Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS7029.roa
File: AS7029.roa (raw, json)
Hash identifier: skUa9UMpPOKFyLlVW8BzwTxlJChwVPJ0ynHZXWlBruo=
Subject key identifier: E9:A7:57:71:63:4D:41:C7:C2:19:4D:5E:60:E0:91:38:4A:A3:D4:8A
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 38FE488F0799D731C94BEBE6F3E9548C7CDDAEF6
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS7029.roa
Signing time: Wed 28 May 2025 04:02:23 +0000
ROA not before: Wed 28 May 2025 03:57:23 +0000
ROA not after: Wed 27 May 2026 04:02:23 +0000
asID: 7029
IP address blocks: 46.202.200.0/24 maxlen: 24
46.202.206.0/24 maxlen: 24
46.203.6.0/24 maxlen: 24
91.124.228.0/23 maxlen: 24
91.124.230.0/23 maxlen: 24
91.124.232.0/23 maxlen: 24
91.124.234.0/23 maxlen: 24
92.112.15.0/24 maxlen: 24
92.112.32.0/24 maxlen: 24
92.112.33.0/24 maxlen: 24
92.112.34.0/24 maxlen: 24
92.112.35.0/24 maxlen: 24
92.112.40.0/21 maxlen: 24
92.112.50.0/24 maxlen: 24
92.112.52.0/24 maxlen: 24
92.112.54.0/24 maxlen: 24
92.112.59.0/24 maxlen: 24
92.112.64.0/24 maxlen: 24
92.112.67.0/24 maxlen: 24
92.112.68.0/24 maxlen: 24
92.112.77.0/24 maxlen: 24
92.112.79.0/24 maxlen: 24
92.112.81.0/24 maxlen: 24
92.112.82.0/24 maxlen: 24
92.112.83.0/24 maxlen: 24
92.112.84.0/24 maxlen: 24
92.112.85.0/24 maxlen: 24
92.112.86.0/24 maxlen: 24
92.112.90.0/24 maxlen: 24
92.112.91.0/24 maxlen: 24
92.112.94.0/24 maxlen: 24
92.112.95.0/24 maxlen: 24
92.112.110.0/24 maxlen: 24
92.112.119.0/24 maxlen: 24
92.112.128.0/24 maxlen: 24
92.112.129.0/24 maxlen: 24
92.112.132.0/24 maxlen: 24
92.112.133.0/24 maxlen: 24
92.112.157.0/24 maxlen: 24
178.92.28.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 04 Jun 2025 20:17:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
38:fe:48:8f:07:99:d7:31:c9:4b:eb:e6:f3:e9:54:8c:7c:dd:ae:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: May 28 03:57:23 2025 GMT
Not After : May 27 04:02:23 2026 GMT
Subject: CN=E9A75771634D41C7C2194D5E60E091384AA3D48A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:f1:b7:55:3b:af:5d:9b:f1:10:08:71:42:a0:
3a:e3:ca:67:02:4f:23:4d:d1:d7:40:79:de:3d:fc:
f6:2c:22:02:0e:42:34:f9:ef:a6:41:dc:f3:96:7b:
4a:e5:50:72:2f:1c:36:3e:77:8e:b3:f2:08:b1:7e:
4c:69:ad:5f:67:85:88:4f:35:28:97:66:50:54:9f:
ba:16:d9:df:0b:17:16:21:a5:15:c1:e8:15:c7:f6:
25:5d:1c:ad:1a:6d:c6:23:7d:7d:ac:60:ae:b9:48:
6c:73:4f:11:35:6e:e8:d6:83:4e:58:cf:64:63:1c:
6e:a3:96:1f:f7:b8:fc:f7:f4:11:3d:c3:75:f9:8a:
d9:a4:fe:c5:a8:05:0c:27:c5:86:ab:05:83:03:96:
40:f9:65:90:4d:bb:98:ee:3d:82:86:e7:99:bb:fc:
5f:ca:d0:d1:c7:bd:17:b1:9a:cc:15:b6:84:b0:b2:
c5:41:48:20:63:76:a5:7b:19:a1:95:c0:8d:0f:11:
a4:98:94:1c:7b:c5:6d:0c:89:f8:65:42:1d:1d:bb:
ea:f0:b4:7c:94:06:1a:02:24:a0:6a:b6:32:53:f5:
d4:0f:d9:e9:e4:6f:c4:30:c5:8e:c1:89:39:a2:fc:
d0:de:af:cf:c5:b6:b1:d5:15:03:0a:24:8f:73:74:
89:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:A7:57:71:63:4D:41:C7:C2:19:4D:5E:60:E0:91:38:4A:A3:D4:8A
