Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS29802.roa
File: AS29802.roa (raw, json)
Hash identifier: CpdqzQGpCFTTfK8XaclgIv60k9/3gPlCNvTLJcCmH6k=
Subject key identifier: D8:6E:77:70:CC:7E:EA:02:1D:75:7E:05:EA:34:3F:E4:F0:03:03:08
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 59D5BF1576395E935A585839847C6C3516F7D7BB
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS29802.roa
Signing time: Fri 01 Aug 2025 00:03:40 +0000
ROA not before: Thu 31 Jul 2025 23:58:40 +0000
ROA not after: Fri 31 Jul 2026 00:03:40 +0000
asID: 29802
IP address blocks: 2.57.22.0/24 maxlen: 24
2.58.28.0/24 maxlen: 24
5.252.68.0/24 maxlen: 24
5.252.69.0/24 maxlen: 24
5.252.70.0/24 maxlen: 24
5.252.73.0/24 maxlen: 24
5.252.161.0/24 maxlen: 24
45.87.186.0/24 maxlen: 24
141.98.88.0/24 maxlen: 24
141.98.90.0/24 maxlen: 24
179.61.195.0/24 maxlen: 24
179.61.225.0/24 maxlen: 24
181.41.213.0/24 maxlen: 24
181.41.222.0/23 maxlen: 24
181.214.35.0/24 maxlen: 24
181.214.52.0/24 maxlen: 24
181.214.123.0/24 maxlen: 24
181.214.219.0/24 maxlen: 24
181.214.242.0/24 maxlen: 24
181.215.46.0/24 maxlen: 24
181.215.61.0/24 maxlen: 24
181.215.89.0/24 maxlen: 24
181.215.183.0/24 maxlen: 24
185.34.40.0/24 maxlen: 24
185.34.41.0/24 maxlen: 24
185.130.204.0/22 maxlen: 24
185.135.11.0/24 maxlen: 24
185.139.237.0/24 maxlen: 24
185.141.164.0/23 maxlen: 24
185.142.26.0/24 maxlen: 24
185.142.27.0/24 maxlen: 24
185.143.228.0/24 maxlen: 24
185.158.148.0/24 maxlen: 24
185.172.58.0/23 maxlen: 24
185.173.24.0/23 maxlen: 24
185.173.32.0/23 maxlen: 24
185.174.62.0/24 maxlen: 24
191.96.42.0/23 maxlen: 24
191.96.50.0/23 maxlen: 24
191.96.70.0/23 maxlen: 24
191.96.97.0/24 maxlen: 24
191.96.192.0/24 maxlen: 24
191.101.62.0/24 maxlen: 24
191.101.164.0/23 maxlen: 24
191.101.204.0/24 maxlen: 24
191.101.253.0/24 maxlen: 24
193.31.40.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 03:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
59:d5:bf:15:76:39:5e:93:5a:58:58:39:84:7c:6c:35:16:f7:d7:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Jul 31 23:58:40 2025 GMT
Not After : Jul 31 00:03:40 2026 GMT
Subject: CN=D86E7770CC7EEA021D757E05EA343FE4F0030308
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:c0:b0:4c:0f:5a:85:c9:c4:70:63:2b:07:7f:
65:15:eb:4c:fe:cb:35:0f:77:2d:06:28:5c:6b:6c:
f4:07:93:c6:df:56:3c:a3:67:5f:62:31:af:e1:61:
f4:dc:c9:a8:59:4b:7b:fb:48:cc:74:e3:bd:24:a3:
23:42:fa:c8:e0:aa:f9:2a:ff:49:05:78:4f:46:aa:
b3:df:d3:f8:26:b3:f8:ee:46:b7:45:67:13:27:5b:
73:fd:3a:d0:5c:f9:e4:c3:71:d5:93:a2:42:ab:d7:
ab:20:8a:1c:a8:78:72:d0:76:b3:b9:28:f8:15:64:
86:60:bf:65:38:ef:51:08:3e:9b:5b:04:f0:20:fb:
ca:94:16:51:ed:f0:af:89:aa:6f:aa:a2:9f:ca:7a:
97:b1:06:0b:0d:1e:46:16:22:56:20:af:13:c5:12:
50:f3:5f:90:16:dd:fd:35:40:59:b7:36:82:19:d8:
f4:34:68:6b:4d:2e:3a:5f:00:b8:1e:ab:d2:a4:67:
ef:08:38:7b:a4:e7:8e:83:4e:c7:54:52:1c:ae:3b:
52:2a:a0:14:0e:cf:1c:e1:0e:3b:72:1d:0a:de:43:
0c:9c:79:aa:00:0a:47:31:9b:21:de:0c:88:6e:de:
e6:d6:cc:7d:4a:5d:53:f5:4b:40:86:de:15:b3:00:
d8:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:6E:77:70:CC:7E:EA:02:1D:75:7E:05:EA:34:3F:E4:F0:03:03:08
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS29802.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.57.22.0/24
