Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS7029.roa
File: AS7029.roa (raw, json)
Hash identifier: mCHYnEmAkLF2ZQylWkos6TkxOdHsF/7nfjD0oMdjRaI=
Subject key identifier: E1:26:26:76:95:E0:E2:1B:D2:E7:E0:16:53:17:23:0A:22:19:0B:1D
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 774AED0BD8B031388162A4F59D698EDBB79458CB
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS7029.roa
Signing time: Tue 10 Jun 2025 16:45:04 +0000
ROA not before: Tue 10 Jun 2025 16:40:04 +0000
ROA not after: Tue 09 Jun 2026 16:45:04 +0000
asID: 7029
IP address blocks: 46.202.200.0/24 maxlen: 24
46.202.206.0/24 maxlen: 24
46.203.6.0/24 maxlen: 24
91.124.228.0/23 maxlen: 24
91.124.230.0/23 maxlen: 24
91.124.232.0/23 maxlen: 24
91.124.234.0/23 maxlen: 24
92.112.32.0/24 maxlen: 24
92.112.33.0/24 maxlen: 24
92.112.34.0/24 maxlen: 24
92.112.35.0/24 maxlen: 24
92.112.40.0/21 maxlen: 24
92.112.52.0/24 maxlen: 24
92.112.59.0/24 maxlen: 24
92.112.64.0/24 maxlen: 24
92.112.67.0/24 maxlen: 24
92.112.77.0/24 maxlen: 24
92.112.79.0/24 maxlen: 24
92.112.81.0/24 maxlen: 24
92.112.84.0/24 maxlen: 24
92.112.86.0/24 maxlen: 24
92.112.90.0/24 maxlen: 24
92.112.94.0/24 maxlen: 24
92.112.110.0/24 maxlen: 24
92.112.119.0/24 maxlen: 24
92.112.128.0/24 maxlen: 24
92.112.157.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
77:4a:ed:0b:d8:b0:31:38:81:62:a4:f5:9d:69:8e:db:b7:94:58:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Jun 10 16:40:04 2025 GMT
Not After : Jun 9 16:45:04 2026 GMT
Subject: CN=E126267695E0E21BD2E7E0165317230A22190B1D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:26:f9:19:fe:4f:8f:71:ce:da:79:48:38:8f:
e2:6b:d2:6c:60:8d:82:5d:cb:4b:31:3b:f3:6e:d3:
ea:36:f2:95:e5:65:10:3b:90:2f:a1:5b:4a:81:68:
c4:7c:d3:3c:43:d9:ae:5a:34:2a:80:38:d2:fa:90:
8a:26:e8:bd:08:72:b5:b4:2f:55:2f:25:ae:53:25:
02:bb:04:5c:56:72:44:7e:fa:58:2d:0f:dc:f3:d3:
6a:1b:c2:44:a4:be:6b:a5:73:41:23:ee:8f:c2:03:
8f:8a:ce:c8:c4:47:3f:a5:a4:67:8a:a1:17:74:95:
1f:d3:8a:f6:31:35:b1:a7:1d:db:cc:19:67:85:41:
84:b4:8d:6a:18:19:94:0e:43:a0:78:9d:71:3c:78:
c8:9f:0b:8c:4a:ee:6c:5e:53:2c:25:5a:85:59:04:
37:f1:0c:6b:69:32:69:76:27:27:10:21:ba:33:eb:
50:51:b2:c6:c8:40:c7:e6:b1:fc:d7:a9:1d:8f:e9:
29:28:17:c5:df:e6:1f:27:41:7b:d8:6b:87:5e:c7:
6e:9b:d7:24:8a:8d:63:11:4f:4b:11:ce:9a:d5:4c:
b7:0f:8b:70:ec:be:d4:38:df:1a:96:8f:94:b9:a2:
d8:14:79:f6:ac:ae:9d:d3:b7:b7:17:23:0d:a6:b1:
eb:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:26:26:76:95:E0:E2:1B:D2:E7:E0:16:53:17:23:0A:22:19:0B:1D
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS7029.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.202.200.0/24
46.202.206.0/24
