Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS29802.roa
File: AS29802.roa (raw, json)
Hash identifier: Porql/T3HhyJYwUWA4eLDRdir3lZfR34TIGcxqpV4f4=
Subject key identifier: 31:0C:3C:9C:34:5B:15:5F:08:CC:85:AC:01:2E:97:B9:01:31:90:77
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 342C847A26849F04A8DCDE5DBDAE11119D07BC49
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS29802.roa
Signing time: Fri 06 Feb 2026 11:01:33 +0000
ROA not before: Fri 06 Feb 2026 10:56:33 +0000
ROA not after: Fri 05 Feb 2027 11:01:33 +0000
asID: 29802
IP address blocks: 82.21.67.0/24 maxlen: 24
82.21.74.0/24 maxlen: 24
82.21.93.0/24 maxlen: 24
82.21.103.0/24 maxlen: 24
82.21.110.0/24 maxlen: 24
82.21.113.0/24 maxlen: 24
82.21.119.0/24 maxlen: 24
82.21.122.0/24 maxlen: 24
82.21.124.0/24 maxlen: 24
82.21.132.0/24 maxlen: 24
82.21.139.0/24 maxlen: 24
82.21.140.0/24 maxlen: 24
82.21.143.0/24 maxlen: 24
82.21.148.0/24 maxlen: 24
82.21.152.0/24 maxlen: 24
82.21.155.0/24 maxlen: 24
82.21.157.0/24 maxlen: 24
82.21.163.0/24 maxlen: 24
82.22.200.0/24 maxlen: 24
82.24.92.0/22 maxlen: 24
82.24.96.0/22 maxlen: 24
82.24.116.0/22 maxlen: 24
82.24.128.0/22 maxlen: 24
82.24.132.0/22 maxlen: 24
82.24.136.0/22 maxlen: 24
82.24.140.0/22 maxlen: 24
82.24.148.0/22 maxlen: 24
82.24.152.0/22 maxlen: 24
82.24.156.0/22 maxlen: 24
82.24.160.0/22 maxlen: 24
82.24.164.0/22 maxlen: 24
82.24.168.0/22 maxlen: 24
82.24.176.0/22 maxlen: 24
82.24.196.0/22 maxlen: 24
82.25.146.0/23 maxlen: 24
82.25.148.0/23 maxlen: 24
82.25.150.0/23 maxlen: 24
82.25.152.0/23 maxlen: 24
82.25.154.0/23 maxlen: 24
82.25.156.0/23 maxlen: 24
82.25.158.0/23 maxlen: 24
82.25.162.0/23 maxlen: 24
82.25.164.0/23 maxlen: 24
82.25.166.0/23 maxlen: 24
82.25.168.0/23 maxlen: 24
82.25.170.0/23 maxlen: 24
82.25.172.0/23 maxlen: 24
82.25.176.0/23 maxlen: 24
82.25.178.0/23 maxlen: 24
82.25.182.0/23 maxlen: 24
82.25.188.0/23 maxlen: 24
82.26.66.0/24 maxlen: 24
82.26.116.0/24 maxlen: 24
82.26.176.0/21 maxlen: 24
82.26.184.0/21 maxlen: 24
82.27.8.0/24 maxlen: 24
82.38.174.0/24 maxlen: 24
178.83.59.0/24 maxlen: 24
2a13:9500:3::/48 maxlen: 48
2a13:9500:6::/48 maxlen: 48
2a13:9500:7::/48 maxlen: 48
2a13:9500:8::/48 maxlen: 48
2a13:9500:9::/48 maxlen: 48
2a13:9500:a::/48 maxlen: 48
2a13:9500:b::/48 maxlen: 48
2a13:9500:c::/48 maxlen: 48
2a13:9500:d::/48 maxlen: 48
2a13:9500:e::/48 maxlen: 48
2a13:9500:f::/48 maxlen: 48
