Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS29802.roa
File: AS29802.roa (raw, json)
Hash identifier: p94gt+AFq6dWALBv/1R8mtowV/WPxJgQ3ohZHxhqOWU=
Subject key identifier: 9F:BB:F8:E9:A5:D3:B0:EC:2D:FE:99:A5:C8:BB:D6:3C:59:59:EC:0F
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 0AD72B9CAA9CD843B8F90D077752717FB3222F4E
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS29802.roa
Signing time: Mon 16 Jun 2025 08:11:06 +0000
ROA not before: Mon 16 Jun 2025 08:06:06 +0000
ROA not after: Mon 15 Jun 2026 08:11:06 +0000
asID: 29802
IP address blocks: 82.21.67.0/24 maxlen: 24
82.21.74.0/24 maxlen: 24
82.21.93.0/24 maxlen: 24
82.21.103.0/24 maxlen: 24
82.21.110.0/24 maxlen: 24
82.21.113.0/24 maxlen: 24
82.21.119.0/24 maxlen: 24
82.21.122.0/24 maxlen: 24
82.21.124.0/24 maxlen: 24
82.21.132.0/24 maxlen: 24
82.21.139.0/24 maxlen: 24
82.21.140.0/24 maxlen: 24
82.21.143.0/24 maxlen: 24
82.21.148.0/24 maxlen: 24
82.21.152.0/24 maxlen: 24
82.21.155.0/24 maxlen: 24
82.21.157.0/24 maxlen: 24
82.21.163.0/24 maxlen: 24
82.21.188.0/24 maxlen: 24
82.24.92.0/22 maxlen: 24
82.24.96.0/22 maxlen: 24
82.24.116.0/22 maxlen: 24
82.24.128.0/22 maxlen: 24
82.24.132.0/22 maxlen: 24
82.24.136.0/22 maxlen: 24
82.24.140.0/22 maxlen: 24
82.24.148.0/22 maxlen: 24
82.24.152.0/22 maxlen: 24
82.24.156.0/22 maxlen: 24
82.24.160.0/22 maxlen: 24
82.24.164.0/22 maxlen: 24
82.24.168.0/22 maxlen: 24
82.24.176.0/22 maxlen: 24
82.24.196.0/22 maxlen: 24
82.25.146.0/23 maxlen: 24
82.25.148.0/23 maxlen: 24
82.25.150.0/23 maxlen: 24
82.25.152.0/23 maxlen: 24
82.25.154.0/23 maxlen: 24
82.25.156.0/23 maxlen: 24
82.25.158.0/23 maxlen: 24
82.25.162.0/23 maxlen: 24
82.25.164.0/23 maxlen: 24
82.25.166.0/23 maxlen: 24
82.25.168.0/23 maxlen: 24
82.25.170.0/23 maxlen: 24
82.25.172.0/23 maxlen: 24
82.25.176.0/23 maxlen: 24
82.25.178.0/23 maxlen: 24
82.25.182.0/23 maxlen: 24
82.25.188.0/23 maxlen: 24
82.26.66.0/24 maxlen: 24
82.26.120.0/24 maxlen: 24
82.26.176.0/21 maxlen: 24
82.26.184.0/21 maxlen: 24
82.27.106.0/24 maxlen: 24
2a13:9500:3::/48 maxlen: 48
2a13:9500:6::/48 maxlen: 48
2a13:9500:7::/48 maxlen: 48
2a13:9500:8::/48 maxlen: 48
2a13:9500:9::/48 maxlen: 48
2a13:9500:a::/48 maxlen: 48
2a13:9500:b::/48 maxlen: 48
2a13:9500:c::/48 maxlen: 48
2a13:9500:d::/48 maxlen: 48
2a13:9500:e::/48 maxlen: 48
2a13:9500:f::/48 maxlen: 48
