Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS29802.roa
File: AS29802.roa (raw, json)
Hash identifier: kMF83DDWrRWT/NLOBWrfI/JsiarIzM1QuG6Ie60CCx0=
Subject key identifier: 33:00:FB:74:F0:C1:A9:BA:1E:B6:BB:84:26:81:D7:15:48:BE:EF:EE
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 637963E9CBC800B7B2D2C68EC72952B58B7556D6
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS29802.roa
Signing time: Sat 26 Apr 2025 00:00:19 +0000
ROA not before: Fri 25 Apr 2025 23:55:19 +0000
ROA not after: Sat 25 Apr 2026 00:00:19 +0000
asID: 29802
IP address blocks: 82.21.41.0/24 maxlen: 24
82.21.67.0/24 maxlen: 24
82.21.74.0/24 maxlen: 24
82.21.93.0/24 maxlen: 24
82.21.103.0/24 maxlen: 24
82.21.110.0/24 maxlen: 24
82.21.113.0/24 maxlen: 24
82.21.119.0/24 maxlen: 24
82.21.122.0/24 maxlen: 24
82.21.124.0/24 maxlen: 24
82.21.132.0/24 maxlen: 24
82.21.139.0/24 maxlen: 24
82.21.140.0/24 maxlen: 24
82.21.143.0/24 maxlen: 24
82.21.148.0/24 maxlen: 24
82.21.152.0/24 maxlen: 24
82.21.155.0/24 maxlen: 24
82.21.157.0/24 maxlen: 24
82.21.163.0/24 maxlen: 24
82.21.188.0/24 maxlen: 24
82.24.92.0/22 maxlen: 24
82.24.96.0/22 maxlen: 24
82.24.116.0/22 maxlen: 24
82.24.128.0/22 maxlen: 24
82.24.132.0/22 maxlen: 24
82.24.136.0/22 maxlen: 24
82.24.140.0/22 maxlen: 24
82.24.148.0/22 maxlen: 24
82.24.152.0/22 maxlen: 24
82.24.156.0/22 maxlen: 24
82.24.160.0/22 maxlen: 24
82.24.164.0/22 maxlen: 24
82.24.168.0/22 maxlen: 24
82.24.176.0/22 maxlen: 24
82.24.196.0/22 maxlen: 24
82.25.146.0/23 maxlen: 24
82.25.148.0/23 maxlen: 24
82.25.150.0/23 maxlen: 24
82.25.152.0/23 maxlen: 24
82.25.154.0/23 maxlen: 24
82.25.156.0/23 maxlen: 24
82.25.158.0/23 maxlen: 24
82.25.162.0/23 maxlen: 24
82.25.164.0/23 maxlen: 24
82.25.166.0/23 maxlen: 24
82.25.168.0/23 maxlen: 24
82.25.170.0/23 maxlen: 24
82.25.172.0/23 maxlen: 24
82.25.176.0/23 maxlen: 24
82.25.178.0/23 maxlen: 24
82.25.182.0/23 maxlen: 24
82.25.188.0/23 maxlen: 24
82.26.66.0/24 maxlen: 24
82.26.120.0/24 maxlen: 24
82.26.156.0/24 maxlen: 24
82.26.171.0/24 maxlen: 24
82.26.174.0/24 maxlen: 24
82.26.176.0/21 maxlen: 24
82.26.184.0/21 maxlen: 24
82.26.194.0/24 maxlen: 24
82.26.196.0/24 maxlen: 24
2a13:9500:3::/48 maxlen: 48
2a13:9500:6::/48 maxlen: 48
2a13:9500:7::/48 maxlen: 48
2a13:9500:8::/48 maxlen: 48
2a13:9500:9::/48 maxlen: 48
2a13:9500:a::/48 maxlen: 48
2a13:9500:b::/48 maxlen: 48
2a13:9500:c::/48 maxlen: 48
2a13:9500:d::/48 maxlen: 48
