Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS29802.roa
File: AS29802.roa (raw, json)
Hash identifier: 8Q8aSOkgQWrGiIUZNp5lxSKJysoJ6/KIWh+7TGXj0T8=
Subject key identifier: 3B:9B:4C:AA:5E:B6:13:FF:6C:C3:4B:17:2D:2A:CA:19:23:8F:C8:56
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 67BC25066E0382C5B9EE6BEBD56C5CCB53699058
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS29802.roa
Signing time: Tue 19 Aug 2025 00:00:22 +0000
ROA not before: Mon 18 Aug 2025 23:55:22 +0000
ROA not after: Tue 18 Aug 2026 00:00:22 +0000
asID: 29802
IP address blocks: 96.62.140.0/24 maxlen: 24
96.62.216.0/24 maxlen: 24
143.14.110.0/24 maxlen: 24
143.14.210.0/24 maxlen: 24
143.14.213.0/24 maxlen: 24
145.223.50.0/24 maxlen: 24
145.223.55.0/24 maxlen: 24
145.223.60.0/24 maxlen: 24
145.223.62.0/24 maxlen: 24
145.223.63.0/24 maxlen: 24
146.103.4.0/24 maxlen: 24
146.103.19.0/24 maxlen: 24
148.135.178.0/24 maxlen: 24
148.135.179.0/24 maxlen: 24
148.135.190.0/24 maxlen: 24
148.135.191.0/24 maxlen: 24
148.135.193.0/24 maxlen: 24
148.135.254.0/24 maxlen: 24
150.241.128.0/24 maxlen: 24
150.241.233.0/24 maxlen: 24
150.241.254.0/24 maxlen: 24
155.117.121.0/24 maxlen: 24
155.117.226.0/24 maxlen: 24
162.141.52.0/24 maxlen: 24
162.141.141.0/24 maxlen: 24
167.148.178.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
67:bc:25:06:6e:03:82:c5:b9:ee:6b:eb:d5:6c:5c:cb:53:69:90:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Aug 18 23:55:22 2025 GMT
Not After : Aug 18 00:00:22 2026 GMT
Subject: CN=3B9B4CAA5EB613FF6CC34B172D2ACA19238FC856
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:66:e4:ac:79:35:93:4d:4f:55:2b:66:9a:bd:
5f:d9:79:db:ed:a3:fb:24:65:a4:f6:76:86:8d:25:
e7:1d:85:34:ce:31:4e:14:af:d5:8b:9c:c9:24:56:
0c:4d:7b:e3:eb:13:1c:46:d2:cf:29:14:74:26:3f:
2d:e9:c7:8d:3e:ff:5a:ad:9e:67:aa:ce:8a:12:2d:
b7:2c:6f:4e:b0:8f:0e:b6:b5:09:ea:b5:62:cc:bd:
94:1e:d1:ae:c4:8b:11:2f:50:ef:61:71:28:8a:d2:
5b:9e:ea:e5:9d:bf:ab:59:9a:b9:56:9e:44:66:f2:
49:ee:7f:a9:c0:a3:0a:2b:de:9f:d2:0e:2b:ee:a5:
2a:84:93:b7:3f:ff:a2:f1:c8:0e:f6:fd:df:15:8a:
e7:76:3b:eb:71:3b:ed:30:07:e5:2c:ec:ab:c8:05:
8e:3c:f5:da:49:df:f5:a0:b9:70:51:92:74:a7:5c:
54:2a:d6:a1:74:9f:78:af:9d:0f:4d:7a:74:c5:6c:
12:43:21:ca:5b:8c:7c:3c:21:53:ec:df:dc:8c:40:
f8:6f:6f:5c:18:55:fc:f9:38:06:fc:5c:14:d6:06:
bb:87:46:9e:82:42:75:8c:54:9a:6b:dd:33:8a:f1:
14:ed:af:16:b4:b3:0f:e7:a3:03:34:1c:44:e6:1d:
5d:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:9B:4C:AA:5E:B6:13:FF:6C:C3:4B:17:2D:2A:CA:19:23:8F:C8:56
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS29802.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
96.62.140.0/24
96.62.216.0/24
143.14.110.0/24
