Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/AS29802.roa
File: AS29802.roa (raw, json)
Hash identifier: mvd6pI4Tt0F/byXlo0+57Il/hrWSRuZcY7zJYnDk5aI=
Subject key identifier: CA:3E:B4:F6:D3:FB:4F:A6:4C:6C:A4:63:05:D0:3A:1F:9B:7F:47:10
Certificate issuer: /CN=88c14ec02adbf083138eddd47871176ddeb93d9d
Certificate serial: 13CE3F86D205C67526D47F03C24BC89539164C70
Authority key identifier: 88:C1:4E:C0:2A:DB:F0:83:13:8E:DD:D4:78:71:17:6D:DE:B9:3D:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/AS29802.roa
Signing time: Sun 02 Nov 2025 13:34:35 +0000
ROA not before: Sun 02 Nov 2025 13:29:35 +0000
ROA not after: Sun 01 Nov 2026 13:34:35 +0000
asID: 29802
IP address blocks: 143.20.168.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.crl
rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.mft
rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 18:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
13:ce:3f:86:d2:05:c6:75:26:d4:7f:03:c2:4b:c8:95:39:16:4c:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88c14ec02adbf083138eddd47871176ddeb93d9d
Validity
Not Before: Nov 2 13:29:35 2025 GMT
Not After : Nov 1 13:34:35 2026 GMT
Subject: CN=CA3EB4F6D3FB4FA64C6CA46305D03A1F9B7F4710
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:60:2f:cb:67:65:c0:e1:71:d7:ad:f4:5b:25:
5e:eb:ce:77:63:69:71:c8:ab:97:8c:fe:f6:4d:ac:
70:c2:c7:60:e9:0c:a6:de:b7:2f:2d:45:3f:12:a2:
aa:e7:97:aa:68:57:98:87:81:d4:c1:99:d7:44:98:
5c:ef:89:ec:56:bf:ec:98:3d:bb:3b:8a:f0:56:da:
a8:db:e4:36:a8:35:ad:be:cd:e1:e1:9f:7e:2c:4e:
f0:ed:4c:d3:b2:28:9f:6f:b4:78:d0:9c:7f:62:f5:
a7:fd:7c:4c:94:d9:77:05:d5:22:65:6c:02:da:00:
86:ec:a0:30:82:08:b9:58:b6:db:f2:e3:02:a9:56:
75:cf:59:d3:ee:9c:64:08:24:c0:02:07:f8:cc:24:
dd:2b:a9:a5:a0:5b:e0:4a:fa:bd:b2:b4:45:35:ad:
75:26:0f:1c:29:21:c2:49:23:f3:2a:13:1d:98:ea:
8d:ba:06:bd:91:04:70:18:ca:c7:45:93:02:48:20:
d3:18:fa:dc:1b:78:79:71:25:f8:ba:26:91:09:cb:
01:64:b1:86:98:80:a9:36:9a:0b:17:56:03:a2:b2:
06:d9:b4:61:3c:67:f0:0e:00:58:46:b3:01:f0:b1:
b1:8a:d0:a9:12:be:01:76:bf:18:5e:cd:a4:79:6c:
77:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:3E:B4:F6:D3:FB:4F:A6:4C:6C:A4:63:05:D0:3A:1F:9B:7F:47:10
X509v3 Authority Key Identifier:
keyid:88:C1:4E:C0:2A:DB:F0:83:13:8E:DD:D4:78:71:17:6D:DE:B9:3D:9D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/AS29802.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.20.168.0/24
Signature Algorithm: sha256WithRSAEncryption
