Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS7029.roa
File: AS7029.roa (raw, json)
Hash identifier: JDudZ1v5W0yan8xVAZqeYjX2w8IOLTDSSIcTAR02gkU=
Subject key identifier: 81:77:2C:EC:BE:5C:6E:6F:65:E3:36:17:1F:AE:02:50:B4:AC:E9:F7
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 557F8785864C09262E880ECB67927734155C833D
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS7029.roa
Signing time: Thu 28 Aug 2025 15:37:38 +0000
ROA not before: Thu 28 Aug 2025 15:32:38 +0000
ROA not after: Thu 27 Aug 2026 15:37:38 +0000
asID: 7029
IP address blocks: 46.202.200.0/24 maxlen: 24
46.202.206.0/24 maxlen: 24
46.203.6.0/24 maxlen: 24
46.203.72.0/24 maxlen: 24
46.203.81.0/24 maxlen: 24
91.124.228.0/23 maxlen: 24
91.124.230.0/23 maxlen: 24
91.124.232.0/23 maxlen: 24
91.124.234.0/23 maxlen: 24
92.112.32.0/24 maxlen: 24
92.112.33.0/24 maxlen: 24
92.112.34.0/24 maxlen: 24
92.112.35.0/24 maxlen: 24
92.112.40.0/21 maxlen: 24
92.112.157.0/24 maxlen: 24
92.113.170.0/24 maxlen: 24
92.113.171.0/24 maxlen: 24
92.113.175.0/24 maxlen: 24
92.113.196.0/24 maxlen: 24
92.113.198.0/24 maxlen: 24
92.113.208.0/24 maxlen: 24
92.113.211.0/24 maxlen: 24
92.113.215.0/24 maxlen: 24
92.113.224.0/24 maxlen: 24
92.113.230.0/24 maxlen: 24
92.113.254.0/23 maxlen: 24
178.95.208.0/20 maxlen: 20
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 05 Sep 2025 23:05:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
55:7f:87:85:86:4c:09:26:2e:88:0e:cb:67:92:77:34:15:5c:83:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Aug 28 15:32:38 2025 GMT
Not After : Aug 27 15:37:38 2026 GMT
Subject: CN=81772CECBE5C6E6F65E336171FAE0250B4ACE9F7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:79:eb:e8:63:dc:50:f3:bf:60:c9:f1:30:79:
0c:94:53:ca:4f:ab:f6:2c:55:c6:98:12:97:ac:40:
b9:be:64:c1:b9:d5:6c:05:72:f5:47:ef:85:80:c2:
4e:60:3b:f9:06:bf:3d:64:66:23:75:bb:d6:8e:98:
a1:00:80:57:1f:e6:92:33:e8:e3:7f:f4:e9:be:39:
f1:02:cf:b8:c5:79:4d:3f:df:c8:33:44:a8:55:ea:
11:3e:5c:aa:7b:9d:8b:af:fc:c5:34:7a:d4:76:e1:
08:81:f7:31:11:e9:75:77:1e:02:d2:43:57:79:25:
be:76:c3:f7:25:0b:cc:e5:ee:c3:64:55:88:4b:ef:
22:26:59:29:54:5a:e8:f9:af:e7:ab:bd:31:2f:24:
4e:f9:48:f8:45:10:f4:cd:53:a9:bc:3b:19:d9:ed:
5c:c1:d9:1a:34:3d:3d:9b:00:47:44:50:4e:04:52:
1e:5e:b3:3c:25:24:83:06:26:4d:fe:c3:73:64:77:
be:36:0e:0f:d3:68:99:27:93:6a:f7:b2:fc:ac:08:
86:e9:d7:25:c6:0c:8e:b1:bc:84:f7:64:d8:65:96:
c5:a5:ab:1f:e3:7e:ab:d4:49:a7:ac:96:dc:fa:d0:
e4:46:5c:9b:ea:08:05:b5:0c:70:00:fe:b2:55:5b:
69:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:77:2C:EC:BE:5C:6E:6F:65:E3:36:17:1F:AE:02:50:B4:AC:E9:F7
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS7029.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.202.200.0/24
