Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS29802.roa
File: AS29802.roa (raw, json)
Hash identifier: jyVK6C7qtmOOI3MK3tYJQFEpabLIVP1JT6Yr+Bve0l4=
Subject key identifier: BE:63:7B:2D:C3:D4:5D:C6:9C:AF:51:0C:1D:2D:BB:65:3D:65:6D:23
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 7B52700DEA8F0807B9C34568CA1BABC382EC9CA4
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS29802.roa
Signing time: Sat 15 Feb 2025 11:50:43 +0000
ROA not before: Sat 15 Feb 2025 11:45:43 +0000
ROA not after: Sat 14 Feb 2026 11:50:43 +0000
asID: 29802
IP address blocks: 145.223.50.0/24 maxlen: 24
145.223.55.0/24 maxlen: 24
145.223.60.0/24 maxlen: 24
145.223.62.0/24 maxlen: 24
145.223.63.0/24 maxlen: 24
146.103.4.0/24 maxlen: 24
146.103.19.0/24 maxlen: 24
147.79.4.0/24 maxlen: 24
147.79.22.0/24 maxlen: 24
148.135.178.0/24 maxlen: 24
148.135.179.0/24 maxlen: 24
148.135.191.0/24 maxlen: 24
148.135.254.0/24 maxlen: 24
150.241.128.0/24 maxlen: 24
150.241.233.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Feb 2025 02:59:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7b:52:70:0d:ea:8f:08:07:b9:c3:45:68:ca:1b:ab:c3:82:ec:9c:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Feb 15 11:45:43 2025 GMT
Not After : Feb 14 11:50:43 2026 GMT
Subject: CN=BE637B2DC3D45DC69CAF510C1D2DBB653D656D23
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:16:cf:2e:d1:3e:37:63:fc:fa:3d:b9:e3:f5:
d5:69:23:21:32:9a:91:18:b5:f6:19:c0:f7:e5:28:
d2:1a:f8:d6:68:f1:fc:ef:69:bd:b1:49:0a:ae:d5:
6b:1b:27:1e:d5:b4:22:32:63:7c:9c:c3:11:4c:3f:
32:aa:bf:22:81:e2:09:a3:a7:37:b7:d8:c3:c0:94:
71:37:19:c6:51:f1:f0:0e:de:08:75:93:e1:c1:2b:
65:91:92:af:8a:36:76:20:6e:49:1d:7c:cf:da:72:
8c:10:cb:fa:70:bb:6d:25:72:7a:73:6a:6d:90:c0:
2d:51:85:97:d0:dd:7b:f2:bd:85:5d:26:ea:0d:f4:
fc:20:4e:a3:81:39:09:3f:34:61:42:34:d0:b7:0e:
e4:ed:fb:4f:8b:7e:40:ed:34:ad:62:a0:70:bf:e2:
4e:99:2b:c4:d0:26:a3:61:01:4f:4b:b8:74:44:e2:
80:a7:ce:f4:24:4f:0e:ea:1c:18:0c:d5:cc:69:fc:
f1:ad:b0:2f:e0:23:88:6c:76:7c:40:bf:58:f6:d7:
84:b2:5d:04:03:0b:f1:9b:37:f0:ea:84:c6:47:de:
4a:0a:cf:05:c8:db:63:1b:fe:89:a7:22:ac:df:46:
02:af:75:98:53:d5:12:f3:a0:aa:e4:7a:e0:c0:03:
38:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:63:7B:2D:C3:D4:5D:C6:9C:AF:51:0C:1D:2D:BB:65:3D:65:6D:23
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS29802.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.223.50.0/24
145.223.55.0/24
145.223.60.0/24
