Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS29802.roa
File: AS29802.roa (raw, json)
Hash identifier: e6QpgmDqmwn50GM9i+c93hl6ckGZdkITMeplYPjHTZE=
Subject key identifier: 0D:7D:CE:BC:BF:F6:7A:67:D8:40:20:D0:60:D9:14:63:5D:49:3D:BA
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 2A24C31C19A9EE25D777D15FBF12DA8EA2108E62
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS29802.roa
Signing time: Thu 09 Apr 2026 00:00:43 +0000
ROA not before: Wed 08 Apr 2026 23:55:43 +0000
ROA not after: Thu 08 Apr 2027 00:00:43 +0000
asID: 29802
IP address blocks: 2.57.22.0/24 maxlen: 24
2.58.28.0/24 maxlen: 24
5.252.68.0/24 maxlen: 24
5.252.69.0/24 maxlen: 24
5.252.70.0/24 maxlen: 24
5.252.71.0/24 maxlen: 24
5.252.73.0/24 maxlen: 24
5.252.161.0/24 maxlen: 24
45.87.186.0/24 maxlen: 24
141.98.88.0/24 maxlen: 24
141.98.90.0/24 maxlen: 24
179.61.143.0/24 maxlen: 24
179.61.158.0/24 maxlen: 24
179.61.195.0/24 maxlen: 24
181.41.213.0/24 maxlen: 24
181.41.222.0/23 maxlen: 24
181.214.35.0/24 maxlen: 24
181.214.52.0/24 maxlen: 24
181.214.123.0/24 maxlen: 24
181.214.219.0/24 maxlen: 24
181.214.242.0/24 maxlen: 24
181.215.37.0/24 maxlen: 24
181.215.46.0/24 maxlen: 24
181.215.61.0/24 maxlen: 24
181.215.89.0/24 maxlen: 24
181.215.165.0/24 maxlen: 24
181.215.183.0/24 maxlen: 24
181.215.231.0/24 maxlen: 24
185.34.40.0/24 maxlen: 24
185.34.41.0/24 maxlen: 24
185.130.204.0/22 maxlen: 24
185.135.8.0/24 maxlen: 24
185.135.11.0/24 maxlen: 24
185.139.237.0/24 maxlen: 24
185.141.164.0/23 maxlen: 24
185.142.26.0/24 maxlen: 24
185.142.27.0/24 maxlen: 24
185.143.228.0/24 maxlen: 24
185.158.148.0/24 maxlen: 24
185.172.58.0/23 maxlen: 24
185.173.24.0/23 maxlen: 24
185.173.32.0/23 maxlen: 24
185.174.62.0/24 maxlen: 24
191.96.42.0/23 maxlen: 24
191.96.50.0/23 maxlen: 24
191.96.70.0/23 maxlen: 24
191.96.97.0/24 maxlen: 24
191.96.109.0/24 maxlen: 24
191.96.167.0/24 maxlen: 24
191.96.188.0/24 maxlen: 24
191.96.189.0/24 maxlen: 24
191.96.192.0/24 maxlen: 24
191.101.62.0/24 maxlen: 24
191.101.65.0/24 maxlen: 24
191.101.73.0/24 maxlen: 24
191.101.93.0/24 maxlen: 24
191.101.134.0/24 maxlen: 24
191.101.164.0/23 maxlen: 24
191.101.205.0/24 maxlen: 24
191.101.253.0/24 maxlen: 24
193.31.40.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 19 Apr 2026 15:35:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2a:24:c3:1c:19:a9:ee:25:d7:77:d1:5f:bf:12:da:8e:a2:10:8e:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Apr 8 23:55:43 2026 GMT
