Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS29802.roa
File: AS29802.roa (raw, json)
Hash identifier: kkis2FvxAj22T6TFBs7LgSOh/ohjOMoVx58Qla3bLUM=
Subject key identifier: 19:39:C7:0F:00:D7:8B:48:E7:0D:59:46:EC:47:18:1A:DA:B5:51:47
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 154E070C5672BC60F2D74795F1D8A30666025C8B
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS29802.roa
Signing time: Mon 13 Oct 2025 00:06:43 +0000
ROA not before: Mon 13 Oct 2025 00:01:43 +0000
ROA not after: Mon 12 Oct 2026 00:06:43 +0000
asID: 29802
IP address blocks: 96.62.140.0/24 maxlen: 24
96.62.216.0/24 maxlen: 24
143.14.110.0/24 maxlen: 24
143.14.210.0/24 maxlen: 24
143.14.213.0/24 maxlen: 24
145.223.50.0/24 maxlen: 24
145.223.55.0/24 maxlen: 24
145.223.60.0/24 maxlen: 24
145.223.62.0/24 maxlen: 24
145.223.63.0/24 maxlen: 24
146.103.4.0/24 maxlen: 24
146.103.19.0/24 maxlen: 24
148.135.178.0/24 maxlen: 24
148.135.179.0/24 maxlen: 24
148.135.190.0/24 maxlen: 24
148.135.191.0/24 maxlen: 24
148.135.254.0/24 maxlen: 24
150.241.233.0/24 maxlen: 24
155.117.121.0/24 maxlen: 24
162.141.52.0/24 maxlen: 24
162.141.141.0/24 maxlen: 24
167.148.178.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 00:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
15:4e:07:0c:56:72:bc:60:f2:d7:47:95:f1:d8:a3:06:66:02:5c:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Oct 13 00:01:43 2025 GMT
Not After : Oct 12 00:06:43 2026 GMT
Subject: CN=1939C70F00D78B48E70D5946EC47181ADAB55147
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:c7:bc:a7:16:39:81:9b:3f:d5:81:99:28:00:
d5:7a:8a:35:7f:d5:d1:85:7f:5f:ca:6b:38:78:d6:
c5:75:1a:2c:01:00:64:ee:9e:09:71:e2:5a:a8:3a:
f8:b3:3d:47:1c:9b:a1:6b:5c:da:69:b2:ba:a3:bd:
8e:4d:dc:13:27:37:ee:b8:ba:b5:6f:04:25:86:52:
45:83:9f:e9:68:f1:f8:c0:ef:0b:99:df:85:26:ee:
71:8a:5f:82:a9:61:7c:9e:0d:7c:29:f3:4c:f2:91:
e4:39:90:8e:40:a3:9c:a4:e7:db:b8:3e:8d:ac:79:
2a:96:b3:e2:b3:65:f8:c3:4d:99:1c:60:fd:aa:d7:
18:4e:ea:c8:e1:82:78:20:c7:36:43:34:06:87:1f:
a9:de:e7:d3:a7:2b:39:70:a0:6d:72:df:31:73:a0:
7d:4e:ea:8e:fa:ed:d8:1c:d6:63:26:93:ae:11:d1:
3e:c5:91:43:54:9a:9b:81:b7:4c:ac:96:d6:f4:b6:
53:52:c1:29:00:59:10:be:b8:57:c9:13:60:6e:d0:
7b:5e:90:fe:cb:17:d3:6b:4b:2a:3c:1a:fb:e6:72:
0d:2a:9f:77:be:ae:d6:17:d5:14:a9:6f:16:91:a4:
73:e1:89:1e:d2:c3:e9:e7:ee:82:b6:00:e6:a6:7d:
ff:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:39:C7:0F:00:D7:8B:48:E7:0D:59:46:EC:47:18:1A:DA:B5:51:47
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS29802.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
96.62.140.0/24
