Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS7029.roa
File: AS7029.roa (raw, json)
Hash identifier: giQYou+I4qWCvtxNVhitNIiAFz/dPH7ZZuFb3QPppvI=
Subject key identifier: 20:18:12:F7:33:8B:D4:30:5D:D5:46:02:85:EC:C9:06:93:C5:E8:7C
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 6AFC2AE9B81CBCD5A75D528C35239370857596EF
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS7029.roa
Signing time: Wed 30 Apr 2025 18:43:59 +0000
ROA not before: Wed 30 Apr 2025 18:38:59 +0000
ROA not after: Wed 29 Apr 2026 18:43:59 +0000
asID: 7029
IP address blocks: 140.233.192.0/18 maxlen: 24
143.14.0.0/20 maxlen: 24
143.14.16.0/21 maxlen: 24
143.14.24.0/21 maxlen: 24
143.14.40.0/21 maxlen: 24
143.14.112.0/22 maxlen: 24
143.14.116.0/22 maxlen: 24
143.14.120.0/22 maxlen: 24
143.14.232.0/21 maxlen: 24
143.14.241.0/24 maxlen: 24
143.14.255.0/24 maxlen: 24
155.117.64.0/21 maxlen: 24
155.117.80.0/21 maxlen: 24
155.117.112.0/21 maxlen: 24
155.117.120.0/21 maxlen: 24
155.117.216.0/24 maxlen: 24
155.117.247.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 07 May 2025 14:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6a:fc:2a:e9:b8:1c:bc:d5:a7:5d:52:8c:35:23:93:70:85:75:96:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Apr 30 18:38:59 2025 GMT
Not After : Apr 29 18:43:59 2026 GMT
Subject: CN=201812F7338BD4305DD5460285ECC90693C5E87C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:ce:3a:2b:e5:64:25:75:b8:c5:58:6f:bf:11:
e7:17:f1:47:27:ff:66:35:6f:37:87:e2:ea:2d:1b:
c0:b5:dd:bb:00:33:7c:b3:d8:4e:3b:06:5a:c5:9a:
1f:c7:1d:11:80:30:24:d5:3b:7f:b1:93:a1:d5:64:
97:54:b5:29:ae:c1:3a:cc:aa:84:43:9f:4d:42:9f:
1c:98:44:bd:5b:72:d6:40:d5:fc:57:e5:b5:22:5b:
3a:19:9b:95:72:d3:1f:7c:8c:1a:94:4e:4b:59:91:
a6:8d:15:48:d5:fc:d5:be:f5:e8:f6:1a:a2:b0:40:
31:5d:08:dd:6a:16:49:c1:f1:10:08:38:68:b3:b2:
e5:78:1a:5c:94:33:46:d7:e8:a6:30:a2:2a:90:b2:
fc:df:fd:a7:f6:ba:3e:9a:5a:1e:cd:26:ec:2b:88:
5e:f2:de:ba:93:22:07:1c:99:55:66:ce:a4:2d:e3:
b9:f1:63:39:fb:f2:38:fb:fd:6c:29:2d:b5:16:26:
7b:07:e4:a3:97:98:ca:42:00:66:fd:b1:f0:1f:5d:
6f:4e:78:ae:59:81:aa:57:52:5e:eb:c7:1a:4b:a0:
bf:2b:d6:c9:99:e0:1d:bb:e2:db:76:a1:af:9b:44:
92:c4:ad:a5:97:de:78:22:55:75:74:b4:e1:12:b8:
96:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:18:12:F7:33:8B:D4:30:5D:D5:46:02:85:EC:C9:06:93:C5:E8:7C
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS7029.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
140.233.192.0/18
