Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS7029.roa
File: AS7029.roa (raw, json)
Hash identifier: H2qKyRCuaG1IF5isoWDtSNg+Ggw/s1OCwc1j5PtaCsU=
Subject key identifier: 86:22:34:61:B6:65:9C:BF:66:6A:93:CC:6B:E8:0E:47:9B:67:0E:94
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 1736118E8973832B467DA9143FD85381163F1D6A
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS7029.roa
Signing time: Tue 17 Jun 2025 21:14:07 +0000
ROA not before: Tue 17 Jun 2025 21:09:07 +0000
ROA not after: Tue 16 Jun 2026 21:14:07 +0000
asID: 7029
IP address blocks: 82.21.1.0/24 maxlen: 24
82.21.3.0/24 maxlen: 24
82.21.4.0/24 maxlen: 24
82.21.5.0/24 maxlen: 24
82.21.104.0/22 maxlen: 24
82.21.138.0/24 maxlen: 24
82.22.128.0/21 maxlen: 24
82.22.148.0/22 maxlen: 24
82.22.152.0/22 maxlen: 24
82.22.190.0/24 maxlen: 24
82.23.140.0/23 maxlen: 24
82.23.162.0/23 maxlen: 24
82.24.0.0/22 maxlen: 24
82.24.31.0/24 maxlen: 24
82.24.106.0/24 maxlen: 24
82.24.107.0/24 maxlen: 24
82.24.110.0/24 maxlen: 24
82.24.111.0/24 maxlen: 24
82.24.112.0/24 maxlen: 24
82.24.113.0/24 maxlen: 24
82.24.120.0/24 maxlen: 24
82.24.123.0/24 maxlen: 24
82.25.0.0/22 maxlen: 24
82.25.10.0/24 maxlen: 24
82.25.11.0/24 maxlen: 24
82.25.12.0/24 maxlen: 24
82.25.13.0/24 maxlen: 24
82.26.174.0/24 maxlen: 24
82.27.48.0/20 maxlen: 24
82.27.136.0/21 maxlen: 24
82.27.168.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 11:27:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
17:36:11:8e:89:73:83:2b:46:7d:a9:14:3f:d8:53:81:16:3f:1d:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Jun 17 21:09:07 2025 GMT
Not After : Jun 16 21:14:07 2026 GMT
Subject: CN=86223461B6659CBF666A93CC6BE80E479B670E94
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f7:45:bd:75:3e:cb:be:3b:4f:f3:f9:4d:a5:5e:
ab:5d:fb:98:e9:07:c4:33:90:1b:e9:85:22:01:36:
ea:42:7a:ae:cd:c4:7f:09:db:fc:bc:31:07:39:58:
9e:bb:00:05:c4:05:9d:eb:d0:f4:69:0d:9b:a3:61:
ae:6c:83:f9:9e:a6:aa:45:18:42:a6:69:dc:be:d4:
33:55:37:a2:66:82:dd:2f:90:cb:6a:87:1f:6c:bc:
d1:52:e7:77:bb:fa:c9:d9:a2:25:8c:32:2c:b4:9f:
fe:38:bb:6b:00:41:3e:ae:62:45:87:f7:f5:e4:1b:
37:4e:be:41:0a:c5:0e:84:94:df:c7:ac:2c:59:c1:
6e:df:3d:f2:d5:df:25:70:5b:73:c5:d6:bf:b2:25:
f2:47:d5:c4:af:b7:bf:38:90:51:a3:14:88:fe:18:
f7:fe:f3:33:f8:83:33:7d:18:7e:aa:43:24:43:df:
61:fc:b6:75:54:cf:55:91:91:c7:74:c1:fd:4d:ca:
4e:ee:14:57:37:55:36:d7:81:b0:e4:b7:a4:57:7c:
f2:90:82:75:91:ae:8a:2a:01:4d:e3:13:ff:32:9a:
60:c9:d5:8a:ab:98:8f:ed:d9:a7:4a:d0:b2:6f:3d:
c2:9a:ee:f2:6c:b1:9b:59:b4:0c:11:2c:d5:4c:59:
cf:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:22:34:61:B6:65:9C:BF:66:6A:93:CC:6B:E8:0E:47:9B:67:0E:94
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS7029.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.1.0/24
