Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS29802.roa
File: AS29802.roa (raw, json)
Hash identifier: O7g5lQKgzG7qcH9MnFOS3JLNyukdpKV2t4C120y3L+M=
Subject key identifier: C7:93:3A:F0:D0:7B:8A:E7:F3:14:D5:C0:2E:71:F9:4A:57:10:02:46
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 6E512007FB30F2756EC105BCE132D6A5DFDE28ED
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS29802.roa
Signing time: Tue 09 Sep 2025 00:00:09 +0000
ROA not before: Mon 08 Sep 2025 23:55:09 +0000
ROA not after: Tue 08 Sep 2026 00:00:09 +0000
asID: 29802
IP address blocks: 96.62.140.0/24 maxlen: 24
96.62.216.0/24 maxlen: 24
143.14.110.0/24 maxlen: 24
143.14.210.0/24 maxlen: 24
143.14.213.0/24 maxlen: 24
145.223.50.0/24 maxlen: 24
145.223.55.0/24 maxlen: 24
145.223.60.0/24 maxlen: 24
145.223.62.0/24 maxlen: 24
145.223.63.0/24 maxlen: 24
146.103.4.0/24 maxlen: 24
146.103.19.0/24 maxlen: 24
148.135.178.0/24 maxlen: 24
148.135.179.0/24 maxlen: 24
148.135.190.0/24 maxlen: 24
148.135.191.0/24 maxlen: 24
148.135.254.0/24 maxlen: 24
150.241.128.0/24 maxlen: 24
150.241.233.0/24 maxlen: 24
155.117.121.0/24 maxlen: 24
162.141.52.0/24 maxlen: 24
162.141.141.0/24 maxlen: 24
167.148.178.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 19 Sep 2025 11:24:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6e:51:20:07:fb:30:f2:75:6e:c1:05:bc:e1:32:d6:a5:df:de:28:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Sep 8 23:55:09 2025 GMT
Not After : Sep 8 00:00:09 2026 GMT
Subject: CN=C7933AF0D07B8AE7F314D5C02E71F94A57100246
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:7a:37:60:32:1b:c9:65:8e:a0:74:39:84:fe:
9a:bd:ea:1a:fd:ab:71:dd:1d:a7:2f:c8:b8:fe:3d:
22:7c:ad:31:3e:e5:5f:59:75:96:b0:fb:34:8d:2d:
6d:3d:e3:f0:11:9c:5d:98:2b:6e:66:24:ae:4d:03:
df:7b:b7:b0:49:d5:7a:9f:84:80:c3:1e:01:03:2b:
de:d3:51:71:39:cc:d3:73:d9:fd:38:be:84:b4:2d:
28:28:aa:3f:a7:85:df:c8:cf:ea:f6:e9:63:99:d6:
1d:32:9d:ae:7d:a0:4a:26:fe:90:a2:98:ef:89:bc:
5d:d6:54:3a:d2:04:72:e3:2d:c5:a8:8a:80:9e:72:
f2:95:9d:3d:58:16:f5:b0:c2:49:88:88:49:04:81:
60:99:08:dc:bf:96:f0:4c:90:5f:65:95:21:7c:fd:
21:8b:69:a0:04:17:f4:5b:7c:5d:9b:55:14:be:cc:
9d:9e:69:dc:0a:42:f4:5b:90:be:0d:69:aa:7c:81:
00:68:eb:ff:ef:d3:2e:a3:df:ed:d4:9a:6f:ce:d2:
20:23:37:85:d0:4e:46:5d:a7:f3:26:85:b2:f8:11:
60:01:42:08:bd:6e:46:ee:12:07:07:da:a7:7c:80:
b8:62:a6:3c:51:53:cd:71:3e:54:4c:08:22:ff:08:
dd:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:93:3A:F0:D0:7B:8A:E7:F3:14:D5:C0:2E:71:F9:4A:57:10:02:46
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS29802.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
96.62.140.0/24