96.62.216.0/24
143.14.110.0/24
143.14.210.0/24
143.14.213.0/24
145.223.50.0/24
145.223.55.0/24
145.223.60.0/24
145.223.62.0/23
146.103.4.0/24
146.103.19.0/24
148.135.178.0/23
148.135.190.0/23
148.135.254.0/24
150.241.233.0/24
155.117.121.0/24
162.141.52.0/24
162.141.141.0/24
167.148.178.0/24
Signature Algorithm: sha256WithRSAEncryption
4d:fa:3d:0a:1d:fe:bc:f7:82:12:a6:80:81:0b:30:91:d6:6c:
fd:3d:5e:4e:5a:d0:e7:5f:2b:31:9a:9e:ec:7d:79:fa:f2:ad:
75:d6:1f:1a:0c:d8:84:95:85:29:66:77:58:76:dc:d0:c8:82:
10:9c:6c:83:3a:2a:a4:20:4c:ed:db:68:f3:80:c0:37:9c:5d:
48:72:b9:7b:99:c6:06:e8:18:b4:77:b0:f9:00:71:41:59:48:
46:de:03:79:44:2f:3c:44:da:bf:8f:91:61:ea:b6:49:c2:8f:
11:6a:86:5a:82:8b:51:27:ae:69:2a:cf:26:77:38:b6:5f:7a:
e0:39:ca:1a:f3:5a:46:6b:85:f1:75:1b:f0:e3:36:02:a6:bf:
c0:0a:ad:da:b8:c8:7a:47:f7:90:3a:82:cc:d3:24:99:92:f8:
36:f9:99:fb:8d:11:94:65:f4:ec:e2:de:6f:b4:f9:88:60:c9:
42:30:0d:61:49:a6:cf:ca:e9:8a:36:58:13:3b:52:7b:c6:95:
36:93:cb:07:e9:6d:ca:85:c7:ca:46:28:57:b0:97:6a:98:32:
b8:f6:e9:8e:f9:a0:59:98:63:b7:75:ba:9b:db:9c:3a:4f:d7:
25:ac:f3:38:70:ad:9c:1e:d0:8e:b0:f3:93:10:58:fe:9f:1b:
2b:34:ac:ea
-----BEGIN CERTIFICATE-----
MIIFbDCCBFSgAwIBAgIUFU4HDFZyvGDy10eV8dijBmYCXIswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTEwMTMwMDAxNDNaFw0yNjEwMTIwMDA2NDNaMDMxMTAvBgNV
BAMTKDE5MzlDNzBGMDBENzhCNDhFNzBENTk0NkVDNDcxODFBREFCNTUxNDcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCTx7ynFjmBmz/VgZkoANV6ijV/
1dGFf1/Kazh41sV1GiwBAGTunglx4lqoOvizPUccm6FrXNppsrqjvY5N3BMnN+64
urVvBCWGUkWDn+lo8fjA7wuZ34Um7nGKX4KpYXyeDXwp80zykeQ5kI5Ao5yk59u4
Po2seSqWs+KzZfjDTZkcYP2q1xhO6sjhgnggxzZDNAaHH6ne59OnKzlwoG1y3zFz
oH1O6o767dgc1mMmk64R0T7FkUNUmpuBt0ysltb0tlNSwSkAWRC+uFfJE2Bu0Hte
kP7LF9NrSyo8Gvvmcg0qn3e+rtYX1RSpbxaRpHPhiR7Sw+nn7oK2AOamff9LAgMB
AAGjggJ2MIICcjAdBgNVHQ4EFgQUGTnHDwDXi0jnDVlG7EcYGtq1UUcwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMjk4MDIucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwgYsGCCsGAQUFBwEHAQH/BHwwejB4BAIAATByAwQAYD6M
AwQAYD7YAwQAjw5uAwQAjw7SAwQAjw7VAwQAkd8yAwQAkd83AwQAkd88AwQBkd8+
AwQAkmcEAwQAkmcTAwQBlIeyAwQBlIe+AwQAlIf+AwQAlvHpAwQAm3V5AwQAoo00
AwQAoo2NAwQAp5SyMA0GCSqGSIb3DQEBCwUAA4IBAQBN+j0KHf6894ISpoCBCzCR
1mz9PV5OWtDnXysxmp7sfXn68q111h8aDNiElYUpZndYdtzQyIIQnGyDOiqkIEzt
22jzgMA3nF1Icrl7mcYG6Bi0d7D5AHFBWUhG3gN5RC88RNq/j5Fh6rZJwo8RaoZa
gotRJ65pKs8mdzi2X3rgOcoa81pGa4XxdRvw4zYCpr/ACq3auMh6R/eQOoLM0ySZ
kvg2+Zn7jRGUZfTs4t5vtPmIYMlCMA1hSabPyumKNlgTO1J7xpU2k8sH6W3KhcfK
RihXsJdqmDK49umO+aBZmGO3dbqb25w6T9clrPM4cK2cHtCOsPOTEFj+nxsrNKzq
-----END CERTIFICATE-----
Generated at Mon Oct 20 07:27:14 2025 by rpki-client