Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS29802.roa
File: AS29802.roa (raw, json)
Hash identifier: e7uqVvU8o8eiAF5gZF3LHlN8osAtGqQBVtZkXGu0xMY=
Subject key identifier: 25:BD:42:6C:2F:B6:A6:C8:FA:7C:46:50:B0:83:DF:59:E7:D3:C2:67
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 1812183E52743E17017E4ECE541AAA49C72E55F4
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS29802.roa
Signing time: Thu 05 Jun 2025 07:32:22 +0000
ROA not before: Thu 05 Jun 2025 07:27:22 +0000
ROA not after: Thu 04 Jun 2026 07:32:22 +0000
asID: 29802
IP address blocks: 46.202.232.0/22 maxlen: 24
46.202.240.0/22 maxlen: 24
46.203.108.0/22 maxlen: 24
46.203.116.0/22 maxlen: 24
46.203.128.0/22 maxlen: 24
46.203.140.0/22 maxlen: 24
46.203.198.0/24 maxlen: 24
46.203.201.0/24 maxlen: 24
46.203.206.0/24 maxlen: 24
46.203.209.0/24 maxlen: 24
91.124.130.0/24 maxlen: 24
91.124.149.0/24 maxlen: 24
92.112.134.0/24 maxlen: 24
92.112.136.0/24 maxlen: 24
92.112.139.0/24 maxlen: 24
92.112.145.0/24 maxlen: 24
92.112.148.0/24 maxlen: 24
92.112.150.0/24 maxlen: 24
92.112.168.0/24 maxlen: 24
92.112.169.0/24 maxlen: 24
92.112.173.0/24 maxlen: 24
92.112.174.0/24 maxlen: 24
92.112.203.0/24 maxlen: 24
92.113.83.0/24 maxlen: 24
92.113.103.0/24 maxlen: 24
92.113.162.0/24 maxlen: 24
92.113.232.0/24 maxlen: 24
92.113.233.0/24 maxlen: 24
92.113.237.0/24 maxlen: 24
92.113.238.0/24 maxlen: 24
92.113.242.0/24 maxlen: 24
92.113.243.0/24 maxlen: 24
95.134.160.0/22 maxlen: 22
95.135.60.0/24 maxlen: 24
178.92.92.0/22 maxlen: 22
178.93.112.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 18:29:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
18:12:18:3e:52:74:3e:17:01:7e:4e:ce:54:1a:aa:49:c7:2e:55:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Jun 5 07:27:22 2025 GMT
Not After : Jun 4 07:32:22 2026 GMT
Subject: CN=25BD426C2FB6A6C8FA7C4650B083DF59E7D3C267
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:01:3b:f4:3a:eb:54:77:a8:dc:d0:4a:3d:c6:
58:1c:e3:9c:20:28:a4:c8:89:01:34:cc:c8:7f:65:
a2:8f:16:7c:42:93:70:89:e6:d9:f6:07:4c:a1:93:
ad:c7:84:fc:5e:f7:ad:14:8e:4e:f3:b7:1d:53:05:
80:97:30:46:1a:30:94:b4:f8:1a:7f:31:53:f9:fd:
a5:c8:06:f2:ee:ab:ff:6c:c7:60:1c:df:15:25:14:
2e:9e:77:f1:73:38:24:6f:61:6e:9b:d7:97:64:0b:
8b:ea:8b:1f:38:41:f1:00:14:09:b5:6b:5d:15:59:
04:5d:74:37:d9:11:fd:43:31:70:52:fa:de:f5:13:
25:7a:9f:3e:06:6b:ea:1a:b3:9a:56:55:3f:9c:5f:
d7:b9:d2:24:99:b4:f6:4e:eb:72:32:d9:50:b8:ac:
ff:72:d8:60:79:52:9f:02:a1:6c:33:59:48:ab:17:
e5:9b:74:03:0b:34:f9:de:dc:f8:3c:1b:04:3c:95:
18:26:e4:46:fd:c4:63:0e:f5:b2:99:49:53:0a:60:
d3:07:1d:38:47:6e:f8:f6:87:df:fc:af:0e:6d:16:
31:8b:d6:f7:a3:49:b8:81:70:3f:63:16:00:db:be:
c1:6f:e2:a3:8b:af:33:c6:50:20:b9:be:16:a0:fd:
ae:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:BD:42:6C:2F:B6:A6:C8:FA:7C:46:50:B0:83:DF:59:E7:D3:C2:67
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS29802.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.202.232.0/22
