Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS29802.roa
File: AS29802.roa (raw, json)
Hash identifier: slmluBQiP2+aPwjIEZzzGWmoXHFsgNnaPLCW7m0Y5NU=
Subject key identifier: B5:ED:F1:E6:24:C3:20:27:06:34:BE:AD:88:2F:F0:4F:AD:E9:FA:21
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 09A234EE40C83B3144739397A5CBF2AA3068B71D
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS29802.roa
Signing time: Fri 17 Jan 2025 09:15:42 +0000
ROA not before: Fri 17 Jan 2025 09:10:42 +0000
ROA not after: Fri 16 Jan 2026 09:15:42 +0000
asID: 29802
IP address blocks: 2.57.22.0/24 maxlen: 24
2.58.28.0/24 maxlen: 24
5.252.68.0/24 maxlen: 24
5.252.69.0/24 maxlen: 24
5.252.70.0/24 maxlen: 24
5.252.73.0/24 maxlen: 24
5.252.161.0/24 maxlen: 24
45.87.186.0/24 maxlen: 24
141.98.88.0/24 maxlen: 24
141.98.90.0/24 maxlen: 24
179.61.195.0/24 maxlen: 24
179.61.225.0/24 maxlen: 24
181.41.211.0/24 maxlen: 24
181.41.213.0/24 maxlen: 24
181.41.222.0/23 maxlen: 24
181.214.35.0/24 maxlen: 24
181.214.52.0/24 maxlen: 24
181.214.91.0/24 maxlen: 24
181.214.123.0/24 maxlen: 24
181.214.219.0/24 maxlen: 24
181.214.233.0/24 maxlen: 24
181.214.242.0/24 maxlen: 24
181.214.243.0/24 maxlen: 24
181.215.46.0/24 maxlen: 24
181.215.61.0/24 maxlen: 24
181.215.89.0/24 maxlen: 24
181.215.183.0/24 maxlen: 24
181.215.247.0/24 maxlen: 24
185.34.40.0/24 maxlen: 24
185.34.41.0/24 maxlen: 24
185.130.204.0/22 maxlen: 24
185.135.11.0/24 maxlen: 24
185.139.237.0/24 maxlen: 24
185.141.164.0/23 maxlen: 24
185.142.26.0/24 maxlen: 24
185.142.27.0/24 maxlen: 24
185.143.228.0/24 maxlen: 24
185.158.135.0/24 maxlen: 24
185.158.148.0/24 maxlen: 24
185.172.58.0/23 maxlen: 24
185.173.24.0/23 maxlen: 24
185.173.32.0/23 maxlen: 24
185.174.62.0/24 maxlen: 24
191.96.42.0/23 maxlen: 24
191.96.50.0/23 maxlen: 24
191.96.70.0/23 maxlen: 24
191.96.97.0/24 maxlen: 24
191.96.192.0/24 maxlen: 24
191.101.22.0/24 maxlen: 24
191.101.62.0/24 maxlen: 24
191.101.164.0/23 maxlen: 24
191.101.204.0/24 maxlen: 24
191.101.253.0/24 maxlen: 24
193.31.40.0/24 maxlen: 24
2a03:fbc6::/47 maxlen: 48
2a03:fbc6:1::/48 maxlen: 48
2a09:4b40::/29 maxlen: 48
2a09:4b44::/48 maxlen: 48
2a09:4b44:2::/48 maxlen: 48
2a09:4b44:3::/48 maxlen: 48
2a09:4b44:4::/48 maxlen: 48
2a09:4b44:5::/48 maxlen: 48
2a09:4b44:6::/48 maxlen: 48
2a09:4b44:7::/48 maxlen: 48
2a09:4b44:8::/48 maxlen: 48
2a09:4b44:9::/48 maxlen: 48
2a09:4b44:b::/48 maxlen: 48
2a09:4b44:d::/48 maxlen: 48
