Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS7029.roa
File: AS7029.roa (raw, json)
Hash identifier: VX3kapj1KPt6s9xVMWivyozNmMnNzoqVyTvzvzZJcGw=
Subject key identifier: 83:D4:6A:38:E4:C8:1A:66:E4:42:D4:1B:56:D7:57:B2:50:8D:53:BE
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 164B63A0519AC39FFF81533D58CE52060A53F195
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS7029.roa
Signing time: Wed 30 Apr 2025 18:44:03 +0000
ROA not before: Wed 30 Apr 2025 18:39:03 +0000
ROA not after: Wed 29 Apr 2026 18:44:03 +0000
asID: 7029
IP address blocks: 82.21.1.0/24 maxlen: 24
82.21.3.0/24 maxlen: 24
82.21.4.0/24 maxlen: 24
82.21.5.0/24 maxlen: 24
82.21.104.0/22 maxlen: 24
82.22.128.0/21 maxlen: 24
82.22.148.0/22 maxlen: 24
82.22.152.0/22 maxlen: 24
82.23.140.0/23 maxlen: 24
82.23.162.0/23 maxlen: 24
82.24.0.0/22 maxlen: 24
82.24.106.0/24 maxlen: 24
82.24.107.0/24 maxlen: 24
82.24.110.0/24 maxlen: 24
82.24.111.0/24 maxlen: 24
82.24.112.0/24 maxlen: 24
82.24.113.0/24 maxlen: 24
82.24.120.0/24 maxlen: 24
82.24.123.0/24 maxlen: 24
82.25.0.0/22 maxlen: 24
82.25.10.0/24 maxlen: 24
82.25.11.0/24 maxlen: 24
82.25.12.0/24 maxlen: 24
82.25.13.0/24 maxlen: 24
82.27.48.0/20 maxlen: 24
82.27.136.0/21 maxlen: 24
82.27.168.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 07 May 2025 04:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
16:4b:63:a0:51:9a:c3:9f:ff:81:53:3d:58:ce:52:06:0a:53:f1:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Apr 30 18:39:03 2025 GMT
Not After : Apr 29 18:44:03 2026 GMT
Subject: CN=83D46A38E4C81A66E442D41B56D757B2508D53BE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:15:37:fb:0d:c7:9c:23:6f:1d:30:26:50:48:
07:65:99:8a:92:b8:a8:2b:59:83:d4:c0:2b:51:76:
ce:2a:60:1f:c1:31:b1:5d:50:1a:39:12:90:33:34:
21:25:a4:d1:e1:b2:ad:27:7d:17:84:7a:66:8b:43:
97:b9:3f:92:2f:83:5d:0b:cc:94:f7:83:ee:68:8d:
a7:3a:41:19:3f:70:33:79:ae:7e:4a:58:aa:15:99:
22:4d:40:83:1f:94:54:f7:6a:a1:04:b0:16:82:c7:
b3:92:24:e3:98:27:bb:58:ea:97:bf:a8:d0:1d:b9:
d2:76:ce:23:ea:d7:34:ab:bf:a8:1a:bb:e1:e9:20:
5e:4e:43:a8:b8:e7:f2:c9:1c:06:c7:63:0e:cb:0a:
4b:ab:0f:b3:7b:8a:72:07:44:6d:4a:94:3c:dd:45:
93:74:7c:40:47:85:73:e6:77:76:75:6a:3c:e5:55:
68:d2:be:62:b7:02:b8:fc:86:a7:f8:be:91:30:4d:
71:ec:ee:85:ca:55:9b:0b:8a:93:9e:4c:7a:11:6a:
1b:80:99:f5:d2:30:57:4b:e3:37:bf:a1:95:9c:d2:
0c:09:49:b9:16:43:16:27:12:ac:f6:a4:85:37:79:
dd:86:04:d2:83:b1:3b:2e:be:77:07:8c:9a:67:95:
2c:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:D4:6A:38:E4:C8:1A:66:E4:42:D4:1B:56:D7:57:B2:50:8D:53:BE
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS7029.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.1.0/24