96.62.216.0/24
143.14.110.0/24
143.14.210.0/24
143.14.213.0/24
145.223.50.0/24
145.223.55.0/24
145.223.60.0/24
145.223.62.0/23
146.103.4.0/24
146.103.19.0/24
148.135.178.0/23
148.135.190.0/23
148.135.254.0/24
150.241.128.0/24
150.241.233.0/24
155.117.121.0/24
162.141.52.0/24
162.141.141.0/24
167.148.178.0/24
Signature Algorithm: sha256WithRSAEncryption
22:68:aa:0e:d6:a9:7b:ce:24:5a:54:f2:2a:60:7e:02:cb:e3:
eb:08:02:33:eb:f9:e1:28:d0:cb:f3:09:ca:23:5f:af:7f:41:
f3:26:19:eb:c3:46:15:d5:0d:11:77:4c:16:65:0b:87:5e:dd:
4b:a8:f6:75:7c:3a:c2:d3:05:21:12:5b:95:e6:01:eb:b3:56:
a7:bc:9b:08:31:5f:af:7c:5f:0c:41:61:09:e5:49:d7:6a:9c:
75:c7:93:7d:f1:65:28:b4:4e:b1:f1:0c:7d:e5:23:08:10:87:
ac:5b:9a:f6:3f:3d:bd:57:bb:e2:bd:78:9d:ae:89:44:42:9d:
4d:84:a2:2c:4d:20:26:8d:d3:48:a3:55:be:cf:b7:55:16:10:
8b:df:12:ed:16:f4:6f:10:7a:47:e7:1e:4b:78:d6:09:73:c2:
af:96:06:2d:2d:77:b0:19:95:1b:cd:a8:82:f8:91:c8:95:91:
58:37:52:5b:fa:2f:f8:b9:fc:bf:14:f8:fd:8a:70:95:09:aa:
f2:57:ac:84:0f:60:2c:36:58:72:07:02:dd:18:55:c8:a8:20:
44:c8:51:59:1c:4d:db:d6:66:bc:1e:ab:e6:ab:db:d2:fe:42:
6e:ff:b8:cd:94:1b:d0:99:c6:ad:1d:f5:ec:42:c9:d8:82:2c:
3d:96:0f:56
-----BEGIN CERTIFICATE-----
MIIFdDCCBFygAwIBAgIUblEgB/sw8nVuwQW84TLWpd/eKO0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTA5MDgyMzU1MDlaFw0yNjA5MDgwMDAwMDlaMDMxMTAvBgNV
BAMTKEM3OTMzQUYwRDA3QjhBRTdGMzE0RDVDMDJFNzFGOTRBNTcxMDAyNDYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC+ejdgMhvJZY6gdDmE/pq96hr9
q3HdHacvyLj+PSJ8rTE+5V9ZdZaw+zSNLW094/ARnF2YK25mJK5NA997t7BJ1Xqf
hIDDHgEDK97TUXE5zNNz2f04voS0LSgoqj+nhd/Iz+r26WOZ1h0yna59oEom/pCi
mO+JvF3WVDrSBHLjLcWoioCecvKVnT1YFvWwwkmIiEkEgWCZCNy/lvBMkF9llSF8
/SGLaaAEF/RbfF2bVRS+zJ2eadwKQvRbkL4Naap8gQBo6//v0y6j3+3Umm/O0iAj
N4XQTkZdp/MmhbL4EWABQgi9bkbuEgcH2qd8gLhipjxRU81xPlRMCCL/CN1FAgMB
AAGjggJ+MIICejAdBgNVHQ4EFgQUx5M68NB7iufzFNXALnH5SlcQAkYwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMjk4MDIucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwgZMGCCsGAQUFBwEHAQH/BIGDMIGAMH4EAgABMHgDBABg
PowDBABgPtgDBACPDm4DBACPDtIDBACPDtUDBACR3zIDBACR3zcDBACR3zwDBAGR
3z4DBACSZwQDBACSZxMDBAGUh7IDBAGUh74DBACUh/4DBACW8YADBACW8ekDBACb
dXkDBACijTQDBACijY0DBACnlLIwDQYJKoZIhvcNAQELBQADggEBACJoqg7WqXvO
JFpU8ipgfgLL4+sIAjPr+eEo0MvzCcojX69/QfMmGevDRhXVDRF3TBZlC4de3Uuo
9nV8OsLTBSESW5XmAeuzVqe8mwgxX698XwxBYQnlSddqnHXHk33xZSi0TrHxDH3l
IwgQh6xbmvY/Pb1Xu+K9eJ2uiURCnU2EoixNICaN00ijVb7Pt1UWEIvfEu0W9G8Q
ekfnHkt41glzwq+WBi0td7AZlRvNqIL4kciVkVg3Ulv6L/i5/L8U+P2KcJUJqvJX
rIQPYCw2WHIHAt0YVcioIETIUVkcTdvWZrweq+ar29L+Qm7/uM2UG9CZxq0d9exC
ydiCLD2WD1Y=
-----END CERTIFICATE-----
Generated at Thu Sep 18 22:56:09 2025 by rpki-client