU6oCoLQn
0utd1ADwdLzDBBVN8NLBDofm7Q4KJg5WoAOhCaQ6AyNtqn2A4GgGVX1IE0OAa0Ih
wbouW6RXXfz4uAvZNMQXFrqh1NMCZOd2T/FYTzDLnAIzjejP84BUs8kAXZxW5dAi
C7mz6CjG6n9dRQeIM6xf2VR572A5iWep
-----END CERTIFICATE-----
Generated at Sun Jul 20 14:07:54 2025 by rpki-client