Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS29802.roa
File: AS29802.roa (raw, json)
Hash identifier: zH6zJNL8xNEo+DHNkx/YuQkgh2X+p9LlN+lwaCd65BA=
Subject key identifier: 74:1F:21:50:2D:7C:BC:03:8E:88:7A:0D:1C:5D:FE:7D:D4:80:33:2A
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 23A4A76196783C2AB808C81470D907BE7E3F5E0A
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS29802.roa
Signing time: Thu 31 Jul 2025 00:01:22 +0000
ROA not before: Wed 30 Jul 2025 23:56:22 +0000
ROA not after: Thu 30 Jul 2026 00:01:22 +0000
asID: 29802
IP address blocks: 96.62.140.0/24 maxlen: 24
96.62.216.0/24 maxlen: 24
143.14.110.0/24 maxlen: 24
143.14.210.0/24 maxlen: 24
143.14.213.0/24 maxlen: 24
145.223.50.0/24 maxlen: 24
145.223.55.0/24 maxlen: 24
145.223.60.0/24 maxlen: 24
145.223.62.0/24 maxlen: 24
145.223.63.0/24 maxlen: 24
146.103.4.0/24 maxlen: 24
146.103.19.0/24 maxlen: 24
148.135.178.0/24 maxlen: 24
148.135.179.0/24 maxlen: 24
148.135.190.0/24 maxlen: 24
148.135.191.0/24 maxlen: 24
148.135.193.0/24 maxlen: 24
148.135.254.0/24 maxlen: 24
150.241.128.0/24 maxlen: 24
150.241.232.0/24 maxlen: 24
150.241.233.0/24 maxlen: 24
150.241.254.0/24 maxlen: 24
155.117.121.0/24 maxlen: 24
155.117.140.0/22 maxlen: 24
155.117.196.0/24 maxlen: 24
155.117.226.0/24 maxlen: 24
162.141.52.0/24 maxlen: 24
162.141.141.0/24 maxlen: 24
167.148.178.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 03:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
23:a4:a7:61:96:78:3c:2a:b8:08:c8:14:70:d9:07:be:7e:3f:5e:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Jul 30 23:56:22 2025 GMT
Not After : Jul 30 00:01:22 2026 GMT
Subject: CN=741F21502D7CBC038E887A0D1C5DFE7DD480332A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:d3:dc:d4:8e:3f:e7:e4:90:0f:1f:a4:38:cf:
f1:49:4c:ca:54:9a:69:c9:15:bc:69:f2:f1:d3:45:
11:f4:22:a6:73:29:9d:82:f0:1a:6e:e2:3b:10:3e:
f0:54:af:a1:03:bb:32:bf:2a:35:8d:f5:90:d3:93:
c6:1f:f5:1a:b3:32:44:ab:28:57:aa:50:d9:32:57:
46:30:64:43:9d:62:4f:5e:5f:a2:b9:06:cd:80:94:
31:c4:d8:1f:31:46:66:e3:fe:45:db:9e:7b:32:93:
e6:7d:39:66:da:20:73:3b:ab:26:13:1e:2f:01:18:
13:d8:3f:8e:60:94:a9:9e:28:4c:3c:30:41:05:74:
ff:a2:70:52:71:cd:57:85:04:a5:92:89:41:b9:0d:
9e:05:da:58:df:8a:04:76:d7:64:27:6a:85:a3:35:
53:e0:48:ed:4a:eb:2d:42:02:1b:0a:6e:c4:11:f8:
05:80:bf:2f:ee:74:27:7c:2a:d4:6d:7a:25:7e:5e:
e3:2f:f0:03:08:f2:3f:1a:89:d4:02:4f:37:27:ae:
17:94:ae:6f:51:df:96:82:68:08:3a:6f:84:75:2c:
d0:d9:0a:d3:fc:78:db:a3:f2:f7:a2:ec:ee:27:f1:
c9:fa:57:32:91:a3:8c:dc:40:f7:f7:5e:d9:b7:89:
52:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:1F:21:50:2D:7C:BC:03:8E:88:7A:0D:1C:5D:FE:7D:D4:80:33:2A
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS29802.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
