Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS7029.roa
File: AS7029.roa (raw, json)
Hash identifier: 7Yvdk4QXdbgOugh+JcVxT2o1Z01JVvz5FOI77RYmcig=
Subject key identifier: 3E:1D:4A:FE:8B:F5:A0:82:2A:A0:50:84:1D:7B:B9:31:94:18:55:98
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 384BCD893C1737028793A545C15FB592C44A35A9
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS7029.roa
Signing time: Mon 18 Aug 2025 19:04:13 +0000
ROA not before: Mon 18 Aug 2025 18:59:13 +0000
ROA not after: Mon 17 Aug 2026 19:04:13 +0000
asID: 7029
IP address blocks: 140.233.192.0/18 maxlen: 24
143.14.16.0/21 maxlen: 24
143.14.204.0/24 maxlen: 24
143.14.205.0/24 maxlen: 24
143.14.206.0/24 maxlen: 24
143.14.207.0/24 maxlen: 24
143.14.211.0/24 maxlen: 24
143.14.212.0/24 maxlen: 24
143.14.215.0/24 maxlen: 24
143.14.232.0/21 maxlen: 24
155.117.172.0/24 maxlen: 24
155.117.173.0/24 maxlen: 24
155.117.174.0/24 maxlen: 24
155.117.175.0/24 maxlen: 24
155.117.176.0/24 maxlen: 24
155.117.177.0/24 maxlen: 24
162.141.2.0/23 maxlen: 24
162.141.6.0/23 maxlen: 24
162.141.22.0/23 maxlen: 24
162.141.24.0/22 maxlen: 24
162.141.28.0/22 maxlen: 24
162.141.32.0/22 maxlen: 24
162.141.40.0/22 maxlen: 24
162.141.56.0/22 maxlen: 24
162.141.60.0/22 maxlen: 24
162.141.71.0/24 maxlen: 24
162.141.72.0/22 maxlen: 24
162.141.76.0/23 maxlen: 24
162.141.83.0/24 maxlen: 24
162.141.124.0/22 maxlen: 24
162.141.134.0/23 maxlen: 24
162.141.144.0/21 maxlen: 24
162.141.156.0/23 maxlen: 24
162.141.168.0/21 maxlen: 24
162.141.184.0/21 maxlen: 24
162.141.192.0/21 maxlen: 24
162.141.200.0/21 maxlen: 24
162.141.208.0/21 maxlen: 24
162.141.216.0/21 maxlen: 24
162.141.224.0/21 maxlen: 24
162.141.232.0/21 maxlen: 24
162.141.240.0/21 maxlen: 24
162.141.248.0/21 maxlen: 24
167.148.16.0/21 maxlen: 24
167.148.24.0/22 maxlen: 24
167.148.36.0/22 maxlen: 24
167.148.44.0/23 maxlen: 24
167.148.48.0/21 maxlen: 24
167.148.56.0/22 maxlen: 24
167.148.60.0/22 maxlen: 24
167.148.64.0/22 maxlen: 24
167.148.76.0/22 maxlen: 24
167.148.88.0/21 maxlen: 24
167.148.108.0/22 maxlen: 24
167.148.117.0/24 maxlen: 24
167.148.120.0/22 maxlen: 24
167.148.125.0/24 maxlen: 24
167.148.145.0/24 maxlen: 24
167.148.168.0/22 maxlen: 24
167.148.216.0/22 maxlen: 24
167.148.220.0/23 maxlen: 24
167.148.224.0/21 maxlen: 24
167.148.232.0/21 maxlen: 24
