Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS29802.roa
File: AS29802.roa (raw, json)
Hash identifier: XjQsWvUMRGCRkl3t2lh443Sbh8GAq+mMLyLXbTDtNDU=
Subject key identifier: C6:91:C8:31:46:1B:8B:B4:E5:BF:06:46:C9:5F:98:84:CC:FB:1C:68
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 4CF93507B09A83270EA2D21ADAE2D7C4F5237842
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS29802.roa
Signing time: Sat 31 May 2025 14:21:55 +0000
ROA not before: Sat 31 May 2025 14:16:55 +0000
ROA not after: Sat 30 May 2026 14:21:55 +0000
asID: 29802
IP address blocks: 46.202.232.0/22 maxlen: 24
46.202.240.0/22 maxlen: 24
46.203.108.0/22 maxlen: 24
46.203.116.0/22 maxlen: 24
46.203.128.0/22 maxlen: 24
46.203.140.0/22 maxlen: 24
46.203.198.0/24 maxlen: 24
46.203.201.0/24 maxlen: 24
46.203.206.0/24 maxlen: 24
46.203.209.0/24 maxlen: 24
91.124.130.0/24 maxlen: 24
91.124.149.0/24 maxlen: 24
92.112.134.0/24 maxlen: 24
92.112.136.0/24 maxlen: 24
92.112.139.0/24 maxlen: 24
92.112.145.0/24 maxlen: 24
92.112.148.0/24 maxlen: 24
92.112.150.0/24 maxlen: 24
92.112.168.0/24 maxlen: 24
92.112.169.0/24 maxlen: 24
92.112.173.0/24 maxlen: 24
92.112.174.0/24 maxlen: 24
92.112.203.0/24 maxlen: 24
92.113.83.0/24 maxlen: 24
92.113.103.0/24 maxlen: 24
92.113.162.0/24 maxlen: 24
92.113.232.0/24 maxlen: 24
92.113.233.0/24 maxlen: 24
92.113.237.0/24 maxlen: 24
92.113.238.0/24 maxlen: 24
92.113.242.0/24 maxlen: 24
92.113.243.0/24 maxlen: 24
95.135.60.0/24 maxlen: 24
178.93.112.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 04 Jun 2025 20:17:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4c:f9:35:07:b0:9a:83:27:0e:a2:d2:1a:da:e2:d7:c4:f5:23:78:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: May 31 14:16:55 2025 GMT
Not After : May 30 14:21:55 2026 GMT
Subject: CN=C691C831461B8BB4E5BF0646C95F9884CCFB1C68
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:9c:6e:83:e1:37:cf:eb:9e:1f:d2:98:81:e9:
5f:1b:67:a7:bc:15:a2:6e:42:2d:6d:c6:4a:42:9a:
e0:d7:01:67:e6:10:34:db:28:13:68:dc:fd:cf:9a:
a0:ab:aa:14:d1:9a:9e:17:23:f1:db:e7:35:98:ea:
32:f7:3b:2b:2f:2b:fb:b5:01:a8:af:39:6c:ef:40:
58:12:d5:49:69:c3:53:ae:09:6b:bf:8d:83:02:c4:
ad:7c:6a:b2:c5:4c:2b:9c:1f:e7:ba:e9:25:cb:5b:
cd:86:32:75:25:33:00:73:7a:aa:0b:2c:42:c0:d6:
2d:59:ed:a4:8f:00:7c:fa:7a:07:d1:5b:6c:66:90:
3a:fc:e2:bc:a0:59:b7:ae:6b:a3:15:cf:10:54:1d:
79:b1:c2:bc:a0:af:0f:9b:5a:ac:0a:9c:28:1c:40:
f8:2b:eb:36:20:d2:30:35:41:2b:28:f5:ed:2a:ed:
ab:5e:b3:99:cd:e4:ab:94:b6:80:93:7a:40:fa:4a:
5b:4b:8a:00:b5:e6:79:64:a7:ef:ea:0b:b4:d5:18:
ee:df:9c:da:b4:fb:ea:3d:1d:cb:6e:e3:0d:60:f5:
95:c3:39:1e:33:fe:90:65:3e:68:61:00:f5:51:24:
80:18:73:9b:d3:c0:e8:1e:6b:cb:29:25:0c:62:08:
37:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:91:C8:31:46:1B:8B:B4:E5:BF:06:46:C9:5F:98:84:CC:FB:1C:68
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS29802.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.202.232.0/22
