Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/AS7029.roa
File: AS7029.roa (raw, json)
Hash identifier: dMjwcqkm30tBZ/jG//AuOGpnuw+vXNgfcqFbukR+xCM=
Subject key identifier: EE:87:04:7C:E9:8B:81:43:0B:DF:71:12:1F:3D:1B:62:66:54:77:22
Certificate issuer: /CN=88c14ec02adbf083138eddd47871176ddeb93d9d
Certificate serial: 7E7F97C710533888A078828E0C7DEAC78141535A
Authority key identifier: 88:C1:4E:C0:2A:DB:F0:83:13:8E:DD:D4:78:71:17:6D:DE:B9:3D:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/AS7029.roa
Signing time: Tue 26 May 2026 16:00:26 +0000
ROA not before: Tue 26 May 2026 15:55:26 +0000
ROA not after: Tue 25 May 2027 16:00:26 +0000
asID: 7029
IP address blocks: 143.20.153.0/24 maxlen: 24
143.20.198.0/24 maxlen: 24
143.20.219.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.crl
rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.mft
rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 03 Jun 2026 15:48:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7e:7f:97:c7:10:53:38:88:a0:78:82:8e:0c:7d:ea:c7:81:41:53:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88c14ec02adbf083138eddd47871176ddeb93d9d
Validity
Not Before: May 26 15:55:26 2026 GMT
Not After : May 25 16:00:26 2027 GMT
Subject: CN=EE87047CE98B81430BDF71121F3D1B6266547722
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:02:79:1a:f9:f1:d7:8f:1f:22:ef:d9:96:5b:
6c:42:7f:8f:b6:16:0f:1f:56:68:ce:67:87:9d:16:
e9:61:c5:0c:7b:3f:37:c8:1b:6d:0a:ee:5a:e0:78:
db:49:22:3f:dd:45:3d:94:e1:a0:2a:7f:7c:fa:fa:
2e:4c:ea:9c:e2:e3:bf:b9:0a:fb:e5:f7:80:f3:85:
95:d7:f8:82:25:90:ee:e8:8c:3b:60:b9:c5:68:59:
cd:79:bf:29:d9:b8:f4:ac:b2:0d:54:9a:1e:87:9f:
5d:37:d3:53:d8:df:2e:36:38:55:19:18:52:97:ce:
b3:be:11:87:a8:cc:90:9e:f0:11:b8:70:8a:43:ef:
ab:94:b7:ac:a0:c4:1e:fb:6d:c5:04:09:0b:30:26:
df:0b:0c:21:fc:f7:d2:27:0a:d6:17:59:48:02:55:
35:58:d6:43:73:0f:95:a6:dc:8f:db:74:d2:79:3a:
2a:8a:74:7f:ca:45:84:42:70:59:84:fb:2f:fa:95:
07:98:61:5a:1d:e6:7f:bc:ee:d9:c9:79:e9:d8:44:
0f:54:a0:12:4a:d0:ad:f5:8c:80:2f:fd:e7:d7:18:
e4:fe:fd:67:6a:6d:68:8f:cc:3f:b2:6c:0d:8c:1f:
6b:df:a7:b8:64:92:5a:ee:90:12:ff:61:94:3b:2e:
a8:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:87:04:7C:E9:8B:81:43:0B:DF:71:12:1F:3D:1B:62:66:54:77:22
X509v3 Authority Key Identifier:
keyid:88:C1:4E:C0:2A:DB:F0:83:13:8E:DD:D4:78:71:17:6D:DE:B9:3D:9D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/AS7029.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.20.153.0/24
143.20.198.0/24
143.20.219.0/24
Signature Algorithm: sha256WithRSAEncryption