167.148.240.0/21 maxlen: 24
167.148.248.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 14:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
38:4b:cd:89:3c:17:37:02:87:93:a5:45:c1:5f:b5:92:c4:4a:35:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Aug 18 18:59:13 2025 GMT
Not After : Aug 17 19:04:13 2026 GMT
Subject: CN=3E1D4AFE8BF5A0822AA050841D7BB93194185598
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:a4:57:8e:83:b0:a3:a9:74:e2:a3:d3:a8:77:
6a:a5:fc:70:dd:e6:20:04:3e:f3:b3:78:46:4b:40:
db:46:ab:1e:43:c3:da:76:fe:77:a2:55:69:47:24:
8f:16:c5:5f:89:ec:6f:1c:ab:6b:cd:33:2a:51:3d:
d6:9b:72:f4:db:df:c7:bf:18:d4:c4:44:7a:3c:9a:
10:bc:2f:78:b7:99:4f:eb:c6:61:a0:5c:31:28:d6:
fa:72:ae:fb:4d:de:6e:2b:88:b9:22:8d:1a:51:4e:
4a:7a:3b:45:0c:39:ee:c0:30:35:61:fd:02:0a:b4:
1d:37:98:ad:97:8e:ec:d8:19:55:9f:60:d6:8a:89:
7a:79:66:27:7f:c3:d7:ad:e7:e6:2e:54:02:4d:04:
79:e7:db:7b:60:ce:03:92:f4:94:bd:69:a1:e4:11:
81:3e:32:fc:a3:eb:9f:ba:7e:d2:42:62:e3:d9:25:
d2:ec:c0:6e:18:68:e4:bb:69:7c:6e:d5:5d:4b:64:
11:4c:52:29:67:5d:a8:85:1f:98:25:07:94:e3:f8:
dd:68:65:b7:0a:f7:68:17:0d:b7:78:e6:cd:fb:57:
ea:40:0d:3c:94:9b:b6:a2:30:35:9f:d0:ed:94:6f:
92:03:58:20:01:b7:bb:56:e1:98:fa:d0:e3:9f:47:
16:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:1D:4A:FE:8B:F5:A0:82:2A:A0:50:84:1D:7B:B9:31:94:18:55:98
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS7029.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
140.233.192.0/18
143.14.16.0/21
143.14.204.0/22
143.14.211.0-143.14.212.255
143.14.215.0/24
143.14.232.0/21
155.117.172.0-155.117.177.255
162.141.2.0/23
162.141.6.0/23
162.141.22.0-162.141.35.255
162.141.40.0/22
162.141.56.0/21
162.141.71.0-162.141.77.255
162.141.83.0/24
162.141.124.0/22
162.141.134.0/23
162.141.144.0/21
162.141.156.0/23
162.141.168.0/21
162.141.184.0-162.141.255.255
167.148.16.0-167.148.27.255
167.148.36.0/22
167.148.44.0/23
167.148.48.0-167.148.67.255
167.148.76.0/22
167.148.88.0/21
167.148.108.0/22
167.148.117.0/24
167.148.120.0/22
167.148.125.0/24
167.148.145.0/24
167.148.168.0/22
167.148.216.0-167.148.221.255
167.148.224.0/19
Signature Algorithm: sha256WithRSAEncryption
2f:43:06:59:1d:b6:55:15:d0:77:00:f7:65:1b:3c:0a:4a:74:
d1:81:24:df:9c:83:f8:0e:71:86:1e:2b:a9:f5:50:6b:ca:1a:
5d:17:85:13:f0:7b:ed:9c:e1:1a:74:f5:88:88:29:e8:d8:4e:
32:a2:93:6f:a7:8c:3c:92:91:5c:ab:72:b5:37:91:b9:8f:32:
c0:c5:2c:bc:da:08:66:ec:90:4b:fd:70:04:db:6b:1f:c4:b6:
29:b6:3b:8b:56:f6:6a:5c:1b:b3:77:d2:a3:fe:c1:83:e2:98:
af:81:7b:1f:f3:eb:40:bd:e3:91:61:05:de:c0:83:45:5f:3b:
1a:af:32:e4:93:d4:53:33:d6:3e:f2:96:2e:25:42:0e:7b:9e:
4f:6c:83:51:3f:e9:11:9a:f1:bf:f4:c8:15:57:c5:1b:d6:80:
c2:ce:bf:b9:2b:d2:a2:0e:bf:38:d6:23:27:a0:2f:70:0e:df:
40:6b:96:13:82:ce:ad:7c:b2:48:fd:02:b6:94:57:5a:fd:26:
52:16:f1:7e:15:59:2f:bc:41:95:a6:13:d1:2a:7e:23:e4:38:
63:f2:63:eb:e5:3d:33:67:e0:9b:27:6d:cb:8c:fb:46:f9:b9:
ad:08:d8:11:03:07:fb:e7:e0:8e:c1:cf:7e:0c:f3:f0:1a:38:
1a:78:80:69
-----BEGIN CERTIFICATE-----
MIIGDTCCBPWgAwIBAgIUOEvNiTwXNwKHk6VFwV+1ksRKNakwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTA4MTgxODU5MTNaFw0yNjA4MTcxOTA0MTNaMDMxMTAvBgNV
BAMTKDNFMUQ0QUZFOEJGNUEwODIyQUEwNTA4NDFEN0JCOTMxOTQxODU1OTgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC7pFeOg7CjqXTio9Ood2ql/HDd
5iAEPvOzeEZLQNtGqx5Dw9p2/neiVWlHJI8WxV+J7G8cq2vNMypRPdabcvTb38e/
GNTERHo8mhC8L3i3mU/rxmGgXDEo1vpyrvtN3m4riLkijRpRTkp6O0UMOe7AMDVh
/QIKtB03mK2XjuzYGVWfYNaKiXp5Zid/w9et5+YuVAJNBHnn23tgzgOS9JS9aaHk
EYE+Mvyj65+6ftJCYuPZJdLswG4YaOS7aXxu1V1LZBFMUilnXaiFH5glB5Tj+N1o
ZbcK92gXDbd45s37V+pADTyUm7aiMDWf0O2Ub5IDWCABt7tW4Zj60OOfRxY3AgMB
AAGjggMXMIIDEzAdBgNVHQ4EFgQUPh1K/ov1oIIqoFCEHXu5MZQYVZgwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTNzAyOS5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCCASwGCCsGAQUFBwEHAQH/BIIBGzCCARcwggETBAIAATCC
AQsDBAaM6cADBAOPDhADBAKPDswwDAMEAI8O0wMEAI8O1AMEAI8O1wMEA48O6DAM
AwQCm3WsAwQBm3WwAwQBoo0CAwQBoo0GMAwDBAGijRYDBAKijSADBAKijSgDBAOi
jTgwDAMEAKKNRwMEAaKNTAMEAKKNUwMEAqKNfAMEAaKNhgMEA6KNkAMEAaKNnAME
A6KNqDALAwQDoo24AwMBoowwDAMEBKeUEAMEAqeUGAMEAqeUJAMEAaeULDAMAwQE
p5QwAwQCp5RAAwQCp5RMAwQDp5RYAwQCp5RsAwQAp5R1AwQCp5R4AwQAp5R9AwQA
p5SRAwQCp5SoMAwDBAOnlNgDBAGnlNwDBAWnlOAwDQYJKoZIhvcNAQELBQADggEB
AC9DBlkdtlUV0HcA92UbPApKdNGBJN+cg/gOcYYeK6n1UGvKGl0XhRPwe+2c4Rp0
9YiIKejYTjKik2+njDySkVyrcrU3kbmPMsDFLLzaCGbskEv9cATbax/Etim2O4tW
9mpcG7N30qP+wYPimK+Bex/z60C945FhBd7Ag0VfOxqvMuST1FMz1j7yli4lQg57
nk9sg1E/6RGa8b/0yBVXxRvWgMLOv7kr0qIOvzjWIyegL3AO30BrlhOCzq18skj9
AraUV1r9JlIW8X4VWS+8QZWmE9EqfiPkOGPyY+vlPTNn4JsnbcuM+0b5ua0I2BED
B/vn4I7Bz34M8/AaOBp4gGk=
-----END CERTIFICATE-----
Generated at Sun Aug 24 00:21:16 2025 by rpki-client