Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS7029.roa
File: AS7029.roa (raw, json)
Hash identifier: j8WVh71QmiGCrCksci3oJBU7dO8zSHo+OAIRll7DTPo=
Subject key identifier: DB:27:84:51:17:FD:7A:7E:36:36:E4:14:A7:8A:EC:98:17:7B:25:BC
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 6715C7342F8CDE83E9C0FD3AD517F8229134BC8C
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS7029.roa
Signing time: Fri 13 Mar 2026 23:24:24 +0000
ROA not before: Fri 13 Mar 2026 23:19:24 +0000
ROA not after: Fri 12 Mar 2027 23:24:24 +0000
asID: 7029
IP address blocks: 82.21.104.0/22 maxlen: 24
82.22.128.0/21 maxlen: 24
82.22.148.0/22 maxlen: 24
82.22.152.0/22 maxlen: 24
82.23.140.0/23 maxlen: 24
82.23.152.0/21 maxlen: 24
82.24.10.0/23 maxlen: 24
82.24.44.0/23 maxlen: 24
82.24.50.0/23 maxlen: 24
82.24.102.0/23 maxlen: 24
82.24.184.0/22 maxlen: 24
82.24.204.0/23 maxlen: 24
82.25.0.0/22 maxlen: 24
82.25.18.0/23 maxlen: 24
82.25.128.0/22 maxlen: 24
82.25.206.0/23 maxlen: 24
82.26.102.0/23 maxlen: 24
82.27.48.0/20 maxlen: 24
82.27.80.0/21 maxlen: 24
82.27.112.0/22 maxlen: 24
82.27.136.0/21 maxlen: 24
82.27.168.0/21 maxlen: 24
82.27.192.0/22 maxlen: 24
82.29.30.0/23 maxlen: 24
82.29.144.0/22 maxlen: 24
82.38.176.0/22 maxlen: 24
82.38.184.0/22 maxlen: 24
82.38.188.0/22 maxlen: 24
84.75.4.0/22 maxlen: 24
84.75.28.0/22 maxlen: 24
84.75.72.0/22 maxlen: 24
178.83.0.0/22 maxlen: 24
178.83.128.0/22 maxlen: 24
178.83.216.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 15:17:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
67:15:c7:34:2f:8c:de:83:e9:c0:fd:3a:d5:17:f8:22:91:34:bc:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Mar 13 23:19:24 2026 GMT
Not After : Mar 12 23:24:24 2027 GMT
Subject: CN=DB27845117FD7A7E3636E414A78AEC98177B25BC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:9d:91:da:70:3d:ad:7a:9e:02:d8:cb:87:8e:
4a:0b:5d:b7:14:6a:f9:a7:2a:ae:3d:67:56:50:60:
4d:98:43:ee:d5:49:b4:97:0b:0c:2e:2f:89:3b:67:
7b:01:c5:fc:2e:c6:e9:fe:b5:0b:23:bd:7f:43:81:
c9:2c:dd:bf:b4:50:fa:98:21:a8:aa:7b:d9:52:f7:
d6:2f:95:a2:d0:15:0b:ab:0e:b2:2a:9a:1a:fc:6f:
dc:13:9f:76:ac:97:3d:4c:50:60:4a:3b:47:6a:9a:
bf:dc:ff:06:2b:10:4c:af:26:89:f3:98:4a:99:5e:
0f:36:6d:35:3c:dc:8c:63:80:03:06:f7:68:41:9d:
d9:94:97:f4:d7:8b:78:f2:8b:f7:2b:96:d1:93:79:
a6:87:fc:8a:e0:51:99:fe:1d:f9:15:e5:4b:d2:10:
27:d0:a1:79:19:f8:5a:da:95:c0:3c:9c:2b:a5:2d:
cc:7f:2e:86:e0:3b:bb:fc:70:f1:f8:3a:78:da:56:
67:57:df:5c:5b:b0:71:bd:1d:86:6c:bd:91:35:c6:
9c:9c:a6:1f:86:9c:e6:be:e6:af:04:8c:93:65:a3:
6c:fe:b8:4f:09:d0:f0:05:06:00:c0:a0:ee:78:8b:
38:50:e4:dd:fd:3a:e5:2a:09:f7:23:48:52:a1:1c:
7c:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:27:84:51:17:FD:7A:7E:36:36:E4:14:A7:8A:EC:98:17:7B:25:BC
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS7029.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.104.0/22
82.22.128.0/21
