Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS29802.roa
File: AS29802.roa (raw, json)
Hash identifier: 7ci7jbO6WmyOOodYd1/MADu1L2GGAnFew/G2dwdL6Rs=
Subject key identifier: 03:22:0E:B8:8C:2D:D6:F8:D1:E4:EA:33:6B:CC:AE:F2:40:F8:67:63
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 13341DFE808CBC8C034B38C20538D1C5448EE220
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS29802.roa
Signing time: Fri 06 Jun 2025 10:00:09 +0000
ROA not before: Fri 06 Jun 2025 09:55:09 +0000
ROA not after: Fri 05 Jun 2026 10:00:09 +0000
asID: 29802
IP address blocks: 143.14.110.0/24 maxlen: 24
143.14.210.0/24 maxlen: 24
143.14.213.0/24 maxlen: 24
143.14.229.0/24 maxlen: 24
145.223.50.0/24 maxlen: 24
145.223.55.0/24 maxlen: 24
145.223.60.0/24 maxlen: 24
145.223.62.0/24 maxlen: 24
145.223.63.0/24 maxlen: 24
146.103.4.0/24 maxlen: 24
146.103.19.0/24 maxlen: 24
148.135.178.0/24 maxlen: 24
148.135.179.0/24 maxlen: 24
148.135.190.0/24 maxlen: 24
148.135.191.0/24 maxlen: 24
148.135.193.0/24 maxlen: 24
148.135.254.0/24 maxlen: 24
150.241.128.0/24 maxlen: 24
150.241.232.0/24 maxlen: 24
150.241.233.0/24 maxlen: 24
150.241.254.0/24 maxlen: 24
155.117.121.0/24 maxlen: 24
155.117.196.0/24 maxlen: 24
155.117.211.0/24 maxlen: 24
155.117.226.0/24 maxlen: 24
162.141.52.0/24 maxlen: 24
162.141.141.0/24 maxlen: 24
167.148.178.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 05:53:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
13:34:1d:fe:80:8c:bc:8c:03:4b:38:c2:05:38:d1:c5:44:8e:e2:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Jun 6 09:55:09 2025 GMT
Not After : Jun 5 10:00:09 2026 GMT
Subject: CN=03220EB88C2DD6F8D1E4EA336BCCAEF240F86763
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:93:d6:6e:18:18:96:3d:ab:13:36:03:d1:7f:
a0:44:2a:e4:c9:1b:9d:d0:23:8c:a7:e6:1d:14:be:
b7:ca:e6:66:e9:6d:d2:7c:d9:35:24:02:50:fa:97:
27:0a:fa:ff:cd:92:1b:b0:8b:41:1a:56:4c:65:b8:
20:29:c0:99:77:cc:39:c1:f5:b0:6e:d0:fc:c5:e3:
80:00:03:bb:41:1a:e0:6c:80:cc:30:92:e6:f1:a7:
bb:69:54:fa:07:a7:53:9d:4c:9a:ac:2c:f7:32:bd:
5b:61:29:d6:de:21:cc:50:41:b6:ef:b2:d3:ed:f3:
15:71:c9:94:e4:e8:66:d2:62:5c:60:09:2c:ef:f0:
b8:cd:f8:91:85:b4:d8:d4:65:0b:f7:0d:f4:3e:47:
2f:3c:5f:e5:f5:80:c3:54:f6:5c:ee:23:a7:d7:8b:
cb:ea:3c:1f:45:3c:bc:31:7d:aa:96:53:f8:b9:9f:
25:3d:02:57:ff:d1:34:5f:e4:41:3a:cc:41:84:cf:
b2:74:3c:7e:c2:2c:22:67:9b:10:3f:c1:62:2f:91:
9e:c8:fb:60:bc:34:cc:c9:a2:f0:01:47:9c:96:08:
5a:11:fc:5c:be:59:0b:e7:97:a9:88:a7:90:7f:5f:
d4:96:ee:d4:68:a9:97:6f:9a:76:4c:59:52:f4:90:
0b:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:22:0E:B8:8C:2D:D6:F8:D1:E4:EA:33:6B:CC:AE:F2:40:F8:67:63
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS29802.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.14.110.0/24
