Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS29802.roa
File: AS29802.roa (raw, json)
Hash identifier: hBCT1jbMOBhTpqbyfRLxFRPSYAWeIr32taugCyozUQs=
Subject key identifier: 0A:B3:89:7B:DA:02:08:B3:F6:91:58:2E:7F:69:0E:0F:2A:E2:00:3A
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 70B1947FB91EA014B158FC67E85A3B5FB1947BF5
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS29802.roa
Signing time: Mon 13 Apr 2026 11:43:50 +0000
ROA not before: Mon 13 Apr 2026 11:38:50 +0000
ROA not after: Mon 12 Apr 2027 11:43:50 +0000
asID: 29802
IP address blocks: 82.21.67.0/24 maxlen: 24
82.21.74.0/24 maxlen: 24
82.21.93.0/24 maxlen: 24
82.21.103.0/24 maxlen: 24
82.21.110.0/24 maxlen: 24
82.21.113.0/24 maxlen: 24
82.21.119.0/24 maxlen: 24
82.21.122.0/24 maxlen: 24
82.21.124.0/24 maxlen: 24
82.21.132.0/24 maxlen: 24
82.21.139.0/24 maxlen: 24
82.21.140.0/24 maxlen: 24
82.21.143.0/24 maxlen: 24
82.21.148.0/24 maxlen: 24
82.21.152.0/24 maxlen: 24
82.21.155.0/24 maxlen: 24
82.21.157.0/24 maxlen: 24
82.21.163.0/24 maxlen: 24
82.22.61.0/24 maxlen: 24
82.22.200.0/24 maxlen: 24
82.24.92.0/22 maxlen: 24
82.24.96.0/22 maxlen: 24
82.24.116.0/22 maxlen: 24
82.24.128.0/22 maxlen: 24
82.24.132.0/22 maxlen: 24
82.24.136.0/22 maxlen: 24
82.24.140.0/22 maxlen: 24
82.24.148.0/22 maxlen: 24
82.24.152.0/22 maxlen: 24
82.24.156.0/22 maxlen: 24
82.24.160.0/22 maxlen: 24
82.24.164.0/22 maxlen: 24
82.24.168.0/22 maxlen: 24
82.24.176.0/22 maxlen: 24
82.24.196.0/22 maxlen: 24
82.25.146.0/23 maxlen: 24
82.25.148.0/23 maxlen: 24
82.25.150.0/23 maxlen: 24
82.25.152.0/23 maxlen: 24
82.25.154.0/23 maxlen: 24
82.25.156.0/23 maxlen: 24
82.25.158.0/23 maxlen: 24
82.25.162.0/23 maxlen: 24
82.25.164.0/23 maxlen: 24
82.25.166.0/23 maxlen: 24
82.25.168.0/23 maxlen: 24
82.25.170.0/23 maxlen: 24
82.25.172.0/23 maxlen: 24
82.25.176.0/23 maxlen: 24
82.25.178.0/23 maxlen: 24
82.25.182.0/23 maxlen: 24
82.25.188.0/23 maxlen: 24
82.26.66.0/24 maxlen: 24
82.26.116.0/24 maxlen: 24
82.26.176.0/21 maxlen: 24
82.26.184.0/21 maxlen: 24
82.27.8.0/24 maxlen: 24
82.38.174.0/24 maxlen: 24
82.39.223.0/24 maxlen: 24
178.83.59.0/24 maxlen: 24
2a13:9500:3::/48 maxlen: 48
2a13:9500:6::/48 maxlen: 48
2a13:9500:7::/48 maxlen: 48
2a13:9500:8::/48 maxlen: 48
2a13:9500:9::/48 maxlen: 48
2a13:9500:a::/48 maxlen: 48
2a13:9500:b::/48 maxlen: 48
2a13:9500:c::/48 maxlen: 48
2a13:9500:d::/48 maxlen: 48
2a13:9500:e::/48 maxlen: 48
