Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS7029.roa
File: AS7029.roa (raw, json)
Hash identifier: 3StLmr0QVNK5bltoiLptaoTSmlTYuxvCXJxjSMoEudU=
Subject key identifier: AD:AF:B7:6F:D7:0F:C0:A0:8C:E0:DF:C3:72:CF:89:40:70:AD:02:C0
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 27DAED2D5F5DE54373126168DE96806C935EC32F
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS7029.roa
Signing time: Mon 27 Oct 2025 05:49:46 +0000
ROA not before: Mon 27 Oct 2025 05:44:46 +0000
ROA not after: Mon 26 Oct 2026 05:49:46 +0000
asID: 7029
IP address blocks: 46.202.87.0/24 maxlen: 24
46.202.96.0/24 maxlen: 24
46.202.97.0/24 maxlen: 24
46.202.98.0/24 maxlen: 24
46.202.99.0/24 maxlen: 24
46.202.124.0/24 maxlen: 24
46.202.125.0/24 maxlen: 24
46.202.126.0/24 maxlen: 24
46.202.127.0/24 maxlen: 24
46.202.200.0/24 maxlen: 24
46.202.201.0/24 maxlen: 24
46.202.202.0/24 maxlen: 24
46.202.203.0/24 maxlen: 24
46.202.206.0/24 maxlen: 24
46.202.207.0/24 maxlen: 24
46.202.216.0/24 maxlen: 24
46.202.217.0/24 maxlen: 24
46.202.219.0/24 maxlen: 24
46.202.220.0/24 maxlen: 24
46.202.221.0/24 maxlen: 24
46.202.222.0/24 maxlen: 24
46.202.223.0/24 maxlen: 24
46.203.3.0/24 maxlen: 24
46.203.5.0/24 maxlen: 24
46.203.6.0/24 maxlen: 24
46.203.13.0/24 maxlen: 24
46.203.14.0/24 maxlen: 24
46.203.21.0/24 maxlen: 24
46.203.22.0/24 maxlen: 24
46.203.29.0/24 maxlen: 24
46.203.32.0/24 maxlen: 24
46.203.43.0/24 maxlen: 24
46.203.44.0/24 maxlen: 24
46.203.47.0/24 maxlen: 24
46.203.54.0/24 maxlen: 24
46.203.56.0/24 maxlen: 24
46.203.58.0/24 maxlen: 24
46.203.62.0/24 maxlen: 24
46.203.74.0/24 maxlen: 24
46.203.80.0/24 maxlen: 24
46.203.91.0/24 maxlen: 24
46.203.92.0/24 maxlen: 24
46.203.104.0/24 maxlen: 24
46.203.113.0/24 maxlen: 24
46.203.121.0/24 maxlen: 24
46.203.137.0/24 maxlen: 24
46.203.161.0/24 maxlen: 24
91.124.228.0/23 maxlen: 24
91.124.230.0/23 maxlen: 24
91.124.232.0/23 maxlen: 24
91.124.234.0/23 maxlen: 24
92.112.32.0/24 maxlen: 24
92.112.33.0/24 maxlen: 24
92.112.34.0/24 maxlen: 24
92.112.35.0/24 maxlen: 24
92.112.40.0/21 maxlen: 24
92.112.157.0/24 maxlen: 24
92.113.215.0/24 maxlen: 24
92.113.254.0/23 maxlen: 24
178.92.80.0/24 maxlen: 24
178.92.82.0/24 maxlen: 24
178.95.208.0/20 maxlen: 20
