Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS29802.roa
File: AS29802.roa (raw, json)
Hash identifier: IOSb3hvZlzzLZwAqF/2Dlne15bbPofru+D/oVBawc2A=
Subject key identifier: CE:23:41:44:7D:BB:3F:6E:DC:F8:A2:E9:90:73:01:1E:3B:9B:96:0B
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 36E34A14A67F85C837B0406B383EB66EC3F867C2
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS29802.roa
Signing time: Sat 03 May 2025 00:02:02 +0000
ROA not before: Fri 02 May 2025 23:57:02 +0000
ROA not after: Sat 02 May 2026 00:02:02 +0000
asID: 29802
IP address blocks: 82.21.67.0/24 maxlen: 24
82.21.74.0/24 maxlen: 24
82.21.93.0/24 maxlen: 24
82.21.103.0/24 maxlen: 24
82.21.110.0/24 maxlen: 24
82.21.113.0/24 maxlen: 24
82.21.119.0/24 maxlen: 24
82.21.122.0/24 maxlen: 24
82.21.124.0/24 maxlen: 24
82.21.132.0/24 maxlen: 24
82.21.139.0/24 maxlen: 24
82.21.140.0/24 maxlen: 24
82.21.143.0/24 maxlen: 24
82.21.148.0/24 maxlen: 24
82.21.152.0/24 maxlen: 24
82.21.155.0/24 maxlen: 24
82.21.157.0/24 maxlen: 24
82.21.163.0/24 maxlen: 24
82.21.188.0/24 maxlen: 24
82.24.92.0/22 maxlen: 24
82.24.96.0/22 maxlen: 24
82.24.116.0/22 maxlen: 24
82.24.128.0/22 maxlen: 24
82.24.132.0/22 maxlen: 24
82.24.136.0/22 maxlen: 24
82.24.140.0/22 maxlen: 24
82.24.148.0/22 maxlen: 24
82.24.152.0/22 maxlen: 24
82.24.156.0/22 maxlen: 24
82.24.160.0/22 maxlen: 24
82.24.164.0/22 maxlen: 24
82.24.168.0/22 maxlen: 24
82.24.176.0/22 maxlen: 24
82.24.196.0/22 maxlen: 24
82.25.146.0/23 maxlen: 24
82.25.148.0/23 maxlen: 24
82.25.150.0/23 maxlen: 24
82.25.152.0/23 maxlen: 24
82.25.154.0/23 maxlen: 24
82.25.156.0/23 maxlen: 24
82.25.158.0/23 maxlen: 24
82.25.162.0/23 maxlen: 24
82.25.164.0/23 maxlen: 24
82.25.166.0/23 maxlen: 24
82.25.168.0/23 maxlen: 24
82.25.170.0/23 maxlen: 24
82.25.172.0/23 maxlen: 24
82.25.176.0/23 maxlen: 24
82.25.178.0/23 maxlen: 24
82.25.182.0/23 maxlen: 24
82.25.188.0/23 maxlen: 24
82.26.66.0/24 maxlen: 24
82.26.120.0/24 maxlen: 24
82.26.156.0/24 maxlen: 24
82.26.171.0/24 maxlen: 24
82.26.176.0/21 maxlen: 24
82.26.184.0/21 maxlen: 24
82.26.194.0/24 maxlen: 24
2a13:9500:3::/48 maxlen: 48
2a13:9500:6::/48 maxlen: 48
2a13:9500:7::/48 maxlen: 48
2a13:9500:8::/48 maxlen: 48
2a13:9500:9::/48 maxlen: 48
2a13:9500:a::/48 maxlen: 48
2a13:9500:b::/48 maxlen: 48
2a13:9500:c::/48 maxlen: 48
2a13:9500:d::/48 maxlen: 48
2a13:9500:e::/48 maxlen: 48
2a13:9500:f::/48 maxlen: 48
