Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS29802.roa
File: AS29802.roa (raw, json)
Hash identifier: 8gmc91DplbDngiJVPMEsEp0ug+rEfsKoh1kJxBFcDZ8=
Subject key identifier: 3B:6D:78:0A:90:74:6D:1F:A3:9A:CE:93:D8:56:FC:C4:7F:20:CC:9F
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 79CC91135AB98D97E6B8E640112709F974443914
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS29802.roa
Signing time: Mon 22 Sep 2025 11:32:55 +0000
ROA not before: Mon 22 Sep 2025 11:27:55 +0000
ROA not after: Mon 21 Sep 2026 11:32:55 +0000
asID: 29802
IP address blocks: 2.57.22.0/24 maxlen: 24
2.58.28.0/24 maxlen: 24
5.252.68.0/24 maxlen: 24
5.252.69.0/24 maxlen: 24
5.252.70.0/24 maxlen: 24
5.252.73.0/24 maxlen: 24
5.252.161.0/24 maxlen: 24
45.87.186.0/24 maxlen: 24
141.98.88.0/24 maxlen: 24
141.98.90.0/24 maxlen: 24
179.61.143.0/24 maxlen: 24
179.61.195.0/24 maxlen: 24
179.61.225.0/24 maxlen: 24
181.41.213.0/24 maxlen: 24
181.41.222.0/23 maxlen: 24
181.214.35.0/24 maxlen: 24
181.214.52.0/24 maxlen: 24
181.214.123.0/24 maxlen: 24
181.214.219.0/24 maxlen: 24
181.214.242.0/24 maxlen: 24
181.215.46.0/24 maxlen: 24
181.215.61.0/24 maxlen: 24
181.215.89.0/24 maxlen: 24
181.215.183.0/24 maxlen: 24
185.34.40.0/24 maxlen: 24
185.34.41.0/24 maxlen: 24
185.130.204.0/22 maxlen: 24
185.135.11.0/24 maxlen: 24
185.139.237.0/24 maxlen: 24
185.141.164.0/23 maxlen: 24
185.142.26.0/24 maxlen: 24
185.142.27.0/24 maxlen: 24
185.143.228.0/24 maxlen: 24
185.158.148.0/24 maxlen: 24
185.172.58.0/23 maxlen: 24
185.173.24.0/23 maxlen: 24
185.173.32.0/23 maxlen: 24
185.174.62.0/24 maxlen: 24
191.96.42.0/23 maxlen: 24
191.96.50.0/23 maxlen: 24
191.96.70.0/23 maxlen: 24
191.96.97.0/24 maxlen: 24
191.96.192.0/24 maxlen: 24
191.101.62.0/24 maxlen: 24
191.101.164.0/23 maxlen: 24
191.101.204.0/24 maxlen: 24
191.101.253.0/24 maxlen: 24
193.31.40.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
79:cc:91:13:5a:b9:8d:97:e6:b8:e6:40:11:27:09:f9:74:44:39:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Sep 22 11:27:55 2025 GMT
Not After : Sep 21 11:32:55 2026 GMT
Subject: CN=3B6D780A90746D1FA39ACE93D856FCC47F20CC9F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:f4:ba:79:84:e8:b1:37:ed:b1:e5:91:02:d3:
a4:6a:2c:dd:55:c7:8a:cb:a0:5e:92:ee:51:62:34:
2e:4e:62:ba:9e:75:a5:38:e2:71:56:8c:28:3c:44:
6f:4e:a3:4e:7e:b5:41:26:19:13:11:b6:a0:27:4f:
b6:66:1c:4a:31:29:35:58:b9:0e:9c:d9:88:9e:1f:
cb:29:4d:e7:9e:57:8f:8d:dc:b0:49:27:6c:bc:a2:
83:58:95:8c:9f:23:ff:ed:72:87:09:4e:ba:1b:74:
43:a1:f8:87:b5:81:be:83:8c:1e:1c:f7:9f:31:2b:
ba:6a:b3:5d:8f:70:fa:b0:5a:dd:d7:f9:c1:c7:a1:
8b:89:46:84:26:ea:ca:87:84:92:08:d3:e3:54:7e:
eb:18:15:6e:e4:3e:aa:bb:34:7d:cc:2d:e9:8b:cf:
8d:ad:5d:21:eb:23:b1:7a:47:d5:2a:10:eb:4c:89:
69:36:c0:bd:37:ec:1b:3f:ec:6f:fb:81:4d:f9:4e:
10:a5:3c:0a:43:ca:4c:ed:09:9c:98:95:18:36:92:
04:43:b5:1f:9b:6b:1e:f6:15:52:16:51:f9:23:9a:
6e:37:de:87:3c:3f:c3:18:1b:ef:26:e4:f3:e5:00:
82:ac:46:4c:39:89:d3:ed:b3:e9:d4:52:ec:c5:f5:
68:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:6D:78:0A:90:74:6D:1F:A3:9A:CE:93:D8:56:FC:C4:7F:20:CC:9F
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS29802.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.57.22.0/24
2.58.28.0/24
