Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS29802.roa
File: AS29802.roa (raw, json)
Hash identifier: OtCFE2LmNm9KaZ9UrPIbBbwm1JEYE50xqBSkgzXaAsM=
Subject key identifier: 1D:E8:B5:96:B5:E6:29:64:AA:C6:B7:E9:5D:BB:34:37:44:B8:23:C0
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 461EDB26E2385638A7B6B4EB43D89C732203DAED
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS29802.roa
Signing time: Thu 21 Aug 2025 00:00:14 +0000
ROA not before: Wed 20 Aug 2025 23:55:14 +0000
ROA not after: Thu 20 Aug 2026 00:00:14 +0000
asID: 29802
IP address blocks: 82.21.67.0/24 maxlen: 24
82.21.74.0/24 maxlen: 24
82.21.93.0/24 maxlen: 24
82.21.103.0/24 maxlen: 24
82.21.110.0/24 maxlen: 24
82.21.113.0/24 maxlen: 24
82.21.119.0/24 maxlen: 24
82.21.122.0/24 maxlen: 24
82.21.124.0/24 maxlen: 24
82.21.132.0/24 maxlen: 24
82.21.139.0/24 maxlen: 24
82.21.140.0/24 maxlen: 24
82.21.143.0/24 maxlen: 24
82.21.148.0/24 maxlen: 24
82.21.152.0/24 maxlen: 24
82.21.155.0/24 maxlen: 24
82.21.157.0/24 maxlen: 24
82.21.163.0/24 maxlen: 24
82.24.92.0/22 maxlen: 24
82.24.96.0/22 maxlen: 24
82.24.116.0/22 maxlen: 24
82.24.128.0/22 maxlen: 24
82.24.132.0/22 maxlen: 24
82.24.136.0/22 maxlen: 24
82.24.140.0/22 maxlen: 24
82.24.148.0/22 maxlen: 24
82.24.152.0/22 maxlen: 24
82.24.156.0/22 maxlen: 24
82.24.160.0/22 maxlen: 24
82.24.164.0/22 maxlen: 24
82.24.168.0/22 maxlen: 24
82.24.176.0/22 maxlen: 24
82.24.196.0/22 maxlen: 24
82.25.146.0/23 maxlen: 24
82.25.148.0/23 maxlen: 24
82.25.150.0/23 maxlen: 24
82.25.152.0/23 maxlen: 24
82.25.154.0/23 maxlen: 24
82.25.156.0/23 maxlen: 24
82.25.158.0/23 maxlen: 24
82.25.162.0/23 maxlen: 24
82.25.164.0/23 maxlen: 24
82.25.166.0/23 maxlen: 24
82.25.168.0/23 maxlen: 24
82.25.170.0/23 maxlen: 24
82.25.172.0/23 maxlen: 24
82.25.176.0/23 maxlen: 24
82.25.178.0/23 maxlen: 24
82.25.182.0/23 maxlen: 24
82.25.188.0/23 maxlen: 24
82.26.66.0/24 maxlen: 24
82.26.120.0/24 maxlen: 24
82.26.176.0/21 maxlen: 24
82.26.184.0/21 maxlen: 24
2a13:9500:3::/48 maxlen: 48
2a13:9500:6::/48 maxlen: 48
2a13:9500:7::/48 maxlen: 48
2a13:9500:8::/48 maxlen: 48
2a13:9500:9::/48 maxlen: 48
2a13:9500:a::/48 maxlen: 48
2a13:9500:b::/48 maxlen: 48
2a13:9500:c::/48 maxlen: 48
2a13:9500:d::/48 maxlen: 48
2a13:9500:e::/48 maxlen: 48
2a13:9500:f::/48 maxlen: 48
2a13:9500:10::/48 maxlen: 48