82.22.148.0-82.22.155.255
82.23.140.0/23
82.23.152.0/21
82.24.10.0/23
82.24.44.0/23
82.24.50.0/23
82.24.102.0/23
82.24.184.0/22
82.24.204.0/23
82.25.0.0/22
82.25.18.0/23
82.25.128.0/22
82.25.206.0/23
82.26.102.0/23
82.27.48.0/20
82.27.80.0/21
82.27.112.0/22
82.27.136.0/21
82.27.168.0/21
82.27.192.0/22
82.29.30.0/23
82.29.144.0/22
82.38.176.0/22
82.38.184.0/21
84.75.4.0/22
84.75.28.0/22
84.75.72.0/22
178.83.0.0/22
178.83.128.0/22
178.83.216.0/22
Signature Algorithm: sha256WithRSAEncryption
02:ce:47:79:47:b3:06:61:41:95:69:01:6e:d3:a5:e4:97:3e:
56:40:37:df:02:9d:ef:2f:8d:f6:a4:51:7d:4c:68:39:e9:8e:
fd:a9:04:49:5f:cd:5d:5c:be:f1:11:12:ce:c1:bb:cc:09:99:
e3:80:a0:d2:81:f4:69:02:cd:ff:fc:e1:b6:c7:3a:31:b1:8d:
ef:a1:51:2a:fa:1e:38:5d:2b:54:7b:52:3a:46:55:14:ed:3f:
36:00:e4:38:a9:71:86:d6:74:a2:cc:4c:02:5c:f6:c3:44:22:
5f:9f:40:4e:ac:e6:44:55:00:10:1e:eb:c0:8a:54:f7:65:e6:
5c:d1:41:7b:30:df:73:b6:1b:25:04:88:14:a9:59:2c:61:1d:
96:46:ac:bf:5e:fd:f2:1e:bc:1b:62:1b:7c:9d:47:37:2e:43:
0a:c9:5a:9a:9e:73:4e:f9:2d:3a:be:9e:20:9d:af:aa:0d:99:
1d:3c:f3:4e:1f:1a:e0:43:7d:73:e1:8d:ee:40:96:9c:62:49:
a4:69:a5:3e:68:30:a2:68:9f:3c:17:b8:47:2e:55:13:79:4b:
6e:38:f0:a1:28:1a:d8:c4:0c:c9:7a:21:14:fb:fc:1f:b7:80:
5e:5e:37:47:e0:d2:95:3a:c2:1e:e7:84:aa:c4:5d:f1:10:b9:
42:7c:0f:5b
-----BEGIN CERTIFICATE-----
MIIFxTCCBK2gAwIBAgIUZxXHNC+M3oPpwP061Rf4IpE0vIwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjAzMTMyMzE5MjRaFw0yNzAzMTIyMzI0MjRaMDMxMTAvBgNV
BAMTKERCMjc4NDUxMTdGRDdBN0UzNjM2RTQxNEE3OEFFQzk4MTc3QjI1QkMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCrnZHacD2tep4C2MuHjkoLXbcU
avmnKq49Z1ZQYE2YQ+7VSbSXCwwuL4k7Z3sBxfwuxun+tQsjvX9Dgcks3b+0UPqY
Iaiqe9lS99YvlaLQFQurDrIqmhr8b9wTn3aslz1MUGBKO0dqmr/c/wYrEEyvJonz
mEqZXg82bTU83IxjgAMG92hBndmUl/TXi3jyi/crltGTeaaH/IrgUZn+HfkV5UvS
ECfQoXkZ+FralcA8nCulLcx/LobgO7v8cPH4OnjaVmdX31xbsHG9HYZsvZE1xpyc
ph+GnOa+5q8EjJNlo2z+uE8J0PAFBgDAoO54izhQ5N39OuUqCfcjSFKhHHyzAgMB
AAGjggLPMIICyzAdBgNVHQ4EFgQU2yeEURf9en42NuQUp4rsmBd7JbwwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTNzAyOS5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCB5QYIKwYBBQUHAQcBAf8EgdUwgdIwgc8EAgABMIHIAwQC
UhVoAwQDUhaAMAwDBAJSFpQDBAJSFpgDBAFSF4wDBANSF5gDBAFSGAoDBAFSGCwD
BAFSGDIDBAFSGGYDBAJSGLgDBAFSGMwDBAJSGQADBAFSGRIDBAJSGYADBAFSGc4D
BAFSGmYDBARSGzADBANSG1ADBAJSG3ADBANSG4gDBANSG6gDBAJSG8ADBAFSHR4D
BAJSHZADBAJSJrADBANSJrgDBAJUSwQDBAJUSxwDBAJUS0gDBAKyUwADBAKyU4AD
BAKyU9gwDQYJKoZIhvcNAQELBQADggEBAALOR3lHswZhQZVpAW7TpeSXPlZAN98C
ne8vjfakUX1MaDnpjv2pBElfzV1cvvEREs7Bu8wJmeOAoNKB9GkCzf/84bbHOjGx
je+hUSr6HjhdK1R7UjpGVRTtPzYA5DipcYbWdKLMTAJc9sNEIl+fQE6s5kRVABAe
68CKVPdl5lzRQXsw33O2GyUEiBSpWSxhHZZGrL9e/fIevBtiG3ydRzcuQwrJWpqe
c075LTq+niCdr6oNmR08804fGuBDfXPhje5AlpxiSaRppT5oMKJonzwXuEcuVRN5
S2448KEoGtjEDMl6IRT7/B+3gF5eN0fg0pU6wh7nhKrEXfEQuUJ8D1s=
-----END CERTIFICATE-----
Generated at Thu Mar 26 01:34:51 2026 by rpki-client