Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS29802.roa
File: AS29802.roa (raw, json)
Hash identifier: 4woWTE3V5bUadn/yp/6826HWAi6S4XD2BbI2cUvUKrA=
Subject key identifier: DA:3E:A2:47:F2:4A:4B:5A:52:A4:9A:3E:54:DC:AD:4A:4F:89:59:18
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 0B62AAE29B19C4E7DFF484EF85B74FD1951B8DA8
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS29802.roa
Signing time: Thu 21 Nov 2024 15:36:23 +0000
ROA not before: Thu 21 Nov 2024 15:31:23 +0000
ROA not after: Thu 20 Nov 2025 15:36:23 +0000
asID: 29802
IP address blocks: 2.57.22.0/24 maxlen: 24
2.58.28.0/24 maxlen: 24
5.252.68.0/24 maxlen: 24
5.252.69.0/24 maxlen: 24
5.252.70.0/24 maxlen: 24
5.252.73.0/24 maxlen: 24
5.252.161.0/24 maxlen: 24
45.87.186.0/24 maxlen: 24
141.98.88.0/24 maxlen: 24
141.98.90.0/24 maxlen: 24
179.61.195.0/24 maxlen: 24
179.61.225.0/24 maxlen: 24
181.41.211.0/24 maxlen: 24
181.41.213.0/24 maxlen: 24
181.41.222.0/23 maxlen: 24
181.214.35.0/24 maxlen: 24
181.214.52.0/24 maxlen: 24
181.214.91.0/24 maxlen: 24
181.214.123.0/24 maxlen: 24
181.214.219.0/24 maxlen: 24
181.214.233.0/24 maxlen: 24
181.214.242.0/24 maxlen: 24
181.214.243.0/24 maxlen: 24
181.214.254.0/24 maxlen: 24
181.215.46.0/24 maxlen: 24
181.215.61.0/24 maxlen: 24
181.215.89.0/24 maxlen: 24
181.215.183.0/24 maxlen: 24
181.215.201.0/24 maxlen: 24
181.215.203.0/24 maxlen: 24
181.215.247.0/24 maxlen: 24
185.34.40.0/24 maxlen: 24
185.34.41.0/24 maxlen: 24
185.130.204.0/22 maxlen: 24
185.135.11.0/24 maxlen: 24
185.139.237.0/24 maxlen: 24
185.141.164.0/23 maxlen: 24
185.142.26.0/24 maxlen: 24
185.142.27.0/24 maxlen: 24
185.143.228.0/24 maxlen: 24
185.158.135.0/24 maxlen: 24
185.158.148.0/24 maxlen: 24
185.172.58.0/23 maxlen: 24
185.173.24.0/23 maxlen: 24
185.173.32.0/23 maxlen: 24
185.174.62.0/24 maxlen: 24
191.96.42.0/23 maxlen: 24
191.96.50.0/23 maxlen: 24
191.96.70.0/23 maxlen: 24
191.96.97.0/24 maxlen: 24
191.96.192.0/24 maxlen: 24
191.101.22.0/24 maxlen: 24
191.101.62.0/24 maxlen: 24
191.101.164.0/23 maxlen: 24
191.101.204.0/24 maxlen: 24
191.101.253.0/24 maxlen: 24
193.31.40.0/24 maxlen: 24
2a03:fbc6::/47 maxlen: 48
2a03:fbc6:1::/48 maxlen: 48
2a09:4b40::/29 maxlen: 48
2a09:4b44::/48 maxlen: 48
2a09:4b44:2::/48 maxlen: 48
2a09:4b44:3::/48 maxlen: 48
2a09:4b44:4::/48 maxlen: 48
2a09:4b44:5::/48 maxlen: 48
2a09:4b44:6::/48 maxlen: 48
2a09:4b44:7::/48 maxlen: 48
2a09:4b44:8::/48 maxlen: 48
2a09:4b44:9::/48 maxlen: 48
2a09:4b44:b::/48 maxlen: 48
2a09:4b44:d::/48 maxlen: 48
