Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS7029.roa
File: AS7029.roa (raw, json)
Hash identifier: ORnaNOZflD/agv/EOH6kNXqpAcb98M2X/dZxtDCF0rM=
Subject key identifier: B1:F5:39:DC:15:0E:0B:45:66:38:9C:07:DF:81:6E:C5:E7:0D:DA:0C
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 21B342BAE782F2BFD8DEDA56F1B8CAC69F4DB850
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS7029.roa
Signing time: Tue 11 Nov 2025 16:17:14 +0000
ROA not before: Tue 11 Nov 2025 16:12:14 +0000
ROA not after: Tue 10 Nov 2026 16:17:14 +0000
asID: 7029
IP address blocks: 46.202.87.0/24 maxlen: 24
46.202.96.0/24 maxlen: 24
46.202.97.0/24 maxlen: 24
46.202.98.0/24 maxlen: 24
46.202.99.0/24 maxlen: 24
46.202.124.0/24 maxlen: 24
46.202.125.0/24 maxlen: 24
46.202.126.0/24 maxlen: 24
46.202.127.0/24 maxlen: 24
46.202.200.0/24 maxlen: 24
46.202.201.0/24 maxlen: 24
46.202.202.0/24 maxlen: 24
46.202.203.0/24 maxlen: 24
46.202.206.0/24 maxlen: 24
46.202.207.0/24 maxlen: 24
46.202.216.0/24 maxlen: 24
46.202.217.0/24 maxlen: 24
46.202.219.0/24 maxlen: 24
46.202.220.0/24 maxlen: 24
46.202.221.0/24 maxlen: 24
46.202.222.0/24 maxlen: 24
46.202.223.0/24 maxlen: 24
46.203.3.0/24 maxlen: 24
46.203.5.0/24 maxlen: 24
46.203.6.0/24 maxlen: 24
46.203.13.0/24 maxlen: 24
46.203.14.0/24 maxlen: 24
46.203.21.0/24 maxlen: 24
46.203.22.0/24 maxlen: 24
46.203.29.0/24 maxlen: 24
46.203.32.0/24 maxlen: 24
46.203.43.0/24 maxlen: 24
46.203.44.0/24 maxlen: 24
46.203.47.0/24 maxlen: 24
46.203.54.0/24 maxlen: 24
46.203.56.0/24 maxlen: 24
46.203.58.0/24 maxlen: 24
46.203.62.0/24 maxlen: 24
46.203.74.0/24 maxlen: 24
46.203.80.0/24 maxlen: 24
46.203.91.0/24 maxlen: 24
46.203.92.0/24 maxlen: 24
46.203.104.0/24 maxlen: 24
46.203.113.0/24 maxlen: 24
46.203.121.0/24 maxlen: 24
46.203.137.0/24 maxlen: 24
46.203.161.0/24 maxlen: 24
91.124.0.0/24 maxlen: 24
91.124.2.0/24 maxlen: 24
91.124.3.0/24 maxlen: 24
91.124.16.0/24 maxlen: 24
91.124.59.0/24 maxlen: 24
91.124.82.0/24 maxlen: 24
91.124.90.0/24 maxlen: 24
91.124.134.0/24 maxlen: 24
91.124.208.0/24 maxlen: 24
91.124.228.0/23 maxlen: 24
91.124.230.0/23 maxlen: 24
91.124.232.0/23 maxlen: 24
91.124.234.0/23 maxlen: 24
92.112.32.0/24 maxlen: 24
92.112.33.0/24 maxlen: 24
92.112.34.0/24 maxlen: 24
92.112.35.0/24 maxlen: 24
92.112.40.0/21 maxlen: 24
92.112.157.0/24 maxlen: 24
92.113.215.0/24 maxlen: 24
92.113.254.0/23 maxlen: 24