46.202.240.0/22
46.203.108.0/22
46.203.116.0/22
46.203.128.0/22
46.203.140.0/22
46.203.198.0/24
46.203.201.0/24
46.203.206.0/24
46.203.209.0/24
91.124.130.0/24
91.124.149.0/24
92.112.134.0/24
92.112.136.0/24
92.112.139.0/24
92.112.145.0/24
92.112.148.0/24
92.112.150.0/24
92.112.168.0/23
92.112.173.0-92.112.174.255
92.112.203.0/24
92.113.83.0/24
92.113.103.0/24
92.113.162.0/24
92.113.232.0/23
92.113.237.0-92.113.238.255
92.113.242.0/23
95.134.160.0/22
95.135.60.0/24
178.92.92.0/22
178.93.112.0/22
Signature Algorithm: sha256WithRSAEncryption
51:c0:f7:e4:05:39:6e:75:98:83:2a:e7:88:65:9e:18:2f:e6:
38:a0:51:e7:83:40:e7:35:95:94:69:5a:c0:f0:04:c9:0d:ee:
eb:db:09:40:97:b2:18:e5:e1:5a:54:a1:bb:7b:ce:f7:8b:53:
3b:21:8b:ae:bc:45:e0:1a:d5:80:5c:a8:2a:7c:69:b8:9a:9f:
44:44:b4:5a:d5:60:00:06:08:a3:71:a9:db:ce:4a:51:92:d7:
bc:bc:dd:c3:07:e5:ee:b5:6c:fb:44:50:30:58:e7:a6:66:f7:
b3:7e:9b:5f:da:38:e9:72:f5:f0:df:3a:d9:8d:75:71:4e:de:
87:2a:cc:33:46:f4:30:a3:03:08:ac:eb:f3:95:56:cf:ee:aa:
44:69:0f:a5:43:e6:76:0f:f3:14:ce:f8:e6:f9:7b:50:d7:f6:
40:72:5b:5b:8a:9b:37:b1:10:cc:42:9f:33:70:c9:28:46:5a:
3f:91:07:54:e0:98:30:5a:8e:90:8b:3e:b9:52:8d:09:9e:99:
41:95:75:39:ac:97:fd:ff:d8:3d:58:52:ea:b1:ff:99:e8:c4:
c7:a5:22:b2:05:02:ae:f1:55:82:4a:da:31:2b:5a:aa:9d:2c:
41:91:97:b5:13:96:2a:4c:32:70:20:bb:3b:df:59:0a:2f:81:
86:39:50:17
-----BEGIN CERTIFICATE-----
MIIFyDCCBLCgAwIBAgIUGBIYPlJ0PhcBfk7OVBqqSccuVfQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNTA2MDUwNzI3MjJaFw0yNjA2MDQwNzMyMjJaMDMxMTAvBgNV
BAMTKDI1QkQ0MjZDMkZCNkE2QzhGQTdDNDY1MEIwODNERjU5RTdEM0MyNjcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCmATv0OutUd6jc0Eo9xlgc45wg
KKTIiQE0zMh/ZaKPFnxCk3CJ5tn2B0yhk63HhPxe960Ujk7ztx1TBYCXMEYaMJS0
+Bp/MVP5/aXIBvLuq/9sx2Ac3xUlFC6ed/FzOCRvYW6b15dkC4vqix84QfEAFAm1
a10VWQRddDfZEf1DMXBS+t71EyV6nz4Ga+oas5pWVT+cX9e50iSZtPZO63Iy2VC4
rP9y2GB5Up8CoWwzWUirF+WbdAMLNPne3Pg8GwQ8lRgm5Eb9xGMO9bKZSVMKYNMH
HThHbvj2h9/8rw5tFjGL1vejSbiBcD9jFgDbvsFv4qOLrzPGUCC5vhag/a65AgMB
AAGjggLSMIICzjAdBgNVHQ4EFgQUJb1CbC+2psj6fEZQsIPfWefTwmcwHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTMjk4MDIucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwgecGCCsGAQUFBwEHAQH/BIHXMIHUMIHRBAIAATCBygME
Ai7K6AMEAi7K8AMEAi7LbAMEAi7LdAMEAi7LgAMEAi7LjAMEAC7LxgMEAC7LyQME
AC7LzgMEAC7L0QMEAFt8ggMEAFt8lQMEAFxwhgMEAFxwiAMEAFxwiwMEAFxwkQME
AFxwlAMEAFxwlgMEAVxwqDAMAwQAXHCtAwQAXHCuAwQAXHDLAwQAXHFTAwQAXHFn
AwQAXHGiAwQBXHHoMAwDBABcce0DBABcce4DBAFccfIDBAJfhqADBABfhzwDBAKy
XFwDBAKyXXAwDQYJKoZIhvcNAQELBQADggEBAFHA9+QFOW51mIMq54hlnhgv5jig
UeeDQOc1lZRpWsDwBMkN7uvbCUCXshjl4VpUobt7zveLUzshi668ReAa1YBcqCp8
abian0REtFrVYAAGCKNxqdvOSlGS17y83cMH5e61bPtEUDBY56Zm97N+m1/aOOly
9fDfOtmNdXFO3ocqzDNG9DCjAwis6/OVVs/uqkRpD6VD5nYP8xTO+Ob5e1DX9kBy
W1uKmzexEMxCnzNwyShGWj+RB1TgmDBajpCLPrlSjQmemUGVdTmsl/3/2D1YUuqx
/5noxMelIrIFAq7xVYJK2jErWqqdLEGRl7UTlipMMnAguzvfWQovgYY5UBc=
-----END CERTIFICATE-----
Generated at Sat Jun 14 23:38:38 2025 by rpki-client