2a09:4b44:21::/48 maxlen: 48
2a09:4b44:23::/48 maxlen: 48
2a0e:1c00::/29 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
09:a2:34:ee:40:c8:3b:31:44:73:93:97:a5:cb:f2:aa:30:68:b7:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Jan 17 09:10:42 2025 GMT
Not After : Jan 16 09:15:42 2026 GMT
Subject: CN=B5EDF1E624C320270634BEAD882FF04FADE9FA21
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:19:5d:48:bd:24:c5:18:34:43:62:dd:18:ca:
0c:62:cc:77:dd:c7:97:16:af:30:f8:2f:76:a7:0f:
2c:9e:e1:76:73:6c:d8:bb:fb:33:c2:f8:c3:e3:63:
d6:d2:08:a5:df:f3:83:15:ea:92:f6:7e:dc:84:6f:
17:4d:6c:70:fb:a9:e2:9d:0c:65:ae:a2:5d:1a:5b:
db:70:35:a5:c8:85:2e:d4:bb:d4:9f:8f:c8:7e:a6:
e8:f2:53:43:c3:b6:0c:1d:cd:46:d1:a0:2a:65:62:
dc:75:9c:9d:00:1c:bb:59:73:77:7d:06:68:72:88:
e7:25:32:0d:62:8b:04:0c:bb:5d:62:b3:4c:53:ff:
9f:90:64:34:e0:59:12:11:cd:59:14:6e:a4:4c:ff:
80:7d:4f:af:ff:c9:4d:7c:7b:42:69:50:fe:90:82:
b4:cf:cf:53:20:c8:47:2d:86:bf:c3:61:74:40:b9:
f7:0e:0b:fb:57:f0:76:fb:4e:7f:36:85:88:b6:df:
0a:dc:e6:ab:7b:34:cf:c3:3f:66:40:dd:be:26:4b:
02:f5:fe:3d:f0:f7:64:87:66:55:46:77:41:50:a5:
55:62:2e:64:32:08:c1:54:eb:bd:2d:0d:24:56:c6:
5b:88:ca:1b:96:1b:f5:c3:f3:64:3a:8b:ab:bc:9f:
87:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:ED:F1:E6:24:C3:20:27:06:34:BE:AD:88:2F:F0:4F:AD:E9:FA:21
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS29802.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.57.22.0/24
2.58.28.0/24
5.252.68.0-5.252.70.255
5.252.73.0/24
5.252.161.0/24
45.87.186.0/24
141.98.88.0/24
141.98.90.0/24
179.61.195.0/24
179.61.225.0/24
181.41.211.0/24
181.41.213.0/24
181.41.222.0/23
181.214.35.0/24
181.214.52.0/24
181.214.91.0/24
181.214.123.0/24
181.214.219.0/24
181.214.233.0/24
181.214.242.0/23
181.215.46.0/24
181.215.61.0/24
181.215.89.0/24
181.215.183.0/24
181.215.247.0/24
185.34.40.0/23
185.130.204.0/22
185.135.11.0/24
185.139.237.0/24
185.141.164.0/23
185.142.26.0/23
185.143.228.0/24
185.158.135.0/24
185.158.148.0/24
185.172.58.0/23
185.173.24.0/23
185.173.32.0/23
185.174.62.0/24
191.96.42.0/23
191.96.50.0/23
191.96.70.0/23
191.96.97.0/24
191.96.192.0/24
191.101.22.0/24
191.101.62.0/24
191.101.164.0/23
191.101.204.0/24
191.101.253.0/24
193.31.40.0/24
IPv6:
2a03:fbc6::/47
2a09:4b40::/29
2a0e:1c00::/29
Signature Algorithm: sha256WithRSAEncryption
73:4d:76:6b:f9:32:b0:52:a0:b1:8e:7f:8f:3d:51:f6:1a:1b:
d4:c9:37:38:1e:f4:7f:74:dd:1c:15:d5:8b:8a:65:4d:27:08:
f5:ee:92:92:93:1f:08:9e:bc:23:f1:bf:96:8a:30:bd:2e:db:
04:5d:90:fd:c9:fc:64:95:f3:2b:c8:e4:6a:11:b4:a3:79:ae:
6a:d5:39:51:0d:dc:88:0e:03:0e:cb:ca:a1:3f:29:22:b9:9f:
35:22:92:84:d2:d9:b0:d0:90:83:09:c5:c7:46:94:33:da:b9:
eb:c0:2c:58:2d:18:e9:ae:e6:2d:04:1c:78:cd:6c:7a:bf:ad:
26:34:63:ed:ce:b6:a1:f6:03:99:98:65:d2:ee:84:61:7a:99:
fa:55:7d:d3:82:ac:a5:7b:66:77:4a:f0:90:1c:ee:ed:05:39:
5c:cd:49:e7:00:7e:7b:ff:d1:59:9f:b0:48:22:6e:72:27:62:
ad:31:ab:96:08:ba:1b:bd:49:69:1a:fe:23:a5:9f:d2:90:97:
d5:c3:34:8e:59:33:d0:66:0e:68:01:53:47:0f:e4:24:4d:7a:
de:13:63:1f:b2:f5:2e:40:16:d4:b2:ba:ff:66:1d:11:c7:ee:
70:10:cb:84:83:c8:4a:4f:72:1d:03:d7:54:3a:09:03:da:c1:
e9:93:8d:1e
-----BEGIN CERTIFICATE-----
MIIGUDCCBTigAwIBAgIUCaI07kDIOzFEc5OXpcvyqjBotx0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNTAxMTcwOTEwNDJaFw0yNjAxMTYwOTE1NDJaMDMxMTAvBgNV
BAMTKEI1RURGMUU2MjRDMzIwMjcwNjM0QkVBRDg4MkZGMDRGQURFOUZBMjEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDRGV1IvSTFGDRDYt0YygxizHfd
x5cWrzD4L3anDyye4XZzbNi7+zPC+MPjY9bSCKXf84MV6pL2ftyEbxdNbHD7qeKd
DGWuol0aW9twNaXIhS7Uu9Sfj8h+pujyU0PDtgwdzUbRoCplYtx1nJ0AHLtZc3d9
BmhyiOclMg1iiwQMu11is0xT/5+QZDTgWRIRzVkUbqRM/4B9T6//yU18e0JpUP6Q
grTPz1MgyEcthr/DYXRAufcOC/tX8Hb7Tn82hYi23wrc5qt7NM/DP2ZA3b4mSwL1
/j3w92SHZlVGd0FQpVViLmQyCMFU670tDSRWxluIyhuWG/XD82Q6i6u8n4dtAgMB
AAGjggNaMIIDVjAdBgNVHQ4EFgQUte3x5iTDICcGNL6tiC/wT63p+iEwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMjk4MDIucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwggFuBggrBgEFBQcBBwEB/wSCAV0wggFZMIIBNgQCAAEw
ggEuAwQAAjkWAwQAAjocMAwDBAIF/EQDBAAF/EYDBAAF/EkDBAAF/KEDBAAtV7oD
BACNYlgDBACNYloDBACzPcMDBACzPeEDBAC1KdMDBAC1KdUDBAG1Kd4DBAC11iMD
BAC11jQDBAC11lsDBAC11nsDBAC11tsDBAC11ukDBAG11vIDBAC11y4DBAC11z0D
BAC111kDBAC117cDBAC11/cDBAG5IigDBAK5gswDBAC5hwsDBAC5i+0DBAG5jaQD
BAG5jhoDBAC5j+QDBAC5nocDBAC5npQDBAG5rDoDBAG5rRgDBAG5rSADBAC5rj4D
BAG/YCoDBAG/YDIDBAG/YEYDBAC/YGEDBAC/YMADBAC/ZRYDBAC/ZT4DBAG/ZaQD
BAC/ZcwDBAC/Zf0DBADBHygwHQQCAAIwFwMHASoD+8YAAAMFAyoJS0ADBQMqDhwA
MA0GCSqGSIb3DQEBCwUAA4IBAQBzTXZr+TKwUqCxjn+PPVH2GhvUyTc4HvR/dN0c
FdWLimVNJwj17pKSkx8Inrwj8b+WijC9LtsEXZD9yfxklfMryORqEbSjea5q1TlR
DdyIDgMOy8qhPykiuZ81IpKE0tmw0JCDCcXHRpQz2rnrwCxYLRjpruYtBBx4zWx6
v60mNGPtzrah9gOZmGXS7oRhepn6VX3Tgqyle2Z3SvCQHO7tBTlczUnnAH57/9FZ
n7BIIm5yJ2KtMauWCLobvUlpGv4jpZ/SkJfVwzSOWTPQZg5oAVNHD+QkTXreE2Mf
svUuQBbUsrr/Zh0Rx+5wEMuEg8hKT3IdA9dUOgkD2sHpk40e
-----END CERTIFICATE-----
Generated at Fri Apr 25 07:14:16 2025 by rpki-client