46.202.240.0/22
46.203.108.0/22
46.203.116.0/22
46.203.128.0/22
46.203.140.0/22
46.203.198.0/24
46.203.201.0/24
46.203.206.0/24
46.203.209.0/24
91.124.130.0/24
91.124.149.0/24
92.112.134.0/24
92.112.136.0/24
92.112.139.0/24
92.112.145.0/24
92.112.148.0/24
92.112.150.0/24
92.112.168.0/23
92.112.173.0-92.112.174.255
92.112.203.0/24
92.113.83.0/24
92.113.103.0/24
92.113.162.0/24
92.113.232.0/23
92.113.237.0-92.113.238.255
92.113.242.0/23
95.135.60.0/24
178.93.112.0/22
Signature Algorithm: sha256WithRSAEncryption
91:b9:f9:40:38:6e:60:4f:8f:57:f1:31:95:ef:03:cf:2c:4c:
2c:62:c9:28:0a:fa:51:08:14:02:02:20:28:eb:98:2a:3c:9e:
b2:c7:1f:a9:ff:f4:60:76:be:ab:b6:02:d4:60:fd:10:89:2a:
41:eb:ab:f9:b2:18:c6:5e:bb:58:f6:47:01:41:3a:68:3b:10:
64:79:4f:c2:2c:a3:ba:6b:a0:0f:61:3b:66:17:4b:9c:17:c4:
4c:be:82:89:7c:90:64:db:82:58:d2:77:a6:05:9e:62:11:15:
2c:c4:e9:af:d6:62:6f:56:9f:d9:f9:96:ab:d6:d2:a6:e8:61:
c3:28:6f:95:a4:c3:f7:4e:63:77:51:0f:df:60:3e:61:8a:2d:
35:a0:18:9b:27:47:a9:09:9f:b6:d5:1a:c7:b3:c5:2f:f9:83:
24:c4:81:2a:46:1e:e8:8d:3f:0e:a5:7b:fe:01:e7:c0:56:a6:
39:f7:a9:6e:91:8c:f1:5f:69:bd:df:6a:f2:80:dc:e5:ae:1c:
83:74:f5:1c:d7:a2:78:df:0b:bc:ac:90:e3:1d:c4:20:e1:34:
b7:3f:92:f0:0a:f7:e2:88:ec:ee:2c:eb:03:e3:04:de:7b:18:
4d:bc:a9:64:aa:d6:92:e0:86:3d:1a:04:6a:06:09:b9:36:3a:
fa:09:b7:d5
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgIUTPk1B7CagycOotIa2uLXxPUjeEIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNTA1MzExNDE2NTVaFw0yNjA1MzAxNDIxNTVaMDMxMTAvBgNV
BAMTKEM2OTFDODMxNDYxQjhCQjRFNUJGMDY0NkM5NUY5ODg0Q0NGQjFDNjgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDNnG6D4TfP654f0piB6V8bZ6e8
FaJuQi1txkpCmuDXAWfmEDTbKBNo3P3PmqCrqhTRmp4XI/Hb5zWY6jL3OysvK/u1
AaivOWzvQFgS1Ulpw1OuCWu/jYMCxK18arLFTCucH+e66SXLW82GMnUlMwBzeqoL
LELA1i1Z7aSPAHz6egfRW2xmkDr84rygWbeua6MVzxBUHXmxwrygrw+bWqwKnCgc
QPgr6zYg0jA1QSso9e0q7ates5nN5KuUtoCTekD6SltLigC15nlkp+/qC7TVGO7f
nNq0++o9Hctu4w1g9ZXDOR4z/pBlPmhhAPVRJIAYc5vTwOgea8spJQxiCDd7AgMB
AAGjggLGMIICwjAdBgNVHQ4EFgQUxpHIMUYbi7TlvwZGyV+YhMz7HGgwHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTMjk4MDIucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwgdsGCCsGAQUFBwEHAQH/BIHLMIHIMIHFBAIAATCBvgME
Ai7K6AMEAi7K8AMEAi7LbAMEAi7LdAMEAi7LgAMEAi7LjAMEAC7LxgMEAC7LyQME
AC7LzgMEAC7L0QMEAFt8ggMEAFt8lQMEAFxwhgMEAFxwiAMEAFxwiwMEAFxwkQME
AFxwlAMEAFxwlgMEAVxwqDAMAwQAXHCtAwQAXHCuAwQAXHDLAwQAXHFTAwQAXHFn
AwQAXHGiAwQBXHHoMAwDBABcce0DBABcce4DBAFccfIDBABfhzwDBAKyXXAwDQYJ
KoZIhvcNAQELBQADggEBAJG5+UA4bmBPj1fxMZXvA88sTCxiySgK+lEIFAICICjr
mCo8nrLHH6n/9GB2vqu2AtRg/RCJKkHrq/myGMZeu1j2RwFBOmg7EGR5T8Iso7pr
oA9hO2YXS5wXxEy+gol8kGTbgljSd6YFnmIRFSzE6a/WYm9Wn9n5lqvW0qboYcMo
b5Wkw/dOY3dRD99gPmGKLTWgGJsnR6kJn7bVGsezxS/5gyTEgSpGHuiNPw6le/4B
58BWpjn3qW6RjPFfab3favKA3OWuHIN09RzXonjfC7yskOMdxCDhNLc/kvAK9+KI
7O4s6wPjBN57GE28qWSq1pLghj0aBGoGCbk2OvoJt9U=
-----END CERTIFICATE-----
Generated at Wed Jun 4 10:13:07 2025 by rpki-client