2a09:4b44:21::/48 maxlen: 48
2a09:4b44:23::/48 maxlen: 48
2a0e:1c00::/29 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 09:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0b:62:aa:e2:9b:19:c4:e7:df:f4:84:ef:85:b7:4f:d1:95:1b:8d:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Nov 21 15:31:23 2024 GMT
Not After : Nov 20 15:36:23 2025 GMT
Subject: CN=DA3EA247F24A4B5A52A49A3E54DCAD4A4F895918
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:ed:64:ef:e7:7d:9c:ec:59:1b:a3:13:9b:9d:
e2:fc:87:0a:3f:d3:4f:9b:46:63:04:8f:bb:60:9b:
cb:dd:a9:56:61:20:41:ca:9f:a2:a9:bf:42:44:97:
05:fa:91:49:1a:50:ea:17:1c:94:10:0a:31:0a:24:
92:db:5e:46:45:61:0d:73:7f:da:3b:d4:fd:a0:1c:
43:de:25:b4:d0:d5:33:7a:90:06:14:c3:71:82:66:
fe:17:49:da:30:29:84:fb:45:3d:b3:73:96:aa:53:
c3:b7:c7:52:c7:57:c4:cf:6b:db:9b:ee:72:e2:33:
81:a1:9b:8a:ef:bf:80:b3:2a:1c:74:56:14:ad:10:
22:dd:79:41:da:79:57:59:31:32:36:9d:a2:98:36:
78:0d:72:2b:5e:e3:61:e2:d6:70:63:09:a3:32:ed:
cc:7c:40:43:ac:56:2f:77:17:32:3e:1a:c6:58:44:
54:b5:53:94:49:23:0b:77:1b:3e:38:da:82:a3:a6:
61:f0:8c:53:1b:6e:f0:80:89:af:63:f8:bd:38:bd:
70:cf:3e:f4:32:ea:2f:a5:92:c0:f3:c0:d2:bb:b7:
d9:a0:05:d2:d4:42:63:35:ed:08:45:18:e5:7d:f8:
09:14:0a:6d:ec:fe:cc:c5:9e:91:96:1d:0a:54:58:
d1:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:3E:A2:47:F2:4A:4B:5A:52:A4:9A:3E:54:DC:AD:4A:4F:89:59:18
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS29802.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.57.22.0/24
2.58.28.0/24
5.252.68.0-5.252.70.255
5.252.73.0/24
5.252.161.0/24
45.87.186.0/24
141.98.88.0/24
141.98.90.0/24
179.61.195.0/24
179.61.225.0/24
181.41.211.0/24
181.41.213.0/24
181.41.222.0/23
181.214.35.0/24
181.214.52.0/24
181.214.91.0/24
181.214.123.0/24
181.214.219.0/24
181.214.233.0/24
181.214.242.0/23
181.214.254.0/24
181.215.46.0/24
181.215.61.0/24
181.215.89.0/24
181.215.183.0/24
181.215.201.0/24
181.215.203.0/24
181.215.247.0/24
185.34.40.0/23
185.130.204.0/22
185.135.11.0/24
185.139.237.0/24
185.141.164.0/23
185.142.26.0/23
185.143.228.0/24
185.158.135.0/24
185.158.148.0/24
185.172.58.0/23
185.173.24.0/23
185.173.32.0/23
185.174.62.0/24
191.96.42.0/23
191.96.50.0/23
191.96.70.0/23
191.96.97.0/24
191.96.192.0/24
191.101.22.0/24
191.101.62.0/24
191.101.164.0/23
191.101.204.0/24
191.101.253.0/24
193.31.40.0/24
IPv6:
2a03:fbc6::/47
2a09:4b40::/29
2a0e:1c00::/29
Signature Algorithm: sha256WithRSAEncryption
b6:d2:a3:ce:8f:6f:42:9b:56:ef:57:7b:81:95:04:d7:9c:3e:
2d:27:e4:50:cd:1f:96:6f:e7:a7:91:f4:2b:c6:87:1f:01:61:
f1:3d:d8:cf:ad:43:10:3e:50:58:10:89:b2:74:1c:42:df:f7:
a3:e2:a7:7e:14:c4:2e:ef:d1:20:30:96:fe:bc:c4:53:e3:94:
e5:a8:a1:58:e7:33:26:3b:27:40:a9:d4:0c:7e:08:41:c7:df:
32:a1:de:29:30:8e:c6:a2:10:3b:97:a0:f6:88:e7:cb:42:10:
02:c8:1a:ba:c8:fe:0d:39:f5:99:9d:6e:49:15:21:98:dd:45:
7c:a1:23:66:4f:ad:72:6d:c5:5c:2a:ca:7d:a4:8b:05:ca:ca:
f6:b4:3b:d1:49:98:61:6b:d3:68:dd:ee:07:95:63:ea:a5:eb:
4f:69:32:79:a3:54:7e:ba:10:be:d3:1c:32:14:53:24:78:e6:
34:84:52:10:04:11:96:55:ce:3a:a9:3a:df:54:3a:92:2d:c5:
e6:86:84:69:4d:c4:ed:aa:61:02:ec:dc:81:4f:40:42:58:4d:
c0:3a:13:c8:d6:90:b8:ea:8e:3e:ad:d0:73:3a:26:b4:03:28:
8e:f7:95:39:93:67:a9:77:01:78:1c:ed:d9:fd:b5:ae:99:c7:
fa:a4:75:cc
-----BEGIN CERTIFICATE-----
MIIGYjCCBUqgAwIBAgIUC2Kq4psZxOff9ITvhbdP0ZUbjagwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNDExMjExNTMxMjNaFw0yNTExMjAxNTM2MjNaMDMxMTAvBgNV
BAMTKERBM0VBMjQ3RjI0QTRCNUE1MkE0OUEzRTU0RENBRDRBNEY4OTU5MTgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCL7WTv532c7FkboxObneL8hwo/
00+bRmMEj7tgm8vdqVZhIEHKn6Kpv0JElwX6kUkaUOoXHJQQCjEKJJLbXkZFYQ1z
f9o71P2gHEPeJbTQ1TN6kAYUw3GCZv4XSdowKYT7RT2zc5aqU8O3x1LHV8TPa9ub
7nLiM4Ghm4rvv4CzKhx0VhStECLdeUHaeVdZMTI2naKYNngNcite42Hi1nBjCaMy
7cx8QEOsVi93FzI+GsZYRFS1U5RJIwt3Gz442oKjpmHwjFMbbvCAia9j+L04vXDP
PvQy6i+lksDzwNK7t9mgBdLUQmM17QhFGOV9+AkUCm3s/szFnpGWHQpUWNFrAgMB
AAGjggNsMIIDaDAdBgNVHQ4EFgQU2j6iR/JKS1pSpJo+VNytSk+JWRgwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMjk4MDIucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwggGABggrBgEFBQcBBwEB/wSCAW8wggFrMIIBSAQCAAEw
ggFAAwQAAjkWAwQAAjocMAwDBAIF/EQDBAAF/EYDBAAF/EkDBAAF/KEDBAAtV7oD
BACNYlgDBACNYloDBACzPcMDBACzPeEDBAC1KdMDBAC1KdUDBAG1Kd4DBAC11iMD
BAC11jQDBAC11lsDBAC11nsDBAC11tsDBAC11ukDBAG11vIDBAC11v4DBAC11y4D
BAC11z0DBAC111kDBAC117cDBAC118kDBAC118sDBAC11/cDBAG5IigDBAK5gswD
BAC5hwsDBAC5i+0DBAG5jaQDBAG5jhoDBAC5j+QDBAC5nocDBAC5npQDBAG5rDoD
BAG5rRgDBAG5rSADBAC5rj4DBAG/YCoDBAG/YDIDBAG/YEYDBAC/YGEDBAC/YMAD
BAC/ZRYDBAC/ZT4DBAG/ZaQDBAC/ZcwDBAC/Zf0DBADBHygwHQQCAAIwFwMHASoD
+8YAAAMFAyoJS0ADBQMqDhwAMA0GCSqGSIb3DQEBCwUAA4IBAQC20qPOj29Cm1bv
V3uBlQTXnD4tJ+RQzR+Wb+enkfQrxocfAWHxPdjPrUMQPlBYEImydBxC3/ej4qd+
FMQu79EgMJb+vMRT45TlqKFY5zMmOydAqdQMfghBx98yod4pMI7GohA7l6D2iOfL
QhACyBq6yP4NOfWZnW5JFSGY3UV8oSNmT61ybcVcKsp9pIsFysr2tDvRSZhha9No
3e4HlWPqpetPaTJ5o1R+uhC+0xwyFFMkeOY0hFIQBBGWVc46qTrfVDqSLcXmhoRp
TcTtqmEC7NyBT0BCWE3AOhPI1pC46o4+rdBzOia0AyiO95U5k2epdwF4HO3Z/bWu
mcf6pHXM
-----END CERTIFICATE-----
Generated at Thu Nov 21 18:06:11 2024 by rpki-client on console-fra.rpki-client.org