Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS29802.roa
File: AS29802.roa (raw, json)
Hash identifier: eNElZRLOfj3RGAFj9Jedg3lCVjRs59Oz3mqoilNyy3o=
Subject key identifier: 2E:A0:89:3C:22:71:9E:89:62:7F:01:C4:52:86:C4:7B:F3:8D:1A:2E
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 503F9DCB86B81EA1637ACA025E0E1D2BB7DC67D0
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS29802.roa
Signing time: Tue 10 Jun 2025 00:02:04 +0000
ROA not before: Mon 09 Jun 2025 23:57:04 +0000
ROA not after: Tue 09 Jun 2026 00:02:04 +0000
asID: 29802
IP address blocks: 82.21.67.0/24 maxlen: 24
82.21.74.0/24 maxlen: 24
82.21.93.0/24 maxlen: 24
82.21.103.0/24 maxlen: 24
82.21.110.0/24 maxlen: 24
82.21.113.0/24 maxlen: 24
82.21.119.0/24 maxlen: 24
82.21.122.0/24 maxlen: 24
82.21.124.0/24 maxlen: 24
82.21.132.0/24 maxlen: 24
82.21.139.0/24 maxlen: 24
82.21.140.0/24 maxlen: 24
82.21.143.0/24 maxlen: 24
82.21.148.0/24 maxlen: 24
82.21.152.0/24 maxlen: 24
82.21.155.0/24 maxlen: 24
82.21.157.0/24 maxlen: 24
82.21.163.0/24 maxlen: 24
82.21.188.0/24 maxlen: 24
82.24.92.0/22 maxlen: 24
82.24.96.0/22 maxlen: 24
82.24.116.0/22 maxlen: 24
82.24.128.0/22 maxlen: 24
82.24.132.0/22 maxlen: 24
82.24.136.0/22 maxlen: 24
82.24.140.0/22 maxlen: 24
82.24.148.0/22 maxlen: 24
82.24.152.0/22 maxlen: 24
82.24.156.0/22 maxlen: 24
82.24.160.0/22 maxlen: 24
82.24.164.0/22 maxlen: 24
82.24.168.0/22 maxlen: 24
82.24.176.0/22 maxlen: 24
82.24.196.0/22 maxlen: 24
82.25.146.0/23 maxlen: 24
82.25.148.0/23 maxlen: 24
82.25.150.0/23 maxlen: 24
82.25.152.0/23 maxlen: 24
82.25.154.0/23 maxlen: 24
82.25.156.0/23 maxlen: 24
82.25.158.0/23 maxlen: 24
82.25.162.0/23 maxlen: 24
82.25.164.0/23 maxlen: 24
82.25.166.0/23 maxlen: 24
82.25.168.0/23 maxlen: 24
82.25.170.0/23 maxlen: 24
82.25.172.0/23 maxlen: 24
82.25.176.0/23 maxlen: 24
82.25.178.0/23 maxlen: 24
82.25.182.0/23 maxlen: 24
82.25.188.0/23 maxlen: 24
82.26.66.0/24 maxlen: 24
82.26.120.0/24 maxlen: 24
82.26.176.0/21 maxlen: 24
82.26.184.0/21 maxlen: 24
2a13:9500:3::/48 maxlen: 48
2a13:9500:6::/48 maxlen: 48
2a13:9500:7::/48 maxlen: 48
2a13:9500:8::/48 maxlen: 48
2a13:9500:9::/48 maxlen: 48
2a13:9500:a::/48 maxlen: 48
2a13:9500:b::/48 maxlen: 48
2a13:9500:c::/48 maxlen: 48
2a13:9500:d::/48 maxlen: 48
2a13:9500:e::/48 maxlen: 48
2a13:9500:f::/48 maxlen: 48
