Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS29802.roa
File: AS29802.roa (raw, json)
Hash identifier: LSg79EPG+33a5Om50LcdyTkTuskSqeAw5rS4s2dzBlg=
Subject key identifier: 2A:AC:65:DD:57:C0:17:88:1D:1B:90:B7:1E:5D:95:65:E9:0D:E9:2F
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 31369F0580282AB21E3CC2D23ADC6BB65B26BDD8
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS29802.roa
Signing time: Tue 02 Jun 2026 12:14:20 +0000
ROA not before: Tue 02 Jun 2026 12:09:20 +0000
ROA not after: Tue 01 Jun 2027 12:14:20 +0000
asID: 29802
IP address blocks: 96.62.140.0/24 maxlen: 24
96.62.216.0/24 maxlen: 24
143.14.110.0/24 maxlen: 24
143.14.157.0/24 maxlen: 24
143.14.210.0/24 maxlen: 24
143.14.213.0/24 maxlen: 24
145.223.50.0/24 maxlen: 24
145.223.55.0/24 maxlen: 24
145.223.60.0/24 maxlen: 24
145.223.62.0/24 maxlen: 24
145.223.63.0/24 maxlen: 24
146.103.4.0/24 maxlen: 24
146.103.19.0/24 maxlen: 24
147.79.61.0/24 maxlen: 24
148.135.178.0/24 maxlen: 24
148.135.179.0/24 maxlen: 24
148.135.190.0/24 maxlen: 24
148.135.191.0/24 maxlen: 24
148.135.254.0/24 maxlen: 24
150.241.175.0/24 maxlen: 24
150.241.233.0/24 maxlen: 24
155.117.22.0/24 maxlen: 24
155.117.121.0/24 maxlen: 24
162.141.52.0/24 maxlen: 24
162.141.133.0/24 maxlen: 24
162.141.141.0/24 maxlen: 24
167.148.118.0/24 maxlen: 24
167.148.178.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 13 Jun 2026 19:43:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
31:36:9f:05:80:28:2a:b2:1e:3c:c2:d2:3a:dc:6b:b6:5b:26:bd:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Jun 2 12:09:20 2026 GMT
Not After : Jun 1 12:14:20 2027 GMT
Subject: CN=2AAC65DD57C017881D1B90B71E5D9565E90DE92F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:8d:40:c2:93:ef:ec:7a:39:53:53:32:3b:af:
86:9d:24:a8:a1:cd:e3:a1:78:77:49:bd:d4:fa:3b:
87:cf:51:65:d7:82:4a:f0:2a:83:e5:d9:c6:01:f7:
37:09:b5:04:bd:21:b5:68:f3:15:39:4b:2b:f4:0c:
f3:54:ee:88:c7:69:61:f8:c1:36:6d:8c:9b:32:12:
9e:af:76:f2:25:6a:ee:ff:88:26:ea:fa:f1:26:56:
53:de:13:b4:04:b1:65:c7:0e:32:26:96:b4:63:73:
97:c1:22:2f:04:6d:f8:1f:2e:63:0e:40:b7:93:d1:
9d:15:c2:4b:32:d5:51:0c:dd:e7:fd:cb:c8:ec:cd:
66:39:f1:1e:f6:bd:8a:03:a0:f3:d2:d4:9a:b1:9c:
b7:22:66:93:7b:a9:31:0b:c5:72:d9:8b:2e:b7:a0:
e2:f9:81:e3:69:14:3e:fa:8f:74:87:d8:38:9d:a8:
4d:c8:ab:51:7f:3c:41:4d:2a:f9:db:53:46:db:e6:
1d:65:08:e3:7a:0c:ba:d3:12:56:c4:62:b1:2c:29:
ae:a1:83:10:35:0f:0d:40:33:66:d8:39:d1:4f:33:
42:7b:ee:61:ee:40:64:47:cb:e9:b5:16:aa:a7:eb:
6f:cc:ea:06:a1:cf:b3:5d:2a:23:c1:88:e6:95:f0:
e6:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:AC:65:DD:57:C0:17:88:1D:1B:90:B7:1E:5D:95:65:E9:0D:E9:2F
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS29802.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
96.62.140.0/24