143.14.210.0/24
143.14.213.0/24
143.14.229.0/24
145.223.50.0/24
145.223.55.0/24
145.223.60.0/24
145.223.62.0/23
146.103.4.0/24
146.103.19.0/24
148.135.178.0/23
148.135.190.0/23
148.135.193.0/24
148.135.254.0/24
150.241.128.0/24
150.241.232.0/23
150.241.254.0/24
155.117.121.0/24
155.117.196.0/24
155.117.211.0/24
155.117.226.0/24
162.141.52.0/24
162.141.141.0/24
167.148.178.0/24
Signature Algorithm: sha256WithRSAEncryption
b2:0f:b2:a3:b5:f2:81:09:eb:8e:ef:47:b0:cb:ef:0e:fe:38:
18:c2:77:a0:18:0f:06:e8:2c:7e:e8:6b:ac:7b:dc:fd:84:75:
27:a5:71:12:ad:b7:dd:08:d9:62:fa:e8:62:1a:85:a1:0d:b4:
48:12:d8:c6:bb:5d:59:8b:09:25:55:d7:a6:b4:22:1f:82:9c:
a6:d1:93:a0:4c:59:82:d8:dc:ef:fc:86:b8:7b:17:29:42:ec:
c9:a9:4a:7f:cf:4a:80:68:d6:b1:8e:41:77:0d:69:e7:e2:e3:
ae:0d:37:65:77:9a:e2:bb:d9:b6:6a:25:02:24:39:85:8d:90:
f3:db:98:73:b9:18:13:52:dc:fd:8e:48:8c:b7:6a:c9:23:0d:
cc:8f:9e:1d:f7:0c:4b:ac:c0:bf:d9:2a:d9:1e:92:09:25:0f:
65:25:c9:36:49:fa:98:50:4d:82:2b:ef:f0:b1:21:e9:76:68:
e1:6e:2f:f0:74:c9:d4:94:45:0d:06:f7:99:e8:39:c8:3c:fb:
5a:e6:66:46:32:21:d8:55:07:2a:8b:a7:d0:9e:36:e8:e8:84:
c9:00:c3:6a:d1:77:8c:de:02:ae:4e:6b:5d:cf:64:62:6c:4a:
8f:dc:d2:1c:62:33:d3:a3:ec:ba:93:a2:03:9e:f9:ad:22:34:
7e:6d:89:e8
-----BEGIN CERTIFICATE-----
MIIFjjCCBHagAwIBAgIUEzQd/oCMvIwDSzjCBTjRxUSO4iAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTA2MDYwOTU1MDlaFw0yNjA2MDUxMDAwMDlaMDMxMTAvBgNV
BAMTKDAzMjIwRUI4OEMyREQ2RjhEMUU0RUEzMzZCQ0NBRUYyNDBGODY3NjMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCXk9ZuGBiWPasTNgPRf6BEKuTJ
G53QI4yn5h0UvrfK5mbpbdJ82TUkAlD6lycK+v/Nkhuwi0EaVkxluCApwJl3zDnB
9bBu0PzF44AAA7tBGuBsgMwwkubxp7tpVPoHp1OdTJqsLPcyvVthKdbeIcxQQbbv
stPt8xVxyZTk6GbSYlxgCSzv8LjN+JGFtNjUZQv3DfQ+Ry88X+X1gMNU9lzuI6fX
i8vqPB9FPLwxfaqWU/i5nyU9Alf/0TRf5EE6zEGEz7J0PH7CLCJnmxA/wWIvkZ7I
+2C8NMzJovABR5yWCFoR/Fy+WQvnl6mIp5B/X9SW7tRoqZdvmnZMWVL0kAsvAgMB
AAGjggKYMIIClDAdBgNVHQ4EFgQUAyIOuIwt1vjR5Ooza8yu8kD4Z2MwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMjk4MDIucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwga0GCCsGAQUFBwEHAQH/BIGdMIGaMIGXBAIAATCBkAME
AI8ObgMEAI8O0gMEAI8O1QMEAI8O5QMEAJHfMgMEAJHfNwMEAJHfPAMEAZHfPgME
AJJnBAMEAJJnEwMEAZSHsgMEAZSHvgMEAJSHwQMEAJSH/gMEAJbxgAMEAZbx6AME
AJbx/gMEAJt1eQMEAJt1xAMEAJt10wMEAJt14gMEAKKNNAMEAKKNjQMEAKeUsjAN
BgkqhkiG9w0BAQsFAAOCAQEAsg+yo7XygQnrju9HsMvvDv44GMJ3oBgPBugsfuhr
rHvc/YR1J6VxEq233QjZYvroYhqFoQ20SBLYxrtdWYsJJVXXprQiH4KcptGToExZ
gtjc7/yGuHsXKULsyalKf89KgGjWsY5Bdw1p5+Ljrg03ZXea4rvZtmolAiQ5hY2Q
89uYc7kYE1Lc/Y5IjLdqySMNzI+eHfcMS6zAv9kq2R6SCSUPZSXJNkn6mFBNgivv
8LEh6XZo4W4v8HTJ1JRFDQb3meg5yDz7WuZmRjIh2FUHKoun0J426OiEyQDDatF3
jN4Crk5rXc9kYmxKj9zSHGIz06PsupOiA575rSI0fm2J6A==
-----END CERTIFICATE-----
Generated at Sat Jun 7 13:47:13 2025 by rpki-client