Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS29802.roa
File: AS29802.roa (raw, json)
Hash identifier: c3jDOfqFDMm4ctX5/aRzS+sWOVmPVW3rwIkssemm+F4=
Subject key identifier: FD:CA:0F:53:51:EB:A2:F1:D2:D1:1B:AD:C3:60:93:FD:77:5E:3D:84
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 049B383473D38F9BEC685AE8B7555F1B47B4AB27
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS29802.roa
Signing time: Tue 05 May 2026 08:52:51 +0000
ROA not before: Tue 05 May 2026 08:47:51 +0000
ROA not after: Tue 04 May 2027 08:52:51 +0000
asID: 29802
IP address blocks: 82.21.67.0/24 maxlen: 24
82.21.74.0/24 maxlen: 24
82.21.93.0/24 maxlen: 24
82.21.103.0/24 maxlen: 24
82.21.110.0/24 maxlen: 24
82.21.113.0/24 maxlen: 24
82.21.119.0/24 maxlen: 24
82.21.122.0/24 maxlen: 24
82.21.124.0/24 maxlen: 24
82.21.132.0/24 maxlen: 24
82.21.139.0/24 maxlen: 24
82.21.140.0/24 maxlen: 24
82.21.143.0/24 maxlen: 24
82.21.148.0/24 maxlen: 24
82.21.152.0/24 maxlen: 24
82.21.155.0/24 maxlen: 24
82.21.157.0/24 maxlen: 24
82.21.163.0/24 maxlen: 24
82.22.61.0/24 maxlen: 24
82.24.92.0/22 maxlen: 24
82.24.96.0/22 maxlen: 24
82.24.116.0/22 maxlen: 24
82.24.128.0/22 maxlen: 24
82.24.132.0/22 maxlen: 24
82.24.136.0/22 maxlen: 24
82.24.140.0/22 maxlen: 24
82.24.148.0/22 maxlen: 24
82.24.152.0/22 maxlen: 24
82.24.156.0/22 maxlen: 24
82.24.160.0/22 maxlen: 24
82.24.164.0/22 maxlen: 24
82.24.168.0/22 maxlen: 24
82.24.176.0/22 maxlen: 24
82.24.196.0/22 maxlen: 24
82.25.146.0/23 maxlen: 24
82.25.148.0/23 maxlen: 24
82.25.150.0/23 maxlen: 24
82.25.152.0/23 maxlen: 24
82.25.154.0/23 maxlen: 24
82.25.156.0/23 maxlen: 24
82.25.158.0/23 maxlen: 24
82.25.162.0/23 maxlen: 24
82.25.164.0/23 maxlen: 24
82.25.166.0/23 maxlen: 24
82.25.168.0/23 maxlen: 24
82.25.170.0/23 maxlen: 24
82.25.172.0/23 maxlen: 24
82.25.176.0/23 maxlen: 24
82.25.178.0/23 maxlen: 24
82.25.182.0/23 maxlen: 24
82.25.188.0/23 maxlen: 24
82.26.66.0/24 maxlen: 24
82.26.116.0/24 maxlen: 24
82.26.176.0/21 maxlen: 24
82.26.184.0/21 maxlen: 24
82.27.8.0/24 maxlen: 24
82.38.174.0/24 maxlen: 24
82.39.223.0/24 maxlen: 24
82.47.240.0/23 maxlen: 24
178.83.59.0/24 maxlen: 24
2a13:9500:3::/48 maxlen: 48
2a13:9500:6::/48 maxlen: 48
2a13:9500:7::/48 maxlen: 48
2a13:9500:8::/48 maxlen: 48
2a13:9500:9::/48 maxlen: 48
2a13:9500:a::/48 maxlen: 48
2a13:9500:b::/48 maxlen: 48
2a13:9500:c::/48 maxlen: 48
2a13:9500:d::/48 maxlen: 48
