Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS29802.roa
File: AS29802.roa (raw, json)
Hash identifier: tlkqKvmAos2xXEKXUIo5e/wSgpApo3KgtE6f9e+3qsk=
Subject key identifier: C6:4E:D9:7B:F8:6A:37:16:4A:0D:35:73:64:BC:52:A3:20:5B:41:39
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 184E605F96CED188AFD8AD60A752C2AB8F052FFD
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS29802.roa
Signing time: Wed 22 Apr 2026 09:47:25 +0000
ROA not before: Wed 22 Apr 2026 09:42:25 +0000
ROA not after: Wed 21 Apr 2027 09:47:25 +0000
asID: 29802
IP address blocks: 96.62.140.0/24 maxlen: 24
96.62.216.0/24 maxlen: 24
143.14.110.0/24 maxlen: 24
143.14.157.0/24 maxlen: 24
143.14.198.0/24 maxlen: 24
143.14.210.0/24 maxlen: 24
143.14.213.0/24 maxlen: 24
145.223.50.0/24 maxlen: 24
145.223.55.0/24 maxlen: 24
145.223.60.0/24 maxlen: 24
145.223.62.0/24 maxlen: 24
145.223.63.0/24 maxlen: 24
146.103.4.0/24 maxlen: 24
146.103.19.0/24 maxlen: 24
147.79.61.0/24 maxlen: 24
148.135.178.0/24 maxlen: 24
148.135.179.0/24 maxlen: 24
148.135.190.0/24 maxlen: 24
148.135.191.0/24 maxlen: 24
148.135.254.0/24 maxlen: 24
150.241.175.0/24 maxlen: 24
150.241.233.0/24 maxlen: 24
155.117.22.0/24 maxlen: 24
155.117.121.0/24 maxlen: 24
162.141.52.0/24 maxlen: 24
162.141.133.0/24 maxlen: 24
162.141.141.0/24 maxlen: 24
167.148.118.0/24 maxlen: 24
167.148.177.0/24 maxlen: 24
167.148.178.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
18:4e:60:5f:96:ce:d1:88:af:d8:ad:60:a7:52:c2:ab:8f:05:2f:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Apr 22 09:42:25 2026 GMT
Not After : Apr 21 09:47:25 2027 GMT
Subject: CN=C64ED97BF86A37164A0D357364BC52A3205B4139
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:8c:1d:ba:bf:67:62:4e:2a:91:0e:ad:fe:a0:
f9:3c:44:8b:c5:0d:99:c8:af:9d:6f:32:20:cc:5c:
38:46:ed:9e:08:8e:b8:69:6a:06:70:43:29:bc:3d:
db:ea:b7:40:a8:cf:65:0d:02:3c:30:10:10:5c:5e:
7e:e4:f1:a8:5e:7b:31:c4:ef:50:6b:36:a9:3b:3f:
dd:50:6d:ef:06:96:c8:19:fa:d3:83:57:75:cf:f7:
49:e2:b8:40:a3:8a:de:b3:1b:76:01:99:9c:75:23:
0e:b6:c8:48:3e:05:f4:9a:88:15:9f:34:fe:9d:18:
a6:fc:0b:c2:f3:0d:19:39:dc:a1:d8:b9:46:ad:da:
1d:7d:18:5f:45:9a:10:a0:a6:be:0d:55:6a:ac:e6:
a9:2c:81:3a:f8:59:80:18:fc:a7:79:2e:af:f1:7c:
9c:e5:ac:57:b3:c0:62:a7:e5:cc:ac:9f:8e:4c:c2:
a0:99:0d:d4:51:43:94:48:9d:1a:21:ea:a6:bb:a6:
b1:f4:eb:61:d2:66:ca:47:e7:8c:82:b5:4e:a0:24:
da:7f:e8:2f:4c:26:ba:3c:c5:87:57:82:2f:18:71:
da:03:83:16:ab:a1:11:fe:52:9d:b0:29:21:ea:1e:
91:20:7b:7d:5d:37:5c:b7:ec:b7:ee:85:9d:de:3d:
28:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:4E:D9:7B:F8:6A:37:16:4A:0D:35:73:64:BC:52:A3:20:5B:41:39
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS29802.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
96.62.140.0/24
96.62.216.0/24
143.14.110.0/24