d3:20:63:b5:c2:c6:77:e0:dd:9f:52:61:6c:a4:b0:38:44:48:
54:da:fb:c9:68:dd:d0:02:8c:56:15:e5:d9:9f:8d:b0:ce:d2:
c2:47:76:4d:54:27:96:db:89:78:74:fd:3f:bb:77:9f:4e:9c:
d2:9c:9b:f1:16:b1:38:e0:4b:54:0d:47:70:51:9a:0d:f6:9b:
c0:cc:45:4b:f0:11:46:56:10:9f:b6:7b:00:3c:62:bd:8b:df:
54:39:87:91:19:69:db:03:53:de:33:a4:da:3d:70:56:c6:50:
04:c9:3d:1c:ca:68:a4:6f:97:83:f5:85:99:0c:7c:61:07:74:
1b:91:83:e8:18:a2:cb:d6:6b:f5:e9:08:c0:9f:66:b8:15:0d:
52:5e:e1:37:55:9f:b1:56:d8:ed:f8:c1:de:e3:4b:c2:d0:b9:
27:6f:17:47:5f:47:c3:31:6f:36:01:7b:5b:fa:2f:6d:05:17:
58:7a:fd:7c:b3:f3:a7:ea:36:84:eb:3a:d8:05:f5:29:40:2c:
e6:4e:ca:d3:d1:d2:b0:e4:e8:ca:84:be:65:83:2f:b9:d4:4a:
dc:50:91:15:f1:8d:10:8d:6a:49:52:d5:db:b5:c9:f1:a1:f6:
a7:42:6d:74:6e:a0:34:bb:ec:a7:ac:7e:df:b7:a4:4b:8d:68:
50:0e:4d:b2
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgIUfn+XxxBTOIigeIKODH3qx4FBU1owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODhjMTRlYzAyYWRiZjA4MzEzOGVkZGQ0Nzg3MTE3NmRk
ZWI5M2Q5ZDAeFw0yNjA1MjYxNTU1MjZaFw0yNzA1MjUxNjAwMjZaMDMxMTAvBgNV
BAMTKEVFODcwNDdDRTk4QjgxNDMwQkRGNzExMjFGM0QxQjYyNjY1NDc3MjIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQClAnka+fHXjx8i79mWW2xCf4+2
Fg8fVmjOZ4edFulhxQx7PzfIG20K7lrgeNtJIj/dRT2U4aAqf3z6+i5M6pzi47+5
Cvvl94DzhZXX+IIlkO7ojDtgucVoWc15vynZuPSssg1Umh6Hn10301PY3y42OFUZ
GFKXzrO+EYeozJCe8BG4cIpD76uUt6ygxB77bcUECQswJt8LDCH899InCtYXWUgC
VTVY1kNzD5Wm3I/bdNJ5OiqKdH/KRYRCcFmE+y/6lQeYYVod5n+87tnJeenYRA9U
oBJK0K31jIAv/efXGOT+/WdqbWiPzD+ybA2MH2vfp7hkklrukBL/YZQ7LqiJAgMB
AAGjggIUMIICEDAdBgNVHQ4EFgQU7ocEfOmLgUML33ESHz0bYmZUdyIwHwYDVR0j
BBgwFoAUiMFOwCrb8IMTjt3UeHEXbd65PZ0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQwOWQ3YjItZWU2NC00OWYxLWFkODEtOGU0YTEwN2Q2
MmUwLzAvODhDMTRFQzAyQURCRjA4MzEzOEVEREQ0Nzg3MTE3NkRERUI5M0Q5RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2lNRk93Q3JiOElNVGp0M1VlSEVYYmQ2
NVBaMC5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0MDlkN2IyLWVlNjQt
NDlmMS1hZDgxLThlNGExMDdkNjJlMC8wL0FTNzAyOS5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjArBggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEAI8UmQME
AI8UxgMEAI8U2zANBgkqhkiG9w0BAQsFAAOCAQEA0yBjtcLGd+Ddn1JhbKSwOERI
VNr7yWjd0AKMVhXl2Z+NsM7Swkd2TVQnltuJeHT9P7t3n06c0pyb8RaxOOBLVA1H
cFGaDfabwMxFS/ARRlYQn7Z7ADxivYvfVDmHkRlp2wNT3jOk2j1wVsZQBMk9HMpo
pG+Xg/WFmQx8YQd0G5GD6Biiy9Zr9ekIwJ9muBUNUl7hN1WfsVbY7fjB3uNLwtC5
J28XR19HwzFvNgF7W/ovbQUXWHr9fLPzp+o2hOs62AX1KUAs5k7K09HSsOToyoS+
ZYMvudRK3FCRFfGNEI1qSVLV27XJ8aH2p0JtdG6gNLvsp6x+37ekS41oUA5Nsg==
-----END CERTIFICATE-----
Generated at Tue Jun 2 22:04:37 2026 by rpki-client