2a13:9500:10::/48 maxlen: 48
2a13:9500:1c::/48 maxlen: 48
2a13:9500:1d::/48 maxlen: 48
2a13:9500:1e::/48 maxlen: 48
2a13:9500:1f::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 09:38:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
34:2c:84:7a:26:84:9f:04:a8:dc:de:5d:bd:ae:11:11:9d:07:bc:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Feb 6 10:56:33 2026 GMT
Not After : Feb 5 11:01:33 2027 GMT
Subject: CN=310C3C9C345B155F08CC85AC012E97B901319077
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:b6:e2:27:69:7e:e1:5b:0f:b5:77:64:d3:c0:
96:0d:43:76:cc:3c:c6:8f:42:60:16:cb:ea:ef:a6:
28:33:e3:43:0b:60:0d:84:cb:06:36:3e:00:ff:97:
7b:62:42:66:93:71:38:0a:95:a9:a5:54:84:2c:27:
7f:f1:90:ac:0b:22:57:d0:72:97:c0:7d:eb:be:fe:
0c:fc:21:a3:22:fd:48:3e:c0:53:ae:94:0b:70:e6:
d2:88:0c:49:7e:71:72:c2:c4:38:02:61:2c:62:a1:
e5:9f:02:93:c4:89:72:c9:77:53:de:37:eb:dc:67:
05:0f:66:40:35:aa:25:c9:28:60:81:54:d4:87:07:
03:13:27:1d:36:2c:74:f3:e3:cf:2e:80:5e:9b:13:
7d:cd:e8:29:11:ec:5b:22:d9:f4:60:c5:c7:78:be:
1b:cc:1a:39:66:9e:fb:d3:87:8e:ce:61:3d:2d:19:
af:0c:e9:94:2a:b1:11:75:75:4c:45:0d:1e:66:68:
fe:4a:a8:3c:f0:1a:cc:53:42:a1:c3:e6:84:64:e2:
d9:8c:2f:1a:fd:af:b3:e7:ea:0a:71:35:29:66:a0:
27:16:ae:8a:01:d9:eb:cb:5b:fa:ab:4f:44:33:bd:
03:bc:82:a2:eb:70:6d:88:a2:fb:82:81:21:a6:21:
23:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:0C:3C:9C:34:5B:15:5F:08:CC:85:AC:01:2E:97:B9:01:31:90:77
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS29802.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.67.0/24
82.21.74.0/24
82.21.93.0/24
82.21.103.0/24
82.21.110.0/24
82.21.113.0/24
82.21.119.0/24
82.21.122.0/24
82.21.124.0/24
82.21.132.0/24
82.21.139.0-82.21.140.255
82.21.143.0/24
82.21.148.0/24
82.21.152.0/24
82.21.155.0/24
82.21.157.0/24
82.21.163.0/24
82.22.200.0/24
82.24.92.0-82.24.99.255
82.24.116.0/22
82.24.128.0/20
82.24.148.0-82.24.171.255
82.24.176.0/22
82.24.196.0/22
82.25.146.0-82.25.159.255
82.25.162.0-82.25.173.255
82.25.176.0/22
82.25.182.0/23
82.25.188.0/23
82.26.66.0/24
82.26.116.0/24
82.26.176.0/20
82.27.8.0/24
82.38.174.0/24
178.83.59.0/24
IPv6:
2a13:9500:3::/48
2a13:9500:6::-2a13:9500:10:ffff:ffff:ffff:ffff:ffff
2a13:9500:1c::/46
Signature Algorithm: sha256WithRSAEncryption
0f:51:04:20:19:00:93:4d:ff:9a:11:17:d4:4d:ac:86:39:dd:
d5:ac:44:cf:f7:16:33:af:c1:f9:98:04:fb:e8:e6:3d:fe:0e:
0d:b1:33:5c:d7:d1:88:35:81:22:e6:71:1d:24:c6:c9:d5:a1:
16:4e:5e:02:1e:81:56:52:51:92:01:5b:86:65:18:9e:02:1f:
2d:15:55:82:94:d6:3b:08:ba:0d:4c:7a:25:91:64:0e:96:24:
a3:6b:25:32:86:eb:46:34:1e:e4:de:68:35:37:0c:87:72:6a:
f1:b7:64:05:84:d9:32:32:04:19:72:0f:6e:d7:e8:28:b0:48:
50:75:c3:b9:b8:b0:7a:9f:8a:91:45:97:e8:12:71:f3:aa:30:
0e:16:d5:3e:a3:87:06:52:73:a8:36:0b:13:89:19:2c:27:5d:
ca:40:33:75:8c:ff:24:a7:94:7d:e2:24:e2:57:05:6c:7c:18:
78:e9:29:f7:e6:3b:ec:2f:7d:2d:ae:84:3b:d9:db:95:0f:ef:
0e:78:6d:a1:a2:b9:4e:3a:a8:c8:19:6f:f1:15:72:77:c3:a9:
22:f2:51:ce:6c:04:d6:0d:05:2e:ed:f7:2c:09:5d:7b:f5:b2:
b8:e8:c3:e2:2f:e9:b8:57:03:8e:b6:04:09:3a:f4:b3:0a:57:
d0:2d:47:0d
-----BEGIN CERTIFICATE-----
MIIGKjCCBRKgAwIBAgIUNCyEeiaEnwSo3N5dva4REZ0HvEkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjAyMDYxMDU2MzNaFw0yNzAyMDUxMTAxMzNaMDMxMTAvBgNV
BAMTKDMxMEMzQzlDMzQ1QjE1NUYwOENDODVBQzAxMkU5N0I5MDEzMTkwNzcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDWtuInaX7hWw+1d2TTwJYNQ3bM
PMaPQmAWy+rvpigz40MLYA2EywY2PgD/l3tiQmaTcTgKlamlVIQsJ3/xkKwLIlfQ
cpfAfeu+/gz8IaMi/Ug+wFOulAtw5tKIDEl+cXLCxDgCYSxioeWfApPEiXLJd1Pe
N+vcZwUPZkA1qiXJKGCBVNSHBwMTJx02LHTz488ugF6bE33N6CkR7Fsi2fRgxcd4
vhvMGjlmnvvTh47OYT0tGa8M6ZQqsRF1dUxFDR5maP5KqDzwGsxTQqHD5oRk4tmM
Lxr9r7Pn6gpxNSlmoCcWrooB2evLW/qrT0QzvQO8gqLrcG2IovuCgSGmISMpAgMB
AAGjggM0MIIDMDAdBgNVHQ4EFgQUMQw8nDRbFV8IzIWsAS6XuQExkHcwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMjk4MDIucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwggFIBggrBgEFBQcBBwEB/wSCATcwggEzMIIBAQQCAAEw
gfoDBABSFUMDBABSFUoDBABSFV0DBABSFWcDBABSFW4DBABSFXEDBABSFXcDBABS
FXoDBABSFXwDBABSFYQwDAMEAFIViwMEAFIVjAMEAFIVjwMEAFIVlAMEAFIVmAME
AFIVmwMEAFIVnQMEAFIVowMEAFIWyDAMAwQCUhhcAwQCUhhgAwQCUhh0AwQEUhiA
MAwDBAJSGJQDBAJSGKgDBAJSGLADBAJSGMQwDAMEAVIZkgMEBVIZgDAMAwQBUhmi
AwQBUhmsAwQCUhmwAwQBUhm2AwQBUhm8AwQAUhpCAwQAUhp0AwQEUhqwAwQAUhsI
AwQAUiauAwQAslM7MCwEAgACMCYDBwAqE5UAAAMwEgMHASoTlQAABgMHACoTlQAA
EAMHAioTlQAAHDANBgkqhkiG9w0BAQsFAAOCAQEAD1EEIBkAk03/mhEX1E2shjnd
1axEz/cWM6/B+ZgE++jmPf4ODbEzXNfRiDWBIuZxHSTGydWhFk5eAh6BVlJRkgFb
hmUYngIfLRVVgpTWOwi6DUx6JZFkDpYko2slMobrRjQe5N5oNTcMh3Jq8bdkBYTZ
MjIEGXIPbtfoKLBIUHXDubiwep+KkUWX6BJx86owDhbVPqOHBlJzqDYLE4kZLCdd
ykAzdYz/JKeUfeIk4lcFbHwYeOkp9+Y77C99La6EO9nblQ/vDnhtoaK5TjqoyBlv
8RVyd8OpIvJRzmwE1g0FLu33LAlde/WyuOjD4i/puFcDjrYECTr0swpX0C1HDQ==
-----END CERTIFICATE-----
Generated at Sun Mar 1 20:10:51 2026 by rpki-client