2a13:9500:10::/48 maxlen: 48
2a13:9500:1c::/48 maxlen: 48
2a13:9500:1d::/48 maxlen: 48
2a13:9500:1e::/48 maxlen: 48
2a13:9500:1f::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 11:27:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0a:d7:2b:9c:aa:9c:d8:43:b8:f9:0d:07:77:52:71:7f:b3:22:2f:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Jun 16 08:06:06 2025 GMT
Not After : Jun 15 08:11:06 2026 GMT
Subject: CN=9FBBF8E9A5D3B0EC2DFE99A5C8BBD63C5959EC0F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:19:9f:4b:e6:b9:ac:85:e2:16:ae:e8:ba:a9:
dc:fc:e4:db:b2:26:93:42:c2:04:89:82:dc:71:7c:
83:31:ee:1d:03:e0:63:ef:8c:7c:38:7b:07:dd:c7:
9f:1a:66:cb:89:5f:63:79:68:6d:71:5a:34:8c:15:
b8:16:8b:4c:7b:7a:90:0f:f3:52:4c:25:f7:9c:90:
bc:67:39:de:b9:aa:07:93:5a:66:5c:f3:b2:9a:86:
30:94:95:c0:fc:4f:3c:22:b1:0d:06:de:ef:3d:f1:
6a:30:f8:a5:47:cf:b9:1a:fa:14:da:0f:fe:cb:5b:
02:3a:e2:2c:de:4b:04:8f:78:e7:1b:b8:91:c9:59:
28:5a:6d:b0:74:28:4b:ef:b4:d4:24:da:e0:96:08:
b6:56:28:0d:e5:bb:76:ce:34:3f:97:2e:cf:3a:d5:
d5:ab:5f:98:f2:7b:d1:2e:80:e6:9f:a0:46:38:e0:
c8:8e:cf:0e:af:47:ef:5b:23:b1:2b:3a:13:90:78:
52:45:2e:ce:6e:c8:ba:e9:29:e3:26:e5:d9:8f:1d:
93:70:4e:c1:b2:74:56:33:a8:71:bc:95:e6:24:8b:
7a:ea:67:88:94:19:17:75:fa:30:54:c8:a1:7e:1e:
a7:85:d9:69:65:85:e1:82:a6:ac:12:c2:f0:bc:74:
b5:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:BB:F8:E9:A5:D3:B0:EC:2D:FE:99:A5:C8:BB:D6:3C:59:59:EC:0F
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS29802.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.67.0/24
82.21.74.0/24
82.21.93.0/24
82.21.103.0/24
82.21.110.0/24
82.21.113.0/24
82.21.119.0/24
82.21.122.0/24
82.21.124.0/24
82.21.132.0/24
82.21.139.0-82.21.140.255
82.21.143.0/24
82.21.148.0/24
82.21.152.0/24
82.21.155.0/24
82.21.157.0/24
82.21.163.0/24
82.21.188.0/24
82.24.92.0-82.24.99.255
82.24.116.0/22
82.24.128.0/20
82.24.148.0-82.24.171.255
82.24.176.0/22
82.24.196.0/22
82.25.146.0-82.25.159.255
82.25.162.0-82.25.173.255
82.25.176.0/22
82.25.182.0/23
82.25.188.0/23
82.26.66.0/24
82.26.120.0/24
82.26.176.0/20
82.27.106.0/24
IPv6:
2a13:9500:3::/48
2a13:9500:6::-2a13:9500:10:ffff:ffff:ffff:ffff:ffff
2a13:9500:1c::/46
Signature Algorithm: sha256WithRSAEncryption
a8:ed:39:4e:a5:ac:b5:c8:65:fb:70:19:fa:bc:35:85:3e:48:
e0:a5:3a:cb:a9:35:0c:9b:c8:b4:2a:52:29:80:68:29:13:e7:
43:3b:05:fe:02:3d:3c:18:87:6c:64:18:9c:f0:1f:30:7a:15:
eb:d3:fe:e2:b6:5c:de:52:38:cd:2c:ec:3c:d1:bd:2d:6b:ae:
16:3d:88:59:39:f6:24:5d:88:60:df:74:4b:19:c3:3d:f7:32:
93:aa:c2:cf:fd:d8:6a:d9:46:84:ff:d0:a8:2d:50:0a:c1:17:
48:d8:80:1e:fd:73:a2:c0:83:ed:ad:ca:3c:32:a5:dc:ac:97:
a1:49:00:39:be:ec:f3:53:ea:3e:7f:16:59:a6:23:75:f5:5d:
42:9c:9f:68:47:c2:22:96:0e:b2:b7:2c:bc:9c:ec:05:d2:ec:
0a:d8:6e:17:a1:f9:12:51:9b:64:68:1b:f5:c3:0d:61:82:1c:
83:e5:0a:76:1a:b8:e4:6a:4d:cd:32:66:d7:c5:18:da:dc:83:
dd:12:48:b9:83:5d:c8:cb:16:2f:e8:89:77:c1:6c:2b:27:5e:
fa:df:3e:06:da:73:b2:f8:5c:2b:f7:35:f7:72:41:eb:8d:66:
5b:21:f0:8d:1d:95:b4:f1:54:08:87:35:8c:a8:7b:f1:03:98:
e6:19:53:62
-----BEGIN CERTIFICATE-----
MIIGHTCCBQWgAwIBAgIUCtcrnKqc2EO4+Q0Hd1Jxf7MiL04wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTA2MTYwODA2MDZaFw0yNjA2MTUwODExMDZaMDMxMTAvBgNV
BAMTKDlGQkJGOEU5QTVEM0IwRUMyREZFOTlBNUM4QkJENjNDNTk1OUVDMEYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQChGZ9L5rmsheIWrui6qdz85Nuy
JpNCwgSJgtxxfIMx7h0D4GPvjHw4ewfdx58aZsuJX2N5aG1xWjSMFbgWi0x7epAP
81JMJfeckLxnOd65qgeTWmZc87KahjCUlcD8TzwisQ0G3u898Wow+KVHz7ka+hTa
D/7LWwI64izeSwSPeOcbuJHJWShabbB0KEvvtNQk2uCWCLZWKA3lu3bOND+XLs86
1dWrX5jye9EugOafoEY44MiOzw6vR+9bI7ErOhOQeFJFLs5uyLrpKeMm5dmPHZNw
TsGydFYzqHG8leYki3rqZ4iUGRd1+jBUyKF+HqeF2WllheGCpqwSwvC8dLULAgMB
AAGjggMnMIIDIzAdBgNVHQ4EFgQUn7v46aXTsOwt/pmlyLvWPFlZ7A8wHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMjk4MDIucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwggE7BggrBgEFBQcBBwEB/wSCASowggEmMIH1BAIAATCB
7gMEAFIVQwMEAFIVSgMEAFIVXQMEAFIVZwMEAFIVbgMEAFIVcQMEAFIVdwMEAFIV
egMEAFIVfAMEAFIVhDAMAwQAUhWLAwQAUhWMAwQAUhWPAwQAUhWUAwQAUhWYAwQA
UhWbAwQAUhWdAwQAUhWjAwQAUhW8MAwDBAJSGFwDBAJSGGADBAJSGHQDBARSGIAw
DAMEAlIYlAMEAlIYqAMEAlIYsAMEAlIYxDAMAwQBUhmSAwQFUhmAMAwDBAFSGaID
BAFSGawDBAJSGbADBAFSGbYDBAFSGbwDBABSGkIDBABSGngDBARSGrADBABSG2ow
LAQCAAIwJgMHACoTlQAAAzASAwcBKhOVAAAGAwcAKhOVAAAQAwcCKhOVAAAcMA0G
CSqGSIb3DQEBCwUAA4IBAQCo7TlOpay1yGX7cBn6vDWFPkjgpTrLqTUMm8i0KlIp
gGgpE+dDOwX+Aj08GIdsZBic8B8wehXr0/7itlzeUjjNLOw80b0ta64WPYhZOfYk
XYhg33RLGcM99zKTqsLP/dhq2UaE/9CoLVAKwRdI2IAe/XOiwIPtrco8MqXcrJeh
SQA5vuzzU+o+fxZZpiN19V1CnJ9oR8Iilg6ytyy8nOwF0uwK2G4XofkSUZtkaBv1
ww1hghyD5Qp2Grjkak3NMmbXxRja3IPdEki5g13IyxYv6Il3wWwrJ1763z4G2nOy
+Fwr9zX3ckHrjWZbIfCNHZW08VQIhzWMqHvxA5jmGVNi
-----END CERTIFICATE-----
Generated at Sat Jun 28 23:50:05 2025 by rpki-client