Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/AS7029.roa
File: AS7029.roa (raw, json)
Hash identifier: 8PLTntWjTUT/j3wb4jf3whlNbIemwNkkni4M1Q4/mDw=
Subject key identifier: 76:26:4E:D9:A5:E6:A9:89:5A:C0:98:A6:84:C0:D3:4A:8C:64:1F:A5
Certificate issuer: /CN=735d93706cbf4688ce7d60fc0ed693d4cc4a9326
Certificate serial: 01405A802EF8674821D00E2508292BAE65BD3440
Authority key identifier: 73:5D:93:70:6C:BF:46:88:CE:7D:60:FC:0E:D6:93:D4:CC:4A:93:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/AS7029.roa
Signing time: Wed 05 Nov 2025 22:17:25 +0000
ROA not before: Wed 05 Nov 2025 22:12:25 +0000
ROA not after: Wed 04 Nov 2026 22:17:25 +0000
asID: 7029
IP address blocks: 46.33.31.0/24 maxlen: 24
95.175.148.0/24 maxlen: 24
109.175.153.0/24 maxlen: 24
109.175.163.0/24 maxlen: 24
109.175.164.0/24 maxlen: 24
109.175.165.0/24 maxlen: 24
109.175.171.0/24 maxlen: 24
109.175.182.0/24 maxlen: 24
109.175.191.0/24 maxlen: 24
109.175.198.0/24 maxlen: 24
109.175.199.0/24 maxlen: 24
109.175.201.0/24 maxlen: 24
109.175.202.0/24 maxlen: 24
109.175.203.0/24 maxlen: 24
109.175.204.0/24 maxlen: 24
130.43.143.0/24 maxlen: 24
130.43.156.0/24 maxlen: 24
130.43.166.0/24 maxlen: 24
130.43.178.0/24 maxlen: 24
130.43.179.0/24 maxlen: 24
130.43.184.0/24 maxlen: 24
130.43.188.0/24 maxlen: 24
130.43.189.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.crl
rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.mft
rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 08:29:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:40:5a:80:2e:f8:67:48:21:d0:0e:25:08:29:2b:ae:65:bd:34:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=735d93706cbf4688ce7d60fc0ed693d4cc4a9326
Validity
Not Before: Nov 5 22:12:25 2025 GMT
Not After : Nov 4 22:17:25 2026 GMT
Subject: CN=76264ED9A5E6A9895AC098A684C0D34A8C641FA5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:23:47:06:af:42:c6:aa:a8:d9:51:e9:fd:3a:
b9:e2:e4:86:d3:85:fd:43:ed:d7:13:43:76:56:e4:
27:36:0d:0c:50:11:dc:e6:1f:6b:f4:d1:9e:97:56:
33:5a:39:0c:ad:96:82:25:8f:ea:ad:4b:d4:63:79:
bd:99:a4:57:f1:40:50:81:42:b9:1e:60:c7:df:9a:
d3:fc:64:cf:cd:2f:ac:54:bb:08:8c:57:f4:af:ae:
9b:cd:0f:50:d8:c0:10:9f:59:c6:07:2e:a5:1e:c1:
b5:9e:97:b7:cc:52:68:56:f4:a4:cd:8f:90:e1:39:
21:3e:8c:e5:6a:b1:0a:6c:c1:7e:2b:c1:82:7a:b8:
02:f0:87:0b:35:e8:eb:72:40:60:36:d5:4b:50:6d:
f3:d8:78:81:71:2f:c2:b5:c9:83:8a:d0:0a:62:9c:
2f:e4:23:e2:c9:d7:9d:e8:81:dc:31:47:c9:b9:77:
4c:82:b3:13:24:27:f1:15:05:3f:4e:b5:56:57:e6:
f1:5d:b7:f5:4c:09:c0:72:79:df:58:63:db:52:58:
c6:73:94:0b:fe:fd:13:92:bf:7e:43:ac:1e:bf:26:
e0:59:08:75:80:e3:2c:a6:46:e9:fb:80:0f:48:01:
6b:1b:b8:f4:e7:90:95:68:ac:53:79:fd:ea:a4:2e:
b3:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:26:4E:D9:A5:E6:A9:89:5A:C0:98:A6:84:C0:D3:4A:8C:64:1F:A5
X509v3 Authority Key Identifier:
keyid:73:5D:93:70:6C:BF:46:88:CE:7D:60:FC:0E:D6:93:D4:CC:4A:93:26
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/AS7029.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.33.31.0/24
