Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS29802.roa
File:                     AS29802.roa (raw, json)
Hash identifier:          bjBDuLRhHBto18f3o1J8rFxjvy0F73DsVTU7BVmPFak=
Subject key identifier:   9F:F8:16:36:CA:E0:5A:CC:64:F4:AB:8E:93:64:40:38:E3:0F:40:95
Certificate issuer:       /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial:       DBB0D8AAA968F5216456F4B681423CE1F48A1F
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS29802.roa
Signing time:             Wed 01 Jul 2026 00:09:01 +0000
ROA not before:           Wed 01 Jul 2026 00:04:01 +0000
ROA not after:            Wed 30 Jun 2027 00:09:01 +0000
asID:                     29802
IP address blocks:        2.57.22.0/24 maxlen: 24
                          2.58.28.0/24 maxlen: 24
                          5.182.110.0/24 maxlen: 24
                          5.252.68.0/24 maxlen: 24
                          5.252.69.0/24 maxlen: 24
                          5.252.70.0/24 maxlen: 24
                          5.252.71.0/24 maxlen: 24
                          5.252.73.0/24 maxlen: 24
                          5.252.161.0/24 maxlen: 24
                          45.87.186.0/24 maxlen: 24
                          45.95.22.0/24 maxlen: 24
                          92.119.33.0/24 maxlen: 24
                          141.98.88.0/24 maxlen: 24
                          141.98.90.0/24 maxlen: 24
                          179.61.143.0/24 maxlen: 24
                          179.61.158.0/24 maxlen: 24
                          179.61.195.0/24 maxlen: 24
                          181.41.213.0/24 maxlen: 24
                          181.41.222.0/23 maxlen: 24
                          181.214.35.0/24 maxlen: 24
                          181.214.52.0/24 maxlen: 24
                          181.214.123.0/24 maxlen: 24
                          181.214.219.0/24 maxlen: 24
                          181.214.242.0/24 maxlen: 24
                          181.215.37.0/24 maxlen: 24
                          181.215.46.0/24 maxlen: 24
                          181.215.61.0/24 maxlen: 24
                          181.215.89.0/24 maxlen: 24
                          181.215.165.0/24 maxlen: 24
                          181.215.183.0/24 maxlen: 24
                          181.215.231.0/24 maxlen: 24
                          185.34.40.0/24 maxlen: 24
                          185.34.41.0/24 maxlen: 24
                          185.130.204.0/22 maxlen: 24
                          185.135.8.0/24 maxlen: 24
                          185.135.11.0/24 maxlen: 24
                          185.141.164.0/23 maxlen: 24
                          185.142.26.0/24 maxlen: 24
                          185.142.27.0/24 maxlen: 24
                          185.143.228.0/24 maxlen: 24
                          185.145.37.0/24 maxlen: 24
                          185.158.148.0/24 maxlen: 24
                          185.172.58.0/23 maxlen: 24
                          185.173.24.0/23 maxlen: 24
                          185.173.32.0/23 maxlen: 24
                          185.174.62.0/24 maxlen: 24
                          191.96.42.0/23 maxlen: 24
                          191.96.50.0/23 maxlen: 24
                          191.96.70.0/23 maxlen: 24
                          191.96.97.0/24 maxlen: 24
                          191.96.109.0/24 maxlen: 24
                          191.96.167.0/24 maxlen: 24
                          191.96.188.0/24 maxlen: 24
                          191.96.189.0/24 maxlen: 24
