Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS29802.roa
File: AS29802.roa (raw, json)
Hash identifier: IqEMryLr0VTjYvSXxkG1giEHpQKkHYSstOUHPiBVGfI=
Subject key identifier: DE:D5:6B:FB:8D:4E:4F:60:B2:E3:E0:7B:BC:98:2C:F8:17:29:D4:B0
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 7D3D0BF12A2DFFBBEBBCF5AEE83EB95E1E6BD795
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS29802.roa
Signing time: Thu 02 Jan 2025 14:13:55 +0000
ROA not before: Thu 02 Jan 2025 14:08:55 +0000
ROA not after: Thu 01 Jan 2026 14:13:55 +0000
asID: 29802
IP address blocks: 46.202.232.0/22 maxlen: 24
46.202.240.0/22 maxlen: 24
46.203.108.0/22 maxlen: 24
46.203.116.0/22 maxlen: 24
46.203.128.0/22 maxlen: 24
46.203.140.0/22 maxlen: 24
46.203.198.0/24 maxlen: 24
46.203.201.0/24 maxlen: 24
46.203.206.0/24 maxlen: 24
46.203.209.0/24 maxlen: 24
91.124.130.0/24 maxlen: 24
91.124.149.0/24 maxlen: 24
92.112.134.0/24 maxlen: 24
92.112.136.0/24 maxlen: 24
92.112.139.0/24 maxlen: 24
92.112.145.0/24 maxlen: 24
92.112.148.0/24 maxlen: 24
92.112.150.0/24 maxlen: 24
92.112.168.0/24 maxlen: 24
92.112.169.0/24 maxlen: 24
92.112.173.0/24 maxlen: 24
92.112.174.0/24 maxlen: 24
92.112.203.0/24 maxlen: 24
92.113.83.0/24 maxlen: 24
92.113.103.0/24 maxlen: 24
92.113.162.0/24 maxlen: 24
92.113.232.0/24 maxlen: 24
92.113.233.0/24 maxlen: 24
92.113.237.0/24 maxlen: 24
92.113.238.0/24 maxlen: 24
92.113.242.0/24 maxlen: 24
92.113.243.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Feb 2025 05:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7d:3d:0b:f1:2a:2d:ff:bb:eb:bc:f5:ae:e8:3e:b9:5e:1e:6b:d7:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Jan 2 14:08:55 2025 GMT
Not After : Jan 1 14:13:55 2026 GMT
Subject: CN=DED56BFB8D4E4F60B2E3E07BBC982CF81729D4B0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:90:ae:80:c9:b0:8a:9b:af:56:dd:dc:c9:27:
c6:6b:47:49:99:f4:b4:e8:9a:c1:57:41:01:31:84:
e2:62:17:46:ec:e7:0b:4c:a5:da:87:1d:ac:07:bb:
64:f7:79:ed:0e:e0:2d:fe:fe:ea:cd:7e:f7:35:aa:
33:9d:89:86:fc:3f:bc:24:b5:01:5c:cb:4b:a6:2f:
75:85:4a:4f:35:5a:05:a4:21:59:5c:12:b1:f4:fe:
ad:a0:57:05:4c:6d:2b:78:3d:a9:39:29:b1:51:26:
94:d8:76:2a:51:74:de:02:c8:0a:7b:8f:e8:b4:8a:
08:6b:cf:c3:47:77:ec:71:bf:2a:4a:31:61:94:39:
93:43:87:da:f7:60:db:20:d2:f4:50:52:df:7e:44:
f4:98:77:fa:b9:b0:e9:08:e4:4e:92:2b:60:a8:1d:
2b:d0:2b:cf:25:3c:a6:7a:5f:f7:fe:68:b0:58:5d:
21:7f:9a:14:0f:82:80:c2:47:13:d6:6e:73:54:8c:
62:8c:41:c3:3b:08:66:a0:de:a6:67:f4:e7:ff:a4:
a1:45:da:e6:a5:be:bf:75:92:14:26:ec:38:0e:0e:
5f:ee:cf:c7:19:fb:d0:46:ad:8a:70:0e:4f:4d:ba:
44:39:61:3d:af:24:ed:9c:9c:b7:7f:cc:8d:d7:d4:
c9:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:D5:6B:FB:8D:4E:4F:60:B2:E3:E0:7B:BC:98:2C:F8:17:29:D4:B0
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS29802.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.202.232.0/22
