Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS7029.roa
File: AS7029.roa (raw, json)
Hash identifier: jXrdUfiQupbFsHgU5oFXJqVM3u6qQWeG8cSD+gp6FGY=
Subject key identifier: 9F:30:C4:E0:75:20:C3:DA:73:42:1B:6F:2F:46:9C:43:E3:EF:E4:DE
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 17A9122AAC5BC40E9FD8AD40FD2756EEB742BFED
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS7029.roa
Signing time: Mon 18 Aug 2025 19:04:16 +0000
ROA not before: Mon 18 Aug 2025 18:59:16 +0000
ROA not after: Mon 17 Aug 2026 19:04:16 +0000
asID: 7029
IP address blocks: 82.21.1.0/24 maxlen: 24
82.21.3.0/24 maxlen: 24
82.21.4.0/24 maxlen: 24
82.21.5.0/24 maxlen: 24
82.21.104.0/22 maxlen: 24
82.21.138.0/24 maxlen: 24
82.22.128.0/21 maxlen: 24
82.22.148.0/22 maxlen: 24
82.22.152.0/22 maxlen: 24
82.22.190.0/24 maxlen: 24
82.23.140.0/23 maxlen: 24
82.23.162.0/23 maxlen: 24
82.24.0.0/22 maxlen: 24
82.24.31.0/24 maxlen: 24
82.24.106.0/24 maxlen: 24
82.24.107.0/24 maxlen: 24
82.24.110.0/24 maxlen: 24
82.24.111.0/24 maxlen: 24
82.24.112.0/23 maxlen: 24
82.25.0.0/22 maxlen: 24
82.25.10.0/24 maxlen: 24
82.25.11.0/24 maxlen: 24
82.25.12.0/24 maxlen: 24
82.25.13.0/24 maxlen: 24
82.26.174.0/24 maxlen: 24
82.27.48.0/20 maxlen: 24
82.27.136.0/21 maxlen: 24
82.27.168.0/21 maxlen: 24
82.29.30.0/23 maxlen: 24
82.29.144.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 14:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
17:a9:12:2a:ac:5b:c4:0e:9f:d8:ad:40:fd:27:56:ee:b7:42:bf:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Aug 18 18:59:16 2025 GMT
Not After : Aug 17 19:04:16 2026 GMT
Subject: CN=9F30C4E07520C3DA73421B6F2F469C43E3EFE4DE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:55:04:93:68:5c:ee:9a:3a:2b:ff:2f:b2:a9:
53:c2:11:f5:a0:e4:4c:db:86:71:c5:dd:79:d5:1a:
b5:62:8b:51:6c:57:0a:0c:63:ff:7e:6e:32:e2:11:
5f:89:28:77:dc:f7:9f:1f:11:71:f2:be:35:35:5c:
0a:ee:90:e9:29:b8:1b:25:a2:ef:40:87:90:d1:29:
43:97:27:5c:b2:53:98:8c:ef:40:35:b7:94:75:73:
a6:ab:bc:89:55:4e:a0:27:c8:d7:bf:65:9d:9a:6c:
fc:bb:0d:d0:e5:f6:03:e8:ff:bf:c1:e9:bd:78:1b:
b7:4f:4e:13:07:88:6e:eb:12:02:7a:de:d6:bb:e1:
29:c2:b1:9a:e3:dd:2d:a7:29:3c:e0:5b:b8:b8:d1:
a9:16:9a:b2:89:17:93:69:86:12:2d:1e:b5:fe:33:
62:7f:3d:34:5f:1b:2c:bd:85:48:b9:07:9e:03:1e:
5b:e5:7d:04:42:c5:da:93:c9:1c:23:c0:f8:a6:25:
7f:63:67:db:46:2d:f1:7c:4c:88:39:ac:e5:a8:3b:
3b:75:50:c2:9d:d4:34:ae:82:2d:b7:5d:80:d2:37:
e4:6d:6e:e7:fa:a3:42:66:a1:d5:fc:da:d5:74:fb:
46:8e:d2:a6:fb:7e:00:30:11:07:45:33:28:19:b1:
c5:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:30:C4:E0:75:20:C3:DA:73:42:1B:6F:2F:46:9C:43:E3:EF:E4:DE
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS7029.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.1.0/24