143.14.157.0/24
143.14.198.0/24
143.14.210.0/24
143.14.213.0/24
145.223.50.0/24
145.223.55.0/24
145.223.60.0/24
145.223.62.0/23
146.103.4.0/24
146.103.19.0/24
147.79.61.0/24
148.135.178.0/23
148.135.190.0/23
148.135.254.0/24
150.241.175.0/24
150.241.233.0/24
155.117.22.0/24
155.117.121.0/24
162.141.52.0/24
162.141.133.0/24
162.141.141.0/24
167.148.118.0/24
167.148.177.0-167.148.178.255
Signature Algorithm: sha256WithRSAEncryption
43:e1:10:c6:bc:2d:cb:7b:b6:5b:30:50:1b:cf:6a:fd:3e:56:
cd:e1:12:cf:64:23:75:11:70:9b:a1:68:0c:c9:a5:58:a4:8d:
a8:36:35:07:77:be:f2:44:96:4e:0f:ba:7e:7d:04:82:fb:c3:
d5:2f:95:40:32:2c:ac:e2:49:44:8e:16:83:4d:6a:77:4b:4a:
07:1f:b3:46:f6:48:90:8f:fd:a0:b2:aa:eb:86:a0:97:fd:dc:
e3:10:9b:88:59:35:c8:1e:fd:dc:85:8e:7c:b0:8a:14:9a:03:
bb:8b:78:1f:1c:47:48:4c:bc:10:4a:35:2c:b3:d2:e5:a6:4d:
ad:e6:10:70:6a:d4:05:9f:43:0c:4b:de:b3:58:ed:d4:18:fc:
4f:08:fe:f2:32:ec:5b:21:c1:e4:ea:f9:10:19:61:87:b2:18:
9f:ea:2e:d9:b1:f4:38:60:3e:de:e3:76:59:2c:34:a4:cf:8c:
17:01:1b:5b:06:95:9d:b9:b1:0d:d4:be:20:00:e1:56:39:32:
5d:fb:ce:ec:cb:3f:79:7a:b0:a2:ae:98:d4:41:9e:bb:8b:93:
ba:00:16:94:af:d1:39:31:5f:87:84:07:bf:4b:25:e2:ec:2f:
10:fc:fa:0a:08:a1:01:ff:85:6b:70:51:05:9b:ed:0a:de:ce:
5c:05:3e:d9
-----BEGIN CERTIFICATE-----
MIIFojCCBIqgAwIBAgIUGE5gX5bO0Yiv2K1gp1LCq48FL/0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNjA0MjIwOTQyMjVaFw0yNzA0MjEwOTQ3MjVaMDMxMTAvBgNV
BAMTKEM2NEVEOTdCRjg2QTM3MTY0QTBEMzU3MzY0QkM1MkEzMjA1QjQxMzkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCOjB26v2diTiqRDq3+oPk8RIvF
DZnIr51vMiDMXDhG7Z4IjrhpagZwQym8Pdvqt0Coz2UNAjwwEBBcXn7k8aheezHE
71BrNqk7P91Qbe8GlsgZ+tODV3XP90niuECjit6zG3YBmZx1Iw62yEg+BfSaiBWf
NP6dGKb8C8LzDRk53KHYuUat2h19GF9FmhCgpr4NVWqs5qksgTr4WYAY/Kd5Lq/x
fJzlrFezwGKn5cysn45MwqCZDdRRQ5RInRoh6qa7prH062HSZspH54yCtU6gJNp/
6C9MJro8xYdXgi8YcdoDgxaroRH+Up2wKSHqHpEge31dN1y37LfuhZ3ePSiJAgMB
AAGjggKsMIICqDAdBgNVHQ4EFgQUxk7Ze/hqNxZKDTVzZLxSoyBbQTkwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMjk4MDIucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwgcEGCCsGAQUFBwEHAQH/BIGxMIGuMIGrBAIAATCBpAME
AGA+jAMEAGA+2AMEAI8ObgMEAI8OnQMEAI8OxgMEAI8O0gMEAI8O1QMEAJHfMgME
AJHfNwMEAJHfPAMEAZHfPgMEAJJnBAMEAJJnEwMEAJNPPQMEAZSHsgMEAZSHvgME
AJSH/gMEAJbxrwMEAJbx6QMEAJt1FgMEAJt1eQMEAKKNNAMEAKKNhQMEAKKNjQME
AKeUdjAMAwQAp5SxAwQAp5SyMA0GCSqGSIb3DQEBCwUAA4IBAQBD4RDGvC3Le7Zb
MFAbz2r9PlbN4RLPZCN1EXCboWgMyaVYpI2oNjUHd77yRJZOD7p+fQSC+8PVL5VA
Miys4klEjhaDTWp3S0oHH7NG9kiQj/2gsqrrhqCX/dzjEJuIWTXIHv3chY58sIoU
mgO7i3gfHEdITLwQSjUss9Llpk2t5hBwatQFn0MMS96zWO3UGPxPCP7yMuxbIcHk
6vkQGWGHshif6i7ZsfQ4YD7e43ZZLDSkz4wXARtbBpWdubEN1L4gAOFWOTJd+87s
yz95erCirpjUQZ67i5O6ABaUr9E5MV+HhAe/SyXi7C8Q/PoKCKEB/4VrcFEFm+0K
3s5cBT7Z
-----END CERTIFICATE-----
Generated at Tue May 12 22:24:23 2026 by rpki-client