Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS29802.roa
File: AS29802.roa (raw, json)
Hash identifier: hS122VPADIrAD8pn2i23RnZJVz8DIrxSddUXpf8UQw4=
Subject key identifier: 2A:DB:54:1E:A9:4A:E9:27:A9:39:9F:97:B1:81:84:B0:54:50:C8:CC
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 0EBE493C51E9E68DC4D8E5D7E29DCC10A2E6CC91
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS29802.roa
Signing time: Wed 02 Apr 2025 06:09:38 +0000
ROA not before: Wed 02 Apr 2025 06:04:38 +0000
ROA not after: Wed 01 Apr 2026 06:09:38 +0000
asID: 29802
IP address blocks: 2.57.22.0/24 maxlen: 24
2.58.28.0/24 maxlen: 24
5.252.68.0/24 maxlen: 24
5.252.69.0/24 maxlen: 24
5.252.70.0/24 maxlen: 24
5.252.73.0/24 maxlen: 24
5.252.161.0/24 maxlen: 24
45.87.186.0/24 maxlen: 24
141.98.88.0/24 maxlen: 24
141.98.90.0/24 maxlen: 24
179.61.195.0/24 maxlen: 24
179.61.225.0/24 maxlen: 24
181.41.211.0/24 maxlen: 24
181.41.213.0/24 maxlen: 24
181.41.222.0/23 maxlen: 24
181.214.35.0/24 maxlen: 24
181.214.52.0/24 maxlen: 24
181.214.123.0/24 maxlen: 24
181.214.219.0/24 maxlen: 24
181.214.242.0/24 maxlen: 24
181.215.46.0/24 maxlen: 24
181.215.61.0/24 maxlen: 24
181.215.89.0/24 maxlen: 24
181.215.183.0/24 maxlen: 24
185.34.40.0/24 maxlen: 24
185.34.41.0/24 maxlen: 24
185.130.204.0/22 maxlen: 24
185.135.11.0/24 maxlen: 24
185.139.237.0/24 maxlen: 24
185.141.164.0/23 maxlen: 24
185.142.26.0/24 maxlen: 24
185.142.27.0/24 maxlen: 24
185.143.228.0/24 maxlen: 24
185.158.135.0/24 maxlen: 24
185.158.148.0/24 maxlen: 24
185.172.58.0/23 maxlen: 24
185.173.24.0/23 maxlen: 24
185.173.32.0/23 maxlen: 24
185.174.62.0/24 maxlen: 24
191.96.42.0/23 maxlen: 24
191.96.50.0/23 maxlen: 24
191.96.70.0/23 maxlen: 24
191.96.97.0/24 maxlen: 24
191.96.192.0/24 maxlen: 24
191.101.62.0/24 maxlen: 24
191.101.164.0/23 maxlen: 24
191.101.204.0/24 maxlen: 24
191.101.253.0/24 maxlen: 24
193.31.40.0/24 maxlen: 24
2a03:fbc6::/47 maxlen: 48
2a03:fbc6:1::/48 maxlen: 48
2a09:4b40::/29 maxlen: 48
2a09:4b44::/48 maxlen: 48
2a09:4b44:2::/48 maxlen: 48
2a09:4b44:3::/48 maxlen: 48
2a09:4b44:4::/48 maxlen: 48
2a09:4b44:5::/48 maxlen: 48
2a09:4b44:6::/48 maxlen: 48
2a09:4b44:7::/48 maxlen: 48
2a09:4b44:8::/48 maxlen: 48
2a09:4b44:9::/48 maxlen: 48
2a09:4b44:b::/48 maxlen: 48
2a09:4b44:d::/48 maxlen: 48
2a09:4b44:21::/48 maxlen: 48
2a09:4b44:23::/48 maxlen: 48