82.21.3.0-82.21.5.255
82.21.104.0/22
82.21.138.0/24
82.22.128.0/21
82.22.148.0-82.22.155.255
82.22.190.0/24
82.23.140.0/23
82.23.162.0/23
82.24.0.0/22
82.24.31.0/24
82.24.106.0/23
82.24.110.0-82.24.113.255
82.24.120.0/24
82.24.123.0/24
82.25.0.0/22
82.25.10.0-82.25.13.255
82.26.174.0/24
82.27.48.0/20
82.27.136.0/21
82.27.168.0/21
Signature Algorithm: sha256WithRSAEncryption
3a:3f:15:ca:e7:d6:95:55:52:67:45:da:09:08:28:a6:3f:c6:
49:99:93:bf:40:d5:c2:08:a6:2a:31:6a:b5:65:f0:68:bb:ae:
ca:9a:f4:1e:af:de:88:67:a9:d4:b6:f0:b9:98:2e:54:96:f4:
8f:2e:14:2a:30:5c:01:c8:74:07:72:3f:b6:d0:c1:62:df:a0:
3e:c1:52:06:17:34:1a:3b:bc:2a:36:9b:e1:86:29:a9:e2:91:
14:c8:7f:30:f4:3b:f7:b1:b9:4d:d4:3c:77:e8:fe:ea:d8:96:
34:cc:d6:28:4a:93:d2:05:6f:60:af:14:96:96:61:d2:d1:98:
76:22:2b:84:4f:c6:fe:d7:f8:76:54:cd:69:db:af:a1:e3:44:
db:38:96:90:ed:86:9b:46:87:8c:ff:4c:a7:51:53:80:64:64:
1a:96:94:be:70:5a:29:85:de:0b:f2:5d:d3:49:c5:74:a9:c8:
49:59:a6:92:42:d9:74:ec:79:fe:7a:eb:36:59:95:1f:f7:dc:
3b:0a:68:df:53:b6:75:17:56:67:8b:4e:58:15:16:64:47:a6:
60:5b:f4:10:dd:c9:77:04:2b:c3:78:c1:58:11:d5:21:44:d9:
fc:66:f8:d0:56:5d:1a:ec:3a:19:fc:23:52:fc:49:9e:52:06:
ab:70:66:1e
-----BEGIN CERTIFICATE-----
MIIFmzCCBIOgAwIBAgIUFzYRjolzgytGfakUP9hTgRY/HWowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTA2MTcyMTA5MDdaFw0yNjA2MTYyMTE0MDdaMDMxMTAvBgNV
BAMTKDg2MjIzNDYxQjY2NTlDQkY2NjZBOTNDQzZCRTgwRTQ3OUI2NzBFOTQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQD3Rb11Psu+O0/z+U2lXqtd+5jp
B8QzkBvphSIBNupCeq7NxH8J2/y8MQc5WJ67AAXEBZ3r0PRpDZujYa5sg/mepqpF
GEKmady+1DNVN6Jmgt0vkMtqhx9svNFS53e7+snZoiWMMiy0n/44u2sAQT6uYkWH
9/XkGzdOvkEKxQ6ElN/HrCxZwW7fPfLV3yVwW3PF1r+yJfJH1cSvt784kFGjFIj+
GPf+8zP4gzN9GH6qQyRD32H8tnVUz1WRkcd0wf1Nyk7uFFc3VTbXgbDkt6RXfPKQ
gnWRrooqAU3jE/8ymmDJ1YqrmI/t2adK0LJvPcKa7vJssZtZtAwRLNVMWc/VAgMB
AAGjggKlMIICoTAdBgNVHQ4EFgQUhiI0YbZlnL9mapPMa+gOR5tnDpQwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTNzAyOS5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCBuwYIKwYBBQUHAQcBAf8EgaswgagwgaUEAgABMIGeAwQA
UhUBMAwDBABSFQMDBAFSFQQDBAJSFWgDBABSFYoDBANSFoAwDAMEAlIWlAMEAlIW
mAMEAFIWvgMEAVIXjAMEAVIXogMEAlIYAAMEAFIYHwMEAVIYajAMAwQBUhhuAwQB
UhhwAwQAUhh4AwQAUhh7AwQCUhkAMAwDBAFSGQoDBAFSGQwDBABSGq4DBARSGzAD
BANSG4gDBANSG6gwDQYJKoZIhvcNAQELBQADggEBADo/Fcrn1pVVUmdF2gkIKKY/
xkmZk79A1cIIpioxarVl8Gi7rsqa9B6v3ohnqdS28LmYLlSW9I8uFCowXAHIdAdy
P7bQwWLfoD7BUgYXNBo7vCo2m+GGKanikRTIfzD0O/exuU3UPHfo/urYljTM1ihK
k9IFb2CvFJaWYdLRmHYiK4RPxv7X+HZUzWnbr6HjRNs4lpDthptGh4z/TKdRU4Bk
ZBqWlL5wWimF3gvyXdNJxXSpyElZppJC2XTsef566zZZlR/33DsKaN9TtnUXVmeL
TlgVFmRHpmBb9BDdyXcEK8N4wVgR1SFE2fxm+NBWXRrsOhn8I1L8SZ5SBqtwZh4=
-----END CERTIFICATE-----
Generated at Sat Jun 28 23:49:05 2025 by rpki-client