2.58.28.0/24
5.252.68.0-5.252.70.255
5.252.73.0/24
5.252.161.0/24
45.87.186.0/24
141.98.88.0/24
141.98.90.0/24
179.61.195.0/24
179.61.225.0/24
181.41.213.0/24
181.41.222.0/23
181.214.35.0/24
181.214.52.0/24
181.214.123.0/24
181.214.219.0/24
181.214.242.0/24
181.215.46.0/24
181.215.61.0/24
181.215.89.0/24
181.215.183.0/24
185.34.40.0/23
185.130.204.0/22
185.135.11.0/24
185.139.237.0/24
185.141.164.0/23
185.142.26.0/23
185.143.228.0/24
185.158.148.0/24
185.172.58.0/23
185.173.24.0/23
185.173.32.0/23
185.174.62.0/24
191.96.42.0/23
191.96.50.0/23
191.96.70.0/23
191.96.97.0/24
191.96.192.0/24
191.101.62.0/24
191.101.164.0/23
191.101.204.0/24
191.101.253.0/24
193.31.40.0/24
Signature Algorithm: sha256WithRSAEncryption
79:9b:b0:94:04:ca:e9:d7:b6:29:e6:a9:36:f6:64:f3:21:f9:
62:05:3b:1c:28:22:d2:3a:46:4c:ff:d3:fd:50:e9:fb:b5:42:
2d:75:21:aa:a1:15:0c:65:63:65:07:59:a3:5e:b5:73:99:6d:
c2:6b:2e:b0:80:67:66:52:45:20:f3:bd:19:a5:32:d0:ba:e3:
1d:d7:6b:51:a1:19:6b:04:ab:92:9b:4c:3f:25:fa:5a:d2:7c:
3c:54:1a:1d:5c:0e:ad:95:7d:20:ee:ec:31:3e:bb:e7:ad:bd:
8e:9c:ab:82:00:30:75:27:c5:1c:b0:6e:0c:fd:ba:9e:9a:97:
d7:ba:97:a7:de:bc:88:3e:a6:3f:b6:61:58:bc:db:95:c7:32:
e5:c9:22:fc:ed:db:45:76:d3:ff:e9:50:87:42:2c:38:98:da:
c3:9a:78:77:95:34:5a:3c:c2:a7:8b:e1:22:a7:f9:de:5a:02:
1f:8c:79:9d:75:71:0d:c8:74:be:4f:2d:72:c2:e9:12:e8:9b:
15:dd:aa:a8:98:a1:1c:98:78:60:82:04:ce:e1:2a:e1:63:f6:
e0:75:5b:69:f1:48:08:30:3d:fa:06:02:b3:e4:dc:f6:4b:d5:
8b:70:b1:ab:a7:25:b8:84:30:8f:05:09:86:a0:3d:94:56:86:
ea:83:12:5a
-----BEGIN CERTIFICATE-----
MIIGDTCCBPWgAwIBAgIUWdW/FXY5XpNaWFg5hHxsNRb317swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNTA3MzEyMzU4NDBaFw0yNjA3MzEwMDAzNDBaMDMxMTAvBgNV
BAMTKEQ4NkU3NzcwQ0M3RUVBMDIxRDc1N0UwNUVBMzQzRkU0RjAwMzAzMDgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCjwLBMD1qFycRwYysHf2UV60z+
yzUPdy0GKFxrbPQHk8bfVjyjZ19iMa/hYfTcyahZS3v7SMx0470koyNC+sjgqvkq
/0kFeE9GqrPf0/gms/juRrdFZxMnW3P9OtBc+eTDcdWTokKr16sgihyoeHLQdrO5
KPgVZIZgv2U471EIPptbBPAg+8qUFlHt8K+Jqm+qop/KepexBgsNHkYWIlYgrxPF
ElDzX5AW3f01QFm3NoIZ2PQ0aGtNLjpfALgeq9KkZ+8IOHuk546DTsdUUhyuO1Iq
oBQOzxzhDjtyHQreQwyceaoACkcxmyHeDIhu3ubWzH1KXVP1S0CG3hWzANjbAgMB
AAGjggMXMIIDEzAdBgNVHQ4EFgQU2G53cMx+6gIddX4F6jQ/5PADAwgwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMjk4MDIucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwggErBggrBgEFBQcBBwEB/wSCARowggEWMIIBEgQCAAEw
ggEKAwQAAjkWAwQAAjocMAwDBAIF/EQDBAAF/EYDBAAF/EkDBAAF/KEDBAAtV7oD
BACNYlgDBACNYloDBACzPcMDBACzPeEDBAC1KdUDBAG1Kd4DBAC11iMDBAC11jQD
BAC11nsDBAC11tsDBAC11vIDBAC11y4DBAC11z0DBAC111kDBAC117cDBAG5IigD
BAK5gswDBAC5hwsDBAC5i+0DBAG5jaQDBAG5jhoDBAC5j+QDBAC5npQDBAG5rDoD
BAG5rRgDBAG5rSADBAC5rj4DBAG/YCoDBAG/YDIDBAG/YEYDBAC/YGEDBAC/YMAD
BAC/ZT4DBAG/ZaQDBAC/ZcwDBAC/Zf0DBADBHygwDQYJKoZIhvcNAQELBQADggEB
AHmbsJQEyunXtinmqTb2ZPMh+WIFOxwoItI6Rkz/0/1Q6fu1Qi11IaqhFQxlY2UH
WaNetXOZbcJrLrCAZ2ZSRSDzvRmlMtC64x3Xa1GhGWsEq5KbTD8l+lrSfDxUGh1c
Dq2VfSDu7DE+u+etvY6cq4IAMHUnxRywbgz9up6al9e6l6fevIg+pj+2YVi825XH
MuXJIvzt20V20//pUIdCLDiY2sOaeHeVNFo8wqeL4SKn+d5aAh+MeZ11cQ3IdL5P
LXLC6RLomxXdqqiYoRyYeGCCBM7hKuFj9uB1W2nxSAgwPfoGArPk3PZL1Ytwsaun
JbiEMI8FCYagPZRWhuqDElo=
-----END CERTIFICATE-----
Generated at Mon Aug 4 07:39:57 2025 by rpki-client