46.202.240.0/22
46.203.108.0/22
46.203.116.0/22
46.203.128.0/22
46.203.140.0/22
46.203.198.0/24
46.203.201.0/24
46.203.206.0/24
46.203.209.0/24
91.124.130.0/24
91.124.149.0/24
92.112.134.0/24
92.112.136.0/24
92.112.139.0/24
92.112.145.0/24
92.112.148.0/24
92.112.150.0/24
92.112.168.0/23
92.112.173.0-92.112.174.255
92.112.203.0/24
92.113.83.0/24
92.113.103.0/24
92.113.162.0/24
92.113.232.0/23
92.113.237.0-92.113.238.255
92.113.242.0/23
Signature Algorithm: sha256WithRSAEncryption
88:4c:8f:49:63:d1:64:90:09:09:e3:04:98:47:30:6c:c5:32:
12:55:c3:47:95:b1:6f:6d:c9:48:ea:86:d4:22:08:8c:9c:3e:
7d:a6:7a:30:66:11:4e:89:75:ef:51:fe:ef:c6:e2:fc:5f:36:
98:7b:64:aa:d4:d7:b7:3c:6d:df:c0:72:e2:e4:fb:5c:b9:7e:
14:ea:26:9c:ce:f8:0c:f2:ba:7c:de:08:61:c6:21:0d:f1:3f:
df:41:44:4f:b5:3c:19:ad:65:bb:6c:fb:6e:9a:1a:63:c2:2f:
2b:dc:ef:2a:c0:ef:5d:47:73:b4:86:0e:ee:b3:97:1a:cc:f3:
fc:e6:f3:78:b8:b6:d2:f2:32:6e:33:6f:e2:88:0f:b1:73:80:
84:ff:7d:ef:bf:e7:06:66:ac:e8:07:58:e5:74:b9:71:c9:be:
d8:49:6e:04:3c:a7:5f:2c:d6:66:b9:8c:54:3d:3e:de:af:57:
9c:ee:1d:07:c3:5d:de:2b:ce:51:01:6d:51:9e:7c:40:c7:b0:
bd:38:1b:fc:f0:92:00:2e:02:35:c3:45:36:d9:24:b2:07:05:
da:5f:66:5d:c0:6c:74:f7:a3:83:f1:6a:c6:05:4d:49:74:7f:
41:cc:d5:2a:8a:cf:4a:a0:84:ae:56:96:38:f9:5b:a7:47:a0:
06:8e:95:d6
-----BEGIN CERTIFICATE-----
MIIFsDCCBJigAwIBAgIUfT0L8Sot/7vrvPWu6D65Xh5r15UwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNTAxMDIxNDA4NTVaFw0yNjAxMDExNDEzNTVaMDMxMTAvBgNV
BAMTKERFRDU2QkZCOEQ0RTRGNjBCMkUzRTA3QkJDOTgyQ0Y4MTcyOUQ0QjAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCxkK6AybCKm69W3dzJJ8ZrR0mZ
9LTomsFXQQExhOJiF0bs5wtMpdqHHawHu2T3ee0O4C3+/urNfvc1qjOdiYb8P7wk
tQFcy0umL3WFSk81WgWkIVlcErH0/q2gVwVMbSt4Pak5KbFRJpTYdipRdN4CyAp7
j+i0ighrz8NHd+xxvypKMWGUOZNDh9r3YNsg0vRQUt9+RPSYd/q5sOkI5E6SK2Co
HSvQK88lPKZ6X/f+aLBYXSF/mhQPgoDCRxPWbnNUjGKMQcM7CGag3qZn9Of/pKFF
2ualvr91khQm7DgODl/uz8cZ+9BGrYpwDk9NukQ5YT2vJO2cnLd/zI3X1MmRAgMB
AAGjggK6MIICtjAdBgNVHQ4EFgQU3tVr+41OT2Cy4+B7vJgs+Bcp1LAwHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTMjk4MDIucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwgc8GCCsGAQUFBwEHAQH/BIG/MIG8MIG5BAIAATCBsgME
Ai7K6AMEAi7K8AMEAi7LbAMEAi7LdAMEAi7LgAMEAi7LjAMEAC7LxgMEAC7LyQME
AC7LzgMEAC7L0QMEAFt8ggMEAFt8lQMEAFxwhgMEAFxwiAMEAFxwiwMEAFxwkQME
AFxwlAMEAFxwlgMEAVxwqDAMAwQAXHCtAwQAXHCuAwQAXHDLAwQAXHFTAwQAXHFn
AwQAXHGiAwQBXHHoMAwDBABcce0DBABcce4DBAFccfIwDQYJKoZIhvcNAQELBQAD
ggEBAIhMj0lj0WSQCQnjBJhHMGzFMhJVw0eVsW9tyUjqhtQiCIycPn2mejBmEU6J
de9R/u/G4vxfNph7ZKrU17c8bd/AcuLk+1y5fhTqJpzO+AzyunzeCGHGIQ3xP99B
RE+1PBmtZbts+26aGmPCLyvc7yrA711Hc7SGDu6zlxrM8/zm83i4ttLyMm4zb+KI
D7FzgIT/fe+/5wZmrOgHWOV0uXHJvthJbgQ8p18s1ma5jFQ9Pt6vV5zuHQfDXd4r
zlEBbVGefEDHsL04G/zwkgAuAjXDRTbZJLIHBdpfZl3AbHT3o4PxasYFTUl0f0HM
1SqKz0qghK5Wljj5W6dHoAaOldY=
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:31:54 2025 by rpki-client