Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS29802.roa
File: AS29802.roa (raw, json)
Hash identifier: VdB66iCDZzh3AElZODCS54y2ljYcL82wj9XgZxclAEE=
Subject key identifier: 18:F8:FA:66:9B:69:5A:27:5F:F8:A6:92:4E:26:91:3A:7A:06:A1:00
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 476FFAF8C27CE449A40557D6D522E025B81FE513
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS29802.roa
Signing time: Fri 06 Feb 2026 14:23:53 +0000
ROA not before: Fri 06 Feb 2026 14:18:53 +0000
ROA not after: Fri 05 Feb 2027 14:23:53 +0000
asID: 29802
IP address blocks: 96.62.140.0/24 maxlen: 24
96.62.216.0/24 maxlen: 24
143.14.110.0/24 maxlen: 24
143.14.157.0/24 maxlen: 24
143.14.198.0/24 maxlen: 24
143.14.210.0/24 maxlen: 24
143.14.213.0/24 maxlen: 24
145.223.50.0/24 maxlen: 24
145.223.55.0/24 maxlen: 24
145.223.60.0/24 maxlen: 24
145.223.62.0/24 maxlen: 24
145.223.63.0/24 maxlen: 24
146.103.4.0/24 maxlen: 24
146.103.19.0/24 maxlen: 24
147.79.61.0/24 maxlen: 24
148.135.178.0/24 maxlen: 24
148.135.179.0/24 maxlen: 24
148.135.190.0/24 maxlen: 24
148.135.191.0/24 maxlen: 24
148.135.254.0/24 maxlen: 24
150.241.175.0/24 maxlen: 24
150.241.233.0/24 maxlen: 24
155.117.22.0/24 maxlen: 24
155.117.121.0/24 maxlen: 24
162.141.52.0/24 maxlen: 24
162.141.133.0/24 maxlen: 24
162.141.141.0/24 maxlen: 24
167.148.118.0/24 maxlen: 24
167.148.177.0/24 maxlen: 24
167.148.178.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
47:6f:fa:f8:c2:7c:e4:49:a4:05:57:d6:d5:22:e0:25:b8:1f:e5:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Feb 6 14:18:53 2026 GMT
Not After : Feb 5 14:23:53 2027 GMT
Subject: CN=18F8FA669B695A275FF8A6924E26913A7A06A100
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:96:e5:d2:bb:e6:36:fc:9d:3f:15:7d:82:d8:
2c:e7:e1:5c:08:be:6b:9c:56:5c:4c:0f:16:d0:0a:
11:11:0f:69:37:f8:69:de:a8:47:02:31:11:1a:28:
d6:dd:b6:7c:17:54:76:e5:fd:39:dc:16:d4:bc:82:
79:e0:78:7d:14:11:19:c3:e5:c6:15:76:bb:84:e6:
37:fb:e4:e4:6a:a4:cd:e9:e9:f0:ef:e6:10:3b:e4:
fb:76:2d:0a:2b:a7:ff:29:c4:71:e6:24:ab:ee:a4:
e6:c9:35:38:87:15:a8:8f:a0:e1:a4:47:56:50:cb:
b7:2a:4a:96:8c:5b:7e:b3:9f:c4:7e:f1:ff:61:3c:
95:ae:6e:75:0c:72:01:f0:95:c0:e2:1e:b9:c9:b2:
14:eb:57:f3:45:ee:d7:69:5f:2a:c3:a6:4b:59:92:
d7:50:74:4f:a9:b8:4c:3f:46:4c:c4:26:6b:85:2a:
e2:73:ba:2f:c3:e4:dc:f8:46:33:89:f3:ce:88:a9:
29:46:66:2e:f6:9f:ef:f1:94:67:9e:9e:33:51:93:
f9:63:27:7e:65:d6:a3:45:3c:bc:6e:22:63:5f:08:
3b:c1:a8:65:92:61:ca:a1:17:b8:e7:6f:46:a0:70:
cc:8b:f2:30:43:7e:00:b0:af:e1:ee:4a:55:45:56:
d7:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:F8:FA:66:9B:69:5A:27:5F:F8:A6:92:4E:26:91:3A:7A:06:A1:00
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS29802.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
96.62.140.0/24
96.62.216.0/24
143.14.110.0/24