Not After : Apr 8 00:00:43 2027 GMT
Subject: CN=0D7DCEBCBFF67A67D84020D060D914635D493DBA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:f0:79:b3:a4:12:98:b1:2a:05:30:d5:7f:bf:
aa:5a:de:0e:9e:1b:65:56:4c:61:93:19:08:be:3e:
22:f3:d3:c2:a7:44:67:3a:68:44:cf:b9:6b:34:eb:
66:06:1d:cd:81:84:87:d4:22:6b:97:6e:77:0e:39:
d4:e3:64:79:78:45:f4:19:6a:63:1e:97:b3:e9:15:
ea:22:99:d5:d3:31:3b:93:45:27:86:79:eb:a3:97:
4c:6b:e8:07:19:98:c1:35:a6:9a:b4:95:9b:ea:a5:
70:da:53:a7:f3:5a:7e:44:69:f0:03:7c:c7:22:36:
b8:2b:ee:cf:79:0b:9f:e9:94:4b:b6:cb:d0:7b:5f:
41:c2:17:4c:39:d3:02:f4:1e:bf:1e:95:f8:76:69:
3b:4e:2f:17:46:47:f9:82:6c:b6:d2:69:c1:27:ec:
41:bd:31:70:12:30:91:50:75:68:9d:c4:ae:69:40:
90:fe:a3:ff:30:a3:33:a7:a0:fe:6c:6a:5e:d5:39:
35:cc:da:69:3a:5d:41:bf:06:07:98:37:2d:0c:04:
23:5e:ff:61:4c:a5:fb:d9:f7:7e:2c:8e:4a:ec:b5:
95:9a:04:9d:e5:b3:82:4c:70:67:ad:51:7c:5b:6a:
68:3a:33:19:a6:54:1a:cf:75:a3:78:f0:7c:99:de:
2a:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:7D:CE:BC:BF:F6:7A:67:D8:40:20:D0:60:D9:14:63:5D:49:3D:BA
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS29802.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.57.22.0/24
2.58.28.0/24
5.252.68.0/22
5.252.73.0/24
5.252.161.0/24
45.87.186.0/24
141.98.88.0/24
141.98.90.0/24
179.61.143.0/24
179.61.158.0/24
179.61.195.0/24
181.41.213.0/24
181.41.222.0/23
181.214.35.0/24
181.214.52.0/24
181.214.123.0/24
181.214.219.0/24
181.214.242.0/24
181.215.37.0/24
181.215.46.0/24
181.215.61.0/24
181.215.89.0/24
181.215.165.0/24
181.215.183.0/24
181.215.231.0/24
185.34.40.0/23
185.130.204.0/22
185.135.8.0/24
185.135.11.0/24
185.139.237.0/24
185.141.164.0/23
185.142.26.0/23
185.143.228.0/24
185.158.148.0/24
185.172.58.0/23
185.173.24.0/23
185.173.32.0/23
185.174.62.0/24
191.96.42.0/23
191.96.50.0/23
191.96.70.0/23
191.96.97.0/24
191.96.109.0/24
191.96.167.0/24
191.96.188.0/23
191.96.192.0/24
191.101.62.0/24
191.101.65.0/24
191.101.73.0/24
191.101.93.0/24
191.101.134.0/24
191.101.164.0/23
191.101.205.0/24
191.101.253.0/24
193.31.40.0/24
Signature Algorithm: sha256WithRSAEncryption
94:6e:51:e7:99:46:fd:e6:14:ca:d9:33:4d:2c:23:7d:63:16:
b4:0c:bd:b9:15:df:51:6b:67:31:fd:d1:7c:d8:f8:8c:c4:21:
37:d2:45:7d:63:5b:0f:54:0a:bc:21:f2:f2:1a:c9:2b:ed:cb:
10:09:a9:0e:d4:0f:cf:81:f9:80:97:03:a6:48:64:ec:24:97:
52:98:a7:89:2b:00:30:2f:41:79:2b:a0:b7:99:40:a8:8f:28:
d9:d2:3c:25:9f:27:f2:b2:b2:45:71:59:18:05:49:9b:af:ca:
d4:e2:d1:cc:78:ee:95:23:b6:04:d3:d2:85:3f:b3:e5:26:c1:
f3:1d:92:a4:43:e0:fe:31:b4:92:38:4d:07:26:9e:97:55:eb:
0f:45:d3:5b:ac:b3:e9:af:6a:e5:c5:93:5d:15:09:29:ca:a7:
89:7e:65:07:0f:a9:2e:61:cf:d9:5a:5e:49:03:a8:c1:13:be:
cf:4a:7e:14:40:3f:50:2a:4c:d0:68:42:05:9f:8e:af:56:e2:
b4:87:13:38:c8:d3:fe:70:ee:37:0b:a5:41:d2:7b:09:a9:21:
f3:40:4a:b1:23:ee:03:ca:b3:2a:49:49:b5:4e:bf:f1:04:19:
90:70:3e:d6:37:24:c2:f6:3a:e5:e6:f1:68:39:59:42:e8:dd:
6c:cf:71:1e
-----BEGIN CERTIFICATE-----
MIIGTTCCBTWgAwIBAgIUKiTDHBmp7iXXd9FfvxLajqIQjmIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNjA0MDgyMzU1NDNaFw0yNzA0MDgwMDAwNDNaMDMxMTAvBgNV
BAMTKDBEN0RDRUJDQkZGNjdBNjdEODQwMjBEMDYwRDkxNDYzNUQ0OTNEQkEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDM8HmzpBKYsSoFMNV/v6pa3g6e
G2VWTGGTGQi+PiLz08KnRGc6aETPuWs062YGHc2BhIfUImuXbncOOdTjZHl4RfQZ
amMel7PpFeoimdXTMTuTRSeGeeujl0xr6AcZmME1ppq0lZvqpXDaU6fzWn5EafAD
fMciNrgr7s95C5/plEu2y9B7X0HCF0w50wL0Hr8elfh2aTtOLxdGR/mCbLbSacEn
7EG9MXASMJFQdWidxK5pQJD+o/8wozOnoP5sal7VOTXM2mk6XUG/BgeYNy0MBCNe
/2FMpfvZ934sjkrstZWaBJ3ls4JMcGetUXxbamg6MxmmVBrPdaN48HyZ3iqZAgMB
AAGjggNXMIIDUzAdBgNVHQ4EFgQUDX3OvL/2emfYQCDQYNkUY11JPbowHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMjk4MDIucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwggFrBggrBgEFBQcBBwEB/wSCAVowggFWMIIBUgQCAAEw
ggFKAwQAAjkWAwQAAjocAwQCBfxEAwQABfxJAwQABfyhAwQALVe6AwQAjWJYAwQA
jWJaAwQAsz2PAwQAsz2eAwQAsz3DAwQAtSnVAwQBtSneAwQAtdYjAwQAtdY0AwQA
tdZ7AwQAtdbbAwQAtdbyAwQAtdclAwQAtdcuAwQAtdc9AwQAtddZAwQAtdelAwQA
tde3AwQAtdfnAwQBuSIoAwQCuYLMAwQAuYcIAwQAuYcLAwQAuYvtAwQBuY2kAwQB
uY4aAwQAuY/kAwQAuZ6UAwQBuaw6AwQBua0YAwQBua0gAwQAua4+AwQBv2AqAwQB
v2AyAwQBv2BGAwQAv2BhAwQAv2BtAwQAv2CnAwQBv2C8AwQAv2DAAwQAv2U+AwQA
v2VBAwQAv2VJAwQAv2VdAwQAv2WGAwQBv2WkAwQAv2XNAwQAv2X9AwQAwR8oMA0G
CSqGSIb3DQEBCwUAA4IBAQCUblHnmUb95hTK2TNNLCN9Yxa0DL25Fd9Ra2cx/dF8
2PiMxCE30kV9Y1sPVAq8IfLyGskr7csQCakO1A/PgfmAlwOmSGTsJJdSmKeJKwAw
L0F5K6C3mUCojyjZ0jwlnyfysrJFcVkYBUmbr8rU4tHMeO6VI7YE09KFP7PlJsHz
HZKkQ+D+MbSSOE0HJp6XVesPRdNbrLPpr2rlxZNdFQkpyqeJfmUHD6kuYc/ZWl5J
A6jBE77PSn4UQD9QKkzQaEIFn46vVuK0hxM4yNP+cO43C6VB0nsJqSHzQEqxI+4D
yrMqSUm1Tr/xBBmQcD7WNyTC9jrl5vFoOVlC6N1sz3Ee
-----END CERTIFICATE-----
Generated at Sun Apr 19 08:36:56 2026 by rpki-client