96.62.216.0/24
143.14.110.0/24
143.14.157.0/24
143.14.210.0/24
143.14.213.0/24
145.223.50.0/24
145.223.55.0/24
145.223.60.0/24
145.223.62.0/23
146.103.4.0/24
146.103.19.0/24
147.79.61.0/24
148.135.178.0/23
148.135.190.0/23
148.135.254.0/24
150.241.175.0/24
150.241.233.0/24
155.117.22.0/24
155.117.121.0/24
162.141.52.0/24
162.141.133.0/24
162.141.141.0/24
167.148.118.0/24
167.148.178.0/24
Signature Algorithm: sha256WithRSAEncryption
0d:3f:03:dc:27:fe:c2:20:d7:fc:eb:01:80:19:78:71:e8:01:
69:6c:d3:df:b1:dc:32:4a:54:2e:0d:51:c8:df:63:1e:44:d4:
c6:b5:de:10:df:58:ba:4d:d0:58:91:11:8b:61:89:fb:07:7a:
1f:a8:7c:2a:bf:55:34:e6:cf:26:d6:fc:8d:be:54:bb:9f:ce:
a8:13:d4:2b:a4:0c:cc:0b:95:e3:f7:ea:e8:5a:a1:d8:c6:17:
e6:60:d9:35:b2:9a:02:81:f7:53:fd:53:5e:45:b6:98:74:db:
30:5e:59:6a:33:e2:c0:7e:62:a3:d4:19:3a:5f:71:9e:48:e1:
9f:1a:48:15:49:2d:a3:60:86:d7:75:81:f2:a9:6c:4a:a5:d7:
c0:01:ed:01:a2:d7:cf:16:2a:1a:cb:de:bf:b0:b5:51:56:4c:
21:bd:cc:85:1b:ed:4a:30:a2:ad:bd:a4:f1:a4:48:93:3d:82:
a7:42:ab:72:27:1b:26:8f:3c:df:49:5a:c3:db:ff:bc:fc:a6:
84:20:a2:ed:59:63:4d:20:d7:62:4b:cf:c3:3d:b8:a2:05:2d:
d8:13:47:dd:e1:2d:24:ff:25:36:fe:4a:74:61:6b:b3:09:33:
60:bb:2d:0f:b8:61:46:53:a5:c9:e5:e0:30:eb:76:74:5f:23:
05:c0:17:d2
-----BEGIN CERTIFICATE-----
MIIFlDCCBHygAwIBAgIUMTafBYAoKrIePMLSOtxrtlsmvdgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNjA2MDIxMjA5MjBaFw0yNzA2MDExMjE0MjBaMDMxMTAvBgNV
BAMTKDJBQUM2NURENTdDMDE3ODgxRDFCOTBCNzFFNUQ5NTY1RTkwREU5MkYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDljUDCk+/sejlTUzI7r4adJKih
zeOheHdJvdT6O4fPUWXXgkrwKoPl2cYB9zcJtQS9IbVo8xU5Syv0DPNU7ojHaWH4
wTZtjJsyEp6vdvIlau7/iCbq+vEmVlPeE7QEsWXHDjImlrRjc5fBIi8EbfgfLmMO
QLeT0Z0Vwksy1VEM3ef9y8jszWY58R72vYoDoPPS1JqxnLciZpN7qTELxXLZiy63
oOL5geNpFD76j3SH2DidqE3Iq1F/PEFNKvnbU0bb5h1lCON6DLrTElbEYrEsKa6h
gxA1Dw1AM2bYOdFPM0J77mHuQGRHy+m1Fqqn62/M6gahz7NdKiPBiOaV8ObrAgMB
AAGjggKeMIICmjAdBgNVHQ4EFgQUKqxl3VfAF4gdG5C3Hl2VZekN6S8wHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMjk4MDIucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwgbMGCCsGAQUFBwEHAQH/BIGjMIGgMIGdBAIAATCBlgME
AGA+jAMEAGA+2AMEAI8ObgMEAI8OnQMEAI8O0gMEAI8O1QMEAJHfMgMEAJHfNwME
AJHfPAMEAZHfPgMEAJJnBAMEAJJnEwMEAJNPPQMEAZSHsgMEAZSHvgMEAJSH/gME
AJbxrwMEAJbx6QMEAJt1FgMEAJt1eQMEAKKNNAMEAKKNhQMEAKKNjQMEAKeUdgME
AKeUsjANBgkqhkiG9w0BAQsFAAOCAQEADT8D3Cf+wiDX/OsBgBl4cegBaWzT37Hc
MkpULg1RyN9jHkTUxrXeEN9Yuk3QWJERi2GJ+wd6H6h8Kr9VNObPJtb8jb5Uu5/O
qBPUK6QMzAuV4/fq6Fqh2MYX5mDZNbKaAoH3U/1TXkW2mHTbMF5ZajPiwH5io9QZ
Ol9xnkjhnxpIFUkto2CG13WB8qlsSqXXwAHtAaLXzxYqGsvev7C1UVZMIb3MhRvt
SjCirb2k8aRIkz2Cp0KrcicbJo8830law9v/vPymhCCi7VljTSDXYkvPwz24ogUt
2BNH3eEtJP8lNv5KdGFrswkzYLstD7hhRlOlyeXgMOt2dF8jBcAX0g==
-----END CERTIFICATE-----
Generated at Sat Jun 13 06:44:14 2026 by rpki-client