Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS7029.roa
File: AS7029.roa (raw, json)
Hash identifier: FQgXlFW9XJn9qp/paPokiGnVcLnoqLGcT8jeAM7q/kk=
Subject key identifier: 05:02:83:B6:9F:E5:65:AD:BF:08:3F:0A:77:0C:8F:25:9C:2F:52:C1
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 27EF254A29C14F1A2C968190BBE7A642C133FB90
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS7029.roa
Signing time: Fri 26 Sep 2025 00:06:45 +0000
ROA not before: Fri 26 Sep 2025 00:01:45 +0000
ROA not after: Fri 25 Sep 2026 00:06:45 +0000
asID: 7029
IP address blocks: 140.233.192.0/18 maxlen: 24
143.14.16.0/21 maxlen: 24
143.14.204.0/24 maxlen: 24
143.14.205.0/24 maxlen: 24
143.14.206.0/24 maxlen: 24
143.14.207.0/24 maxlen: 24
143.14.211.0/24 maxlen: 24
143.14.212.0/24 maxlen: 24
143.14.215.0/24 maxlen: 24
143.14.232.0/21 maxlen: 24
155.117.172.0/24 maxlen: 24
155.117.173.0/24 maxlen: 24
155.117.174.0/24 maxlen: 24
155.117.175.0/24 maxlen: 24
155.117.176.0/24 maxlen: 24
155.117.177.0/24 maxlen: 24
162.141.2.0/23 maxlen: 24
162.141.6.0/23 maxlen: 24
162.141.22.0/23 maxlen: 24
162.141.24.0/22 maxlen: 24
162.141.28.0/22 maxlen: 24
162.141.32.0/22 maxlen: 24
162.141.40.0/22 maxlen: 24
162.141.56.0/22 maxlen: 24
162.141.60.0/22 maxlen: 24
162.141.72.0/22 maxlen: 24
162.141.76.0/23 maxlen: 24
162.141.124.0/22 maxlen: 24
162.141.134.0/23 maxlen: 24
162.141.144.0/21 maxlen: 24
162.141.156.0/23 maxlen: 24
162.141.168.0/21 maxlen: 24
162.141.184.0/21 maxlen: 24
162.141.192.0/21 maxlen: 24
162.141.200.0/21 maxlen: 24
162.141.208.0/21 maxlen: 24
162.141.216.0/21 maxlen: 24
162.141.224.0/21 maxlen: 24
162.141.232.0/21 maxlen: 24
162.141.240.0/21 maxlen: 24
162.141.248.0/21 maxlen: 24
167.148.16.0/21 maxlen: 24
167.148.24.0/22 maxlen: 24
167.148.44.0/23 maxlen: 24
167.148.48.0/21 maxlen: 24
167.148.56.0/22 maxlen: 24
167.148.60.0/22 maxlen: 24
167.148.64.0/22 maxlen: 24
167.148.76.0/22 maxlen: 24
167.148.88.0/21 maxlen: 24
167.148.108.0/22 maxlen: 24
167.148.120.0/22 maxlen: 24
167.148.145.0/24 maxlen: 24
167.148.185.0/24 maxlen: 24
167.148.216.0/22 maxlen: 24
167.148.220.0/23 maxlen: 24
167.148.224.0/21 maxlen: 24
167.148.232.0/21 maxlen: 24
167.148.240.0/21 maxlen: 24
167.148.248.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
27:ef:25:4a:29:c1:4f:1a:2c:96:81:90:bb:e7:a6:42:c1:33:fb:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Sep 26 00:01:45 2025 GMT
Not After : Sep 25 00:06:45 2026 GMT
Subject: CN=050283B69FE565ADBF083F0A770C8F259C2F52C1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:73:20:a5:8c:b4:aa:c4:5e:2a:3b:04:60:cc:
a0:2a:d2:96:7a:eb:a8:32:dd:f4:b0:b3:9c:8f:00:
0c:5a:ab:61:0c:cc:94:08:1a:7a:13:09:d7:ad:3c:
a8:2e:7b:22:2d:b3:aa:ad:9b:a0:bc:2e:51:a1:88:
21:bb:b2:c1:5e:ee:d2:32:1e:15:4f:7b:0e:8a:ec:
b3:3e:14:d3:ef:6b:16:50:00:0a:03:4c:f3:41:a4:
de:2a:85:92:f4:cb:23:e6:8d:32:28:54:a4:85:1a:
bb:2b:8c:4d:b0:c4:3b:32:d0:d2:90:55:76:d1:cf:
43:1c:7d:14:5d:0b:72:db:ac:bf:92:32:75:d8:a2:
56:bb:94:a6:40:b4:da:fd:a1:ab:0a:72:37:6d:4f:
b1:d7:c0:f5:da:ea:e6:a0:17:33:c4:66:da:dc:6e:
ba:75:68:31:29:e0:9e:d1:11:6c:06:94:cd:29:29:
7d:4c:cf:e6:5a:ce:14:f6:ae:0e:b8:55:30:21:3f:
7e:cd:71:00:ce:45:75:86:65:dc:40:dc:92:e5:31:
1b:96:e5:41:1d:48:f9:7a:ef:32:2a:64:11:b4:92:
10:4b:11:e0:f5:bd:a8:f4:d9:15:42:b2:60:ef:e7:
e9:5a:af:0a:0d:98:e5:02:fd:b1:98:56:0d:36:f5:
d5:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:02:83:B6:9F:E5:65:AD:BF:08:3F:0A:77:0C:8F:25:9C:2F:52:C1
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS7029.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
140.233.192.0/18
143.14.16.0/21
143.14.204.0/22
143.14.211.0-143.14.212.255
143.14.215.0/24
143.14.232.0/21
155.117.172.0-155.117.177.255
162.141.2.0/23
162.141.6.0/23
162.141.22.0-162.141.35.255
162.141.40.0/22
162.141.56.0/21
162.141.72.0-162.141.77.255
162.141.124.0/22
162.141.134.0/23
162.141.144.0/21
162.141.156.0/23
162.141.168.0/21
162.141.184.0-162.141.255.255
167.148.16.0-167.148.27.255
167.148.44.0/23
167.148.48.0-167.148.67.255
167.148.76.0/22
167.148.88.0/21
167.148.108.0/22
167.148.120.0/22
167.148.145.0/24
167.148.185.0/24
167.148.216.0-167.148.221.255
167.148.224.0/19
Signature Algorithm: sha256WithRSAEncryption
52:4d:af:af:bc:34:c3:cc:39:7a:52:77:48:10:78:e3:e5:4a:
e7:cc:17:cb:07:f1:fb:c3:1c:12:63:18:bc:54:cc:d8:e7:d0:
f6:f6:03:b4:6e:b2:ff:5e:82:19:0a:ed:c9:2b:11:b8:a0:5f:
b0:3e:fd:e9:04:89:fa:dd:2d:2a:0d:77:48:de:46:4d:03:36:
7c:6e:ce:59:80:46:7e:aa:a4:89:68:b1:70:a2:b8:da:23:f7:
5a:58:f0:60:8e:b5:81:71:bd:c4:39:ec:22:3e:92:77:a1:05:
a2:ad:54:88:d5:59:d1:13:49:ed:70:05:59:6c:83:4f:cd:87:
d7:39:4f:5b:70:2a:e9:06:42:b9:6e:05:26:f9:23:ee:6e:61:
ae:5d:37:b1:85:79:15:7a:c1:37:ee:53:dc:7d:30:95:8f:14:
cb:04:2b:42:db:81:93:83:5c:46:aa:f3:eb:8f:df:c9:90:2b:
17:4b:af:44:37:4f:aa:3b:9f:8d:65:64:f4:61:07:22:d7:95:
7c:6f:b7:e8:ea:69:da:6c:11:75:09:54:e2:3b:5f:21:b5:f1:
c9:36:75:a9:a8:2f:3b:fb:54:1f:d8:75:d2:df:23:27:5a:3d:
42:e0:8f:46:66:a9:35:84:35:07:fe:76:7f:52:ae:d5:c4:14:
82:51:7c:0f
-----BEGIN CERTIFICATE-----
MIIF8jCCBNqgAwIBAgIUJ+8lSinBTxosloGQu+emQsEz+5AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTA5MjYwMDAxNDVaFw0yNjA5MjUwMDA2NDVaMDMxMTAvBgNV
BAMTKDA1MDI4M0I2OUZFNTY1QURCRjA4M0YwQTc3MEM4RjI1OUMyRjUyQzEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDAcyCljLSqxF4qOwRgzKAq0pZ6
66gy3fSws5yPAAxaq2EMzJQIGnoTCdetPKgueyIts6qtm6C8LlGhiCG7ssFe7tIy
HhVPew6K7LM+FNPvaxZQAAoDTPNBpN4qhZL0yyPmjTIoVKSFGrsrjE2wxDsy0NKQ
VXbRz0McfRRdC3LbrL+SMnXYola7lKZAtNr9oasKcjdtT7HXwPXa6uagFzPEZtrc
brp1aDEp4J7REWwGlM0pKX1Mz+ZazhT2rg64VTAhP37NcQDORXWGZdxA3JLlMRuW
5UEdSPl67zIqZBG0khBLEeD1vaj02RVCsmDv5+larwoNmOUC/bGYVg029dUDAgMB
AAGjggL8MIIC+DAdBgNVHQ4EFgQUBQKDtp/lZa2/CD8KdwyPJZwvUsEwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTNzAyOS5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCCAREGCCsGAQUFBwEHAQH/BIIBADCB/TCB+gQCAAEwgfMD
BAaM6cADBAOPDhADBAKPDswwDAMEAI8O0wMEAI8O1AMEAI8O1wMEA48O6DAMAwQC
m3WsAwQBm3WwAwQBoo0CAwQBoo0GMAwDBAGijRYDBAKijSADBAKijSgDBAOijTgw
DAMEA6KNSAMEAaKNTAMEAqKNfAMEAaKNhgMEA6KNkAMEAaKNnAMEA6KNqDALAwQD
oo24AwMBoowwDAMEBKeUEAMEAqeUGAMEAaeULDAMAwQEp5QwAwQCp5RAAwQCp5RM
AwQDp5RYAwQCp5RsAwQCp5R4AwQAp5SRAwQAp5S5MAwDBAOnlNgDBAGnlNwDBAWn
lOAwDQYJKoZIhvcNAQELBQADggEBAFJNr6+8NMPMOXpSd0gQeOPlSufMF8sH8fvD
HBJjGLxUzNjn0Pb2A7Rusv9eghkK7ckrEbigX7A+/ekEifrdLSoNd0jeRk0DNnxu
zlmARn6qpIlosXCiuNoj91pY8GCOtYFxvcQ57CI+knehBaKtVIjVWdETSe1wBVls
g0/Nh9c5T1twKukGQrluBSb5I+5uYa5dN7GFeRV6wTfuU9x9MJWPFMsEK0LbgZOD
XEaq8+uP38mQKxdLr0Q3T6o7n41lZPRhByLXlXxvt+jqadpsEXUJVOI7XyG18ck2
damoLzv7VB/YddLfIydaPULgj0ZmqTWENQf+dn9SrtXEFIJRfA8=
-----END CERTIFICATE-----
Generated at Sun Oct 19 18:35:07 2025 by rpki-client