46.203.6.0/24
91.124.228.0-91.124.235.255
92.112.32.0/22
92.112.40.0/21
92.112.52.0/24
92.112.59.0/24
92.112.64.0/24
92.112.67.0/24
92.112.77.0/24
92.112.79.0/24
92.112.81.0/24
92.112.84.0/24
92.112.86.0/24
92.112.90.0/24
92.112.94.0/24
92.112.110.0/24
92.112.119.0/24
92.112.128.0/24
92.112.157.0/24
Signature Algorithm: sha256WithRSAEncryption
93:71:2b:70:69:71:41:89:a1:53:52:5a:74:9c:e2:7c:bd:61:
e9:ec:e4:80:fa:19:9d:f5:67:ec:7c:d7:d9:c6:77:71:37:70:
74:0a:aa:bf:59:7d:6a:12:79:25:00:f7:80:c8:e3:4c:90:1a:
85:43:6d:95:f4:6f:02:7a:8f:b5:a1:c9:d9:96:22:2a:44:f8:
6c:e8:b3:2f:d8:c9:e4:30:fd:e4:b9:77:b9:aa:a8:17:4d:7a:
d8:12:ab:49:ba:4e:37:21:b2:7b:ef:13:bd:24:04:2c:e5:00:
5f:d9:4d:66:13:24:ad:05:b8:e9:3a:64:2f:56:c6:94:6b:cb:
07:72:d8:0f:c4:c6:e9:2b:74:f6:6b:35:14:7f:c2:4e:47:27:
d0:ef:5d:61:8d:cf:2a:3c:a9:01:66:0d:80:85:61:de:10:41:
f6:ae:2d:e3:52:c0:5a:8b:3d:48:b1:be:88:d7:00:10:b3:df:
a7:85:25:9f:5c:88:ad:99:59:bd:05:cc:c6:46:3c:08:ff:bd:
20:b3:01:99:78:e0:06:e9:71:39:4e:90:60:b1:c0:8f:23:c0:
d3:88:28:09:b3:fb:60:5f:26:c5:44:1e:bd:56:86:24:58:00:
25:c4:cd:5f:07:95:c5:28:cc:a3:52:bc:5c:c8:8c:ab:ac:d9:
1f:26:17:37
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgIUd0rtC9iwMTiBYqT1nWmO27eUWMswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNTA2MTAxNjQwMDRaFw0yNjA2MDkxNjQ1MDRaMDMxMTAvBgNV
BAMTKEUxMjYyNjc2OTVFMEUyMUJEMkU3RTAxNjUzMTcyMzBBMjIxOTBCMUQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC/JvkZ/k+Pcc7aeUg4j+Jr0mxg
jYJdy0sxO/Nu0+o28pXlZRA7kC+hW0qBaMR80zxD2a5aNCqAONL6kIom6L0IcrW0
L1UvJa5TJQK7BFxWckR++lgtD9zz02obwkSkvmulc0Ej7o/CA4+KzsjERz+lpGeK
oRd0lR/TivYxNbGnHdvMGWeFQYS0jWoYGZQOQ6B4nXE8eMifC4xK7mxeUywlWoVZ
BDfxDGtpMml2JycQIboz61BRssbIQMfmsfzXqR2P6SkoF8Xf5h8nQXvYa4dex26b
1ySKjWMRT0sRzprVTLcPi3DsvtQ43xqWj5S5otgUefasrp3Tt7cXIw2msesFAgMB
AAGjggKNMIICiTAdBgNVHQ4EFgQU4SYmdpXg4hvS5+AWUxcjCiIZCx0wHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTNzAyOS5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCBowYIKwYBBQUHAQcBAf8EgZMwgZAwgY0EAgABMIGGAwQA
LsrIAwQALsrOAwQALssGMAwDBAJbfOQDBAJbfOgDBAJccCADBANccCgDBABccDQD
BABccDsDBABccEADBABccEMDBABccE0DBABccE8DBABccFEDBABccFQDBABccFYD
BABccFoDBABccF4DBABccG4DBABccHcDBABccIADBABccJ0wDQYJKoZIhvcNAQEL
BQADggEBAJNxK3BpcUGJoVNSWnSc4ny9Yens5ID6GZ31Z+x819nGd3E3cHQKqr9Z
fWoSeSUA94DI40yQGoVDbZX0bwJ6j7WhydmWIipE+Gzosy/YyeQw/eS5d7mqqBdN
etgSq0m6TjchsnvvE70kBCzlAF/ZTWYTJK0FuOk6ZC9WxpRrywdy2A/ExukrdPZr
NRR/wk5HJ9DvXWGNzyo8qQFmDYCFYd4QQfauLeNSwFqLPUixvojXABCz36eFJZ9c
iK2ZWb0FzMZGPAj/vSCzAZl44AbpcTlOkGCxwI8jwNOIKAmz+2BfJsVEHr1WhiRY
ACXEzV8HlcUozKNSvFzIjKus2R8mFzc=
-----END CERTIFICATE-----
Generated at Sat Jun 14 10:57:20 2025 by rpki-client