Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS29802.roa
File: AS29802.roa (raw, json)
Hash identifier: hayphipq/lHS/cJ/a/aqhXmkexvD2Vpe5urYFye8Jos=
Subject key identifier: 2F:6F:C6:5A:92:F3:1E:3F:E1:CA:35:FB:FB:87:11:61:E2:C6:4E:28
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 4437A26C5456C155C3371FA0EC0F1744B58523C1
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS29802.roa
Signing time: Tue 15 Apr 2025 11:32:32 +0000
ROA not before: Tue 15 Apr 2025 11:27:32 +0000
ROA not after: Tue 14 Apr 2026 11:32:32 +0000
asID: 29802
IP address blocks: 2.57.22.0/24 maxlen: 24
2.58.28.0/24 maxlen: 24
5.252.68.0/24 maxlen: 24
5.252.69.0/24 maxlen: 24
5.252.70.0/24 maxlen: 24
5.252.73.0/24 maxlen: 24
5.252.161.0/24 maxlen: 24
45.87.186.0/24 maxlen: 24
141.98.88.0/24 maxlen: 24
141.98.90.0/24 maxlen: 24
179.61.195.0/24 maxlen: 24
179.61.225.0/24 maxlen: 24
181.41.211.0/24 maxlen: 24
181.41.213.0/24 maxlen: 24
181.41.222.0/23 maxlen: 24
181.214.35.0/24 maxlen: 24
181.214.52.0/24 maxlen: 24
181.214.123.0/24 maxlen: 24
181.214.219.0/24 maxlen: 24
181.214.242.0/24 maxlen: 24
181.215.46.0/24 maxlen: 24
181.215.61.0/24 maxlen: 24
181.215.89.0/24 maxlen: 24
181.215.183.0/24 maxlen: 24
185.34.40.0/24 maxlen: 24
185.34.41.0/24 maxlen: 24
185.130.204.0/22 maxlen: 24
185.135.11.0/24 maxlen: 24
185.139.237.0/24 maxlen: 24
185.141.164.0/23 maxlen: 24
185.142.26.0/24 maxlen: 24
185.142.27.0/24 maxlen: 24
185.143.228.0/24 maxlen: 24
185.158.135.0/24 maxlen: 24
185.158.148.0/24 maxlen: 24
185.172.58.0/23 maxlen: 24
185.173.24.0/23 maxlen: 24
185.173.32.0/23 maxlen: 24
185.174.62.0/24 maxlen: 24
191.96.42.0/23 maxlen: 24
191.96.50.0/23 maxlen: 24
191.96.70.0/23 maxlen: 24
191.96.97.0/24 maxlen: 24
191.96.192.0/24 maxlen: 24
191.101.62.0/24 maxlen: 24
191.101.164.0/23 maxlen: 24
191.101.204.0/24 maxlen: 24
191.101.253.0/24 maxlen: 24
193.31.40.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 10:58:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
44:37:a2:6c:54:56:c1:55:c3:37:1f:a0:ec:0f:17:44:b5:85:23:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Apr 15 11:27:32 2025 GMT
Not After : Apr 14 11:32:32 2026 GMT
Subject: CN=2F6FC65A92F31E3FE1CA35FBFB871161E2C64E28
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:42:fd:4a:fa:15:e0:f2:cf:16:b1:48:29:ca:
f0:bb:0c:36:70:28:a8:8d:01:cb:a9:1c:7e:81:56:
4b:f5:a2:cd:3a:7f:31:d7:52:0a:9b:a6:bd:04:2a:
3c:69:5f:82:67:c4:ab:4a:9a:70:8f:4f:ab:3d:c9:
05:d9:ea:c9:d5:36:34:a1:e0:9d:57:92:8b:a9:0f:
8e:24:e4:24:b7:8f:1c:6c:7a:10:fe:d8:d8:bd:49:
a5:a3:ed:17:f3:a9:81:a0:e3:b2:f2:e3:18:c0:10:
64:98:93:d3:6e:34:55:d7:20:e7:93:4d:e3:e9:a8:
31:c7:04:1b:3e:7e:3a:4f:35:bd:b9:bf:54:ef:97:
1f:cb:81:6d:67:2b:18:c0:5a:e9:17:99:a6:5e:4e:
af:21:c4:64:b2:b3:e3:f7:fe:8b:01:ac:37:0e:46:
5f:d7:81:92:c0:35:2d:d6:c6:4c:b8:75:80:39:a2:
35:a1:86:75:6e:28:5a:6e:44:ff:9b:81:f7:43:6e:
bf:15:1c:de:4f:f9:ba:70:7a:47:72:79:fe:32:5f:
e0:3c:84:73:03:be:55:21:5f:fa:58:18:26:d0:19:
d0:55:21:f4:a4:c8:c7:cd:c2:b6:82:92:ea:23:4d:
28:2b:21:87:18:0c:0f:07:83:d0:13:49:4b:6d:7d:
7e:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:6F:C6:5A:92:F3:1E:3F:E1:CA:35:FB:FB:87:11:61:E2:C6:4E:28
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS29802.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.57.22.0/24