95.175.148.0/24
109.175.153.0/24
109.175.163.0-109.175.165.255
109.175.171.0/24
109.175.182.0/24
109.175.191.0/24
109.175.198.0/23
109.175.201.0-109.175.204.255
130.43.143.0/24
130.43.156.0/24
130.43.166.0/24
130.43.178.0/23
130.43.184.0/24
130.43.188.0/23
Signature Algorithm: sha256WithRSAEncryption
03:7a:f8:da:e6:27:27:f6:5d:06:51:11:43:e4:39:41:be:80:
7a:cf:d0:56:56:ae:82:21:44:8b:78:3e:cb:45:9a:0f:f3:42:
fa:c8:6d:3b:91:d7:e3:e3:f1:1e:11:d5:26:64:f4:48:02:8a:
5f:0c:90:4b:69:2a:8d:18:c0:90:d5:b8:d8:ec:fb:5f:4a:da:
09:47:f8:b4:b8:1c:90:18:3d:f8:56:18:d3:2b:61:9c:7d:5f:
83:a2:ba:2b:63:25:03:a0:f7:41:d5:a1:64:07:da:c5:3e:b2:
76:7a:0f:6a:50:c6:88:76:46:86:b1:b0:c2:26:72:c2:bd:9e:
fe:2b:9e:e5:72:01:5d:6f:e6:ac:f2:5a:fa:43:5c:71:f1:69:
56:ec:53:a4:88:9b:e3:29:e0:35:48:ef:8d:67:6a:4d:a9:b1:
de:71:e7:ff:81:9b:e7:9f:06:66:05:2b:24:fe:0f:ae:eb:cd:
93:0b:75:ca:cb:bf:b9:0f:bb:ec:76:5f:3d:16:f3:06:07:c6:
38:0a:f6:32:3a:72:51:6c:38:9b:97:67:68:ff:fb:d6:3b:67:
8e:27:27:bf:2f:26:66:92:74:41:a2:b3:89:95:76:2e:45:ba:
ed:eb:f6:f4:29:a6:aa:3c:7e:c7:3c:8b:86:93:0c:43:90:09:
90:22:2a:4d
-----BEGIN CERTIFICATE-----
MIIFYzCCBEugAwIBAgIUAUBagC74Z0gh0A4lCCkrrmW9NEAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzM1ZDkzNzA2Y2JmNDY4OGNlN2Q2MGZjMGVkNjkzZDRj
YzRhOTMyNjAeFw0yNTExMDUyMjEyMjVaFw0yNjExMDQyMjE3MjVaMDMxMTAvBgNV
BAMTKDc2MjY0RUQ5QTVFNkE5ODk1QUMwOThBNjg0QzBEMzRBOEM2NDFGQTUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCkI0cGr0LGqqjZUen9Orni5IbT
hf1D7dcTQ3ZW5Cc2DQxQEdzmH2v00Z6XVjNaOQytloIlj+qtS9Rjeb2ZpFfxQFCB
QrkeYMffmtP8ZM/NL6xUuwiMV/SvrpvND1DYwBCfWcYHLqUewbWel7fMUmhW9KTN
j5DhOSE+jOVqsQpswX4rwYJ6uALwhws16OtyQGA21UtQbfPYeIFxL8K1yYOK0Api
nC/kI+LJ153ogdwxR8m5d0yCsxMkJ/EVBT9OtVZX5vFdt/VMCcByed9YY9tSWMZz
lAv+/ROSv35DrB6/JuBZCHWA4yymRun7gA9IAWsbuPTnkJVorFN5/eqkLrMbAgMB
AAGjggJtMIICaTAdBgNVHQ4EFgQUdiZO2aXmqYlawJimhMDTSoxkH6UwHwYDVR0j
BBgwFoAUc12TcGy/RojOfWD8DtaT1MxKkyYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMmU2ZGE1YzctNjcwYS00MWIxLTk2ZWItMzg5OTM4OGIy
OTJjLzAvNzM1RDkzNzA2Q0JGNDY4OENFN0Q2MEZDMEVENjkzRDRDQzRBOTMyNi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2MxMlRjR3lfUm9qT2ZXRDhEdGFUMU14
S2t5WS5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzJlNmRhNWM3LTY3MGEt
NDFiMS05NmViLTM4OTkzODhiMjkyYy8wL0FTNzAyOS5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCBgwYIKwYBBQUHAQcBAf8EdDByMHAEAgABMGoDBAAuIR8D
BABfr5QDBABtr5kwDAMEAG2vowMEAW2vpAMEAG2vqwMEAG2vtgMEAG2vvwMEAW2v
xjAMAwQAba/JAwQAba/MAwQAgiuPAwQAgiucAwQAgiumAwQBgiuyAwQAgiu4AwQB
giu8MA0GCSqGSIb3DQEBCwUAA4IBAQADevja5icn9l0GURFD5DlBvoB6z9BWVq6C
IUSLeD7LRZoP80L6yG07kdfj4/EeEdUmZPRIAopfDJBLaSqNGMCQ1bjY7PtfStoJ
R/i0uByQGD34VhjTK2GcfV+DororYyUDoPdB1aFkB9rFPrJ2eg9qUMaIdkaGsbDC
JnLCvZ7+K57lcgFdb+as8lr6Q1xx8WlW7FOkiJvjKeA1SO+NZ2pNqbHecef/gZvn
nwZmBSsk/g+u682TC3XKy7+5D7vsdl89FvMGB8Y4CvYyOnJRbDibl2do//vWO2eO
Jye/LyZmknRBorOJlXYuRbrt6/b0KaaqPH7HPIuGkwxDkAmQIipN
-----END CERTIFICATE-----
Generated at Tue Nov 11 18:16:13 2025 by rpki-client