5.252.68.0-5.252.70.255
5.252.73.0/24
5.252.161.0/24
45.87.186.0/24
141.98.88.0/24
141.98.90.0/24
179.61.143.0/24
179.61.195.0/24
179.61.225.0/24
181.41.213.0/24
181.41.222.0/23
181.214.35.0/24
181.214.52.0/24
181.214.123.0/24
181.214.219.0/24
181.214.242.0/24
181.215.46.0/24
181.215.61.0/24
181.215.89.0/24
181.215.183.0/24
185.34.40.0/23
185.130.204.0/22
185.135.11.0/24
185.139.237.0/24
185.141.164.0/23
185.142.26.0/23
185.143.228.0/24
185.158.148.0/24
185.172.58.0/23
185.173.24.0/23
185.173.32.0/23
185.174.62.0/24
191.96.42.0/23
191.96.50.0/23
191.96.70.0/23
191.96.97.0/24
191.96.192.0/24
191.101.62.0/24
191.101.164.0/23
191.101.204.0/24
191.101.253.0/24
193.31.40.0/24
Signature Algorithm: sha256WithRSAEncryption
85:11:4d:ec:46:5b:57:d3:51:22:cf:8d:da:42:78:ce:f2:15:
7c:76:21:7c:0a:cf:0b:dc:94:95:c7:57:59:d6:f3:cc:b3:90:
73:e5:d1:74:7c:a0:f5:0b:7d:c3:76:e8:05:66:ad:ea:59:d1:
c7:d0:9c:6b:33:b4:04:94:58:e0:98:27:0e:0b:91:a1:ad:6f:
57:31:26:9d:ba:5f:9a:4f:b4:62:db:fe:bd:35:16:53:0b:c8:
c4:0b:cf:96:10:45:05:0d:f2:a7:f9:4e:5d:44:eb:4a:90:30:
6d:2a:93:5d:e9:39:1e:a9:d7:a2:38:2e:bd:7a:5c:5b:00:a5:
17:5b:60:d0:97:50:34:6a:38:63:c9:9c:c8:d5:fc:b9:45:6a:
99:36:57:3b:23:dd:21:f6:07:fa:54:a4:73:6a:28:4b:1e:c5:
eb:c0:03:22:30:19:fd:96:1a:3f:5d:0b:17:94:74:b2:39:41:
f6:da:f3:ca:79:46:ca:19:49:5b:65:b6:1e:85:e7:9a:60:5f:
7d:64:af:25:17:dd:f9:e8:08:18:dd:7c:ad:bf:e6:7f:ad:15:
c1:95:87:a6:1c:99:c8:21:55:f2:1f:3d:73:76:97:fd:1a:e8:
9b:de:3a:18:db:f8:46:a1:1f:38:73:1f:0d:3b:a4:76:19:a0:
f0:3d:ba:6c
-----BEGIN CERTIFICATE-----
MIIGEzCCBPugAwIBAgIUecyRE1q5jZfmuOZAEScJ+XREORQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNTA5MjIxMTI3NTVaFw0yNjA5MjExMTMyNTVaMDMxMTAvBgNV
BAMTKDNCNkQ3ODBBOTA3NDZEMUZBMzlBQ0U5M0Q4NTZGQ0M0N0YyMENDOUYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCq9Lp5hOixN+2x5ZEC06RqLN1V
x4rLoF6S7lFiNC5OYrqedaU44nFWjCg8RG9Oo05+tUEmGRMRtqAnT7ZmHEoxKTVY
uQ6c2YieH8spTeeeV4+N3LBJJ2y8ooNYlYyfI//tcocJTrobdEOh+Ie1gb6DjB4c
958xK7pqs12PcPqwWt3X+cHHoYuJRoQm6sqHhJII0+NUfusYFW7kPqq7NH3MLemL
z42tXSHrI7F6R9UqEOtMiWk2wL037Bs/7G/7gU35ThClPApDykztCZyYlRg2kgRD
tR+bax72FVIWUfkjmm433oc8P8MYG+8m5PPlAIKsRkw5idPts+nUUuzF9WhFAgMB
AAGjggMdMIIDGTAdBgNVHQ4EFgQUO214CpB0bR+jms6T2Fb8xH8gzJ8wHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMjk4MDIucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwggExBggrBgEFBQcBBwEB/wSCASAwggEcMIIBGAQCAAEw
ggEQAwQAAjkWAwQAAjocMAwDBAIF/EQDBAAF/EYDBAAF/EkDBAAF/KEDBAAtV7oD
BACNYlgDBACNYloDBACzPY8DBACzPcMDBACzPeEDBAC1KdUDBAG1Kd4DBAC11iMD
BAC11jQDBAC11nsDBAC11tsDBAC11vIDBAC11y4DBAC11z0DBAC111kDBAC117cD
BAG5IigDBAK5gswDBAC5hwsDBAC5i+0DBAG5jaQDBAG5jhoDBAC5j+QDBAC5npQD
BAG5rDoDBAG5rRgDBAG5rSADBAC5rj4DBAG/YCoDBAG/YDIDBAG/YEYDBAC/YGED
BAC/YMADBAC/ZT4DBAG/ZaQDBAC/ZcwDBAC/Zf0DBADBHygwDQYJKoZIhvcNAQEL
BQADggEBAIURTexGW1fTUSLPjdpCeM7yFXx2IXwKzwvclJXHV1nW88yzkHPl0XR8
oPULfcN26AVmrepZ0cfQnGsztASUWOCYJw4LkaGtb1cxJp26X5pPtGLb/r01FlML
yMQLz5YQRQUN8qf5Tl1E60qQMG0qk13pOR6p16I4Lr16XFsApRdbYNCXUDRqOGPJ
nMjV/LlFapk2Vzsj3SH2B/pUpHNqKEsexevAAyIwGf2WGj9dCxeUdLI5Qfba88p5
RsoZSVtlth6F55pgX31kryUX3fnoCBjdfK2/5n+tFcGVh6YcmcghVfIfPXN2l/0a
6JveOhjb+EahHzhzHw07pHYZoPA9umw=
-----END CERTIFICATE-----
Generated at Sun Oct 19 20:28:11 2025 by rpki-client