96.62.140.0/24
96.62.216.0/24
143.14.110.0/24
143.14.210.0/24
143.14.213.0/24
145.223.50.0/24
145.223.55.0/24
145.223.60.0/24
145.223.62.0/23
146.103.4.0/24
146.103.19.0/24
148.135.178.0/23
148.135.190.0/23
148.135.193.0/24
148.135.254.0/24
150.241.128.0/24
150.241.232.0/23
150.241.254.0/24
155.117.121.0/24
155.117.140.0/22
155.117.196.0/24
155.117.226.0/24
162.141.52.0/24
162.141.141.0/24
167.148.178.0/24
Signature Algorithm: sha256WithRSAEncryption
8d:4f:05:f4:7e:93:76:f7:30:40:f5:08:89:ce:51:02:9e:d5:
40:0b:bb:c5:0e:71:b0:13:62:2a:db:02:63:15:e1:79:e2:28:
1d:db:0c:5d:79:bd:92:d6:31:9e:66:08:e8:ba:68:ed:50:45:
3e:d7:88:e3:79:2c:1c:eb:6f:fb:fc:2f:a6:de:08:0e:f1:9f:
9c:96:ad:42:50:c1:dc:55:63:ff:81:05:f0:fa:7a:c3:5c:85:
e8:28:35:00:e7:98:d4:d2:cd:22:d0:30:62:10:4d:de:fa:48:
3f:17:cf:9d:8b:ca:5a:c6:80:68:c7:a9:5b:8a:ef:09:4e:d7:
cc:25:6a:52:ca:45:a9:f5:8c:3e:91:62:ee:41:7c:2e:e6:5b:
b6:3d:0f:0d:9e:4c:32:47:86:47:b7:40:95:f1:0b:ea:6c:0b:
99:d4:0e:23:2f:79:a3:3b:1a:81:0f:a4:86:3d:54:a1:69:ae:
5b:ab:de:df:f2:b1:5d:52:ff:bb:8e:79:3f:b0:bb:62:96:95:
fc:23:f3:3c:f8:1f:34:60:f1:bd:c0:39:13:25:99:06:51:3c:
39:ef:bc:af:1c:e5:e4:cf:be:ff:96:41:fa:5c:02:42:01:59:
26:6f:0d:3a:cf:62:04:73:d2:f7:c6:bf:fb:fb:fa:15:61:4a:
44:96:67:c1
-----BEGIN CERTIFICATE-----
MIIFlDCCBHygAwIBAgIUI6SnYZZ4PCq4CMgUcNkHvn4/XgowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTA3MzAyMzU2MjJaFw0yNjA3MzAwMDAxMjJaMDMxMTAvBgNV
BAMTKDc0MUYyMTUwMkQ3Q0JDMDM4RTg4N0EwRDFDNURGRTdERDQ4MDMzMkEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDF09zUjj/n5JAPH6Q4z/FJTMpU
mmnJFbxp8vHTRRH0IqZzKZ2C8Bpu4jsQPvBUr6EDuzK/KjWN9ZDTk8Yf9RqzMkSr
KFeqUNkyV0YwZEOdYk9eX6K5Bs2AlDHE2B8xRmbj/kXbnnsyk+Z9OWbaIHM7qyYT
Hi8BGBPYP45glKmeKEw8MEEFdP+icFJxzVeFBKWSiUG5DZ4F2ljfigR212QnaoWj
NVPgSO1K6y1CAhsKbsQR+AWAvy/udCd8KtRteiV+XuMv8AMI8j8aidQCTzcnrheU
rm9R35aCaAg6b4R1LNDZCtP8eNuj8vei7O4n8cn6VzKRo4zcQPf3Xtm3iVJ1AgMB
AAGjggKeMIICmjAdBgNVHQ4EFgQUdB8hUC18vAOOiHoNHF3+fdSAMyowHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMjk4MDIucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwgbMGCCsGAQUFBwEHAQH/BIGjMIGgMIGdBAIAATCBlgME
AGA+jAMEAGA+2AMEAI8ObgMEAI8O0gMEAI8O1QMEAJHfMgMEAJHfNwMEAJHfPAME
AZHfPgMEAJJnBAMEAJJnEwMEAZSHsgMEAZSHvgMEAJSHwQMEAJSH/gMEAJbxgAME
AZbx6AMEAJbx/gMEAJt1eQMEApt1jAMEAJt1xAMEAJt14gMEAKKNNAMEAKKNjQME
AKeUsjANBgkqhkiG9w0BAQsFAAOCAQEAjU8F9H6TdvcwQPUIic5RAp7VQAu7xQ5x
sBNiKtsCYxXheeIoHdsMXXm9ktYxnmYI6Lpo7VBFPteI43ksHOtv+/wvpt4IDvGf
nJatQlDB3FVj/4EF8Pp6w1yF6Cg1AOeY1NLNItAwYhBN3vpIPxfPnYvKWsaAaMep
W4rvCU7XzCVqUspFqfWMPpFi7kF8LuZbtj0PDZ5MMkeGR7dAlfEL6mwLmdQOIy95
ozsagQ+khj1UoWmuW6ve3/KxXVL/u455P7C7YpaV/CPzPPgfNGDxvcA5EyWZBlE8
Oe+8rxzl5M++/5ZB+lwCQgFZJm8NOs9iBHPS98a/+/v6FWFKRJZnwQ==
-----END CERTIFICATE-----
Generated at Mon Aug 4 07:42:57 2025 by rpki-client