Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS7029.roa
File: AS7029.roa (raw, json)
Hash identifier: mB6dygmOTF7zYcn7Y289IXUXlunjESUSauBhh/7S/Qc=
Subject key identifier: 03:E8:B0:9F:5D:98:00:5C:4E:2C:80:9B:FA:CD:E4:B7:16:E9:64:17
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 6A4AFE0AFC70C970E5E1E2411B19E63545F14D5B
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS7029.roa
Signing time: Thu 26 Jun 2025 14:01:53 +0000
ROA not before: Thu 26 Jun 2025 13:56:53 +0000
ROA not after: Thu 25 Jun 2026 14:01:53 +0000
asID: 7029
IP address blocks: 140.233.192.0/18 maxlen: 24
143.14.16.0/21 maxlen: 24
143.14.204.0/24 maxlen: 24
143.14.205.0/24 maxlen: 24
143.14.206.0/24 maxlen: 24
143.14.207.0/24 maxlen: 24
143.14.211.0/24 maxlen: 24
143.14.212.0/24 maxlen: 24
143.14.215.0/24 maxlen: 24
143.14.232.0/21 maxlen: 24
155.117.172.0/24 maxlen: 24
155.117.173.0/24 maxlen: 24
155.117.174.0/24 maxlen: 24
155.117.175.0/24 maxlen: 24
155.117.176.0/24 maxlen: 24
155.117.177.0/24 maxlen: 24
162.141.22.0/23 maxlen: 24
162.141.24.0/22 maxlen: 24
162.141.28.0/22 maxlen: 24
162.141.32.0/22 maxlen: 24
162.141.40.0/22 maxlen: 24
162.141.56.0/22 maxlen: 24
162.141.60.0/22 maxlen: 24
162.141.71.0/24 maxlen: 24
162.141.72.0/22 maxlen: 24
162.141.83.0/24 maxlen: 24
162.141.124.0/22 maxlen: 24
162.141.144.0/21 maxlen: 24
162.141.156.0/23 maxlen: 24
162.141.168.0/21 maxlen: 24
162.141.184.0/21 maxlen: 24
162.141.192.0/21 maxlen: 24
162.141.200.0/21 maxlen: 24
162.141.208.0/21 maxlen: 24
162.141.216.0/21 maxlen: 24
162.141.224.0/21 maxlen: 24
162.141.232.0/21 maxlen: 24
162.141.240.0/21 maxlen: 24
162.141.248.0/21 maxlen: 24
167.148.16.0/21 maxlen: 24
167.148.24.0/22 maxlen: 24
167.148.36.0/22 maxlen: 24
167.148.48.0/21 maxlen: 24
167.148.56.0/22 maxlen: 24
167.148.60.0/22 maxlen: 24
167.148.64.0/22 maxlen: 24
167.148.76.0/22 maxlen: 24
167.148.88.0/21 maxlen: 24
167.148.108.0/22 maxlen: 24
167.148.117.0/24 maxlen: 24
167.148.120.0/22 maxlen: 24
167.148.125.0/24 maxlen: 24
167.148.168.0/22 maxlen: 24
167.148.216.0/22 maxlen: 24
167.148.224.0/21 maxlen: 24
167.148.232.0/21 maxlen: 24
167.148.240.0/21 maxlen: 24
167.148.248.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 15:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6a:4a:fe:0a:fc:70:c9:70:e5:e1:e2:41:1b:19:e6:35:45:f1:4d:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Jun 26 13:56:53 2025 GMT
Not After : Jun 25 14:01:53 2026 GMT
Subject: CN=03E8B09F5D98005C4E2C809BFACDE4B716E96417
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:40:c7:8d:ec:0b:3d:12:10:35:51:b1:7a:6c:
7c:dc:05:40:60:02:3a:a4:3d:14:35:85:7b:66:f4:
78:e3:8d:bb:09:c6:cb:25:f5:b0:0b:af:80:7f:10:
0b:70:ca:42:eb:e7:b8:84:8a:eb:eb:5b:32:85:35:
7b:47:b3:b5:47:b7:18:88:a9:ff:a5:e6:ea:1e:f9:
80:3d:59:ed:d5:22:2b:cc:7c:f5:c1:9f:2a:19:a7:
32:ea:28:89:63:8f:f0:3d:98:13:fa:27:c2:fe:e5:
ce:87:f9:c0:37:24:6f:71:49:88:a7:65:e9:b8:9e:
74:f0:45:e4:5f:e5:c3:b2:a0:10:5d:86:4a:11:63:
2a:7e:3a:e7:fa:70:63:18:f5:49:25:8b:73:47:49:
31:43:6e:43:07:cc:4a:8a:45:4a:4d:99:f4:05:9a:
4c:23:0c:29:fc:e9:87:f7:27:6b:f0:41:31:b6:00:
02:d4:aa:de:0c:ec:22:8a:79:ec:e7:eb:64:ab:55:
47:5b:09:0b:08:12:9b:2d:1e:55:eb:dc:22:47:02:
c0:8f:f5:2b:1c:24:29:f5:94:cf:fc:4b:5c:b6:7f:
bc:3f:7a:f4:40:1d:60:00:79:95:51:9e:b2:32:ce:
a2:53:9a:4d:dc:f1:0e:b0:68:a1:06:c4:c0:79:46:
5f:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:E8:B0:9F:5D:98:00:5C:4E:2C:80:9B:FA:CD:E4:B7:16:E9:64:17
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS7029.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
140.233.192.0/18
143.14.16.0/21
143.14.204.0/22
143.14.211.0-143.14.212.255
143.14.215.0/24
143.14.232.0/21
155.117.172.0-155.117.177.255
162.141.22.0-162.141.35.255
162.141.40.0/22
162.141.56.0/21
162.141.71.0-162.141.75.255
162.141.83.0/24
162.141.124.0/22
162.141.144.0/21
162.141.156.0/23
162.141.168.0/21
162.141.184.0-162.141.255.255
167.148.16.0-167.148.27.255
167.148.36.0/22
167.148.48.0-167.148.67.255
167.148.76.0/22
167.148.88.0/21
167.148.108.0/22
167.148.117.0/24
167.148.120.0/22
167.148.125.0/24
167.148.168.0/22
167.148.216.0/22
167.148.224.0/19
Signature Algorithm: sha256WithRSAEncryption
4d:a3:a6:2c:a3:90:f9:d5:ef:e9:85:5c:41:cc:3b:f9:7f:0f:
ff:67:82:03:11:db:8b:f2:d1:f6:18:23:08:4a:b9:7d:43:8a:
b2:7d:eb:b1:0c:50:11:b2:89:eb:9f:a9:8b:2b:79:e3:d6:b4:
d7:cd:1b:b0:bf:9f:e7:d1:f4:be:f8:57:cf:eb:1c:c9:ba:10:
d5:bd:0d:1b:d4:dc:28:92:c0:76:2f:5a:b1:01:fc:0f:e5:19:
10:a2:a0:5b:1d:0c:c0:03:f7:a5:24:a7:42:95:03:d2:5c:a6:
6f:ab:c5:5c:dd:2b:37:0f:18:0c:9f:31:3a:6a:b0:d8:3b:0c:
32:c2:39:a2:5e:cf:92:41:6a:75:f2:4b:bd:94:2a:63:96:37:
be:14:09:b6:51:91:1f:21:81:ab:12:1d:d9:a8:ff:31:37:e4:
22:fd:ab:b9:f5:9c:a6:67:43:80:e7:1e:6b:90:dc:23:35:58:
cf:e1:23:92:0c:fa:05:5e:74:5b:4b:35:5d:be:55:b3:f7:15:
a2:23:4b:cb:dc:db:61:7b:74:f1:80:f5:6d:20:93:94:b5:10:
18:c6:af:ea:f6:9f:e7:28:35:3b:a4:2d:39:3e:37:ca:48:7f:
af:2f:34:e6:41:73:ca:f3:32:fe:5a:8f:22:70:57:d2:5c:3a:
f7:25:c5:c4
-----BEGIN CERTIFICATE-----
MIIF4zCCBMugAwIBAgIUakr+CvxwyXDl4eJBGxnmNUXxTVswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTA2MjYxMzU2NTNaFw0yNjA2MjUxNDAxNTNaMDMxMTAvBgNV
BAMTKDAzRThCMDlGNUQ5ODAwNUM0RTJDODA5QkZBQ0RFNEI3MTZFOTY0MTcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDCQMeN7As9EhA1UbF6bHzcBUBg
AjqkPRQ1hXtm9HjjjbsJxssl9bALr4B/EAtwykLr57iEiuvrWzKFNXtHs7VHtxiI
qf+l5uoe+YA9We3VIivMfPXBnyoZpzLqKIljj/A9mBP6J8L+5c6H+cA3JG9xSYin
Zem4nnTwReRf5cOyoBBdhkoRYyp+Ouf6cGMY9Ukli3NHSTFDbkMHzEqKRUpNmfQF
mkwjDCn86Yf3J2vwQTG2AALUqt4M7CKKeezn62SrVUdbCQsIEpstHlXr3CJHAsCP
9SscJCn1lM/8S1y2f7w/evRAHWAAeZVRnrIyzqJTmk3c8Q6waKEGxMB5Rl/XAgMB
AAGjggLtMIIC6TAdBgNVHQ4EFgQUA+iwn12YAFxOLICb+s3ktxbpZBcwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTNzAyOS5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCCAQIGCCsGAQUFBwEHAQH/BIHyMIHvMIHsBAIAATCB5QME
BozpwAMEA48OEAMEAo8OzDAMAwQAjw7TAwQAjw7UAwQAjw7XAwQDjw7oMAwDBAKb
dawDBAGbdbAwDAMEAaKNFgMEAqKNIAMEAqKNKAMEA6KNODAMAwQAoo1HAwQCoo1I
AwQAoo1TAwQCoo18AwQDoo2QAwQBoo2cAwQDoo2oMAsDBAOijbgDAwGijDAMAwQE
p5QQAwQCp5QYAwQCp5QkMAwDBASnlDADBAKnlEADBAKnlEwDBAOnlFgDBAKnlGwD
BACnlHUDBAKnlHgDBACnlH0DBAKnlKgDBAKnlNgDBAWnlOAwDQYJKoZIhvcNAQEL
BQADggEBAE2jpiyjkPnV7+mFXEHMO/l/D/9nggMR24vy0fYYIwhKuX1DirJ967EM
UBGyieufqYsreePWtNfNG7C/n+fR9L74V8/rHMm6ENW9DRvU3CiSwHYvWrEB/A/l
GRCioFsdDMAD96Ukp0KVA9Jcpm+rxVzdKzcPGAyfMTpqsNg7DDLCOaJez5JBanXy
S72UKmOWN74UCbZRkR8hgasSHdmo/zE35CL9q7n1nKZnQ4DnHmuQ3CM1WM/hI5IM
+gVedFtLNV2+VbP3FaIjS8vc22F7dPGA9W0gk5S1EBjGr+r2n+coNTukLTk+N8pI
f68vNOZBc8rzMv5ajyJwV9JcOvclxcQ=
-----END CERTIFICATE-----
Generated at Sat Jun 28 23:55:31 2025 by rpki-client