145.223.62.0/23
146.103.4.0/24
146.103.19.0/24
147.79.4.0/24
147.79.22.0/24
148.135.178.0/23
148.135.191.0/24
148.135.254.0/24
150.241.128.0/24
150.241.233.0/24
Signature Algorithm: sha256WithRSAEncryption
02:5f:10:37:4f:37:84:61:ec:64:56:1a:90:39:51:0d:9c:81:
c9:cc:75:9e:08:da:b8:29:85:68:7b:55:8d:a0:f7:50:66:c3:
0e:1c:02:c0:b2:3b:c2:58:43:f3:dd:75:65:fd:d6:fb:48:50:
95:7c:c1:58:bd:af:26:02:ab:2b:75:59:e8:48:0c:9c:07:0e:
d7:1c:0e:df:42:e6:00:d6:70:f0:d2:2d:da:9b:bd:57:b7:5b:
93:ca:24:8e:88:9b:5b:2b:01:5a:29:7e:6a:65:e5:cf:6c:af:
1f:f3:f5:b1:41:bc:11:4b:27:cd:ec:ea:d6:a4:c6:ad:54:2f:
18:52:5d:35:da:95:0b:b3:49:c6:1d:09:2d:af:ba:a6:7b:a1:
dd:dc:16:81:fb:38:a6:da:6e:67:d0:30:09:c1:7b:e6:86:8b:
de:ea:79:5c:f4:09:7b:05:39:72:af:8a:dc:f9:7a:83:53:1b:
ae:55:f1:6c:81:44:1b:75:69:68:5d:53:14:27:3e:e1:07:8a:
5c:b7:7e:a0:e4:28:b5:76:06:cb:31:29:0e:5a:98:cd:04:f8:
b7:e5:af:0d:d7:72:35:8b:d6:7a:91:81:61:13:6d:30:e1:ce:
76:0d:46:d5:bc:9e:ac:11:90:a7:ec:b2:3f:09:fc:28:ef:6b:
13:74:81:82
-----BEGIN CERTIFICATE-----
MIIFRzCCBC+gAwIBAgIUe1JwDeqPCAe5w0Voyhurw4LsnKQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTAyMTUxMTQ1NDNaFw0yNjAyMTQxMTUwNDNaMDMxMTAvBgNV
BAMTKEJFNjM3QjJEQzNENDVEQzY5Q0FGNTEwQzFEMkRCQjY1M0Q2NTZEMjMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCoFs8u0T43Y/z6Pbnj9dVpIyEy
mpEYtfYZwPflKNIa+NZo8fzvab2xSQqu1WsbJx7VtCIyY3ycwxFMPzKqvyKB4gmj
pze32MPAlHE3GcZR8fAO3gh1k+HBK2WRkq+KNnYgbkkdfM/acowQy/pwu20lcnpz
am2QwC1RhZfQ3XvyvYVdJuoN9PwgTqOBOQk/NGFCNNC3DuTt+0+LfkDtNK1ioHC/
4k6ZK8TQJqNhAU9LuHRE4oCnzvQkTw7qHBgM1cxp/PGtsC/gI4hsdnxAv1j214Sy
XQQDC/GbN/DqhMZH3koKzwXI22Mb/omnIqzfRgKvdZhT1RLzoKrkeuDAAzjRAgMB
AAGjggJRMIICTTAdBgNVHQ4EFgQUvmN7LcPUXcacr1EMHS27ZT1lbSMwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMjk4MDIucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwZwYIKwYBBQUHAQcBAf8EWDBWMFQEAgABME4DBACR3zID
BACR3zcDBACR3zwDBAGR3z4DBACSZwQDBACSZxMDBACTTwQDBACTTxYDBAGUh7ID
BACUh78DBACUh/4DBACW8YADBACW8ekwDQYJKoZIhvcNAQELBQADggEBAAJfEDdP
N4Rh7GRWGpA5UQ2cgcnMdZ4I2rgphWh7VY2g91Bmww4cAsCyO8JYQ/PddWX91vtI
UJV8wVi9ryYCqyt1WehIDJwHDtccDt9C5gDWcPDSLdqbvVe3W5PKJI6Im1srAVop
fmpl5c9srx/z9bFBvBFLJ83s6takxq1ULxhSXTXalQuzScYdCS2vuqZ7od3cFoH7
OKbabmfQMAnBe+aGi97qeVz0CXsFOXKvitz5eoNTG65V8WyBRBt1aWhdUxQnPuEH
ily3fqDkKLV2BssxKQ5amM0E+Lflrw3XcjWL1nqRgWETbTDhznYNRtW8nqwRkKfs
sj8J/CjvaxN0gYI=
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:25:47 2025 by rpki-client