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 14:35:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
27:da:ed:2d:5f:5d:e5:43:73:12:61:68:de:96:80:6c:93:5e:c3:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Oct 27 05:44:46 2025 GMT
Not After : Oct 26 05:49:46 2026 GMT
Subject: CN=ADAFB76FD70FC0A08CE0DFC372CF894070AD02C0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:94:19:b8:fa:75:43:8e:6d:73:9a:f3:3f:c4:
92:ec:1f:1b:d3:aa:a2:48:c4:c1:66:48:83:db:1b:
38:29:e9:d9:0f:0b:4a:06:bc:a9:43:31:c9:99:fc:
59:dc:ad:2f:76:8a:72:07:6a:31:8e:c1:be:ca:d6:
32:d8:08:f3:c4:88:0e:20:9f:34:a9:a8:4a:b7:5a:
04:02:53:2c:9d:a6:50:c2:e7:d4:71:43:c6:83:7e:
1d:6e:3a:90:c1:2a:f0:5b:23:88:26:e7:54:13:4d:
93:46:7d:10:b1:e6:76:07:f7:28:6d:ca:e6:ca:e4:
5e:87:8d:91:57:bc:33:18:1e:dc:4d:72:90:48:22:
5f:1e:ae:ff:b5:b9:07:8b:05:0c:05:d3:45:b5:73:
db:e5:74:b2:2c:1b:f7:20:df:44:db:21:2a:78:8d:
78:b3:54:a2:32:bc:56:1e:79:1d:7e:46:5c:6e:af:
f3:7f:be:c3:e1:70:9f:79:d2:27:b5:d1:d6:18:a7:
1a:7a:1f:6d:96:0e:98:ba:c9:8b:46:bf:27:77:ed:
bd:f6:3b:58:d3:55:f6:33:6e:44:29:fb:9f:c5:7c:
58:98:0f:57:56:bd:3a:62:43:5a:34:d6:c4:19:24:
f3:78:58:aa:9c:24:6d:96:0b:67:68:c4:23:95:8c:
40:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:AF:B7:6F:D7:0F:C0:A0:8C:E0:DF:C3:72:CF:89:40:70:AD:02:C0
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS7029.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.202.87.0/24
46.202.96.0/22
46.202.124.0/22
46.202.200.0/22
46.202.206.0/23
46.202.216.0/23
46.202.219.0-46.202.223.255
46.203.3.0/24
46.203.5.0-46.203.6.255
46.203.13.0-46.203.14.255
46.203.21.0-46.203.22.255
46.203.29.0/24
46.203.32.0/24
46.203.43.0-46.203.44.255
46.203.47.0/24
46.203.54.0/24
46.203.56.0/24
46.203.58.0/24
46.203.62.0/24
46.203.74.0/24
46.203.80.0/24
46.203.91.0-46.203.92.255
46.203.104.0/24
46.203.113.0/24
46.203.121.0/24
46.203.137.0/24
46.203.161.0/24
91.124.228.0-91.124.235.255
92.112.32.0/22
92.112.40.0/21
92.112.157.0/24
92.113.215.0/24
92.113.254.0/23
178.92.80.0/24
178.92.82.0/24
178.95.208.0/20
Signature Algorithm: sha256WithRSAEncryption
37:32:2c:54:c3:24:c4:1c:b5:06:06:18:55:78:5d:07:07:10:
f7:ab:44:20:51:ac:07:de:ea:ae:60:1f:c0:70:ea:9e:2d:b1:
86:57:4f:42:bd:12:a5:f7:dc:c6:6d:f9:29:a6:b0:6d:1d:d9:
84:c6:3f:bc:33:12:60:62:cf:f1:55:51:34:a5:bc:09:9c:38:
7b:72:eb:73:77:b8:4c:14:2f:a1:d1:34:d2:f4:42:46:59:7b:
52:9e:9f:db:db:6c:89:23:40:c9:87:d8:79:c5:ab:ce:00:62:
ae:a6:70:21:bd:e7:2c:08:ae:5e:8d:9d:39:1a:11:9c:29:d5:
67:bd:8d:41:f8:5f:bf:bc:62:7f:a5:b7:75:b4:f2:e5:72:68:
6d:30:8e:6d:7c:e4:f1:f2:1b:d7:a5:6e:b2:2f:e2:7c:1d:e8:
1e:43:f0:00:f7:0b:d5:2d:bc:f6:33:11:ca:69:d3:33:18:0b:
59:d4:b1:08:45:50:c1:ad:68:4d:00:46:f1:9d:ee:18:ec:c9:
48:f7:82:cb:d9:64:02:7d:e3:4e:04:4a:7d:3a:1c:ac:ed:6c:
e8:b2:19:28:ff:91:5c:96:e3:b9:a4:7d:d6:e5:ae:fa:89:c3:
24:ef:e4:2f:c4:b6:05:5e:73:fd:f6:3b:c7:07:64:2a:de:08:
46:d6:3a:19
-----BEGIN CERTIFICATE-----
MIIGEjCCBPqgAwIBAgIUJ9rtLV9d5UNzEmFo3paAbJNewy8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNTEwMjcwNTQ0NDZaFw0yNjEwMjYwNTQ5NDZaMDMxMTAvBgNV
BAMTKEFEQUZCNzZGRDcwRkMwQTA4Q0UwREZDMzcyQ0Y4OTQwNzBBRDAyQzAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDGlBm4+nVDjm1zmvM/xJLsHxvT
qqJIxMFmSIPbGzgp6dkPC0oGvKlDMcmZ/FncrS92inIHajGOwb7K1jLYCPPEiA4g
nzSpqEq3WgQCUyydplDC59RxQ8aDfh1uOpDBKvBbI4gm51QTTZNGfRCx5nYH9yht
yubK5F6HjZFXvDMYHtxNcpBIIl8erv+1uQeLBQwF00W1c9vldLIsG/cg30TbISp4
jXizVKIyvFYeeR1+Rlxur/N/vsPhcJ950ie10dYYpxp6H22WDpi6yYtGvyd37b32
O1jTVfYzbkQp+5/FfFiYD1dWvTpiQ1o01sQZJPN4WKqcJG2WC2doxCOVjEDlAgMB
AAGjggMcMIIDGDAdBgNVHQ4EFgQUra+3b9cPwKCM4N/Dcs+JQHCtAsAwHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTNzAyOS5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCCATEGCCsGAQUFBwEHAQH/BIIBIDCCARwwggEYBAIAATCC
ARADBAAuylcDBAIuymADBAIuynwDBAIuysgDBAEuys4DBAEuytgwDAMEAC7K2wME
BS7KwAMEAC7LAzAMAwQALssFAwQALssGMAwDBAAuyw0DBAAuyw4wDAMEAC7LFQME
AC7LFgMEAC7LHQMEAC7LIDAMAwQALssrAwQALsssAwQALssvAwQALss2AwQALss4
AwQALss6AwQALss+AwQALstKAwQALstQMAwDBAAuy1sDBAAuy1wDBAAuy2gDBAAu
y3EDBAAuy3kDBAAuy4kDBAAuy6EwDAMEAlt85AMEAlt86AMEAlxwIAMEA1xwKAME
AFxwnQMEAFxx1wMEAVxx/gMEALJcUAMEALJcUgMEBLJf0DANBgkqhkiG9w0BAQsF
AAOCAQEANzIsVMMkxBy1BgYYVXhdBwcQ96tEIFGsB97qrmAfwHDqni2xhldPQr0S
pffcxm35KaawbR3ZhMY/vDMSYGLP8VVRNKW8CZw4e3Lrc3e4TBQvodE00vRCRll7
Up6f29tsiSNAyYfYecWrzgBirqZwIb3nLAiuXo2dORoRnCnVZ72NQfhfv7xif6W3
dbTy5XJobTCObXzk8fIb16Vusi/ifB3oHkPwAPcL1S289jMRymnTMxgLWdSxCEVQ
wa1oTQBG8Z3uGOzJSPeCy9lkAn3jTgRKfTocrO1s6LIZKP+RXJbjuaR91uWu+onD
JO/kL8S2BV5z/fY7xwdkKt4IRtY6GQ==
-----END CERTIFICATE-----
Generated at Tue Nov 4 19:22:33 2025 by rpki-client