2a13:9500:e::/48 maxlen: 48
2a13:9500:f::/48 maxlen: 48
2a13:9500:10::/48 maxlen: 48
2a13:9500:1c::/48 maxlen: 48
2a13:9500:1d::/48 maxlen: 48
2a13:9500:1e::/48 maxlen: 48
2a13:9500:1f::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
63:79:63:e9:cb:c8:00:b7:b2:d2:c6:8e:c7:29:52:b5:8b:75:56:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Apr 25 23:55:19 2025 GMT
Not After : Apr 25 00:00:19 2026 GMT
Subject: CN=3300FB74F0C1A9BA1EB6BB842681D71548BEEFEE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:00:57:4f:50:d5:2a:f8:59:0f:5b:8b:7e:b4:
a8:7f:cd:43:aa:8d:3c:53:fc:97:21:91:88:fd:78:
6d:90:5a:a9:95:95:40:8f:c4:21:31:7c:2f:57:01:
bf:c4:e8:8a:56:57:a7:90:04:91:d9:ee:8f:a8:33:
d1:33:1a:53:9a:a6:74:db:e6:57:17:90:ae:8d:fb:
79:54:1d:50:0b:13:d1:8c:be:07:aa:fb:7d:cb:ed:
d4:64:e4:87:28:a1:8d:8c:fe:9c:6b:33:08:21:20:
03:2e:8f:9c:6f:ea:80:cc:f3:aa:18:ea:33:8a:91:
96:7b:82:fa:6f:e4:da:8c:7d:82:ce:a6:58:e7:11:
81:24:e7:46:fb:07:89:32:af:02:a1:ef:3c:63:47:
f0:5c:fa:8c:de:1d:e6:6c:53:c4:47:a2:f1:c8:4b:
fd:ae:23:ac:95:b4:71:8f:12:9f:e8:0e:63:47:ee:
66:a1:d4:3a:be:83:b7:13:d3:a1:85:ff:1f:b2:7c:
58:28:23:15:25:76:7d:1e:03:5d:30:c5:d6:95:0e:
b0:82:99:52:31:b3:6e:82:d6:90:c5:cd:44:8d:bb:
06:68:8f:6f:aa:ed:dd:30:15:96:fd:1c:fc:6a:f0:
09:1d:5b:04:cc:5a:dc:82:6e:05:32:20:a5:00:1e:
dc:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:00:FB:74:F0:C1:A9:BA:1E:B6:BB:84:26:81:D7:15:48:BE:EF:EE
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS29802.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.41.0/24
82.21.67.0/24
82.21.74.0/24
82.21.93.0/24
82.21.103.0/24
82.21.110.0/24
82.21.113.0/24
82.21.119.0/24
82.21.122.0/24
82.21.124.0/24
82.21.132.0/24
82.21.139.0-82.21.140.255
82.21.143.0/24
82.21.148.0/24
82.21.152.0/24
82.21.155.0/24
82.21.157.0/24
82.21.163.0/24
82.21.188.0/24
82.24.92.0-82.24.99.255
82.24.116.0/22
82.24.128.0/20
82.24.148.0-82.24.171.255
82.24.176.0/22
82.24.196.0/22
82.25.146.0-82.25.159.255
82.25.162.0-82.25.173.255
82.25.176.0/22
82.25.182.0/23
82.25.188.0/23
82.26.66.0/24
82.26.120.0/24
82.26.156.0/24
82.26.171.0/24
82.26.174.0/24
82.26.176.0/20
82.26.194.0/24
82.26.196.0/24
IPv6:
2a13:9500:3::/48
2a13:9500:6::-2a13:9500:10:ffff:ffff:ffff:ffff:ffff
2a13:9500:1c::/46
Signature Algorithm: sha256WithRSAEncryption
0f:fc:8d:87:ed:9f:93:c4:63:c8:2b:9e:98:33:7b:b6:2e:04:
59:e9:28:f5:db:5e:46:68:a7:45:f7:aa:c7:00:7d:ce:f8:7e:
27:48:d9:ec:e7:7a:2a:f9:22:d1:72:28:b4:ed:01:89:a2:31:
e8:e5:af:4e:00:54:a8:9b:b4:0e:2f:89:47:6d:ce:17:a2:eb:
c2:45:5a:32:e5:09:d0:54:5d:f8:df:29:36:11:dc:66:99:25:
85:89:20:de:9b:76:f7:77:9a:89:d0:6f:56:2e:cc:4d:24:bb:
39:0f:87:85:89:d4:cb:7b:8b:2e:09:60:9b:45:8e:19:ba:0c:
87:9a:46:de:f1:03:9a:77:56:bf:05:d9:0a:ec:f7:3f:7f:32:
52:a5:9a:4e:26:3a:5a:a5:5b:e6:15:83:75:e1:f2:80:55:c0:
96:93:03:4a:f1:29:a5:a4:fd:8c:d5:6e:2f:fd:7d:c9:dc:c2:
12:ab:e3:15:5f:d2:5b:d9:fd:a5:7d:25:a0:67:cc:0f:dd:c7:
8c:7c:e0:92:8e:74:61:77:60:4a:92:03:4d:00:5b:2b:3f:1b:
57:60:0a:82:ea:55:e6:9f:2d:29:fa:d1:8f:5c:6b:0d:27:ac:
b0:f0:99:31:07:81:f5:3f:3d:1c:c6:9d:e7:80:57:3d:0a:0f:
80:86:22:7e
-----BEGIN CERTIFICATE-----
MIIGPTCCBSWgAwIBAgIUY3lj6cvIALey0saOxylStYt1VtYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTA0MjUyMzU1MTlaFw0yNjA0MjUwMDAwMTlaMDMxMTAvBgNV
BAMTKDMzMDBGQjc0RjBDMUE5QkExRUI2QkI4NDI2ODFENzE1NDhCRUVGRUUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDeAFdPUNUq+FkPW4t+tKh/zUOq
jTxT/JchkYj9eG2QWqmVlUCPxCExfC9XAb/E6IpWV6eQBJHZ7o+oM9EzGlOapnTb
5lcXkK6N+3lUHVALE9GMvgeq+33L7dRk5IcooY2M/pxrMwghIAMuj5xv6oDM86oY
6jOKkZZ7gvpv5NqMfYLOpljnEYEk50b7B4kyrwKh7zxjR/Bc+ozeHeZsU8RHovHI
S/2uI6yVtHGPEp/oDmNH7mah1Dq+g7cT06GF/x+yfFgoIxUldn0eA10wxdaVDrCC
mVIxs26C1pDFzUSNuwZoj2+q7d0wFZb9HPxq8AkdWwTMWtyCbgUyIKUAHtx5AgMB
AAGjggNHMIIDQzAdBgNVHQ4EFgQUMwD7dPDBqboetruEJoHXFUi+7+4wHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMjk4MDIucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwggFbBggrBgEFBQcBBwEB/wSCAUowggFGMIIBFAQCAAEw
ggEMAwQAUhUpAwQAUhVDAwQAUhVKAwQAUhVdAwQAUhVnAwQAUhVuAwQAUhVxAwQA
UhV3AwQAUhV6AwQAUhV8AwQAUhWEMAwDBABSFYsDBABSFYwDBABSFY8DBABSFZQD
BABSFZgDBABSFZsDBABSFZ0DBABSFaMDBABSFbwwDAMEAlIYXAMEAlIYYAMEAlIY
dAMEBFIYgDAMAwQCUhiUAwQCUhioAwQCUhiwAwQCUhjEMAwDBAFSGZIDBAVSGYAw
DAMEAVIZogMEAVIZrAMEAlIZsAMEAVIZtgMEAVIZvAMEAFIaQgMEAFIaeAMEAFIa
nAMEAFIaqwMEAFIargMEBFIasAMEAFIawgMEAFIaxDAsBAIAAjAmAwcAKhOVAAAD
MBIDBwEqE5UAAAYDBwAqE5UAABADBwIqE5UAABwwDQYJKoZIhvcNAQELBQADggEB
AA/8jYftn5PEY8grnpgze7YuBFnpKPXbXkZop0X3qscAfc74fidI2ezneir5ItFy
KLTtAYmiMejlr04AVKibtA4viUdtzhei68JFWjLlCdBUXfjfKTYR3GaZJYWJIN6b
dvd3monQb1YuzE0kuzkPh4WJ1Mt7iy4JYJtFjhm6DIeaRt7xA5p3Vr8F2Qrs9z9/
MlKlmk4mOlqlW+YVg3Xh8oBVwJaTA0rxKaWk/YzVbi/9fcncwhKr4xVf0lvZ/aV9
JaBnzA/dx4x84JKOdGF3YEqSA00AWys/G1dgCoLqVeafLSn60Y9caw0nrLDwmTEH
gfU/PRzGneeAVz0KD4CGIn4=
-----END CERTIFICATE-----
Generated at Sat Apr 26 19:50:20 2025 by rpki-client