2a13:9500:10::/48 maxlen: 48
2a13:9500:1c::/48 maxlen: 48
2a13:9500:1d::/48 maxlen: 48
2a13:9500:1e::/48 maxlen: 48
2a13:9500:1f::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
50:3f:9d:cb:86:b8:1e:a1:63:7a:ca:02:5e:0e:1d:2b:b7:dc:67:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Jun 9 23:57:04 2025 GMT
Not After : Jun 9 00:02:04 2026 GMT
Subject: CN=2EA0893C22719E89627F01C45286C47BF38D1A2E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:d4:4a:85:5a:77:f2:4f:25:2b:83:bd:85:4c:
8c:da:11:a9:67:bd:8f:c4:c3:02:53:4b:c9:ac:70:
7a:fa:76:d9:bc:ce:a8:19:af:27:db:11:a1:d0:04:
90:67:b1:a7:a1:79:b8:30:b1:f8:dd:5f:65:09:34:
b6:86:f3:68:5b:d8:7a:dd:4a:b3:6f:1c:6a:74:f8:
24:6a:a1:d5:da:2e:b2:f5:ef:8e:39:19:b2:07:d3:
1f:0a:6b:38:5a:51:00:1b:4a:17:3f:6f:02:53:8b:
46:1f:5e:9e:16:af:2a:84:d8:71:24:8e:7d:cb:8b:
01:e0:6d:db:12:c3:e0:c2:78:39:a9:76:6b:22:82:
31:7d:5f:43:39:b6:8f:3e:38:9b:53:6d:3e:f6:d8:
53:5e:35:44:f9:b9:dd:84:88:b1:f2:1d:1d:9b:23:
67:da:2b:93:7c:7a:b3:92:60:ff:49:0a:ef:93:f4:
48:72:b5:d3:87:1b:0d:a2:46:68:f7:76:cd:af:57:
72:63:b0:25:6f:0e:f0:fe:16:09:02:bb:f8:38:ba:
16:71:7c:b7:eb:bc:ff:f7:aa:78:56:a8:af:64:5f:
e8:53:79:d1:69:ab:55:ef:f5:55:05:6b:75:a5:b4:
e4:ae:71:74:99:66:93:ea:5a:91:9c:df:37:cb:23:
6e:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:A0:89:3C:22:71:9E:89:62:7F:01:C4:52:86:C4:7B:F3:8D:1A:2E
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS29802.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.67.0/24
82.21.74.0/24
82.21.93.0/24
82.21.103.0/24
82.21.110.0/24
82.21.113.0/24
82.21.119.0/24
82.21.122.0/24
82.21.124.0/24
82.21.132.0/24
82.21.139.0-82.21.140.255
82.21.143.0/24
82.21.148.0/24
82.21.152.0/24
82.21.155.0/24
82.21.157.0/24
82.21.163.0/24
82.21.188.0/24
82.24.92.0-82.24.99.255
82.24.116.0/22
82.24.128.0/20
82.24.148.0-82.24.171.255
82.24.176.0/22
82.24.196.0/22
82.25.146.0-82.25.159.255
82.25.162.0-82.25.173.255
82.25.176.0/22
82.25.182.0/23
82.25.188.0/23
82.26.66.0/24
82.26.120.0/24
82.26.176.0/20
IPv6:
2a13:9500:3::/48
2a13:9500:6::-2a13:9500:10:ffff:ffff:ffff:ffff:ffff
2a13:9500:1c::/46
Signature Algorithm: sha256WithRSAEncryption
a5:4d:54:23:85:b4:6c:de:fa:10:b0:09:04:02:2f:6c:86:4c:
87:74:d2:c6:c8:06:28:0c:84:78:8b:01:1b:e5:25:e5:50:dd:
91:76:e6:aa:45:03:32:1f:15:ae:40:73:e0:14:f6:90:5e:08:
79:97:84:f1:4e:24:e0:93:c7:b7:a2:ab:80:04:6f:f7:bd:ca:
e9:dd:ae:a6:34:b6:fa:11:b5:9e:8e:91:17:45:ae:13:9a:1d:
f0:cd:72:50:f9:c0:60:d1:33:3c:62:b2:94:d1:0f:84:b2:38:
92:fd:b7:05:db:28:82:7f:f0:b9:5e:b9:f7:eb:6d:d9:26:81:
7a:d5:03:bb:51:af:c0:aa:08:df:29:11:6f:e2:2e:93:8f:f2:
6a:b2:e9:6d:fe:79:a9:91:a9:f9:8e:13:75:1b:e8:a6:0a:9d:
f7:6d:83:07:c3:25:0a:2e:35:18:6d:75:7a:85:8f:cb:d6:59:
78:30:f7:1c:77:56:96:44:46:7d:6c:77:46:86:99:4e:3e:89:
e2:bb:df:d9:c2:fa:c3:13:eb:01:c0:ea:c9:c0:dd:13:bc:82:
5c:34:30:db:b6:3d:0e:fe:43:e9:5e:9b:bb:bc:30:6e:5e:54:
64:0d:b2:51:b6:86:b1:21:af:f7:60:fb:25:c2:38:1b:f9:ad:
30:31:bd:6c
-----BEGIN CERTIFICATE-----
MIIGFzCCBP+gAwIBAgIUUD+dy4a4HqFjesoCXg4dK7fcZ9AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTA2MDkyMzU3MDRaFw0yNjA2MDkwMDAyMDRaMDMxMTAvBgNV
BAMTKDJFQTA4OTNDMjI3MTlFODk2MjdGMDFDNDUyODZDNDdCRjM4RDFBMkUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDq1EqFWnfyTyUrg72FTIzaEaln
vY/EwwJTS8mscHr6dtm8zqgZryfbEaHQBJBnsaehebgwsfjdX2UJNLaG82hb2Hrd
SrNvHGp0+CRqodXaLrL17445GbIH0x8KazhaUQAbShc/bwJTi0YfXp4WryqE2HEk
jn3LiwHgbdsSw+DCeDmpdmsigjF9X0M5to8+OJtTbT722FNeNUT5ud2EiLHyHR2b
I2faK5N8erOSYP9JCu+T9EhytdOHGw2iRmj3ds2vV3JjsCVvDvD+FgkCu/g4uhZx
fLfrvP/3qnhWqK9kX+hTedFpq1Xv9VUFa3WltOSucXSZZpPqWpGc3zfLI27vAgMB
AAGjggMhMIIDHTAdBgNVHQ4EFgQULqCJPCJxnolifwHEUobEe/ONGi4wHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMjk4MDIucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwggE1BggrBgEFBQcBBwEB/wSCASQwggEgMIHvBAIAATCB
6AMEAFIVQwMEAFIVSgMEAFIVXQMEAFIVZwMEAFIVbgMEAFIVcQMEAFIVdwMEAFIV
egMEAFIVfAMEAFIVhDAMAwQAUhWLAwQAUhWMAwQAUhWPAwQAUhWUAwQAUhWYAwQA
UhWbAwQAUhWdAwQAUhWjAwQAUhW8MAwDBAJSGFwDBAJSGGADBAJSGHQDBARSGIAw
DAMEAlIYlAMEAlIYqAMEAlIYsAMEAlIYxDAMAwQBUhmSAwQFUhmAMAwDBAFSGaID
BAFSGawDBAJSGbADBAFSGbYDBAFSGbwDBABSGkIDBABSGngDBARSGrAwLAQCAAIw
JgMHACoTlQAAAzASAwcBKhOVAAAGAwcAKhOVAAAQAwcCKhOVAAAcMA0GCSqGSIb3
DQEBCwUAA4IBAQClTVQjhbRs3voQsAkEAi9shkyHdNLGyAYoDIR4iwEb5SXlUN2R
duaqRQMyHxWuQHPgFPaQXgh5l4TxTiTgk8e3oquABG/3vcrp3a6mNLb6EbWejpEX
Ra4Tmh3wzXJQ+cBg0TM8YrKU0Q+EsjiS/bcF2yiCf/C5Xrn3623ZJoF61QO7Ua/A
qgjfKRFv4i6Tj/Jqsult/nmpkan5jhN1G+imCp33bYMHwyUKLjUYbXV6hY/L1ll4
MPccd1aWREZ9bHdGhplOPoniu9/ZwvrDE+sBwOrJwN0TvIJcNDDbtj0O/kPpXpu7
vDBuXlRkDbJRtoaxIa/3YPslwjgb+a0wMb1s
-----END CERTIFICATE-----
Generated at Sat Jun 14 10:56:58 2025 by rpki-client