Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS29802.roa
File: AS29802.roa (raw, json)
Hash identifier: a59ygDPfbze8yjhewi5iS8gINBhkxrSE57c9XZ/a0/c=
Subject key identifier: 66:DB:F1:20:B1:1E:D0:53:32:70:7D:52:5B:2B:D8:04:B4:35:F8:0E
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 0C7BF745074641517F1D6C9F91ABEEDE356EC6B4
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS29802.roa
Signing time: Sun 08 Jun 2025 10:10:27 +0000
ROA not before: Sun 08 Jun 2025 10:05:27 +0000
ROA not after: Sun 07 Jun 2026 10:10:27 +0000
asID: 29802
IP address blocks: 143.14.110.0/24 maxlen: 24
143.14.210.0/24 maxlen: 24
143.14.213.0/24 maxlen: 24
143.14.229.0/24 maxlen: 24
145.223.50.0/24 maxlen: 24
145.223.55.0/24 maxlen: 24
145.223.60.0/24 maxlen: 24
145.223.62.0/24 maxlen: 24
145.223.63.0/24 maxlen: 24
146.103.4.0/24 maxlen: 24
146.103.19.0/24 maxlen: 24
148.135.178.0/24 maxlen: 24
148.135.179.0/24 maxlen: 24
148.135.190.0/24 maxlen: 24
148.135.191.0/24 maxlen: 24
148.135.193.0/24 maxlen: 24
148.135.254.0/24 maxlen: 24
150.241.128.0/24 maxlen: 24
150.241.232.0/24 maxlen: 24
150.241.233.0/24 maxlen: 24
150.241.254.0/24 maxlen: 24
155.117.121.0/24 maxlen: 24
155.117.140.0/22 maxlen: 24
155.117.196.0/24 maxlen: 24
155.117.211.0/24 maxlen: 24
155.117.226.0/24 maxlen: 24
162.141.52.0/24 maxlen: 24
162.141.141.0/24 maxlen: 24
167.148.178.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 17 Jun 2025 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0c:7b:f7:45:07:46:41:51:7f:1d:6c:9f:91:ab:ee:de:35:6e:c6:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Jun 8 10:05:27 2025 GMT
Not After : Jun 7 10:10:27 2026 GMT
Subject: CN=66DBF120B11ED05332707D525B2BD804B435F80E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:39:a7:92:db:84:3b:a5:54:49:22:8b:0f:25:
7a:3a:84:f1:92:1a:d0:2b:70:5c:cc:75:36:65:02:
03:d4:bf:39:74:c2:67:4a:e7:da:25:e9:3a:48:b4:
e3:bd:d3:95:f7:1a:ac:88:65:af:e8:36:2f:f9:98:
ec:ef:c8:94:71:fb:7d:13:43:fb:dc:64:fa:28:c4:
98:cd:12:55:eb:56:e8:b4:d4:39:06:0a:e8:05:d3:
18:ce:50:bd:d9:a7:45:0f:a5:1a:ef:ea:1f:0d:c2:
24:5c:f1:3f:78:f5:eb:d2:d7:6a:1f:36:b4:ee:97:
e1:4a:5c:75:39:8d:d6:71:78:49:23:77:74:70:1d:
be:72:f3:21:73:25:5b:0b:33:23:5c:31:4b:bf:b0:
30:fa:8e:c3:83:66:d4:fc:ae:0d:02:45:4e:ce:2a:
46:04:22:c1:04:1e:a1:35:6c:d9:7f:06:8b:f6:d5:
b2:7f:a8:33:c2:3c:06:de:82:9f:18:d1:85:6c:25:
1e:c5:ec:30:08:82:12:48:a9:5b:e0:68:fb:6d:e7:
3f:94:a9:59:dd:04:7e:35:bd:51:58:f4:e2:d1:e4:
91:56:cb:54:21:3f:ae:3e:4b:3b:6a:4c:9a:4b:81:
82:a0:c4:03:61:b2:7c:41:0c:a4:b6:44:34:e4:17:
f2:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:DB:F1:20:B1:1E:D0:53:32:70:7D:52:5B:2B:D8:04:B4:35:F8:0E
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS29802.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.14.110.0/24