143.14.210.0/24
143.14.213.0/24
145.223.50.0/24
145.223.55.0/24
145.223.60.0/24
145.223.62.0/23
146.103.4.0/24
146.103.19.0/24
148.135.178.0/23
148.135.190.0/23
148.135.193.0/24
148.135.254.0/24
150.241.128.0/24
150.241.233.0/24
150.241.254.0/24
155.117.121.0/24
155.117.226.0/24
162.141.52.0/24
162.141.141.0/24
167.148.178.0/24
Signature Algorithm: sha256WithRSAEncryption
3c:a9:3e:84:c1:41:70:6e:b9:65:ab:c5:5e:0f:a5:d7:0a:5c:
59:7f:1e:f3:ef:fe:c9:6c:8e:59:51:ea:2a:6a:b9:e5:76:a6:
83:8e:f0:06:ae:26:b1:67:7f:45:81:bf:6a:cf:f3:65:9b:b6:
3f:a6:49:f7:17:fd:a6:62:0c:d8:aa:3c:b1:e0:0a:95:0b:a3:
d9:42:2b:50:38:a9:5a:3b:86:5a:dc:4a:a6:38:dd:85:ef:3e:
99:48:37:97:88:59:87:6f:a4:df:aa:0e:9f:27:67:f4:51:7c:
72:39:ac:4c:06:1a:da:8e:bf:c0:57:67:5b:b5:20:60:03:0d:
bd:89:da:d2:ae:01:b9:45:d0:79:27:b4:47:d2:23:bb:b7:29:
1e:b7:0a:e1:5c:0f:fd:6d:da:26:32:09:2f:8a:06:08:0b:80:
43:d4:6a:8a:f5:7c:df:a0:ed:59:f2:99:5e:02:59:5c:bc:1c:
70:e7:0e:9c:27:2f:cc:b4:51:a8:9e:2d:75:cd:4b:d3:a3:3c:
10:14:4f:3f:2f:b6:c9:79:e3:89:69:c1:3f:66:3a:c5:6a:d5:
ea:fb:ef:d3:b7:a3:33:a4:ad:f9:64:d7:9b:3e:84:71:77:66:
6d:3d:1d:d1:ae:43:50:88:53:95:a9:40:2a:61:1c:db:65:eb:
d4:ed:c4:39
-----BEGIN CERTIFICATE-----
MIIFiDCCBHCgAwIBAgIUZ7wlBm4DgsW57mvr1Wxcy1NpkFgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTA4MTgyMzU1MjJaFw0yNjA4MTgwMDAwMjJaMDMxMTAvBgNV
BAMTKDNCOUI0Q0FBNUVCNjEzRkY2Q0MzNEIxNzJEMkFDQTE5MjM4RkM4NTYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCcZuSseTWTTU9VK2aavV/Zedvt
o/skZaT2doaNJecdhTTOMU4Ur9WLnMkkVgxNe+PrExxG0s8pFHQmPy3px40+/1qt
nmeqzooSLbcsb06wjw62tQnqtWLMvZQe0a7EixEvUO9hcSiK0lue6uWdv6tZmrlW
nkRm8knuf6nAowor3p/SDivupSqEk7c//6LxyA72/d8Viud2O+txO+0wB+Us7KvI
BY489dpJ3/WguXBRknSnXFQq1qF0n3ivnQ9NenTFbBJDIcpbjHw8IVPs39yMQPhv
b1wYVfz5OAb8XBTWBruHRp6CQnWMVJpr3TOK8RTtrxa0sw/nowM0HETmHV1HAgMB
AAGjggKSMIICjjAdBgNVHQ4EFgQUO5tMql62E/9sw0sXLSrKGSOPyFYwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMjk4MDIucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwgacGCCsGAQUFBwEHAQH/BIGXMIGUMIGRBAIAATCBigME
AGA+jAMEAGA+2AMEAI8ObgMEAI8O0gMEAI8O1QMEAJHfMgMEAJHfNwMEAJHfPAME
AZHfPgMEAJJnBAMEAJJnEwMEAZSHsgMEAZSHvgMEAJSHwQMEAJSH/gMEAJbxgAME
AJbx6QMEAJbx/gMEAJt1eQMEAJt14gMEAKKNNAMEAKKNjQMEAKeUsjANBgkqhkiG
9w0BAQsFAAOCAQEAPKk+hMFBcG65ZavFXg+l1wpcWX8e8+/+yWyOWVHqKmq55Xam
g47wBq4msWd/RYG/as/zZZu2P6ZJ9xf9pmIM2Ko8seAKlQuj2UIrUDipWjuGWtxK
pjjdhe8+mUg3l4hZh2+k36oOnydn9FF8cjmsTAYa2o6/wFdnW7UgYAMNvYna0q4B
uUXQeSe0R9Iju7cpHrcK4VwP/W3aJjIJL4oGCAuAQ9RqivV836DtWfKZXgJZXLwc
cOcOnCcvzLRRqJ4tdc1L06M8EBRPPy+2yXnjiWnBP2Y6xWrV6vvv07ejM6St+WTX
mz6EcXdmbT0d0a5DUIhTlalAKmEc22Xr1O3EOQ==
-----END CERTIFICATE-----
Generated at Sat Aug 23 12:53:46 2025 by rpki-client