Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS7029.roa
File: AS7029.roa (raw, json)
Hash identifier: N1G4MjHXA6Whg6410wm0htbjDNW6ANo/JMoONLyHlH0=
Subject key identifier: 27:8B:56:DE:A0:F9:38:D9:7F:DD:D8:30:1D:F4:72:09:69:9D:AF:4D
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 49E19F0CB936B84AFA349E592DF080112FA54C55
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS7029.roa
Signing time: Wed 04 Jun 2025 07:00:15 +0000
ROA not before: Wed 04 Jun 2025 06:55:15 +0000
ROA not after: Wed 03 Jun 2026 07:00:15 +0000
asID: 7029
IP address blocks: 140.233.192.0/18 maxlen: 24
143.14.16.0/21 maxlen: 24
143.14.204.0/24 maxlen: 24
143.14.205.0/24 maxlen: 24
143.14.206.0/24 maxlen: 24
143.14.207.0/24 maxlen: 24
143.14.211.0/24 maxlen: 24
143.14.212.0/24 maxlen: 24
143.14.215.0/24 maxlen: 24
143.14.232.0/21 maxlen: 24
155.117.64.0/21 maxlen: 24
155.117.172.0/24 maxlen: 24
155.117.173.0/24 maxlen: 24
155.117.174.0/24 maxlen: 24
155.117.175.0/24 maxlen: 24
155.117.176.0/24 maxlen: 24
155.117.177.0/24 maxlen: 24
162.141.24.0/22 maxlen: 24
162.141.28.0/22 maxlen: 24
162.141.32.0/22 maxlen: 24
162.141.40.0/22 maxlen: 24
162.141.56.0/22 maxlen: 24
162.141.60.0/22 maxlen: 24
162.141.72.0/22 maxlen: 24
162.141.124.0/22 maxlen: 24
162.141.144.0/21 maxlen: 24
162.141.168.0/21 maxlen: 24
162.141.184.0/21 maxlen: 24
162.141.192.0/21 maxlen: 24
162.141.200.0/21 maxlen: 24
162.141.208.0/21 maxlen: 24
162.141.216.0/21 maxlen: 24
162.141.224.0/21 maxlen: 24
162.141.232.0/21 maxlen: 24
162.141.240.0/21 maxlen: 24
162.141.248.0/21 maxlen: 24
167.148.16.0/21 maxlen: 24
167.148.24.0/22 maxlen: 24
167.148.36.0/22 maxlen: 24
167.148.48.0/21 maxlen: 24
167.148.56.0/22 maxlen: 24
167.148.64.0/22 maxlen: 24
167.148.76.0/22 maxlen: 24
167.148.88.0/21 maxlen: 24
167.148.108.0/22 maxlen: 24
167.148.120.0/22 maxlen: 24
167.148.216.0/22 maxlen: 24
167.148.224.0/21 maxlen: 24
167.148.232.0/21 maxlen: 24
167.148.240.0/21 maxlen: 24
167.148.248.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 06 Jun 2025 12:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
49:e1:9f:0c:b9:36:b8:4a:fa:34:9e:59:2d:f0:80:11:2f:a5:4c:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Jun 4 06:55:15 2025 GMT
Not After : Jun 3 07:00:15 2026 GMT
Subject: CN=278B56DEA0F938D97FDDD8301DF47209699DAF4D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:3e:77:f5:f5:47:17:74:80:41:63:77:c0:6d:
a2:a6:4d:6a:2e:92:f9:4b:92:9a:61:a8:84:81:a6:
21:35:d8:c3:e0:2a:a8:49:ae:a0:50:c8:cf:27:87:
59:75:28:1a:ae:c1:df:5a:4d:a9:1e:da:3f:34:bc:
f9:f3:33:63:53:e2:16:cd:25:36:e2:8b:e4:6f:96:
54:80:02:49:b7:3d:57:09:4c:d9:af:e8:9d:89:d5:
0f:54:a0:35:86:e9:1a:1e:a5:54:36:12:21:9c:67:
c1:de:65:bc:69:25:0f:c3:21:ea:10:1c:8a:2a:bb:
55:05:06:3a:3c:9e:80:92:bd:60:a2:4e:d9:5d:74:
f5:4f:b2:c2:7f:0c:98:32:c1:31:7b:f5:16:44:6a:
f6:4b:c9:42:d9:2a:ba:86:2a:ac:d4:6e:e7:cb:9d:
ce:8e:9d:c5:ea:ed:88:fa:2f:51:56:c9:91:5e:32:
2b:c3:73:2e:52:e8:4b:fe:90:6f:72:20:13:47:9f:
7e:0f:f2:69:ec:43:ab:67:51:c3:51:4e:99:cf:e5:
28:83:94:9c:c9:83:74:c8:6a:9e:ac:e1:cb:13:21:
f0:28:f9:7a:f7:be:23:e3:7f:f3:0b:5a:16:21:b9:
97:d4:27:f4:66:e9:32:bd:ed:bb:cb:81:20:48:d0:
30:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:8B:56:DE:A0:F9:38:D9:7F:DD:D8:30:1D:F4:72:09:69:9D:AF:4D
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS7029.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
140.233.192.0/18
143.14.16.0/21
143.14.204.0/22
143.14.211.0-143.14.212.255
143.14.215.0/24
143.14.232.0/21
155.117.64.0/21
155.117.172.0-155.117.177.255
162.141.24.0-162.141.35.255
162.141.40.0/22
162.141.56.0/21
162.141.72.0/22
162.141.124.0/22
162.141.144.0/21
162.141.168.0/21
162.141.184.0-162.141.255.255
167.148.16.0-167.148.27.255
167.148.36.0/22
167.148.48.0-167.148.59.255
167.148.64.0/22
167.148.76.0/22
167.148.88.0/21
167.148.108.0/22
167.148.120.0/22
167.148.216.0/22
167.148.224.0/19
Signature Algorithm: sha256WithRSAEncryption
4e:92:63:6e:fc:cc:e2:04:d5:3a:04:10:be:e7:ec:51:0c:ba:
e8:5e:0d:c8:e4:91:7c:68:0c:46:81:97:89:bf:31:88:7b:66:
47:fc:f6:57:cb:ca:89:52:dd:e9:9e:df:d5:fe:d4:98:fd:26:
9f:4d:65:61:80:fc:55:2a:b9:e1:3a:5f:42:0d:71:59:67:7d:
c2:dc:ed:0d:62:6f:37:4a:9c:27:67:1b:be:09:d2:e1:24:3b:
f0:19:08:1d:91:d0:29:b9:1c:2e:a1:66:31:a2:5e:ff:6c:63:
34:fd:b0:05:0c:82:27:bf:42:b0:0a:0d:ac:cc:ab:66:24:80:
4a:71:11:ea:6e:42:5e:79:af:2f:c4:4d:f3:c7:b0:a4:98:71:
bc:0c:bf:60:d3:dc:7a:4c:af:7b:1b:33:e3:ef:89:51:65:b6:
06:a0:a4:6c:a9:5d:98:0d:bb:5c:0a:25:a7:48:7e:62:13:28:
3b:31:d5:38:2a:a0:cf:12:a4:bc:09:40:20:3f:be:cd:4e:97:
8a:90:67:4f:84:63:7c:c4:a2:fd:8e:d6:f0:17:b3:02:55:2c:
74:b2:c5:a2:a5:63:66:ae:23:c5:98:89:61:4b:29:e4:14:57:
e1:5e:ed:34:62:9f:58:1d:af:ba:34:52:af:c6:48:f7:a7:f4:
b2:b0:e3:8b
-----BEGIN CERTIFICATE-----
MIIFyDCCBLCgAwIBAgIUSeGfDLk2uEr6NJ5ZLfCAES+lTFUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTA2MDQwNjU1MTVaFw0yNjA2MDMwNzAwMTVaMDMxMTAvBgNV
BAMTKDI3OEI1NkRFQTBGOTM4RDk3RkRERDgzMDFERjQ3MjA5Njk5REFGNEQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCSPnf19UcXdIBBY3fAbaKmTWou
kvlLkpphqISBpiE12MPgKqhJrqBQyM8nh1l1KBquwd9aTake2j80vPnzM2NT4hbN
JTbii+RvllSAAkm3PVcJTNmv6J2J1Q9UoDWG6RoepVQ2EiGcZ8HeZbxpJQ/DIeoQ
HIoqu1UFBjo8noCSvWCiTtlddPVPssJ/DJgywTF79RZEavZLyULZKrqGKqzUbufL
nc6OncXq7Yj6L1FWyZFeMivDcy5S6Ev+kG9yIBNHn34P8mnsQ6tnUcNRTpnP5SiD
lJzJg3TIap6s4csTIfAo+Xr3viPjf/MLWhYhuZfUJ/Rm6TK97bvLgSBI0DBfAgMB
AAGjggLSMIICzjAdBgNVHQ4EFgQUJ4tW3qD5ONl/3dgwHfRyCWmdr00wHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTNzAyOS5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCB6AYIKwYBBQUHAQcBAf8EgdgwgdUwgdIEAgABMIHLAwQG
jOnAAwQDjw4QAwQCjw7MMAwDBACPDtMDBACPDtQDBACPDtcDBAOPDugDBAObdUAw
DAMEApt1rAMEAZt1sDAMAwQDoo0YAwQCoo0gAwQCoo0oAwQDoo04AwQCoo1IAwQC
oo18AwQDoo2QAwQDoo2oMAsDBAOijbgDAwGijDAMAwQEp5QQAwQCp5QYAwQCp5Qk
MAwDBASnlDADBAKnlDgDBAKnlEADBAKnlEwDBAOnlFgDBAKnlGwDBAKnlHgDBAKn
lNgDBAWnlOAwDQYJKoZIhvcNAQELBQADggEBAE6SY278zOIE1ToEEL7n7FEMuuhe
DcjkkXxoDEaBl4m/MYh7Zkf89lfLyolS3eme39X+1Jj9Jp9NZWGA/FUqueE6X0IN
cVlnfcLc7Q1ibzdKnCdnG74J0uEkO/AZCB2R0Cm5HC6hZjGiXv9sYzT9sAUMgie/
QrAKDazMq2YkgEpxEepuQl55ry/ETfPHsKSYcbwMv2DT3HpMr3sbM+PviVFltgag
pGypXZgNu1wKJadIfmITKDsx1TgqoM8SpLwJQCA/vs1Ol4qQZ0+EY3zEov2O1vAX
swJVLHSyxaKlY2auI8WYiWFLKeQUV+Fe7TRin1gdr7o0Uq/GSPen9LKw44s=
-----END CERTIFICATE-----
Generated at Thu Jun 5 18:10:37 2025 by rpki-client