2.58.28.0/24
5.252.68.0-5.252.70.255
5.252.73.0/24
5.252.161.0/24
45.87.186.0/24
141.98.88.0/24
141.98.90.0/24
179.61.195.0/24
179.61.225.0/24
181.41.211.0/24
181.41.213.0/24
181.41.222.0/23
181.214.35.0/24
181.214.52.0/24
181.214.123.0/24
181.214.219.0/24
181.214.242.0/24
181.215.46.0/24
181.215.61.0/24
181.215.89.0/24
181.215.183.0/24
185.34.40.0/23
185.130.204.0/22
185.135.11.0/24
185.139.237.0/24
185.141.164.0/23
185.142.26.0/23
185.143.228.0/24
185.158.135.0/24
185.158.148.0/24
185.172.58.0/23
185.173.24.0/23
185.173.32.0/23
185.174.62.0/24
191.96.42.0/23
191.96.50.0/23
191.96.70.0/23
191.96.97.0/24
191.96.192.0/24
191.101.62.0/24
191.101.164.0/23
191.101.204.0/24
191.101.253.0/24
193.31.40.0/24
Signature Algorithm: sha256WithRSAEncryption
73:a0:f7:96:c6:8e:ae:a6:b5:a9:c3:31:29:00:93:67:14:ae:
3f:f4:c3:10:36:4d:83:a5:17:d7:00:74:e5:9a:15:ea:21:18:
72:87:7b:f1:86:8a:d4:13:3a:ec:a1:cd:96:c9:24:5f:0b:03:
9c:78:ce:81:91:b4:af:72:9b:a0:93:14:99:c9:34:b6:5a:4d:
ac:52:bf:3d:66:e5:43:88:5f:d9:f3:5f:68:9d:d8:eb:6d:5e:
f5:da:12:8d:b5:d1:a4:74:c4:2e:d4:fa:e1:90:ad:b3:4b:60:
e7:c8:ce:5c:07:d2:15:66:aa:f9:62:db:d4:bc:c8:67:2f:32:
1c:23:43:27:be:f9:9c:16:f4:a6:84:fc:4a:37:fe:4c:e6:28:
c6:f5:4d:1e:28:41:83:e0:d3:0b:31:11:74:95:89:4d:0b:43:
7b:3d:1e:45:97:4e:ff:f2:1b:83:79:05:15:37:30:ba:a2:3a:
84:65:56:b3:db:3f:dc:91:14:7a:f8:49:40:61:6c:b8:fb:bc:
4f:26:16:9d:22:f0:55:7f:7e:2a:dd:52:3f:e2:d0:a9:2a:93:
6e:49:26:65:bd:2d:e0:bb:27:24:08:cb:16:cb:de:5f:1b:6a:
0b:11:9c:55:2d:11:2b:58:b2:2f:62:69:ed:98:38:e9:b7:fa:
04:f8:cd:e2
-----BEGIN CERTIFICATE-----
MIIGGTCCBQGgAwIBAgIURDeibFRWwVXDNx+g7A8XRLWFI8EwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNTA0MTUxMTI3MzJaFw0yNjA0MTQxMTMyMzJaMDMxMTAvBgNV
BAMTKDJGNkZDNjVBOTJGMzFFM0ZFMUNBMzVGQkZCODcxMTYxRTJDNjRFMjgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDbQv1K+hXg8s8WsUgpyvC7DDZw
KKiNAcupHH6BVkv1os06fzHXUgqbpr0EKjxpX4JnxKtKmnCPT6s9yQXZ6snVNjSh
4J1XkoupD44k5CS3jxxsehD+2Ni9SaWj7RfzqYGg47Ly4xjAEGSYk9NuNFXXIOeT
TePpqDHHBBs+fjpPNb25v1Tvlx/LgW1nKxjAWukXmaZeTq8hxGSys+P3/osBrDcO
Rl/XgZLANS3Wxky4dYA5ojWhhnVuKFpuRP+bgfdDbr8VHN5P+bpwekdyef4yX+A8
hHMDvlUhX/pYGCbQGdBVIfSkyMfNwraCkuojTSgrIYcYDA8Hg9ATSUttfX4VAgMB
AAGjggMjMIIDHzAdBgNVHQ4EFgQUL2/GWpLzHj/hyjX7+4cRYeLGTigwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMjk4MDIucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwggE3BggrBgEFBQcBBwEB/wSCASYwggEiMIIBHgQCAAEw
ggEWAwQAAjkWAwQAAjocMAwDBAIF/EQDBAAF/EYDBAAF/EkDBAAF/KEDBAAtV7oD
BACNYlgDBACNYloDBACzPcMDBACzPeEDBAC1KdMDBAC1KdUDBAG1Kd4DBAC11iMD
BAC11jQDBAC11nsDBAC11tsDBAC11vIDBAC11y4DBAC11z0DBAC111kDBAC117cD
BAG5IigDBAK5gswDBAC5hwsDBAC5i+0DBAG5jaQDBAG5jhoDBAC5j+QDBAC5nocD
BAC5npQDBAG5rDoDBAG5rRgDBAG5rSADBAC5rj4DBAG/YCoDBAG/YDIDBAG/YEYD
BAC/YGEDBAC/YMADBAC/ZT4DBAG/ZaQDBAC/ZcwDBAC/Zf0DBADBHygwDQYJKoZI
hvcNAQELBQADggEBAHOg95bGjq6mtanDMSkAk2cUrj/0wxA2TYOlF9cAdOWaFeoh
GHKHe/GGitQTOuyhzZbJJF8LA5x4zoGRtK9ym6CTFJnJNLZaTaxSvz1m5UOIX9nz
X2id2OttXvXaEo210aR0xC7U+uGQrbNLYOfIzlwH0hVmqvli29S8yGcvMhwjQye+
+ZwW9KaE/Eo3/kzmKMb1TR4oQYPg0wsxEXSViU0LQ3s9HkWXTv/yG4N5BRU3MLqi
OoRlVrPbP9yRFHr4SUBhbLj7vE8mFp0i8FV/firdUj/i0Kkqk25JJmW9LeC7JyQI
yxbL3l8bagsRnFUtEStYsi9iae2YOOm3+gT4zeI=
-----END CERTIFICATE-----
Generated at Sat Apr 26 15:53:31 2025 by rpki-client