Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS29802.roa
File: AS29802.roa (raw, json)
Hash identifier: 6VPsAmWky5RMxXj0XtJitCJTFQ7L9OVuzothoZAifzg=
Subject key identifier: E4:8E:88:FF:4F:C3:71:17:1D:CF:49:67:61:7F:13:D3:A0:7A:EE:93
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 3495F59039AAB3FE74C0E42050A1F9764A648650
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS29802.roa
Signing time: Sun 22 Mar 2026 11:22:28 +0000
ROA not before: Sun 22 Mar 2026 11:17:28 +0000
ROA not after: Sun 21 Mar 2027 11:22:28 +0000
asID: 29802
IP address blocks: 96.62.140.0/24 maxlen: 24
96.62.216.0/24 maxlen: 24
143.14.110.0/24 maxlen: 24
143.14.157.0/24 maxlen: 24
143.14.198.0/24 maxlen: 24
143.14.210.0/24 maxlen: 24
143.14.213.0/24 maxlen: 24
145.223.50.0/24 maxlen: 24
145.223.55.0/24 maxlen: 24
145.223.60.0/24 maxlen: 24
145.223.62.0/24 maxlen: 24
145.223.63.0/24 maxlen: 24
146.103.4.0/24 maxlen: 24
146.103.19.0/24 maxlen: 24
147.79.61.0/24 maxlen: 24
148.135.178.0/24 maxlen: 24
148.135.179.0/24 maxlen: 24
148.135.190.0/24 maxlen: 24
148.135.191.0/24 maxlen: 24
148.135.254.0/24 maxlen: 24
150.241.175.0/24 maxlen: 24
150.241.233.0/24 maxlen: 24
155.117.22.0/24 maxlen: 24
155.117.121.0/24 maxlen: 24
162.141.44.0/24 maxlen: 24
162.141.52.0/24 maxlen: 24
162.141.133.0/24 maxlen: 24
162.141.141.0/24 maxlen: 24
167.148.118.0/24 maxlen: 24
167.148.177.0/24 maxlen: 24
167.148.178.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Mar 2026 00:55:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
34:95:f5:90:39:aa:b3:fe:74:c0:e4:20:50:a1:f9:76:4a:64:86:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Mar 22 11:17:28 2026 GMT
Not After : Mar 21 11:22:28 2027 GMT
Subject: CN=E48E88FF4FC371171DCF4967617F13D3A07AEE93
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:4c:de:77:90:5c:e1:fd:54:05:49:9b:3e:8c:
ee:2b:1b:04:18:a6:8c:f0:95:07:e1:65:85:6d:76:
50:06:57:91:ec:a9:c4:9c:b0:9b:95:2c:1c:15:8c:
97:20:9a:17:3d:2c:07:30:d8:ac:99:55:ac:24:d1:
73:0c:59:bf:de:a8:94:eb:9f:bc:c9:4d:8a:d0:2c:
34:fa:df:4a:33:7a:cd:13:64:3d:cb:60:d3:35:d7:
03:63:a5:e2:2a:04:d3:ce:74:79:e2:40:9e:7e:74:
2b:3a:50:48:58:9e:36:88:1d:a3:e8:00:7b:68:1e:
b6:a1:cf:6f:cb:71:e0:b7:4c:40:64:68:22:8d:51:
92:ef:af:b3:69:8e:29:37:69:6a:b6:09:9b:7f:91:
a5:1c:ad:16:c8:39:45:60:4f:4a:5f:37:13:12:a4:
ed:55:8a:b0:82:09:31:79:9e:6e:fc:68:07:47:3c:
bd:67:7c:d3:38:bb:d9:ae:a1:12:e2:29:78:3a:e4:
f5:6e:14:91:34:64:25:fc:67:26:44:12:e8:fd:07:
72:f2:fd:67:80:69:6c:d9:9a:bd:d8:fd:45:3b:c4:
d1:56:76:67:c6:a1:71:20:01:2b:8f:9f:97:03:f1:
5a:ed:f7:36:8f:76:7c:9b:84:73:45:47:ba:bd:7a:
83:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:8E:88:FF:4F:C3:71:17:1D:CF:49:67:61:7F:13:D3:A0:7A:EE:93
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS29802.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
