Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/55b4d9e8-4111-4394-a3a6-bd8251e7fbbd/0/AS29262.roa
File: AS29262.roa (raw, json)
Hash identifier: 95VZfrV6Chsfz8M6OzTma4/zAj7/zaLsbYlxesi02GE=
Subject key identifier: C2:28:FC:4A:E8:84:D6:42:49:EA:A8:F0:DA:B0:8E:92:39:F7:BE:C5
Certificate issuer: /CN=9dfbff217105df8877d463f6e9bac28a4084d20c
Certificate serial: 3E1DB1F2D348F8F9903D2D3FD7BBB94F5910C212
Authority key identifier: 9D:FB:FF:21:71:05:DF:88:77:D4:63:F6:E9:BA:C2:8A:40:84:D2:0C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nfv_IXEF34h31GP26brCikCE0gw.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/55b4d9e8-4111-4394-a3a6-bd8251e7fbbd/0/AS29262.roa
Signing time: Fri 06 Mar 2026 11:18:30 +0000
ROA not before: Fri 06 Mar 2026 11:13:30 +0000
ROA not after: Fri 05 Mar 2027 11:18:30 +0000
asID: 29262
IP address blocks: 77.241.72.0/24 maxlen: 24
77.241.73.0/24 maxlen: 24
77.241.74.0/24 maxlen: 24
77.241.75.0/24 maxlen: 24
139.28.240.0/24 maxlen: 24
139.28.241.0/24 maxlen: 24
194.169.92.0/24 maxlen: 24
194.169.93.0/24 maxlen: 24
194.169.94.0/24 maxlen: 24
194.169.95.0/24 maxlen: 24
2a02:f240::/29 maxlen: 29
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/55b4d9e8-4111-4394-a3a6-bd8251e7fbbd/0/9DFBFF217105DF8877D463F6E9BAC28A4084D20C.crl
rsync://rsync.paas.rpki.ripe.net/repository/55b4d9e8-4111-4394-a3a6-bd8251e7fbbd/0/9DFBFF217105DF8877D463F6E9BAC28A4084D20C.mft
rsync://rpki.ripe.net/repository/DEFAULT/nfv_IXEF34h31GP26brCikCE0gw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3e:1d:b1:f2:d3:48:f8:f9:90:3d:2d:3f:d7:bb:b9:4f:59:10:c2:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9dfbff217105df8877d463f6e9bac28a4084d20c
Validity
Not Before: Mar 6 11:13:30 2026 GMT
Not After : Mar 5 11:18:30 2027 GMT
Subject: CN=C228FC4AE884D64249EAA8F0DAB08E9239F7BEC5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:c5:a8:4a:88:2e:78:4e:45:e0:e2:1a:30:b4:
89:fe:5b:b1:35:d9:e5:b4:8f:e7:9c:1b:7f:5d:5c:
bf:c4:19:a3:51:3d:06:09:0d:c3:fc:c6:1a:65:aa:
fb:90:f9:a4:4c:47:e4:4b:dd:bc:aa:4a:82:a2:b3:
dc:cd:3f:65:41:43:62:01:53:44:1e:2e:89:51:60:
f8:15:98:94:98:aa:07:85:58:3c:e1:21:b8:0c:1b:
6f:e0:84:4d:71:c3:b4:95:ae:5c:8e:cd:ed:6f:64:
c9:3f:d2:e5:e7:71:d6:aa:2a:d9:73:7b:ff:3d:ff:
90:df:e7:29:ca:51:4c:94:8c:7b:13:7b:46:fe:bc:
e5:0f:87:e4:7d:3f:d3:12:8d:a8:1e:6c:d5:05:21:
47:b1:bb:ee:7d:04:e2:1f:ca:15:b2:4c:27:7c:b6:
5e:d4:4d:a4:e6:ed:9c:38:98:b2:34:90:c8:5c:1e:
55:31:52:1a:0a:c7:b1:aa:51:71:68:5d:a5:01:26:
7a:19:f1:2b:7a:51:0f:09:e2:e8:b7:29:c8:0c:d5:
fa:70:9f:80:6d:8d:31:11:22:ef:c3:d4:ee:5a:74:
cc:93:fb:2e:3c:b7:5e:1e:27:57:bd:b2:2e:62:88:
a8:85:39:ec:44:fe:64:9c:ad:72:25:df:91:f7:8f:
48:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:28:FC:4A:E8:84:D6:42:49:EA:A8:F0:DA:B0:8E:92:39:F7:BE:C5
X509v3 Authority Key Identifier:
keyid:9D:FB:FF:21:71:05:DF:88:77:D4:63:F6:E9:BA:C2:8A:40:84:D2:0C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/55b4d9e8-4111-4394-a3a6-bd8251e7fbbd/0/9DFBFF217105DF8877D463F6E9BAC28A4084D20C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nfv_IXEF34h31GP26brCikCE0gw.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/55b4d9e8-4111-4394-a3a6-bd8251e7fbbd/0/AS29262.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.241.72.0/22
139.28.240.0/23
194.169.92.0/22
IPv6:
2a02:f240::/29
Signature Algorithm: sha256WithRSAEncryption
d2:00:4c:a8:e7:95:8d:96:00:a1:56:bb:89:a7:2e:20:32:63:
ec:a5:18:c3:dc:0c:ff:07:7d:e6:fa:b1:fb:60:5b:53:a6:5e:
22:ca:5c:f0:02:66:68:e2:e1:ff:0c:c7:4a:3e:49:a7:d2:50:
b5:6b:a8:25:ea:13:d2:dd:16:e0:82:0e:97:5d:f7:7a:99:c5:
88:e9:e3:85:92:03:22:a2:bc:41:62:4a:e9:72:54:d7:0e:65:
a2:50:8d:cf:86:6a:2f:39:f4:10:e3:83:f5:2e:f7:15:4f:50:
b1:ee:0a:07:08:8a:e0:db:91:57:fe:ca:ea:20:85:04:c7:8f:
d3:35:17:bd:7f:e6:73:7b:e8:49:95:dd:95:ce:b0:0e:6d:9e:
0b:35:2b:fd:84:bf:3a:79:22:dd:3f:bb:ef:bd:b8:50:91:48:
c7:ab:d2:d1:90:96:d0:b6:66:6c:22:f8:66:75:42:e3:92:94:
37:80:fb:31:42:f0:a7:a3:c1:c4:0e:74:0b:ac:f7:52:e0:7e:
b6:48:05:32:0d:5b:97:4b:9c:00:af:58:1b:1c:c3:d4:69:3c:
cd:11:0c:43:e5:8c:f8:a2:ec:5a:6c:73:c6:74:43:df:5b:48:
37:78:73:e6:92:95:6a:35:34:d9:94:9a:1e:05:57:de:bc:e1:
72:c5:d9:8d
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgIUPh2x8tNI+PmQPS0/17u5T1kQwhIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWRmYmZmMjE3MTA1ZGY4ODc3ZDQ2M2Y2ZTliYWMyOGE0
MDg0ZDIwYzAeFw0yNjAzMDYxMTEzMzBaFw0yNzAzMDUxMTE4MzBaMDMxMTAvBgNV
BAMTKEMyMjhGQzRBRTg4NEQ2NDI0OUVBQThGMERBQjA4RTkyMzlGN0JFQzUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCJxahKiC54TkXg4howtIn+W7E1
2eW0j+ecG39dXL/EGaNRPQYJDcP8xhplqvuQ+aRMR+RL3byqSoKis9zNP2VBQ2IB
U0QeLolRYPgVmJSYqgeFWDzhIbgMG2/ghE1xw7SVrlyOze1vZMk/0uXncdaqKtlz
e/89/5Df5ynKUUyUjHsTe0b+vOUPh+R9P9MSjagebNUFIUexu+59BOIfyhWyTCd8
tl7UTaTm7Zw4mLI0kMhcHlUxUhoKx7GqUXFoXaUBJnoZ8St6UQ8J4ui3KcgM1fpw
n4BtjTERIu/D1O5adMyT+y48t14eJ1e9si5iiKiFOexE/mScrXIl35H3j0gNAgMB
AAGjggIkMIICIDAdBgNVHQ4EFgQUwij8SuiE1kJJ6qjw2rCOkjn3vsUwHwYDVR0j
BBgwFoAUnfv/IXEF34h31GP26brCikCE0gwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTViNGQ5ZTgtNDExMS00Mzk0LWEzYTYtYmQ4MjUxZTdm
YmJkLzAvOURGQkZGMjE3MTA1REY4ODc3RDQ2M0Y2RTlCQUMyOEE0MDg0RDIwQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL25mdl9JWEVGMzRoMzFHUDI2YnJDaWtD
RTBndy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzU1YjRkOWU4LTQxMTEt
NDM5NC1hM2E2LWJkODI1MWU3ZmJiZC8wL0FTMjkyNjIucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwOgYIKwYBBQUHAQcBAf8EKzApMBgEAgABMBIDBAJN8UgD
BAGLHPADBALCqVwwDQQCAAIwBwMFAyoC8kAwDQYJKoZIhvcNAQELBQADggEBANIA
TKjnlY2WAKFWu4mnLiAyY+ylGMPcDP8Hfeb6sftgW1OmXiLKXPACZmji4f8Mx0o+
SafSULVrqCXqE9LdFuCCDpdd93qZxYjp44WSAyKivEFiSulyVNcOZaJQjc+Gai85
9BDjg/Uu9xVPULHuCgcIiuDbkVf+yuoghQTHj9M1F71/5nN76EmV3ZXOsA5tngs1
K/2Evzp5It0/u++9uFCRSMer0tGQltC2Zmwi+GZ1QuOSlDeA+zFC8KejwcQOdAus
91LgfrZIBTINW5dLnACvWBscw9RpPM0RDEPljPii7Fpsc8Z0Q99bSDd4c+aSlWo1
NNmUmh4FV9684XLF2Y0=
-----END CERTIFICATE-----
Generated at Thu Mar 26 09:07:46 2026 by rpki-client