2a13:9500:1c::/48 maxlen: 48
2a13:9500:1d::/48 maxlen: 48
2a13:9500:1e::/48 maxlen: 48
2a13:9500:1f::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 14:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
46:1e:db:26:e2:38:56:38:a7:b6:b4:eb:43:d8:9c:73:22:03:da:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Aug 20 23:55:14 2025 GMT
Not After : Aug 20 00:00:14 2026 GMT
Subject: CN=1DE8B596B5E62964AAC6B7E95DBB343744B823C0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:e3:f2:67:94:a5:7b:e2:d2:09:5d:7c:15:47:
96:07:9f:b4:33:cf:cd:c3:2e:8c:ec:01:47:21:e9:
ed:83:7e:7e:1a:25:bc:52:25:0f:ae:13:b8:73:ce:
e3:b9:51:b5:ff:f3:7f:0b:e2:9f:36:98:8c:c0:cf:
eb:aa:b5:b7:f7:b9:07:a3:bb:81:e3:c9:94:8c:13:
ba:90:07:de:6b:20:01:86:7b:e6:26:f5:25:01:83:
f8:3d:f0:73:54:46:32:3a:59:1c:1e:24:24:11:95:
18:e6:e9:81:2f:a8:7e:fd:42:76:dd:c5:e9:1b:52:
16:44:92:21:27:01:56:38:39:34:dc:1d:0c:98:f2:
e6:e4:db:e7:19:a8:02:2c:59:24:6c:03:ac:eb:1c:
89:10:0d:12:20:d8:47:36:c6:7c:28:f4:77:85:d7:
84:93:3b:bc:12:bd:d5:34:10:52:9b:9f:71:dd:06:
79:ea:f9:6b:96:e8:f8:46:f5:0e:54:89:7c:f9:7b:
bc:b5:b0:0e:f3:db:84:63:00:ad:1b:4d:28:11:7e:
1c:76:f7:29:6a:e4:ae:87:ae:26:89:38:76:3e:62:
7e:fe:8d:3c:0e:44:01:01:e5:9c:04:74:74:0e:28:
d6:75:1c:df:c2:be:79:ed:3b:2e:7f:55:61:94:c3:
b8:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:E8:B5:96:B5:E6:29:64:AA:C6:B7:E9:5D:BB:34:37:44:B8:23:C0
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS29802.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.67.0/24
82.21.74.0/24
82.21.93.0/24
82.21.103.0/24
82.21.110.0/24
82.21.113.0/24
82.21.119.0/24
82.21.122.0/24
82.21.124.0/24
82.21.132.0/24
82.21.139.0-82.21.140.255
82.21.143.0/24
82.21.148.0/24
82.21.152.0/24
82.21.155.0/24
82.21.157.0/24
82.21.163.0/24
82.24.92.0-82.24.99.255
82.24.116.0/22
82.24.128.0/20
82.24.148.0-82.24.171.255
82.24.176.0/22
82.24.196.0/22
82.25.146.0-82.25.159.255
82.25.162.0-82.25.173.255
82.25.176.0/22
82.25.182.0/23
82.25.188.0/23
82.26.66.0/24
82.26.120.0/24
82.26.176.0/20
IPv6:
2a13:9500:3::/48
2a13:9500:6::-2a13:9500:10:ffff:ffff:ffff:ffff:ffff
2a13:9500:1c::/46
Signature Algorithm: sha256WithRSAEncryption
93:c3:40:82:e0:7c:ab:59:60:96:9b:d9:97:78:4b:b3:9a:aa:
74:be:fc:1a:50:63:6a:63:dc:f0:4b:3d:60:c9:4e:e5:71:28:
c0:b3:2f:0e:28:2b:ca:11:9c:9b:78:46:c5:02:89:b5:4e:e1:
a7:77:2b:68:bd:98:d5:35:23:fd:d9:34:5a:51:73:96:f9:f2:
8e:cc:ac:fe:e7:74:c5:52:d3:23:0b:c6:6c:69:9b:00:88:13:
ce:85:14:00:27:9b:08:55:d5:24:cc:04:ae:c2:9c:27:70:fd:
b8:8e:9c:c5:43:ea:01:43:4a:aa:0e:bf:1a:5f:a6:ae:4d:9e:
a9:3a:2c:7c:fc:cc:0e:58:86:d6:38:ce:ef:ef:d7:36:5c:1a:
7d:ea:1b:eb:d6:6f:07:64:af:24:49:1e:3b:be:ff:aa:b3:99:
c9:fa:20:67:9b:c0:56:82:82:08:86:89:46:4f:96:0c:a6:d0:
77:2b:cd:7d:5c:75:7c:31:f7:8c:a4:b5:3e:8d:b8:da:72:ed:
e5:a0:a8:72:27:c7:e2:de:6e:40:6b:47:2b:72:4c:a7:27:25:
e0:48:cf:b7:35:0d:3c:d0:7f:a0:43:5b:ef:89:26:95:2a:86:
35:0e:41:c2:10:6c:db:6e:28:a4:d0:43:ea:43:5f:5f:c3:39:
3b:39:2e:9d
-----BEGIN CERTIFICATE-----
MIIGETCCBPmgAwIBAgIURh7bJuI4VjintrTrQ9iccyID2u0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTA4MjAyMzU1MTRaFw0yNjA4MjAwMDAwMTRaMDMxMTAvBgNV
BAMTKDFERThCNTk2QjVFNjI5NjRBQUM2QjdFOTVEQkIzNDM3NDRCODIzQzAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDD4/JnlKV74tIJXXwVR5YHn7Qz
z83DLozsAUch6e2Dfn4aJbxSJQ+uE7hzzuO5UbX/838L4p82mIzAz+uqtbf3uQej
u4HjyZSME7qQB95rIAGGe+Ym9SUBg/g98HNURjI6WRweJCQRlRjm6YEvqH79Qnbd
xekbUhZEkiEnAVY4OTTcHQyY8ubk2+cZqAIsWSRsA6zrHIkQDRIg2Ec2xnwo9HeF
14STO7wSvdU0EFKbn3HdBnnq+WuW6PhG9Q5UiXz5e7y1sA7z24RjAK0bTSgRfhx2
9ylq5K6HriaJOHY+Yn7+jTwORAEB5ZwEdHQOKNZ1HN/CvnntOy5/VWGUw7iXAgMB
AAGjggMbMIIDFzAdBgNVHQ4EFgQUHei1lrXmKWSqxrfpXbs0N0S4I8AwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMjk4MDIucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwggEvBggrBgEFBQcBBwEB/wSCAR4wggEaMIHpBAIAATCB
4gMEAFIVQwMEAFIVSgMEAFIVXQMEAFIVZwMEAFIVbgMEAFIVcQMEAFIVdwMEAFIV
egMEAFIVfAMEAFIVhDAMAwQAUhWLAwQAUhWMAwQAUhWPAwQAUhWUAwQAUhWYAwQA
UhWbAwQAUhWdAwQAUhWjMAwDBAJSGFwDBAJSGGADBAJSGHQDBARSGIAwDAMEAlIY
lAMEAlIYqAMEAlIYsAMEAlIYxDAMAwQBUhmSAwQFUhmAMAwDBAFSGaIDBAFSGawD
BAJSGbADBAFSGbYDBAFSGbwDBABSGkIDBABSGngDBARSGrAwLAQCAAIwJgMHACoT
lQAAAzASAwcBKhOVAAAGAwcAKhOVAAAQAwcCKhOVAAAcMA0GCSqGSIb3DQEBCwUA
A4IBAQCTw0CC4HyrWWCWm9mXeEuzmqp0vvwaUGNqY9zwSz1gyU7lcSjAsy8OKCvK
EZybeEbFAom1TuGndytovZjVNSP92TRaUXOW+fKOzKz+53TFUtMjC8ZsaZsAiBPO
hRQAJ5sIVdUkzASuwpwncP24jpzFQ+oBQ0qqDr8aX6auTZ6pOix8/MwOWIbWOM7v
79c2XBp96hvr1m8HZK8kSR47vv+qs5nJ+iBnm8BWgoIIholGT5YMptB3K819XHV8
MfeMpLU+jbjacu3loKhyJ8fi3m5Aa0crckynJyXgSM+3NQ080H+gQ1vviSaVKoY1
DkHCEGzbbiik0EPqQ19fwzk7OS6d
-----END CERTIFICATE-----
Generated at Sat Aug 23 22:43:39 2025 by rpki-client