82.21.3.0-82.21.5.255
82.21.104.0/22
82.21.138.0/24
82.22.128.0/21
82.22.148.0-82.22.155.255
82.22.190.0/24
82.23.140.0/23
82.23.162.0/23
82.24.0.0/22
82.24.31.0/24
82.24.106.0/23
82.24.110.0-82.24.113.255
82.25.0.0/22
82.25.10.0-82.25.13.255
82.26.174.0/24
82.27.48.0/20
82.27.136.0/21
82.27.168.0/21
82.29.30.0/23
82.29.144.0/22
Signature Algorithm: sha256WithRSAEncryption
06:55:00:46:86:cd:b2:6c:05:f9:aa:c3:a4:73:0c:b1:07:35:
44:3e:1e:e5:a2:e0:5f:84:73:fd:b2:10:a6:b9:37:74:05:42:
a2:e8:ab:a3:72:e2:2a:9f:8b:29:f3:8c:d9:89:3b:55:04:38:
13:62:93:af:55:e9:a6:86:77:5d:3f:aa:58:6f:53:bb:97:47:
5a:88:61:21:34:09:5c:93:9c:61:58:8c:18:2f:0b:74:e8:f4:
a7:ee:96:23:7d:c0:84:a0:bb:fa:42:71:3c:55:1d:6c:ab:3f:
3d:33:f3:58:26:3d:30:ac:1f:f1:26:ac:ed:fc:8d:c8:19:24:
f2:b9:c7:b5:47:89:e9:be:18:fc:05:c5:2b:19:a3:e5:f3:bc:
90:f4:44:36:fe:a8:10:f0:b6:49:df:6b:a0:bd:c4:58:30:71:
cc:6c:26:bc:2e:41:d4:72:24:9c:09:21:70:1d:ce:6f:a7:94:
3d:09:39:3a:7d:70:ed:b2:30:c3:f4:fc:7e:4b:b1:81:83:71:
b3:68:d9:ad:42:d7:ed:93:d0:9e:b5:3a:06:70:88:87:48:a9:
0f:94:ea:7a:c8:f4:64:99:31:74:2d:d6:7b:7a:85:75:f3:4f:
12:89:6a:70:94:5d:80:80:d3:cc:9f:c7:18:8d:ca:27:04:2a:
e9:c9:3f:45
-----BEGIN CERTIFICATE-----
MIIFmzCCBIOgAwIBAgIUF6kSKqxbxA6f2K1A/SdW7rdCv+0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTA4MTgxODU5MTZaFw0yNjA4MTcxOTA0MTZaMDMxMTAvBgNV
BAMTKDlGMzBDNEUwNzUyMEMzREE3MzQyMUI2RjJGNDY5QzQzRTNFRkU0REUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCzVQSTaFzumjor/y+yqVPCEfWg
5EzbhnHF3XnVGrVii1FsVwoMY/9+bjLiEV+JKHfc958fEXHyvjU1XArukOkpuBsl
ou9Ah5DRKUOXJ1yyU5iM70A1t5R1c6arvIlVTqAnyNe/ZZ2abPy7DdDl9gPo/7/B
6b14G7dPThMHiG7rEgJ63ta74SnCsZrj3S2nKTzgW7i40akWmrKJF5NphhItHrX+
M2J/PTRfGyy9hUi5B54DHlvlfQRCxdqTyRwjwPimJX9jZ9tGLfF8TIg5rOWoOzt1
UMKd1DSugi23XYDSN+Rtbuf6o0JmodX82tV0+0aO0qb7fgAwEQdFMygZscUbAgMB
AAGjggKlMIICoTAdBgNVHQ4EFgQUnzDE4HUgw9pzQhtvL0acQ+Pv5N4wHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTNzAyOS5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCBuwYIKwYBBQUHAQcBAf8EgaswgagwgaUEAgABMIGeAwQA
UhUBMAwDBABSFQMDBAFSFQQDBAJSFWgDBABSFYoDBANSFoAwDAMEAlIWlAMEAlIW
mAMEAFIWvgMEAVIXjAMEAVIXogMEAlIYAAMEAFIYHwMEAVIYajAMAwQBUhhuAwQB
UhhwAwQCUhkAMAwDBAFSGQoDBAFSGQwDBABSGq4DBARSGzADBANSG4gDBANSG6gD
BAFSHR4DBAJSHZAwDQYJKoZIhvcNAQELBQADggEBAAZVAEaGzbJsBfmqw6RzDLEH
NUQ+HuWi4F+Ec/2yEKa5N3QFQqLoq6Ny4iqfiynzjNmJO1UEOBNik69V6aaGd10/
qlhvU7uXR1qIYSE0CVyTnGFYjBgvC3To9KfuliN9wISgu/pCcTxVHWyrPz0z81gm
PTCsH/EmrO38jcgZJPK5x7VHiem+GPwFxSsZo+XzvJD0RDb+qBDwtknfa6C9xFgw
ccxsJrwuQdRyJJwJIXAdzm+nlD0JOTp9cO2yMMP0/H5LsYGDcbNo2a1C1+2T0J61
OgZwiIdIqQ+U6nrI9GSZMXQt1nt6hXXzTxKJanCUXYCA08yfxxiNyicEKunJP0U=
-----END CERTIFICATE-----
Generated at Sun Aug 24 00:22:51 2025 by rpki-client