                          191.96.192.0/24 maxlen: 24
                          191.101.62.0/24 maxlen: 24
                          191.101.65.0/24 maxlen: 24
                          191.101.73.0/24 maxlen: 24
                          191.101.93.0/24 maxlen: 24
                          191.101.134.0/24 maxlen: 24
                          191.101.164.0/23 maxlen: 24
                          191.101.205.0/24 maxlen: 24
                          191.101.253.0/24 maxlen: 24
                          193.31.40.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 02 Jul 2026 08:00:43 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            db:b0:d8:aa:a9:68:f5:21:64:56:f4:b6:81:42:3c:e1:f4:8a:1f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
        Validity
            Not Before: Jul  1 00:04:01 2026 GMT
            Not After : Jun 30 00:09:01 2027 GMT
        Subject: CN=9FF81636CAE05ACC64F4AB8E93644038E30F4095
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:82:33:80:78:8e:5b:40:9a:1a:06:85:4c:e7:
                    e7:8f:ac:07:ed:b2:8c:13:83:c2:54:68:2b:a6:18:
                    81:b6:13:93:bf:c9:8c:66:fc:10:c3:d2:f2:bf:2e:
                    b0:03:69:29:ea:0e:99:ad:ef:43:fd:3d:52:65:bb:
                    4a:f8:45:69:aa:48:e6:a8:11:2c:71:ff:48:32:10:
                    0f:97:7f:cc:62:4a:ce:ac:2a:39:81:fd:f2:da:cb:
                    68:a9:0a:6f:7f:c9:81:31:fc:d5:fa:62:9e:4c:cd:
                    c1:45:9e:20:ff:70:4e:de:7f:b8:b9:0e:f2:6e:41:
                    91:d6:0d:be:d7:55:d8:db:d4:cb:36:2b:3d:19:7a:
                    92:5c:58:d8:d9:31:39:c0:01:b9:37:8e:f5:22:96:
                    59:2d:c3:f2:87:aa:3b:17:63:3a:fe:f8:be:31:db:
                    ef:fc:ff:99:94:fc:57:3b:aa:51:68:a6:cd:d6:b5:
                    e7:20:01:c6:2a:cf:e8:74:78:ab:02:e2:87:f9:11:
                    36:80:63:2f:e8:2a:1b:3d:af:85:a9:71:b4:6d:55:
                    62:f0:78:25:3f:88:36:dc:37:6f:0e:14:46:2f:24:
                    0b:9c:a4:c4:37:1a:03:dc:bb:fd:c9:06:e0:c8:38:
                    0c:6d:ba:5a:ac:08:3a:b3:96:80:e0:f5:09:a2:2a:
                    5a:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9F:F8:16:36:CA:E0:5A:CC:64:F4:AB:8E:93:64:40:38:E3:0F:40:95
            X509v3 Authority Key Identifier:
                keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS29802.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  2.57.22.0/24
                  2.58.28.0/24
                  5.182.110.0/24
                  5.252.68.0/22
                  5.252.73.0/24
                  5.252.161.0/24
                  45.87.186.0/24
                  45.95.22.0/24
                  92.119.33.0/24
                  141.98.88.0/24
                  141.98.90.0/24
                  179.61.143.0/24
                  179.61.158.0/24
                  179.61.195.0/24
                  181.41.213.0/24
                  181.41.222.0/23
                  181.214.35.0/24
                  181.214.52.0/24
                  181.214.123.0/24
                  181.214.219.0/24
                  181.214.242.0/24
                  181.215.37.0/24
                  181.215.46.0/24
                  181.215.61.0/24
                  181.215.89.0/24
                  181.215.165.0/24
                  181.215.183.0/24
                  181.215.231.0/24
                  185.34.40.0/23
                  185.130.204.0/22
                  185.135.8.0/24
                  185.135.11.0/24
                  185.141.164.0/23
                  185.142.26.0/23
                  185.143.228.0/24