2a13:9500:e::/48 maxlen: 48
2a13:9500:f::/48 maxlen: 48
2a13:9500:10::/48 maxlen: 48
2a13:9500:1c::/48 maxlen: 48
2a13:9500:1d::/48 maxlen: 48
2a13:9500:1e::/48 maxlen: 48
2a13:9500:1f::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
04:9b:38:34:73:d3:8f:9b:ec:68:5a:e8:b7:55:5f:1b:47:b4:ab:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: May 5 08:47:51 2026 GMT
Not After : May 4 08:52:51 2027 GMT
Subject: CN=FDCA0F5351EBA2F1D2D11BADC36093FD775E3D84
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:d9:f6:3e:bc:45:9a:d3:7d:99:01:da:71:09:
c2:ea:a7:7e:df:7a:18:c0:b3:1a:ba:c0:3c:fd:99:
94:9f:d9:cf:5a:3c:51:49:a9:44:34:2e:7a:15:ef:
ae:ce:14:d7:0a:46:43:22:81:10:d3:0e:11:f4:78:
46:01:56:66:a1:8a:96:33:61:8d:24:0c:a7:b6:98:
68:13:73:38:6a:1e:dc:05:aa:ca:21:8a:c3:4a:53:
3b:06:46:0c:17:a2:01:47:08:09:c4:7c:83:7d:4f:
32:aa:bf:2d:dc:ef:bd:86:48:99:20:57:7f:24:9d:
a1:d1:2a:d2:32:1e:ac:62:85:9b:72:0f:5d:71:4f:
6e:b7:22:2a:34:82:6f:33:02:de:b5:b9:fd:c3:a2:
ae:8b:da:3a:19:51:b7:ea:12:78:74:0c:5b:8e:fe:
8f:13:3f:07:da:97:b9:9e:03:ce:20:aa:7f:c3:ac:
d7:45:57:0b:c8:8d:e6:c0:84:eb:a7:19:29:23:ee:
5f:f5:47:87:14:8f:4b:83:bc:a8:6f:d0:51:b6:89:
f3:24:19:3a:0f:1c:e0:3a:53:19:93:e1:a1:c5:92:
58:d1:ec:35:13:fa:f7:14:8d:ed:15:08:37:d9:be:
fc:72:88:74:cb:a4:18:9e:b9:a5:51:4b:2c:1a:46:
ae:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:CA:0F:53:51:EB:A2:F1:D2:D1:1B:AD:C3:60:93:FD:77:5E:3D:84
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS29802.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.67.0/24
82.21.74.0/24
82.21.93.0/24
82.21.103.0/24
82.21.110.0/24
82.21.113.0/24
82.21.119.0/24
82.21.122.0/24
82.21.124.0/24
82.21.132.0/24
82.21.139.0-82.21.140.255
82.21.143.0/24
82.21.148.0/24
82.21.152.0/24
82.21.155.0/24
82.21.157.0/24
82.21.163.0/24
82.22.61.0/24
82.24.92.0-82.24.99.255
82.24.116.0/22
82.24.128.0/20
82.24.148.0-82.24.171.255
82.24.176.0/22
82.24.196.0/22
82.25.146.0-82.25.159.255
82.25.162.0-82.25.173.255
82.25.176.0/22
82.25.182.0/23
82.25.188.0/23
82.26.66.0/24
82.26.116.0/24
82.26.176.0/20
82.27.8.0/24
82.38.174.0/24
82.39.223.0/24
82.47.240.0/23
178.83.59.0/24
IPv6:
2a13:9500:3::/48
2a13:9500:6::-2a13:9500:10:ffff:ffff:ffff:ffff:ffff
2a13:9500:1c::/46
Signature Algorithm: sha256WithRSAEncryption
6b:47:fa:c0:96:77:e9:9b:4e:ad:dd:2c:fd:4f:e0:d9:46:99:
57:bc:90:94:88:dd:80:36:26:23:d0:cb:10:9a:07:cf:de:19:
ec:ad:01:2b:da:51:42:34:c4:6f:e9:c5:6b:7b:7e:87:e8:ad:
1d:91:e9:6d:c2:6e:20:80:a1:af:ad:61:6e:89:63:fc:41:23:
05:42:ec:25:09:b1:27:3c:0b:49:56:fd:b8:ea:0c:c2:00:ee:
63:01:aa:66:24:49:d8:e0:c0:50:73:9b:cc:14:5e:56:b2:83:
62:f3:ae:3f:34:84:48:dc:92:5b:80:28:9f:9b:74:a6:e8:06:
46:ba:10:1d:3d:4e:7a:68:d3:11:3a:07:31:b8:ff:d4:a6:8f:
1d:0c:46:08:66:94:c3:68:49:06:3b:86:ac:14:23:94:89:5a:
80:5f:36:df:50:b2:87:4c:d6:80:57:32:34:4b:be:07:1f:c0:
b8:46:8e:d9:c1:74:b7:9b:5a:4d:b2:4a:f0:cf:7a:92:13:e2:
7f:55:54:eb:39:d0:da:c2:72:62:56:fc:bb:34:87:c1:b5:aa:
bf:1b:53:ab:b3:d8:a3:66:79:93:53:ad:dc:2a:b5:2e:4e:76:
97:43:98:97:ed:b9:c6:2f:55:d1:d1:77:6c:44:96:0c:86:7a:
35:8b:15:26
-----BEGIN CERTIFICATE-----
MIIGNzCCBR+gAwIBAgIUBJs4NHPTj5vsaFrot1VfG0e0qycwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjA1MDUwODQ3NTFaFw0yNzA1MDQwODUyNTFaMDMxMTAvBgNV
BAMTKEZEQ0EwRjUzNTFFQkEyRjFEMkQxMUJBREMzNjA5M0ZENzc1RTNEODQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCS2fY+vEWa032ZAdpxCcLqp37f
ehjAsxq6wDz9mZSf2c9aPFFJqUQ0LnoV767OFNcKRkMigRDTDhH0eEYBVmahipYz
YY0kDKe2mGgTczhqHtwFqsohisNKUzsGRgwXogFHCAnEfIN9TzKqvy3c772GSJkg
V38knaHRKtIyHqxihZtyD11xT263Iio0gm8zAt61uf3Doq6L2joZUbfqEnh0DFuO
/o8TPwfal7meA84gqn/DrNdFVwvIjebAhOunGSkj7l/1R4cUj0uDvKhv0FG2ifMk
GToPHOA6UxmT4aHFkljR7DUT+vcUje0VCDfZvvxyiHTLpBieuaVRSywaRq6xAgMB
AAGjggNBMIIDPTAdBgNVHQ4EFgQU/coPU1HrovHS0Rutw2CT/XdePYQwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMjk4MDIucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwggFVBggrBgEFBQcBBwEB/wSCAUQwggFAMIIBDgQCAAEw
ggEGAwQAUhVDAwQAUhVKAwQAUhVdAwQAUhVnAwQAUhVuAwQAUhVxAwQAUhV3AwQA
UhV6AwQAUhV8AwQAUhWEMAwDBABSFYsDBABSFYwDBABSFY8DBABSFZQDBABSFZgD
BABSFZsDBABSFZ0DBABSFaMDBABSFj0wDAMEAlIYXAMEAlIYYAMEAlIYdAMEBFIY
gDAMAwQCUhiUAwQCUhioAwQCUhiwAwQCUhjEMAwDBAFSGZIDBAVSGYAwDAMEAVIZ
ogMEAVIZrAMEAlIZsAMEAVIZtgMEAVIZvAMEAFIaQgMEAFIadAMEBFIasAMEAFIb
CAMEAFImrgMEAFIn3wMEAVIv8AMEALJTOzAsBAIAAjAmAwcAKhOVAAADMBIDBwEq
E5UAAAYDBwAqE5UAABADBwIqE5UAABwwDQYJKoZIhvcNAQELBQADggEBAGtH+sCW
d+mbTq3dLP1P4NlGmVe8kJSI3YA2JiPQyxCaB8/eGeytASvaUUI0xG/pxWt7fofo
rR2R6W3CbiCAoa+tYW6JY/xBIwVC7CUJsSc8C0lW/bjqDMIA7mMBqmYkSdjgwFBz
m8wUXlayg2Lzrj80hEjckluAKJ+bdKboBka6EB09Tnpo0xE6BzG4/9Smjx0MRghm
lMNoSQY7hqwUI5SJWoBfNt9QsodM1oBXMjRLvgcfwLhGjtnBdLebWk2ySvDPepIT
4n9VVOs50NrCcmJW/Ls0h8G1qr8bU6uz2KNmeZNTrdwqtS5OdpdDmJftucYvVdHR
d2xElgyGejWLFSY=
-----END CERTIFICATE-----
Generated at Tue May 12 22:37:49 2026 by rpki-client