143.14.157.0/24
143.14.198.0/24
143.14.210.0/24
143.14.213.0/24
145.223.50.0/24
145.223.55.0/24
145.223.60.0/24
145.223.62.0/23
146.103.4.0/24
146.103.19.0/24
147.79.61.0/24
148.135.178.0/23
148.135.190.0/23
148.135.254.0/24
150.241.175.0/24
150.241.233.0/24
155.117.22.0/24
155.117.121.0/24
162.141.52.0/24
162.141.133.0/24
162.141.141.0/24
167.148.118.0/24
167.148.177.0-167.148.178.255
Signature Algorithm: sha256WithRSAEncryption
90:66:1a:fa:ad:14:f2:8c:98:5d:bc:9b:b6:d0:59:03:27:e0:
02:a7:59:1c:a9:ed:f6:06:a6:03:61:40:83:b5:06:1b:d3:7b:
d2:fe:bb:4a:1a:23:c2:e4:f0:47:16:8d:13:12:72:90:8b:02:
b0:49:a4:89:57:75:29:67:e9:11:56:0f:37:3b:fa:3d:82:61:
b8:12:5a:6d:c4:e8:34:e6:42:dc:64:32:07:1c:b5:97:8a:d3:
e9:a2:7c:dd:01:99:4d:b9:7e:01:ee:36:17:af:38:b6:15:ca:
be:1e:fe:6e:11:84:01:4a:45:d8:22:53:f4:23:e6:95:8f:a7:
12:ea:ec:5c:ea:fa:78:df:6a:77:d9:d4:49:32:78:10:29:9e:
98:c6:7a:95:51:51:d7:77:7c:75:49:bd:55:89:bb:d4:6d:c2:
e5:46:f8:5e:9d:73:c9:64:6b:bf:3e:13:28:74:27:1d:6f:96:
01:ea:7a:d8:d6:a5:94:8e:1d:fe:51:5f:93:a5:a3:48:db:0f:
99:19:ca:37:97:7e:25:82:7a:c0:2d:0d:15:0e:ba:20:17:5b:
81:55:b1:f5:91:1f:3e:72:5d:e4:70:ec:d2:c8:36:62:89:1b:
8b:42:9e:57:a3:34:70:bf:63:99:47:d6:76:15:6a:e6:39:cc:
be:b4:a9:e7
-----BEGIN CERTIFICATE-----
MIIFojCCBIqgAwIBAgIUR2/6+MJ85EmkBVfW1SLgJbgf5RMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNjAyMDYxNDE4NTNaFw0yNzAyMDUxNDIzNTNaMDMxMTAvBgNV
BAMTKDE4RjhGQTY2OUI2OTVBMjc1RkY4QTY5MjRFMjY5MTNBN0EwNkExMDAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDPluXSu+Y2/J0/FX2C2Czn4VwI
vmucVlxMDxbQChERD2k3+GneqEcCMREaKNbdtnwXVHbl/TncFtS8gnngeH0UERnD
5cYVdruE5jf75ORqpM3p6fDv5hA75Pt2LQorp/8pxHHmJKvupObJNTiHFaiPoOGk
R1ZQy7cqSpaMW36zn8R+8f9hPJWubnUMcgHwlcDiHrnJshTrV/NF7tdpXyrDpktZ
ktdQdE+puEw/RkzEJmuFKuJzui/D5Nz4RjOJ886IqSlGZi72n+/xlGeenjNRk/lj
J35l1qNFPLxuImNfCDvBqGWSYcqhF7jnb0agcMyL8jBDfgCwr+HuSlVFVtfrAgMB
AAGjggKsMIICqDAdBgNVHQ4EFgQUGPj6ZptpWidf+KaSTiaROnoGoQAwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMjk4MDIucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwgcEGCCsGAQUFBwEHAQH/BIGxMIGuMIGrBAIAATCBpAME
AGA+jAMEAGA+2AMEAI8ObgMEAI8OnQMEAI8OxgMEAI8O0gMEAI8O1QMEAJHfMgME
AJHfNwMEAJHfPAMEAZHfPgMEAJJnBAMEAJJnEwMEAJNPPQMEAZSHsgMEAZSHvgME
AJSH/gMEAJbxrwMEAJbx6QMEAJt1FgMEAJt1eQMEAKKNNAMEAKKNhQMEAKKNjQME
AKeUdjAMAwQAp5SxAwQAp5SyMA0GCSqGSIb3DQEBCwUAA4IBAQCQZhr6rRTyjJhd
vJu20FkDJ+ACp1kcqe32BqYDYUCDtQYb03vS/rtKGiPC5PBHFo0TEnKQiwKwSaSJ
V3UpZ+kRVg83O/o9gmG4ElptxOg05kLcZDIHHLWXitPponzdAZlNuX4B7jYXrzi2
Fcq+Hv5uEYQBSkXYIlP0I+aVj6cS6uxc6vp432p32dRJMngQKZ6YxnqVUVHXd3x1
Sb1VibvUbcLlRvhenXPJZGu/PhModCcdb5YB6nrY1qWUjh3+UV+TpaNI2w+ZGco3
l34lgnrALQ0VDrogF1uBVbH1kR8+cl3kcOzSyDZiiRuLQp5XozRwv2OZR9Z2FWrm
Ocy+tKnn
-----END CERTIFICATE-----
Generated at Mon Mar 2 04:28:11 2026 by rpki-client