                  185.145.37.0/24
                  185.158.148.0/24
                  185.172.58.0/23
                  185.173.24.0/23
                  185.173.32.0/23
                  185.174.62.0/24
                  191.96.42.0/23
                  191.96.50.0/23
                  191.96.70.0/23
                  191.96.97.0/24
                  191.96.109.0/24
                  191.96.167.0/24
                  191.96.188.0/23
                  191.96.192.0/24
                  191.101.62.0/24
                  191.101.65.0/24
                  191.101.73.0/24
                  191.101.93.0/24
                  191.101.134.0/24
                  191.101.164.0/23
                  191.101.205.0/24
                  191.101.253.0/24
                  193.31.40.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7a:4a:77:5c:12:aa:cd:62:26:9f:25:a2:29:99:ea:0a:e7:39:
         59:57:0f:75:d9:ea:04:3c:46:d7:42:ba:e7:b7:91:eb:26:be:
         f6:53:a0:63:bc:42:9e:5d:2a:db:e1:0d:b5:8a:36:05:c5:95:
         78:85:df:cb:0e:44:d2:5b:99:1d:a0:66:f8:2a:f7:5a:d8:f1:
         19:8f:de:08:9b:26:a3:a8:ff:02:11:e1:07:40:a4:73:84:7f:
         75:99:76:91:09:27:f2:10:96:41:5c:9a:5e:7d:48:a2:ad:0a:
         93:77:96:13:10:e0:75:fd:a0:95:ee:66:88:39:35:e7:68:90:
         e5:e6:5c:66:b5:25:e1:e3:06:27:0e:30:be:5a:7f:ab:38:ae:
         5a:5d:13:24:c7:2d:8a:66:a1:fe:50:47:c0:39:8e:83:7b:7a:
         dc:39:58:dd:68:76:c0:59:dc:ed:34:de:c7:66:a2:9b:2b:64:
         db:12:0f:22:f5:7f:7f:f4:a9:f8:8d:43:fc:61:43:d2:45:e1:
         58:a6:c4:27:34:4e:93:ef:69:65:b2:af:92:4b:ad:81:4c:ef:
         17:b9:77:b2:a5:0f:8e:10:08:64:bd:3d:b8:5a:8d:bc:b3:41:
         ea:18:13:7a:7d:56:d3:e9:53:72:a7:02:4c:99:d2:52:05:6f:
         59:b3:dd:9b
-----BEGIN CERTIFICATE-----
MIIGXzCCBUegAwIBAgIUANuw2KqpaPUhZFb0toFCPOH0ih8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNjA3MDEwMDA0MDFaFw0yNzA2MzAwMDA5MDFaMDMxMTAvBgNV
BAMTKDlGRjgxNjM2Q0FFMDVBQ0M2NEY0QUI4RTkzNjQ0MDM4RTMwRjQwOTUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDGgjOAeI5bQJoaBoVM5+ePrAft
sowTg8JUaCumGIG2E5O/yYxm/BDD0vK/LrADaSnqDpmt70P9PVJlu0r4RWmqSOao
ESxx/0gyEA+Xf8xiSs6sKjmB/fLay2ipCm9/yYEx/NX6Yp5MzcFFniD/cE7ef7i5
DvJuQZHWDb7XVdjb1Ms2Kz0ZepJcWNjZMTnAAbk3jvUillktw/KHqjsXYzr++L4x
2+/8/5mU/Fc7qlFops3WtecgAcYqz+h0eKsC4of5ETaAYy/oKhs9r4WpcbRtVWLw
eCU/iDbcN28OFEYvJAucpMQ3GgPcu/3JBuDIOAxtulqsCDqzloDg9QmiKlrlAgMB
AAGjggNpMIIDZTAdBgNVHQ4EFgQUn/gWNsrgWsxk9KuOk2RAOOMPQJUwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMjk4MDIucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwggF9BggrBgEFBQcBBwEB/wSCAWwwggFoMIIBZAQCAAEw
ggFcAwQAAjkWAwQAAjocAwQABbZuAwQCBfxEAwQABfxJAwQABfyhAwQALVe6AwQA
LV8WAwQAXHchAwQAjWJYAwQAjWJaAwQAsz2PAwQAsz2eAwQAsz3DAwQAtSnVAwQB
tSneAwQAtdYjAwQAtdY0AwQAtdZ7AwQAtdbbAwQAtdbyAwQAtdclAwQAtdcuAwQA
tdc9AwQAtddZAwQAtdelAwQAtde3AwQAtdfnAwQBuSIoAwQCuYLMAwQAuYcIAwQA
uYcLAwQBuY2kAwQBuY4aAwQAuY/kAwQAuZElAwQAuZ6UAwQBuaw6AwQBua0YAwQB
ua0gAwQAua4+AwQBv2AqAwQBv2AyAwQBv2BGAwQAv2BhAwQAv2BtAwQAv2CnAwQB
v2C8AwQAv2DAAwQAv2U+AwQAv2VBAwQAv2VJAwQAv2VdAwQAv2WGAwQBv2WkAwQA
v2XNAwQAv2X9AwQAwR8oMA0GCSqGSIb3DQEBCwUAA4IBAQB6SndcEqrNYiafJaIp
meoK5zlZVw912eoEPEbXQrrnt5HrJr72U6BjvEKeXSrb4Q21ijYFxZV4hd/LDkTS
W5kdoGb4Kvda2PEZj94ImyajqP8CEeEHQKRzhH91mXaRCSfyEJZBXJpefUiirQqT
d5YTEOB1/aCV7maIOTXnaJDl5lxmtSXh4wYnDjC+Wn+rOK5aXRMkxy2KZqH+UEfA
OY6De3rcOVjdaHbAWdztNN7HZqKbK2TbEg8i9X9/9Kn4jUP8YUPSReFYpsQnNE6T
72llsq+SS62BTO8XuXeypQ+OEAhkvT24Wo28s0HqGBN6fVbT6VNypwJMmdJSBW9Z
s92b
-----END CERTIFICATE-----
Generated at Wed Jul 1 13:52:00 2026 by rpki-client