82.21.3.0-82.21.5.255
82.21.104.0/22
82.22.128.0/21
82.22.148.0-82.22.155.255
82.23.140.0/23
82.23.162.0/23
82.24.0.0/22
82.24.106.0/23
82.24.110.0-82.24.113.255
82.24.120.0/24
82.24.123.0/24
82.25.0.0/22
82.25.10.0-82.25.13.255
82.27.48.0/20
82.27.136.0/21
82.27.168.0/21
Signature Algorithm: sha256WithRSAEncryption
31:84:0e:db:72:6e:ba:89:79:b0:f8:c8:20:52:45:53:ce:f7:
f9:87:d8:73:60:a9:80:fd:22:5c:3d:77:1c:ed:03:d8:07:b2:
45:49:b1:d4:77:34:fe:cc:ac:39:3b:a5:5b:1b:07:c5:f0:35:
d5:f8:d4:03:84:07:61:74:ca:b8:50:54:04:4f:ad:44:70:7b:
e9:25:4a:0b:88:b9:a4:41:ef:65:d2:fb:ab:68:d0:f4:0b:94:
18:e5:2c:62:b5:07:3e:e5:ba:c6:8e:7e:7e:9f:f0:36:3a:f2:
98:78:91:ed:ce:0e:41:f9:cc:af:23:74:69:0c:65:ee:b9:39:
bd:7a:ef:92:11:13:54:fe:8a:16:64:9e:39:10:a0:2e:6c:f5:
b7:14:ed:b9:27:f7:2e:6f:4b:78:85:38:20:19:93:4e:6f:2c:
ba:93:fd:82:4a:e7:a4:83:db:32:97:73:cd:8a:bd:a7:ee:62:
62:14:39:5f:c4:d7:1d:69:c8:e4:a0:fa:e0:7f:ab:42:f2:3a:
db:97:38:15:a3:33:88:4c:14:24:f0:b3:0f:77:03:4d:8b:4f:
af:75:c0:f3:bc:03:2d:3b:f7:5d:61:19:53:7e:73:ea:65:8d:
f0:8a:4b:0f:87:d3:fb:cb:9e:54:f8:dc:5b:ec:e4:e8:09:bf:
97:b2:00:f9
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgIUFktjoFGaw5//gVM9WM5SBgpT8ZUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTA0MzAxODM5MDNaFw0yNjA0MjkxODQ0MDNaMDMxMTAvBgNV
BAMTKDgzRDQ2QTM4RTRDODFBNjZFNDQyRDQxQjU2RDc1N0IyNTA4RDUzQkUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCxFTf7DcecI28dMCZQSAdlmYqS
uKgrWYPUwCtRds4qYB/BMbFdUBo5EpAzNCElpNHhsq0nfReEemaLQ5e5P5Ivg10L
zJT3g+5ojac6QRk/cDN5rn5KWKoVmSJNQIMflFT3aqEEsBaCx7OSJOOYJ7tY6pe/
qNAdudJ2ziPq1zSrv6gau+HpIF5OQ6i45/LJHAbHYw7LCkurD7N7inIHRG1KlDzd
RZN0fEBHhXPmd3Z1ajzlVWjSvmK3Arj8hqf4vpEwTXHs7oXKVZsLipOeTHoRahuA
mfXSMFdL4ze/oZWc0gwJSbkWQxYnEqz2pIU3ed2GBNKDsTsuvncHjJpnlSzbAgMB
AAGjggKNMIICiTAdBgNVHQ4EFgQUg9RqOOTIGmbkQtQbVtdXslCNU74wHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTNzAyOS5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCBowYIKwYBBQUHAQcBAf8EgZMwgZAwgY0EAgABMIGGAwQA
UhUBMAwDBABSFQMDBAFSFQQDBAJSFWgDBANSFoAwDAMEAlIWlAMEAlIWmAMEAVIX
jAMEAVIXogMEAlIYAAMEAVIYajAMAwQBUhhuAwQBUhhwAwQAUhh4AwQAUhh7AwQC
UhkAMAwDBAFSGQoDBAFSGQwDBARSGzADBANSG4gDBANSG6gwDQYJKoZIhvcNAQEL
BQADggEBADGEDttybrqJebD4yCBSRVPO9/mH2HNgqYD9Ilw9dxztA9gHskVJsdR3
NP7MrDk7pVsbB8XwNdX41AOEB2F0yrhQVARPrURwe+klSguIuaRB72XS+6to0PQL
lBjlLGK1Bz7lusaOfn6f8DY68ph4ke3ODkH5zK8jdGkMZe65Ob1675IRE1T+ihZk
njkQoC5s9bcU7bkn9y5vS3iFOCAZk05vLLqT/YJK56SD2zKXc82KvafuYmIUOV/E
1x1pyOSg+uB/q0LyOtuXOBWjM4hMFCTwsw93A02LT691wPO8Ay07911hGVN+c+pl
jfCKSw+H0/vLnlT43Fvs5OgJv5eyAPk=
-----END CERTIFICATE-----
Generated at Tue May 6 13:40:45 2025 by rpki-client