2a0e:1c00::/29 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 15:12:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0e:be:49:3c:51:e9:e6:8d:c4:d8:e5:d7:e2:9d:cc:10:a2:e6:cc:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Apr 2 06:04:38 2025 GMT
Not After : Apr 1 06:09:38 2026 GMT
Subject: CN=2ADB541EA94AE927A9399F97B18184B05450C8CC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:df:fc:4f:2b:f9:01:85:19:af:c4:c2:9c:58:
6d:24:52:f9:6c:01:a2:c8:51:1c:a3:f6:6d:66:a5:
2e:1d:22:bf:73:b6:4d:61:b7:cc:48:93:6f:26:cc:
98:00:b8:5f:ec:0d:69:d1:b7:b0:1f:0e:0a:29:25:
d9:33:61:01:e7:f7:c3:3e:eb:01:16:66:ef:7c:8e:
cb:bb:ca:7b:34:68:c3:73:55:8d:53:3e:b6:f2:cd:
0f:8a:ec:e8:69:4a:8b:e1:97:31:03:ff:d1:a1:3b:
0d:33:10:41:07:f5:9b:1e:75:7e:78:a9:33:88:b5:
56:dc:e6:9f:54:05:6a:d5:6a:fc:05:63:83:51:df:
c6:c5:6d:64:1d:bb:fb:52:10:7c:2e:dc:da:f9:90:
4c:b3:d4:86:d4:69:52:7f:26:1c:a9:c2:2b:7a:87:
8c:99:62:36:9c:c6:e8:36:a9:6a:96:b2:4e:12:4a:
90:5d:a7:fe:5e:03:ea:85:ea:63:0c:de:96:4f:41:
17:50:24:9b:61:19:45:69:26:27:57:63:17:76:fd:
5d:00:68:55:dc:b3:3a:a6:06:b8:97:c5:d4:77:e9:
24:95:5e:ee:e6:b9:85:d7:be:06:48:53:f9:a8:f1:
c2:3f:14:40:e7:d2:c6:cd:bb:97:f9:6d:b9:80:95:
05:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:DB:54:1E:A9:4A:E9:27:A9:39:9F:97:B1:81:84:B0:54:50:C8:CC
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS29802.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.57.22.0/24
2.58.28.0/24
5.252.68.0-5.252.70.255
5.252.73.0/24
5.252.161.0/24
45.87.186.0/24
141.98.88.0/24
141.98.90.0/24
179.61.195.0/24
179.61.225.0/24
181.41.211.0/24
181.41.213.0/24
181.41.222.0/23
181.214.35.0/24
181.214.52.0/24
181.214.123.0/24
181.214.219.0/24
181.214.242.0/24
181.215.46.0/24
181.215.61.0/24
181.215.89.0/24
181.215.183.0/24
185.34.40.0/23
185.130.204.0/22
185.135.11.0/24
185.139.237.0/24
185.141.164.0/23
185.142.26.0/23
185.143.228.0/24
185.158.135.0/24
185.158.148.0/24
185.172.58.0/23
185.173.24.0/23
185.173.32.0/23
185.174.62.0/24
191.96.42.0/23
191.96.50.0/23
191.96.70.0/23
191.96.97.0/24
191.96.192.0/24
191.101.62.0/24
191.101.164.0/23
191.101.204.0/24
191.101.253.0/24
193.31.40.0/24
IPv6:
2a03:fbc6::/47
2a09:4b40::/29
2a0e:1c00::/29
Signature Algorithm: sha256WithRSAEncryption
48:bb:3c:ac:10:ab:de:45:7d:6f:67:04:d0:8a:92:09:d7:68:
52:98:36:3f:3d:ba:80:44:08:25:54:81:06:bd:62:61:84:86:
13:7e:3b:a4:55:b2:e0:1b:dd:dc:49:83:c7:d3:51:84:a5:c5:
c3:d4:01:9b:2b:0c:3e:43:29:91:49:3a:bb:da:02:b4:56:18:
04:0a:cb:71:0c:ad:53:5f:20:a9:39:61:1a:f7:3f:b2:03:d1:
80:85:0f:2d:8f:4f:63:ed:0e:8e:01:6e:ba:ab:3e:1e:61:e2:
6a:c4:97:10:e3:1e:48:a0:c1:97:b9:1a:74:66:31:da:4f:23:
0f:d7:e1:cf:44:34:0f:65:fe:29:8a:6b:4e:e8:68:f0:43:a4:
d0:28:1c:c7:9f:9b:1b:14:a8:69:ee:e5:75:d7:7f:14:9d:19:
27:cd:07:23:f4:89:62:dc:32:5e:1f:d0:14:75:ca:54:9f:ca:
af:d5:02:6d:fc:da:8a:49:bb:b1:a6:22:42:c3:0e:04:ef:02:
bc:0c:26:33:6c:4e:fa:a3:51:bd:4e:fa:91:7e:cf:dc:96:18:
d2:47:9e:36:f8:d7:5e:42:8f:65:df:33:2d:2e:8d:71:07:4c:
79:8d:ff:5c:8e:06:21:be:1b:d5:b6:3f:e9:68:97:06:49:4e:
b5:62:70:e3
-----BEGIN CERTIFICATE-----
MIIGODCCBSCgAwIBAgIUDr5JPFHp5o3E2OXX4p3MEKLmzJEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNTA0MDIwNjA0MzhaFw0yNjA0MDEwNjA5MzhaMDMxMTAvBgNV
BAMTKDJBREI1NDFFQTk0QUU5MjdBOTM5OUY5N0IxODE4NEIwNTQ1MEM4Q0MwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDK3/xPK/kBhRmvxMKcWG0kUvls
AaLIURyj9m1mpS4dIr9ztk1ht8xIk28mzJgAuF/sDWnRt7AfDgopJdkzYQHn98M+
6wEWZu98jsu7yns0aMNzVY1TPrbyzQ+K7OhpSovhlzED/9GhOw0zEEEH9ZsedX54
qTOItVbc5p9UBWrVavwFY4NR38bFbWQdu/tSEHwu3Nr5kEyz1IbUaVJ/Jhypwit6
h4yZYjacxug2qWqWsk4SSpBdp/5eA+qF6mMM3pZPQRdQJJthGUVpJidXYxd2/V0A
aFXcszqmBriXxdR36SSVXu7muYXXvgZIU/mo8cI/FEDn0sbNu5f5bbmAlQUHAgMB
AAGjggNCMIIDPjAdBgNVHQ4EFgQUKttUHqlK6SepOZ+XsYGEsFRQyMwwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMjk4MDIucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwggFWBggrBgEFBQcBBwEB/wSCAUUwggFBMIIBHgQCAAEw
ggEWAwQAAjkWAwQAAjocMAwDBAIF/EQDBAAF/EYDBAAF/EkDBAAF/KEDBAAtV7oD
BACNYlgDBACNYloDBACzPcMDBACzPeEDBAC1KdMDBAC1KdUDBAG1Kd4DBAC11iMD
BAC11jQDBAC11nsDBAC11tsDBAC11vIDBAC11y4DBAC11z0DBAC111kDBAC117cD
BAG5IigDBAK5gswDBAC5hwsDBAC5i+0DBAG5jaQDBAG5jhoDBAC5j+QDBAC5nocD
BAC5npQDBAG5rDoDBAG5rRgDBAG5rSADBAC5rj4DBAG/YCoDBAG/YDIDBAG/YEYD
BAC/YGEDBAC/YMADBAC/ZT4DBAG/ZaQDBAC/ZcwDBAC/Zf0DBADBHygwHQQCAAIw
FwMHASoD+8YAAAMFAyoJS0ADBQMqDhwAMA0GCSqGSIb3DQEBCwUAA4IBAQBIuzys
EKveRX1vZwTQipIJ12hSmDY/PbqARAglVIEGvWJhhIYTfjukVbLgG93cSYPH01GE
pcXD1AGbKww+QymRSTq72gK0VhgECstxDK1TXyCpOWEa9z+yA9GAhQ8tj09j7Q6O
AW66qz4eYeJqxJcQ4x5IoMGXuRp0ZjHaTyMP1+HPRDQPZf4pimtO6GjwQ6TQKBzH
n5sbFKhp7uV1138UnRknzQcj9Ili3DJeH9AUdcpUn8qv1QJt/NqKSbuxpiJCww4E
7wK8DCYzbE76o1G9TvqRfs/clhjSR542+NdeQo9l3zMtLo1xB0x5jf9cjgYhvhvV
tj/paJcGSU61YnDj
-----END CERTIFICATE-----
Generated at Sat Apr 5 06:27:06 2025 by rpki-client