46.202.206.0/24
46.203.6.0/24
46.203.72.0/24
46.203.81.0/24
91.124.228.0-91.124.235.255
92.112.32.0/22
92.112.40.0/21
92.112.157.0/24
92.113.170.0/23
92.113.175.0/24
92.113.196.0/24
92.113.198.0/24
92.113.208.0/24
92.113.211.0/24
92.113.215.0/24
92.113.224.0/24
92.113.230.0/24
92.113.254.0/23
178.95.208.0/20
Signature Algorithm: sha256WithRSAEncryption
7e:7f:58:aa:0b:07:ef:e0:4e:c8:93:94:41:19:3c:31:e1:8f:
5d:bd:8f:f5:15:4b:b1:66:0c:0f:37:b9:51:d4:0c:43:be:98:
6c:9a:0e:cc:11:6c:51:b2:05:8e:fa:cd:28:26:29:b2:b7:e9:
00:b2:bf:5e:da:2b:38:7a:2b:ec:33:2e:ad:07:84:56:10:40:
32:a1:ca:a1:9e:50:c4:59:b2:3b:5c:0c:ca:8a:4f:15:aa:14:
d7:ad:da:4c:02:81:9c:b5:69:ae:7f:35:6d:ac:ef:53:73:b0:
8f:26:45:51:26:32:a0:6f:ce:91:60:cf:c6:5e:75:79:e8:2f:
6a:b1:83:fb:e4:3a:6d:82:bc:9f:c9:87:29:0d:d6:3e:62:2c:
ce:d6:79:a4:1d:b5:9c:0d:e4:d2:f6:ef:9a:b1:40:58:70:cd:
76:be:29:bc:ec:d3:d8:5e:4f:ff:39:04:ca:e2:96:ed:94:b0:
c6:6c:f8:17:ec:2f:cf:bf:20:56:23:1f:b6:9a:4a:b8:b7:b5:
14:df:e6:b2:d4:77:ec:16:20:a2:d8:28:4f:eb:80:80:d3:18:
b4:a1:5d:9f:56:3d:09:41:93:8f:d1:22:f7:76:40:15:af:d9:
0f:41:d1:0f:f7:ac:90:1a:c7:63:1a:a6:17:ee:e0:16:ff:ae:
54:0f:91:9d
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgIUVX+HhYZMCSYuiA7LZ5J3NBVcgz0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNTA4MjgxNTMyMzhaFw0yNjA4MjcxNTM3MzhaMDMxMTAvBgNV
BAMTKDgxNzcyQ0VDQkU1QzZFNkY2NUUzMzYxNzFGQUUwMjUwQjRBQ0U5RjcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC+eevoY9xQ879gyfEweQyUU8pP
q/YsVcaYEpesQLm+ZMG51WwFcvVH74WAwk5gO/kGvz1kZiN1u9aOmKEAgFcf5pIz
6ON/9Om+OfECz7jFeU0/38gzRKhV6hE+XKp7nYuv/MU0etR24QiB9zER6XV3HgLS
Q1d5Jb52w/clC8zl7sNkVYhL7yImWSlUWuj5r+ervTEvJE75SPhFEPTNU6m8OxnZ
7VzB2Ro0PT2bAEdEUE4EUh5eszwlJIMGJk3+w3Nkd742Dg/TaJknk2r3svysCIbp
1yXGDI6xvIT3ZNhllsWlqx/jfqvUSaesltz60ORGXJvqCAW1DHAA/rJVW2mXAgMB
AAGjggKHMIICgzAdBgNVHQ4EFgQUgXcs7L5cbm9l4zYXH64CULSs6fcwHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTNzAyOS5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCBnQYIKwYBBQUHAQcBAf8EgY0wgYowgYcEAgABMIGAAwQA
LsrIAwQALsrOAwQALssGAwQALstIAwQALstRMAwDBAJbfOQDBAJbfOgDBAJccCAD
BANccCgDBABccJ0DBAFccaoDBABcca8DBABcccQDBABcccYDBABccdADBABccdMD
BABccdcDBABcceADBABcceYDBAFccf4DBASyX9AwDQYJKoZIhvcNAQELBQADggEB
AH5/WKoLB+/gTsiTlEEZPDHhj129j/UVS7FmDA83uVHUDEO+mGyaDswRbFGyBY76
zSgmKbK36QCyv17aKzh6K+wzLq0HhFYQQDKhyqGeUMRZsjtcDMqKTxWqFNet2kwC
gZy1aa5/NW2s71NzsI8mRVEmMqBvzpFgz8ZedXnoL2qxg/vkOm2CvJ/JhykN1j5i
LM7WeaQdtZwN5NL275qxQFhwzXa+Kbzs09heT/85BMrilu2UsMZs+BfsL8+/IFYj
H7aaSri3tRTf5rLUd+wWIKLYKE/rgIDTGLShXZ9WPQlBk4/RIvd2QBWv2Q9B0Q/3
rJAax2Maphfu4Bb/rlQPkZ0=
-----END CERTIFICATE-----
Generated at Fri Sep 5 08:34:31 2025 by rpki-client