178.92.80.0/24 maxlen: 24
178.92.82.0/24 maxlen: 24
178.95.208.0/20 maxlen: 20
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
21:b3:42:ba:e7:82:f2:bf:d8:de:da:56:f1:b8:ca:c6:9f:4d:b8:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Nov 11 16:12:14 2025 GMT
Not After : Nov 10 16:17:14 2026 GMT
Subject: CN=B1F539DC150E0B4566389C07DF816EC5E70DDA0C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:7e:71:c3:bd:32:e7:67:a8:d8:aa:43:0b:b9:
5e:80:e4:47:f7:62:cf:52:38:7a:68:45:4e:f3:af:
47:3b:07:8e:b1:cc:0f:28:f6:a3:68:d9:c4:4a:d4:
69:13:08:96:6b:91:86:d3:95:cd:bf:a0:c1:99:f8:
ba:33:49:24:a2:44:70:e9:31:c7:98:ab:60:5d:7e:
be:60:00:cb:88:20:46:7a:28:3a:c9:6e:3e:6d:7d:
8d:6b:44:cf:af:70:56:de:75:20:9e:1d:9a:4b:96:
5c:0e:44:9a:40:70:ca:30:b8:5d:60:c1:a4:7e:3c:
3e:bb:2d:58:e4:e9:81:18:01:4b:b8:68:1f:e6:49:
2f:ab:2b:05:93:09:c3:f9:8c:5d:1b:cf:64:04:6c:
fd:90:0d:6e:bf:b3:0d:9a:d9:b4:9b:f7:f8:91:a2:
e4:7b:b8:87:a7:b2:be:51:85:9d:b9:9e:0f:5f:36:
89:07:c9:81:1b:75:b2:29:da:7b:20:a3:c7:de:aa:
03:d3:4a:50:8e:27:88:f7:32:98:b2:9a:a1:9e:c6:
b5:4c:16:e9:89:22:4f:6d:c0:16:83:a3:3a:ca:af:
a3:84:e9:42:1d:23:ce:99:13:f2:c4:9e:03:0d:b3:
40:e2:81:13:e2:18:43:66:84:0f:cf:b3:e9:18:0c:
ec:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:F5:39:DC:15:0E:0B:45:66:38:9C:07:DF:81:6E:C5:E7:0D:DA:0C
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS7029.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.202.87.0/24
46.202.96.0/22
46.202.124.0/22
46.202.200.0/22
46.202.206.0/23
46.202.216.0/23
46.202.219.0-46.202.223.255
46.203.3.0/24
46.203.5.0-46.203.6.255
46.203.13.0-46.203.14.255
46.203.21.0-46.203.22.255
46.203.29.0/24
46.203.32.0/24
46.203.43.0-46.203.44.255
46.203.47.0/24
46.203.54.0/24
46.203.56.0/24
46.203.58.0/24
46.203.62.0/24
46.203.74.0/24
46.203.80.0/24
46.203.91.0-46.203.92.255
46.203.104.0/24
46.203.113.0/24
46.203.121.0/24
46.203.137.0/24
46.203.161.0/24
91.124.0.0/24
91.124.2.0/23
91.124.16.0/24
91.124.59.0/24
91.124.82.0/24
91.124.90.0/24
91.124.134.0/24
91.124.208.0/24
91.124.228.0-91.124.235.255
92.112.32.0/22
92.112.40.0/21
92.112.157.0/24
92.113.215.0/24
92.113.254.0/23
178.92.80.0/24
178.92.82.0/24
178.95.208.0/20
Signature Algorithm: sha256WithRSAEncryption
8b:79:33:47:ad:7a:dd:6a:fd:a8:4a:c3:25:89:9e:46:87:21:
a6:3c:ae:25:74:ab:e8:bf:7c:e3:b0:df:e2:8c:de:e3:6f:6c:
f0:10:da:b5:10:41:78:d8:a0:41:52:1b:0b:98:a3:c4:f2:22:
08:70:1a:9f:7a:a9:99:f1:b2:8d:6f:48:24:da:01:b0:e9:82:
2e:b7:e9:f2:48:37:eb:55:5c:c3:a2:e4:97:cf:cd:21:41:b0:
ca:25:45:3d:de:20:f3:6c:83:7e:91:4f:15:18:0e:68:b2:76:
ee:fe:59:2b:f5:e1:22:23:49:f4:08:6c:16:f8:9e:df:c2:6f:
c8:44:0d:04:57:4b:c6:af:a6:aa:32:26:92:77:44:ba:7f:75:
8d:91:23:4f:c8:44:6e:b7:93:6e:26:f7:3c:fe:c2:18:78:a4:
03:5d:73:39:f1:f6:6b:04:96:fb:ba:fb:fc:72:94:59:cb:ea:
f6:93:98:82:d0:fa:5c:1e:57:4f:83:e9:c0:e6:29:c3:72:cd:
2b:2d:72:ae:5e:61:93:58:97:79:b8:68:0c:33:4d:05:07:37:
78:63:a2:e7:3d:ce:34:57:1d:cf:26:ae:85:9f:d9:a7:c6:20:
18:0c:cd:14:14:0e:fd:be:60:ff:04:5f:0c:2c:de:0e:02:68:
1c:2a:f7:34
-----BEGIN CERTIFICATE-----
MIIGQjCCBSqgAwIBAgIUIbNCuueC8r/Y3tpW8bjKxp9NuFAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNTExMTExNjEyMTRaFw0yNjExMTAxNjE3MTRaMDMxMTAvBgNV
BAMTKEIxRjUzOURDMTUwRTBCNDU2NjM4OUMwN0RGODE2RUM1RTcwRERBMEMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCafnHDvTLnZ6jYqkMLuV6A5Ef3
Ys9SOHpoRU7zr0c7B46xzA8o9qNo2cRK1GkTCJZrkYbTlc2/oMGZ+LozSSSiRHDp
MceYq2Bdfr5gAMuIIEZ6KDrJbj5tfY1rRM+vcFbedSCeHZpLllwORJpAcMowuF1g
waR+PD67LVjk6YEYAUu4aB/mSS+rKwWTCcP5jF0bz2QEbP2QDW6/sw2a2bSb9/iR
ouR7uIensr5RhZ25ng9fNokHyYEbdbIp2nsgo8feqgPTSlCOJ4j3MpiymqGexrVM
FumJIk9twBaDozrKr6OE6UIdI86ZE/LEngMNs0DigRPiGENmhA/Ps+kYDOxHAgMB
AAGjggNMMIIDSDAdBgNVHQ4EFgQUsfU53BUOC0VmOJwH34FuxecN2gwwHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTNzAyOS5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCCAWEGCCsGAQUFBwEHAQH/BIIBUDCCAUwwggFIBAIAATCC
AUADBAAuylcDBAIuymADBAIuynwDBAIuysgDBAEuys4DBAEuytgwDAMEAC7K2wME
BS7KwAMEAC7LAzAMAwQALssFAwQALssGMAwDBAAuyw0DBAAuyw4wDAMEAC7LFQME
AC7LFgMEAC7LHQMEAC7LIDAMAwQALssrAwQALsssAwQALssvAwQALss2AwQALss4
AwQALss6AwQALss+AwQALstKAwQALstQMAwDBAAuy1sDBAAuy1wDBAAuy2gDBAAu
y3EDBAAuy3kDBAAuy4kDBAAuy6EDBABbfAADBAFbfAIDBABbfBADBABbfDsDBABb
fFIDBABbfFoDBABbfIYDBABbfNAwDAMEAlt85AMEAlt86AMEAlxwIAMEA1xwKAME
AFxwnQMEAFxx1wMEAVxx/gMEALJcUAMEALJcUgMEBLJf0DANBgkqhkiG9w0BAQsF
AAOCAQEAi3kzR6163Wr9qErDJYmeRochpjyuJXSr6L9847Df4oze429s8BDatRBB
eNigQVIbC5ijxPIiCHAan3qpmfGyjW9IJNoBsOmCLrfp8kg361Vcw6Lkl8/NIUGw
yiVFPd4g82yDfpFPFRgOaLJ27v5ZK/XhIiNJ9AhsFvie38JvyEQNBFdLxq+mqjIm
kndEun91jZEjT8hEbreTbib3PP7CGHikA11zOfH2awSW+7r7/HKUWcvq9pOYgtD6
XB5XT4PpwOYpw3LNKy1yrl5hk1iXebhoDDNNBQc3eGOi5z3ONFcdzyauhZ/Zp8Yg
GAzNFBQO/b5g/wRfDCzeDgJoHCr3NA==
-----END CERTIFICATE-----
Generated at Tue Nov 11 18:29:36 2025 by rpki-client