143.14.0.0/19
143.14.40.0/21
143.14.112.0-143.14.123.255
143.14.232.0/21
143.14.241.0/24
143.14.255.0/24
155.117.64.0/21
155.117.80.0/21
155.117.112.0/20
155.117.216.0/24
155.117.247.0/24
Signature Algorithm: sha256WithRSAEncryption
3e:29:35:76:6c:43:96:1c:e6:a5:85:28:43:3d:ff:3d:84:1f:
a4:34:f9:18:35:7f:54:f8:e9:f4:c8:f7:a6:17:b6:ed:2c:53:
45:68:c3:2e:b2:13:50:63:c9:d1:17:9a:ca:66:94:4c:6d:51:
d7:d1:ca:1d:cb:09:43:6c:a2:d4:9f:8a:c6:c9:86:b6:97:77:
2f:51:dc:56:41:ca:6e:15:7d:dd:43:08:9a:a6:0b:58:1e:b9:
1e:7c:60:0e:00:9a:03:a5:ab:05:ff:28:f7:41:6c:8e:7f:1e:
8c:48:66:27:a5:bd:38:ed:90:37:22:77:09:5f:ab:85:8f:02:
20:ee:9f:d9:f5:09:97:d5:ef:cf:c3:93:af:8f:75:d2:60:0e:
84:4d:a2:1e:04:70:b7:60:f6:d7:0f:72:de:c4:40:af:ac:d5:
ea:eb:0b:2c:1c:b4:ea:d9:e7:90:15:67:8c:6a:df:f9:e0:94:
a3:c1:22:77:e5:7f:d4:c5:dd:81:33:81:10:7f:3f:3e:90:8c:
6b:5d:80:ec:6b:ac:d6:cb:b8:21:84:76:98:16:9e:78:61:e9:
b3:94:5f:b1:e0:84:41:d8:c8:c1:6e:3e:d5:bd:6d:ae:0c:17:
c3:3a:27:90:44:86:0a:26:31:c2:ea:97:25:8b:65:ba:a5:07:
e3:28:b3:35
-----BEGIN CERTIFICATE-----
MIIFSDCCBDCgAwIBAgIUavwq6bgcvNWnXVKMNSOTcIV1lu8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTA0MzAxODM4NTlaFw0yNjA0MjkxODQzNTlaMDMxMTAvBgNV
BAMTKDIwMTgxMkY3MzM4QkQ0MzA1REQ1NDYwMjg1RUNDOTA2OTNDNUU4N0MwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDdzjor5WQldbjFWG+/EecX8Ucn
/2Y1bzeH4uotG8C13bsAM3yz2E47BlrFmh/HHRGAMCTVO3+xk6HVZJdUtSmuwTrM
qoRDn01CnxyYRL1bctZA1fxX5bUiWzoZm5Vy0x98jBqUTktZkaaNFUjV/NW+9ej2
GqKwQDFdCN1qFknB8RAIOGizsuV4GlyUM0bX6KYwoiqQsvzf/af2uj6aWh7NJuwr
iF7y3rqTIgccmVVmzqQt47nxYzn78jj7/WwpLbUWJnsH5KOXmMpCAGb9sfAfXW9O
eK5ZgapXUl7rxxpLoL8r1smZ4B274tt2oa+bRJLEraWX3ngiVXV0tOESuJafAgMB
AAGjggJSMIICTjAdBgNVHQ4EFgQUIBgS9zOL1DBd1UYChezJBpPF6HwwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTNzAyOS5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBpBggrBgEFBQcBBwEB/wRaMFgwVgQCAAEwUAMEBozpwAME
BY8OAAMEA48OKDAMAwQEjw5wAwQCjw54AwQDjw7oAwQAjw7xAwQAjw7/AwQDm3VA
AwQDm3VQAwQEm3VwAwQAm3XYAwQAm3X3MA0GCSqGSIb3DQEBCwUAA4IBAQA+KTV2
bEOWHOalhShDPf89hB+kNPkYNX9U+On0yPemF7btLFNFaMMushNQY8nRF5rKZpRM
bVHX0codywlDbKLUn4rGyYa2l3cvUdxWQcpuFX3dQwiapgtYHrkefGAOAJoDpasF
/yj3QWyOfx6MSGYnpb047ZA3IncJX6uFjwIg7p/Z9QmX1e/Pw5Ovj3XSYA6ETaIe
BHC3YPbXD3LexECvrNXq6wssHLTq2eeQFWeMat/54JSjwSJ35X/Uxd2BM4EQfz8+
kIxrXYDsa6zWy7ghhHaYFp54YemzlF+x4IRB2MjBbj7VvW2uDBfDOieQRIYKJjHC
6pcli2W6pQfjKLM1
-----END CERTIFICATE-----
Generated at Tue May 6 19:06:47 2025 by rpki-client