71:94:33:cb:ab:8b:e3:df:64:ed:37:8f:d1:e8:d5:d7:c9:42:
63:8b:b8:3b:cd:be:76:ae:be:48:2c:5d:9b:ac:98:8c:2c:0a:
26:9f:eb:f9:8f:ee:04:e5:85:81:47:1f:d7:19:f7:c3:9e:fd:
a6:7a:b7:aa:ec:8b:28:f1:07:31:85:b2:c1:2c:ab:b0:41:8a:
f7:a7:e8:7e:15:6e:9b:e8:cf:1d:32:9e:52:d8:7b:19:f2:0a:
a8:de:13:b4:ad:8e:40:38:8a:27:07:a0:8e:20:d9:4a:a8:83:
cf:46:a1:80:60:66:b3:ce:51:e7:a8:70:a0:0a:b6:c2:2d:7e:
87:a2:8f:e3:e2:f0:1b:37:93:65:e7:3b:c5:2f:00:a5:1e:d3:
91:eb:36:ad:5a:67:36:8d:3c:d5:f3:6c:1c:df:92:ce:9b:61:
5c:32:1f:fc:11:f9:a6:11:50:48:fc:95:3f:fe:44:99:ec:75:
65:ef:ca:8d:a6:4a:7b:13:cf:52:ef:11:9b:9a:53:3c:f1:94:
24:f7:e3:ec:c6:21:db:e3:ca:29:d1:36:31:67:25:85:19:49:
cf:ba:b4:fc:19:78:7d:b9:01:4c:0b:af:37:56:1e:81:63:b8:
a2:aa:2e:20:8a:5a:7a:4a:96:2d:b4:94:35:2a:6d:62:54:4d:
8b:49:3e:55
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgIUE84/htIFxnUm1H8DwkvIlTkWTHAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODhjMTRlYzAyYWRiZjA4MzEzOGVkZGQ0Nzg3MTE3NmRk
ZWI5M2Q5ZDAeFw0yNTExMDIxMzI5MzVaFw0yNjExMDExMzM0MzVaMDMxMTAvBgNV
BAMTKENBM0VCNEY2RDNGQjRGQTY0QzZDQTQ2MzA1RDAzQTFGOUI3RjQ3MTAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCjYC/LZ2XA4XHXrfRbJV7rzndj
aXHIq5eM/vZNrHDCx2DpDKbety8tRT8Soqrnl6poV5iHgdTBmddEmFzviexWv+yY
Pbs7ivBW2qjb5DaoNa2+zeHhn34sTvDtTNOyKJ9vtHjQnH9i9af9fEyU2XcF1SJl
bALaAIbsoDCCCLlYttvy4wKpVnXPWdPunGQIJMACB/jMJN0rqaWgW+BK+r2ytEU1
rXUmDxwpIcJJI/MqEx2Y6o26Br2RBHAYysdFkwJIINMY+twbeHlxJfi6JpEJywFk
sYaYgKk2mgsXVgOisgbZtGE8Z/AOAFhGswHwsbGK0KkSvgF2vxhezaR5bHd9AgMB
AAGjggIJMIICBTAdBgNVHQ4EFgQUyj609tP7T6ZMbKRjBdA6H5t/RxAwHwYDVR0j
BBgwFoAUiMFOwCrb8IMTjt3UeHEXbd65PZ0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQwOWQ3YjItZWU2NC00OWYxLWFkODEtOGU0YTEwN2Q2
MmUwLzAvODhDMTRFQzAyQURCRjA4MzEzOEVEREQ0Nzg3MTE3NkRERUI5M0Q5RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2lNRk93Q3JiOElNVGp0M1VlSEVYYmQ2
NVBaMC5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0MDlkN2IyLWVlNjQt
NDlmMS1hZDgxLThlNGExMDdkNjJlMC8wL0FTMjk4MDIucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACPFKgw
DQYJKoZIhvcNAQELBQADggEBAHGUM8uri+PfZO03j9Ho1dfJQmOLuDvNvnauvkgs
XZusmIwsCiaf6/mP7gTlhYFHH9cZ98Oe/aZ6t6rsiyjxBzGFssEsq7BBiven6H4V
bpvozx0ynlLYexnyCqjeE7StjkA4iicHoI4g2Uqog89GoYBgZrPOUeeocKAKtsIt
foeij+Pi8Bs3k2XnO8UvAKUe05HrNq1aZzaNPNXzbBzfks6bYVwyH/wR+aYRUEj8
lT/+RJnsdWXvyo2mSnsTz1LvEZuaUzzxlCT34+zGIdvjyinRNjFnJYUZSc+6tPwZ
eH25AUwLrzdWHoFjuKKqLiCKWnpKli20lDUqbWJUTYtJPlU=
-----END CERTIFICATE-----
Generated at Wed Nov 5 00:01:04 2025 by rpki-client