96.62.140.0/24
96.62.216.0/24
143.14.110.0/24
143.14.157.0/24
143.14.198.0/24
143.14.210.0/24
143.14.213.0/24
145.223.50.0/24
145.223.55.0/24
145.223.60.0/24
145.223.62.0/23
146.103.4.0/24
146.103.19.0/24
147.79.61.0/24
148.135.178.0/23
148.135.190.0/23
148.135.254.0/24
150.241.175.0/24
150.241.233.0/24
155.117.22.0/24
155.117.121.0/24
162.141.44.0/24
162.141.52.0/24
162.141.133.0/24
162.141.141.0/24
167.148.118.0/24
167.148.177.0-167.148.178.255
Signature Algorithm: sha256WithRSAEncryption
04:f4:9b:45:c1:68:24:eb:a2:47:dc:ec:a4:5e:00:eb:0b:32:
b2:01:b4:cf:7c:55:b7:e8:44:8f:1f:06:38:4e:df:ce:d5:44:
14:04:68:34:1a:64:2b:9c:31:7b:8c:5b:18:76:8c:0c:5a:c8:
54:73:4d:92:8d:12:85:92:39:4b:51:d0:31:3e:f5:f9:85:62:
4a:09:b5:56:43:b7:dd:23:d5:52:ea:6c:67:e6:d0:08:de:b1:
9e:f9:a6:7a:d1:e4:b0:d1:34:85:ea:85:ce:e9:82:4d:2a:14:
7c:70:50:46:df:fc:b5:52:07:f2:53:b2:42:b5:ec:c2:17:d9:
b5:4d:86:55:66:ad:30:85:30:b6:73:38:d2:f9:6a:dc:89:6c:
19:09:3b:ab:5e:76:42:d3:be:dc:f7:b6:8a:e4:a8:5f:ba:4e:
b1:87:48:a3:fc:51:76:7e:df:66:cd:e7:76:46:0c:87:69:c2:
27:18:f2:be:33:86:44:05:70:69:18:d1:16:db:05:51:68:d7:
cf:42:3c:f8:8d:e5:d1:63:6a:d6:2d:0d:bd:6c:f2:e3:50:bb:
e7:7e:27:bc:29:9c:f6:13:91:d9:8f:4b:cd:19:45:24:bf:73:
a4:cc:45:39:5c:1c:ca:13:2d:62:a6:c7:79:f4:c0:3b:cc:4b:
a5:06:5e:46
-----BEGIN CERTIFICATE-----
MIIFqDCCBJCgAwIBAgIUNJX1kDmqs/50wOQgUKH5dkpkhlAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNjAzMjIxMTE3MjhaFw0yNzAzMjExMTIyMjhaMDMxMTAvBgNV
BAMTKEU0OEU4OEZGNEZDMzcxMTcxRENGNDk2NzYxN0YxM0QzQTA3QUVFOTMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC8TN53kFzh/VQFSZs+jO4rGwQY
pozwlQfhZYVtdlAGV5HsqcScsJuVLBwVjJcgmhc9LAcw2KyZVawk0XMMWb/eqJTr
n7zJTYrQLDT630ozes0TZD3LYNM11wNjpeIqBNPOdHniQJ5+dCs6UEhYnjaIHaPo
AHtoHrahz2/LceC3TEBkaCKNUZLvr7Npjik3aWq2CZt/kaUcrRbIOUVgT0pfNxMS
pO1VirCCCTF5nm78aAdHPL1nfNM4u9muoRLiKXg65PVuFJE0ZCX8ZyZEEuj9B3Ly
/WeAaWzZmr3Y/UU7xNFWdmfGoXEgASuPn5cD8Vrt9zaPdnybhHNFR7q9eoNHAgMB
AAGjggKyMIICrjAdBgNVHQ4EFgQU5I6I/0/DcRcdz0lnYX8T06B67pMwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMjk4MDIucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwgccGCCsGAQUFBwEHAQH/BIG3MIG0MIGxBAIAATCBqgME
AGA+jAMEAGA+2AMEAI8ObgMEAI8OnQMEAI8OxgMEAI8O0gMEAI8O1QMEAJHfMgME
AJHfNwMEAJHfPAMEAZHfPgMEAJJnBAMEAJJnEwMEAJNPPQMEAZSHsgMEAZSHvgME
AJSH/gMEAJbxrwMEAJbx6QMEAJt1FgMEAJt1eQMEAKKNLAMEAKKNNAMEAKKNhQME
AKKNjQMEAKeUdjAMAwQAp5SxAwQAp5SyMA0GCSqGSIb3DQEBCwUAA4IBAQAE9JtF
wWgk66JH3OykXgDrCzKyAbTPfFW36ESPHwY4Tt/O1UQUBGg0GmQrnDF7jFsYdowM
WshUc02SjRKFkjlLUdAxPvX5hWJKCbVWQ7fdI9VS6mxn5tAI3rGe+aZ60eSw0TSF
6oXO6YJNKhR8cFBG3/y1UgfyU7JCtezCF9m1TYZVZq0whTC2czjS+WrciWwZCTur
XnZC077c97aK5Khfuk6xh0ij/FF2ft9mzed2RgyHacInGPK+M4ZEBXBpGNEW2wVR
aNfPQjz4jeXRY2rWLQ29bPLjULvnfie8KZz2E5HZj0vNGUUkv3OkzEU5XBzKEy1i
psd59MA7zEulBl5G
-----END CERTIFICATE-----
Generated at Sat Mar 28 10:31:31 2026 by rpki-client