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS7029.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.202.200.0/24
46.202.206.0/24
46.203.6.0/24
91.124.228.0-91.124.235.255
92.112.15.0/24
92.112.32.0/22
92.112.40.0/21
92.112.50.0/24
92.112.52.0/24
92.112.54.0/24
92.112.59.0/24
92.112.64.0/24
92.112.67.0-92.112.68.255
92.112.77.0/24
92.112.79.0/24
92.112.81.0-92.112.86.255
92.112.90.0/23
92.112.94.0/23
92.112.110.0/24
92.112.119.0/24
92.112.128.0/23
92.112.132.0/23
92.112.157.0/24
178.92.28.0/22
Signature Algorithm: sha256WithRSAEncryption
34:57:ea:86:ee:07:bb:f7:6a:1c:c3:41:7f:94:91:28:68:28:
65:b4:a6:fa:d6:e6:96:71:61:52:1c:c2:67:d8:0b:a2:2f:e8:
48:23:46:d6:36:0b:59:d9:17:cd:c8:ab:c2:40:de:62:5d:d5:
e2:a8:18:c8:a1:a2:a8:41:8a:de:70:54:dd:99:8e:e7:cc:d8:
1c:79:0d:59:af:23:06:29:50:cd:c4:57:62:43:f5:c1:75:01:
65:f7:5a:60:4e:8a:75:70:62:66:7b:d7:b4:d8:f8:b5:24:94:
fb:09:d4:08:4c:d9:b7:a8:b9:83:0a:89:fd:94:64:a5:d1:72:
ed:e2:eb:7f:40:0c:bc:43:27:b5:6b:a0:7b:0e:dc:3a:24:97:
d4:09:1c:b2:04:45:af:26:6f:87:aa:e9:cc:a5:79:b3:80:2e:
f9:7b:66:11:a9:40:57:31:e5:b0:67:cb:32:8e:db:29:d0:01:
ae:ac:6a:2a:39:f5:79:7f:34:89:1a:7f:6f:ba:38:2d:a8:c9:
7c:c3:6e:01:ae:fe:fd:39:f0:98:98:49:b7:8e:9a:7e:ec:bf:
47:af:3c:bd:01:47:37:bc:c7:73:a2:eb:cb:fd:c8:e1:07:f8:
98:8a:d3:cb:88:83:96:6c:fc:c9:74:9b:0d:42:bc:d2:33:32:
21:5e:98:42
-----BEGIN CERTIFICATE-----
MIIFpTCCBI2gAwIBAgIUOP5IjweZ1zHJS+vm8+lUjHzdrvYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNTA1MjgwMzU3MjNaFw0yNjA1MjcwNDAyMjNaMDMxMTAvBgNV
BAMTKEU5QTc1NzcxNjM0RDQxQzdDMjE5NEQ1RTYwRTA5MTM4NEFBM0Q0OEEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCK8bdVO69dm/EQCHFCoDrjymcC
TyNN0ddAed49/PYsIgIOQjT576ZB3POWe0rlUHIvHDY+d46z8gixfkxprV9nhYhP
NSiXZlBUn7oW2d8LFxYhpRXB6BXH9iVdHK0abcYjfX2sYK65SGxzTxE1bujWg05Y
z2RjHG6jlh/3uPz39BE9w3X5itmk/sWoBQwnxYarBYMDlkD5ZZBNu5juPYKG55m7
/F/K0NHHvRexmswVtoSwssVBSCBjdqV7GaGVwI0PEaSYlBx7xW0MifhlQh0du+rw
tHyUBhoCJKBqtjJT9dQP2enkb8QwxY7BiTmi/NDer8/FtrHVFQMKJI9zdInfAgMB
AAGjggKvMIICqzAdBgNVHQ4EFgQU6adXcWNNQcfCGU1eYOCROEqj1IowHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTNzAyOS5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCBxQYIKwYBBQUHAQcBAf8EgbUwgbIwga8EAgABMIGoAwQA
LsrIAwQALsrOAwQALssGMAwDBAJbfOQDBAJbfOgDBABccA8DBAJccCADBANccCgD
BABccDIDBABccDQDBABccDYDBABccDsDBABccEAwDAMEAFxwQwMEAFxwRAMEAFxw
TQMEAFxwTzAMAwQAXHBRAwQAXHBWAwQBXHBaAwQBXHBeAwQAXHBuAwQAXHB3AwQB
XHCAAwQBXHCEAwQAXHCdAwQCslwcMA0GCSqGSIb3DQEBCwUAA4IBAQA0V+qG7ge7
92ocw0F/lJEoaChltKb61uaWcWFSHMJn2AuiL+hII0bWNgtZ2RfNyKvCQN5iXdXi
qBjIoaKoQYrecFTdmY7nzNgceQ1ZryMGKVDNxFdiQ/XBdQFl91pgTop1cGJme9e0
2Pi1JJT7CdQITNm3qLmDCon9lGSl0XLt4ut/QAy8Qye1a6B7Dtw6JJfUCRyyBEWv
Jm+HqunMpXmzgC75e2YRqUBXMeWwZ8syjtsp0AGurGoqOfV5fzSJGn9vujgtqMl8
w24Brv79OfCYmEm3jpp+7L9Hrzy9AUc3vMdzouvL/cjhB/iYitPLiIOWbPzJdJsN
QrzSMzIhXphC
-----END CERTIFICATE-----
Generated at Wed Jun 4 10:10:18 2025 by rpki-client