2a13:9500:10::/48 maxlen: 48
2a13:9500:1c::/48 maxlen: 48
2a13:9500:1d::/48 maxlen: 48
2a13:9500:1e::/48 maxlen: 48
2a13:9500:1f::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 06 May 2025 13:51:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
36:e3:4a:14:a6:7f:85:c8:37:b0:40:6b:38:3e:b6:6e:c3:f8:67:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: May 2 23:57:02 2025 GMT
Not After : May 2 00:02:02 2026 GMT
Subject: CN=CE2341447DBB3F6EDCF8A2E99073011E3B9B960B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:e9:02:f6:0f:05:da:1b:08:75:39:93:98:c6:
03:25:12:42:94:f8:2f:9f:5c:4b:5e:49:f7:f7:89:
c2:28:6d:61:d5:66:08:2a:6a:e9:36:02:e3:8d:20:
85:a4:6b:41:df:cc:62:57:3e:90:17:b3:d1:8f:95:
fc:a4:46:b5:40:cc:65:c2:63:67:5e:e4:12:88:3d:
31:c3:95:44:4c:b6:2b:a5:1f:ef:f6:44:4a:65:bb:
73:a8:9e:cd:eb:88:8c:ea:14:de:fc:2f:69:a2:6e:
01:6f:4d:99:04:25:32:40:f8:31:e1:22:9e:87:93:
13:a3:74:76:06:b2:c6:c0:da:93:2b:fe:52:b4:81:
b5:51:c4:45:78:d3:28:86:77:30:bf:b5:1e:c0:b6:
91:80:c8:e8:c6:d1:53:d3:86:63:a3:f3:e3:be:c2:
72:25:c9:e7:82:29:f8:9c:eb:4e:34:d3:4d:4a:45:
68:70:d6:ab:82:2e:f4:ce:9b:f0:73:42:0f:04:2c:
ef:ff:e4:5b:b4:1a:92:ff:ae:48:40:ce:25:c8:2f:
d6:6d:e1:68:79:92:42:09:5a:3d:13:3e:72:7a:c4:
a9:0e:48:7b:21:00:d6:c8:cb:3f:da:d2:a9:87:ca:
6e:7a:da:ef:6b:c0:1d:f7:be:be:3c:e5:a5:9c:44:
25:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:23:41:44:7D:BB:3F:6E:DC:F8:A2:E9:90:73:01:1E:3B:9B:96:0B
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS29802.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.67.0/24
82.21.74.0/24
82.21.93.0/24
82.21.103.0/24
82.21.110.0/24
82.21.113.0/24
82.21.119.0/24
82.21.122.0/24
82.21.124.0/24
82.21.132.0/24
82.21.139.0-82.21.140.255
82.21.143.0/24
82.21.148.0/24
82.21.152.0/24
82.21.155.0/24
82.21.157.0/24
82.21.163.0/24
82.21.188.0/24
82.24.92.0-82.24.99.255
82.24.116.0/22
82.24.128.0/20
82.24.148.0-82.24.171.255
82.24.176.0/22
82.24.196.0/22
82.25.146.0-82.25.159.255
82.25.162.0-82.25.173.255
82.25.176.0/22
82.25.182.0/23
82.25.188.0/23
82.26.66.0/24
82.26.120.0/24
82.26.156.0/24
82.26.171.0/24
82.26.176.0/20
82.26.194.0/24
IPv6:
2a13:9500:3::/48
2a13:9500:6::-2a13:9500:10:ffff:ffff:ffff:ffff:ffff
2a13:9500:1c::/46
Signature Algorithm: sha256WithRSAEncryption
02:ab:5a:18:12:47:9c:59:95:5c:b1:15:45:0f:a5:23:95:e7:
e3:60:f9:f3:df:2a:d5:b2:d9:a0:a3:28:78:45:46:e3:27:76:
98:ad:17:31:cc:4b:f2:dc:11:ae:04:58:93:6e:7b:ff:a5:fa:
9b:87:73:34:46:3b:dd:c8:94:ee:79:2b:2f:a4:54:eb:4d:02:
56:6d:51:d5:43:cf:e1:32:5e:3d:63:e6:52:b7:a1:d4:76:ec:
9d:f2:78:ab:b5:2a:14:d7:7b:93:5e:7e:ee:5b:e4:ef:d9:df:
b6:fd:84:81:07:13:5d:a7:ca:89:81:51:0f:07:31:01:f6:a3:
89:a2:2a:7c:a9:25:24:50:0a:0e:3f:96:c6:89:08:74:cb:86:
11:c3:10:00:e3:1f:f5:c0:6f:e3:25:bb:17:1f:ae:d7:76:8b:
16:27:84:87:ab:24:ab:e1:c1:64:31:ad:6a:3f:c5:26:2b:a6:
f7:04:6d:c8:83:56:dc:11:0a:b3:51:0d:2d:72:51:07:e5:1c:
5d:91:b3:7d:6d:28:3d:29:d1:18:6e:71:f4:7a:49:7d:e1:4f:
0f:72:79:11:c1:28:21:ab:80:30:34:ad:d9:b2:e3:ee:78:4c:
91:2f:1e:b2:e8:a3:26:97:95:00:e7:46:60:a0:6c:a8:6e:c7:
31:22:b3:77
-----BEGIN CERTIFICATE-----
MIIGKjCCBRKgAwIBAgIUNuNKFKZ/hcg3sEBrOD62bsP4Z8IwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTA1MDIyMzU3MDJaFw0yNjA1MDIwMDAyMDJaMDMxMTAvBgNV
BAMTKENFMjM0MTQ0N0RCQjNGNkVEQ0Y4QTJFOTkwNzMwMTFFM0I5Qjk2MEIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCR6QL2DwXaGwh1OZOYxgMlEkKU
+C+fXEteSff3icIobWHVZggqauk2AuONIIWka0HfzGJXPpAXs9GPlfykRrVAzGXC
Y2de5BKIPTHDlURMtiulH+/2REplu3Oons3riIzqFN78L2mibgFvTZkEJTJA+DHh
Ip6HkxOjdHYGssbA2pMr/lK0gbVRxEV40yiGdzC/tR7AtpGAyOjG0VPThmOj8+O+
wnIlyeeCKfic6040001KRWhw1quCLvTOm/BzQg8ELO//5Fu0GpL/rkhAziXIL9Zt
4Wh5kkIJWj0TPnJ6xKkOSHshANbIyz/a0qmHym562u9rwB33vr485aWcRCUPAgMB
AAGjggM0MIIDMDAdBgNVHQ4EFgQUziNBRH27P27c+KLpkHMBHjublgswHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMjk4MDIucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwggFIBggrBgEFBQcBBwEB/wSCATcwggEzMIIBAQQCAAEw
gfoDBABSFUMDBABSFUoDBABSFV0DBABSFWcDBABSFW4DBABSFXEDBABSFXcDBABS
FXoDBABSFXwDBABSFYQwDAMEAFIViwMEAFIVjAMEAFIVjwMEAFIVlAMEAFIVmAME
AFIVmwMEAFIVnQMEAFIVowMEAFIVvDAMAwQCUhhcAwQCUhhgAwQCUhh0AwQEUhiA
MAwDBAJSGJQDBAJSGKgDBAJSGLADBAJSGMQwDAMEAVIZkgMEBVIZgDAMAwQBUhmi
AwQBUhmsAwQCUhmwAwQBUhm2AwQBUhm8AwQAUhpCAwQAUhp4AwQAUhqcAwQAUhqr
AwQEUhqwAwQAUhrCMCwEAgACMCYDBwAqE5UAAAMwEgMHASoTlQAABgMHACoTlQAA
EAMHAioTlQAAHDANBgkqhkiG9w0BAQsFAAOCAQEAAqtaGBJHnFmVXLEVRQ+lI5Xn
42D5898q1bLZoKMoeEVG4yd2mK0XMcxL8twRrgRYk257/6X6m4dzNEY73ciU7nkr
L6RU600CVm1R1UPP4TJePWPmUreh1HbsnfJ4q7UqFNd7k15+7lvk79nftv2EgQcT
XafKiYFRDwcxAfajiaIqfKklJFAKDj+WxokIdMuGEcMQAOMf9cBv4yW7Fx+u13aL
FieEh6skq+HBZDGtaj/FJium9wRtyINW3BEKs1ENLXJRB+UcXZGzfW0oPSnRGG5x
9HpJfeFPD3J5EcEoIauAMDSt2bLj7nhMkS8esuijJpeVAOdGYKBsqG7HMSKzdw==
-----END CERTIFICATE-----
Generated at Mon May 5 20:58:14 2025 by rpki-client