2a13:9500:f::/48 maxlen: 48
2a13:9500:10::/48 maxlen: 48
2a13:9500:1c::/48 maxlen: 48
2a13:9500:1d::/48 maxlen: 48
2a13:9500:1e::/48 maxlen: 48
2a13:9500:1f::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 22:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
70:b1:94:7f:b9:1e:a0:14:b1:58:fc:67:e8:5a:3b:5f:b1:94:7b:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Apr 13 11:38:50 2026 GMT
Not After : Apr 12 11:43:50 2027 GMT
Subject: CN=0AB3897BDA0208B3F691582E7F690E0F2AE2003A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:b5:03:65:c5:51:2f:13:1e:f0:27:d0:dc:ba:
8e:a6:19:61:b7:02:46:b8:61:f5:39:dc:db:0f:eb:
55:79:0a:a5:36:29:ff:92:44:c2:5e:ad:4d:76:51:
4d:ef:f0:3d:67:f1:35:ac:64:e6:1a:38:ed:f9:ce:
32:76:45:8d:3e:a6:c8:21:eb:be:66:0e:e0:8e:7a:
6b:12:cf:b7:ce:56:4e:43:a9:94:7d:5b:6b:9b:ee:
af:ae:92:8d:37:a4:ef:84:fa:47:41:fc:f1:90:83:
5b:2c:68:ff:6c:6c:05:30:9f:26:58:fd:e0:0c:08:
90:e6:83:41:76:ff:1a:cb:0f:e2:d0:08:30:1d:ee:
2f:31:f3:cf:88:5e:e9:57:8f:d3:a4:00:84:20:94:
64:95:a4:ae:b5:b2:e8:06:7b:19:f7:4b:34:28:1b:
81:61:cd:07:27:48:7a:d1:83:29:b8:8e:d5:86:e2:
b8:d3:bd:e8:0d:f1:c1:40:59:99:0d:69:65:89:cb:
45:be:70:63:3f:e9:90:8e:0e:85:d9:08:65:57:8a:
06:7f:40:21:ea:18:6d:58:84:dd:08:85:ca:c8:b1:
7b:a4:c2:d0:8a:9d:b8:58:ee:c3:54:73:a6:c5:82:
ea:af:0f:05:7e:11:d4:32:63:22:98:6a:f7:9a:8e:
51:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:B3:89:7B:DA:02:08:B3:F6:91:58:2E:7F:69:0E:0F:2A:E2:00:3A
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS29802.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.67.0/24
82.21.74.0/24
82.21.93.0/24
82.21.103.0/24
82.21.110.0/24
82.21.113.0/24
82.21.119.0/24
82.21.122.0/24
82.21.124.0/24
82.21.132.0/24
82.21.139.0-82.21.140.255
82.21.143.0/24
82.21.148.0/24
82.21.152.0/24
82.21.155.0/24
82.21.157.0/24
82.21.163.0/24
82.22.61.0/24
82.22.200.0/24
82.24.92.0-82.24.99.255
82.24.116.0/22
82.24.128.0/20
82.24.148.0-82.24.171.255
82.24.176.0/22
82.24.196.0/22
82.25.146.0-82.25.159.255
82.25.162.0-82.25.173.255
82.25.176.0/22
82.25.182.0/23
82.25.188.0/23
82.26.66.0/24
82.26.116.0/24
82.26.176.0/20
82.27.8.0/24
82.38.174.0/24
82.39.223.0/24
178.83.59.0/24
IPv6:
2a13:9500:3::/48
2a13:9500:6::-2a13:9500:10:ffff:ffff:ffff:ffff:ffff
2a13:9500:1c::/46
Signature Algorithm: sha256WithRSAEncryption
6d:0b:93:7b:70:37:c8:7e:2f:73:16:00:0e:f5:9d:1b:7b:3e:
22:cd:15:95:f6:65:f6:a8:06:65:51:e8:e2:c6:5b:d9:c0:71:
1d:26:65:5c:1f:b6:82:4b:3b:d1:fd:39:50:9f:f9:7a:fd:3a:
1e:3d:6e:7d:94:c4:bd:a2:c5:cd:d8:92:c2:9b:6b:7f:76:29:
46:24:e0:12:21:9c:0b:06:73:8d:3a:19:7a:f3:9a:62:b4:e6:
47:89:d8:d4:b6:16:e6:f2:a0:1e:57:19:87:6e:29:1b:06:4a:
2b:87:46:2f:22:cd:57:e2:12:4c:1c:c0:18:3b:59:07:5d:a1:
eb:e1:d9:44:cd:e2:93:1a:7a:1d:95:05:8f:ac:f0:ab:3e:a5:
9c:f4:ed:68:11:8e:b2:61:34:ff:a1:27:29:9d:ad:d8:3a:3d:
27:fe:6a:ae:11:e8:1a:90:0d:15:b4:05:7b:10:44:7e:b1:ad:
2d:15:ca:5c:39:9f:16:e4:d3:c2:dd:a5:fa:66:4d:7f:6b:41:
b2:a8:4e:bc:cf:e8:32:f7:21:21:56:13:05:5b:ae:af:ff:58:
61:10:64:f8:3e:b8:5a:82:ed:45:a9:68:35:d2:52:bc:58:d0:
b5:76:0e:97:7e:62:6b:72:df:e8:a3:d5:49:61:c6:a9:68:e2:
0c:2b:9d:2a
-----BEGIN CERTIFICATE-----
MIIGNzCCBR+gAwIBAgIUcLGUf7keoBSxWPxn6Fo7X7GUe/UwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjA0MTMxMTM4NTBaFw0yNzA0MTIxMTQzNTBaMDMxMTAvBgNV
BAMTKDBBQjM4OTdCREEwMjA4QjNGNjkxNTgyRTdGNjkwRTBGMkFFMjAwM0EwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCptQNlxVEvEx7wJ9Dcuo6mGWG3
Aka4YfU53NsP61V5CqU2Kf+SRMJerU12UU3v8D1n8TWsZOYaOO35zjJ2RY0+psgh
675mDuCOemsSz7fOVk5DqZR9W2ub7q+uko03pO+E+kdB/PGQg1ssaP9sbAUwnyZY
/eAMCJDmg0F2/xrLD+LQCDAd7i8x88+IXulXj9OkAIQglGSVpK61sugGexn3SzQo
G4FhzQcnSHrRgym4jtWG4rjTvegN8cFAWZkNaWWJy0W+cGM/6ZCODoXZCGVXigZ/
QCHqGG1YhN0IhcrIsXukwtCKnbhY7sNUc6bFguqvDwV+EdQyYyKYaveajlGNAgMB
AAGjggNBMIIDPTAdBgNVHQ4EFgQUCrOJe9oCCLP2kVguf2kODyriADowHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMjk4MDIucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwggFVBggrBgEFBQcBBwEB/wSCAUQwggFAMIIBDgQCAAEw
ggEGAwQAUhVDAwQAUhVKAwQAUhVdAwQAUhVnAwQAUhVuAwQAUhVxAwQAUhV3AwQA
UhV6AwQAUhV8AwQAUhWEMAwDBABSFYsDBABSFYwDBABSFY8DBABSFZQDBABSFZgD
BABSFZsDBABSFZ0DBABSFaMDBABSFj0DBABSFsgwDAMEAlIYXAMEAlIYYAMEAlIY
dAMEBFIYgDAMAwQCUhiUAwQCUhioAwQCUhiwAwQCUhjEMAwDBAFSGZIDBAVSGYAw
DAMEAVIZogMEAVIZrAMEAlIZsAMEAVIZtgMEAVIZvAMEAFIaQgMEAFIadAMEBFIa
sAMEAFIbCAMEAFImrgMEAFIn3wMEALJTOzAsBAIAAjAmAwcAKhOVAAADMBIDBwEq
E5UAAAYDBwAqE5UAABADBwIqE5UAABwwDQYJKoZIhvcNAQELBQADggEBAG0Lk3tw
N8h+L3MWAA71nRt7PiLNFZX2ZfaoBmVR6OLGW9nAcR0mZVwftoJLO9H9OVCf+Xr9
Oh49bn2UxL2ixc3YksKba392KUYk4BIhnAsGc406GXrzmmK05keJ2NS2FubyoB5X
GYduKRsGSiuHRi8izVfiEkwcwBg7WQddoevh2UTN4pMaeh2VBY+s8Ks+pZz07WgR
jrJhNP+hJymdrdg6PSf+aq4R6BqQDRW0BXsQRH6xrS0Vylw5nxbk08LdpfpmTX9r
QbKoTrzP6DL3ISFWEwVbrq//WGEQZPg+uFqC7UWpaDXSUrxY0LV2Dpd+Ymty3+ij
1Ulhxqlo4gwrnSo=
-----END CERTIFICATE-----
Generated at Fri Apr 17 07:13:52 2026 by rpki-client