143.14.210.0/24
143.14.213.0/24
143.14.229.0/24
145.223.50.0/24
145.223.55.0/24
145.223.60.0/24
145.223.62.0/23
146.103.4.0/24
146.103.19.0/24
148.135.178.0/23
148.135.190.0/23
148.135.193.0/24
148.135.254.0/24
150.241.128.0/24
150.241.232.0/23
150.241.254.0/24
155.117.121.0/24
155.117.140.0/22
155.117.196.0/24
155.117.211.0/24
155.117.226.0/24
162.141.52.0/24
162.141.141.0/24
167.148.178.0/24
Signature Algorithm: sha256WithRSAEncryption
6a:76:ad:61:8b:81:04:ca:23:c4:66:42:e3:21:9c:fe:72:cc:
04:76:fe:8a:a5:56:34:ab:59:8b:09:26:d5:bc:c3:99:4d:2b:
ca:36:b7:0e:49:5a:f5:0c:18:ea:a9:43:81:22:9f:b4:f1:95:
50:7c:3c:76:fa:f7:25:5d:7d:43:c1:33:33:a6:e3:99:92:21:
88:18:49:b9:5d:f4:cd:84:3d:44:d2:6e:99:8b:cf:4c:77:8b:
31:16:01:6c:ef:1b:23:12:67:1e:74:76:20:5c:94:cf:8c:a4:
5c:45:5a:58:a9:77:59:b2:dd:42:d0:94:67:3a:20:98:37:ec:
61:c7:57:ac:06:97:2f:07:2a:39:1b:1c:44:29:73:66:b2:e9:
6c:1b:a7:6e:85:cc:a5:70:cd:dd:83:95:86:0a:e4:97:6a:cd:
d4:e0:62:a1:a5:31:f0:ae:38:36:57:07:75:15:8f:e5:23:7d:
b6:45:5e:0c:a2:7e:cf:6a:d3:c4:7c:c9:56:c8:42:5a:6d:a0:
d5:98:63:69:a6:0b:eb:29:09:54:2c:73:bf:2c:bd:7b:38:81:
8e:19:92:ef:b5:ed:26:85:7d:57:b3:1a:49:62:a1:4a:eb:8b:
8d:9b:4d:47:44:0f:5a:99:36:9d:35:0e:37:3c:dc:ac:5e:79:
3e:11:e4:d5
-----BEGIN CERTIFICATE-----
MIIFlDCCBHygAwIBAgIUDHv3RQdGQVF/HWyfkavu3jVuxrQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTA2MDgxMDA1MjdaFw0yNjA2MDcxMDEwMjdaMDMxMTAvBgNV
BAMTKDY2REJGMTIwQjExRUQwNTMzMjcwN0Q1MjVCMkJEODA0QjQzNUY4MEUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCwOaeS24Q7pVRJIosPJXo6hPGS
GtArcFzMdTZlAgPUvzl0wmdK59ol6TpItOO905X3GqyIZa/oNi/5mOzvyJRx+30T
Q/vcZPooxJjNElXrVui01DkGCugF0xjOUL3Zp0UPpRrv6h8NwiRc8T949evS12of
NrTul+FKXHU5jdZxeEkjd3RwHb5y8yFzJVsLMyNcMUu/sDD6jsODZtT8rg0CRU7O
KkYEIsEEHqE1bNl/Bov21bJ/qDPCPAbegp8Y0YVsJR7F7DAIghJIqVvgaPtt5z+U
qVndBH41vVFY9OLR5JFWy1QhP64+SztqTJpLgYKgxANhsnxBDKS2RDTkF/KFAgMB
AAGjggKeMIICmjAdBgNVHQ4EFgQUZtvxILEe0FMycH1SWyvYBLQ1+A4wHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMjk4MDIucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwgbMGCCsGAQUFBwEHAQH/BIGjMIGgMIGdBAIAATCBlgME
AI8ObgMEAI8O0gMEAI8O1QMEAI8O5QMEAJHfMgMEAJHfNwMEAJHfPAMEAZHfPgME
AJJnBAMEAJJnEwMEAZSHsgMEAZSHvgMEAJSHwQMEAJSH/gMEAJbxgAMEAZbx6AME
AJbx/gMEAJt1eQMEApt1jAMEAJt1xAMEAJt10wMEAJt14gMEAKKNNAMEAKKNjQME
AKeUsjANBgkqhkiG9w0BAQsFAAOCAQEAanatYYuBBMojxGZC4yGc/nLMBHb+iqVW
NKtZiwkm1bzDmU0ryja3Dkla9QwY6qlDgSKftPGVUHw8dvr3JV19Q8EzM6bjmZIh
iBhJuV30zYQ9RNJumYvPTHeLMRYBbO8bIxJnHnR2IFyUz4ykXEVaWKl3WbLdQtCU
ZzogmDfsYcdXrAaXLwcqORscRClzZrLpbBunboXMpXDN3YOVhgrkl2rN1OBioaUx
8K44NlcHdRWP5SN9tkVeDKJ+z2rTxHzJVshCWm2g1ZhjaaYL6ykJVCxzvyy9eziB
jhmS77XtJoV9V7MaSWKhSuuLjZtNR0QPWpk2nTUONzzcrF55PhHk1Q==
-----END CERTIFICATE-----
Generated at Mon Jun 16 15:33:29 2025 by rpki-client