Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS7029.roa
File: AS7029.roa (raw, json)
Hash identifier: nY51CT5ZejPXr0aKZ0fKOmpJQzhJZtH5aIagvcOUsAQ=
Subject key identifier: AE:93:CA:C3:C0:C4:4C:B9:5E:AD:EC:04:3C:F1:BC:19:AA:A0:82:6C
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 7581573C541AA145F0E16FF5DAE295C41C9EF203
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS7029.roa
Signing time: Tue 04 Nov 2025 18:39:10 +0000
ROA not before: Tue 04 Nov 2025 18:34:10 +0000
ROA not after: Tue 03 Nov 2026 18:39:10 +0000
asID: 7029
IP address blocks: 82.21.104.0/22 maxlen: 24
82.22.128.0/21 maxlen: 24
82.22.148.0/22 maxlen: 24
82.22.152.0/22 maxlen: 24
82.23.140.0/23 maxlen: 24
82.24.10.0/23 maxlen: 24
82.24.44.0/23 maxlen: 24
82.24.50.0/23 maxlen: 24
82.24.102.0/23 maxlen: 24
82.24.184.0/22 maxlen: 24
82.24.204.0/23 maxlen: 24
82.25.0.0/22 maxlen: 24
82.25.18.0/23 maxlen: 24
82.25.128.0/22 maxlen: 24
82.25.206.0/23 maxlen: 24
82.26.102.0/23 maxlen: 24
82.27.48.0/20 maxlen: 24
82.27.80.0/21 maxlen: 24
82.27.112.0/22 maxlen: 24
82.27.136.0/21 maxlen: 24
82.27.168.0/21 maxlen: 24
82.27.192.0/22 maxlen: 24
82.29.30.0/23 maxlen: 24
82.29.144.0/22 maxlen: 24
82.38.12.0/22 maxlen: 24
82.38.124.0/22 maxlen: 24
82.38.140.0/22 maxlen: 24
82.41.44.0/22 maxlen: 24
82.41.52.0/22 maxlen: 24
82.41.68.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 12:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
75:81:57:3c:54:1a:a1:45:f0:e1:6f:f5:da:e2:95:c4:1c:9e:f2:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Nov 4 18:34:10 2025 GMT
Not After : Nov 3 18:39:10 2026 GMT
Subject: CN=AE93CAC3C0C44CB95EADEC043CF1BC19AAA0826C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:01:5f:b0:88:3f:4d:5b:d7:41:28:25:34:43:
99:0a:7e:95:21:98:e5:7e:d1:74:a6:45:96:ac:8e:
ef:20:ae:5e:de:db:6a:6e:17:2a:f3:0f:33:eb:b0:
d4:00:6e:22:99:c5:50:90:d4:a1:a5:7f:e2:c6:cb:
f5:6b:26:eb:d7:dc:6f:67:45:f5:09:0a:9f:a4:05:
0e:eb:b5:c9:02:69:0a:25:fe:78:90:ff:8c:d0:24:
15:8a:59:e9:3b:3f:f4:c6:18:14:42:fb:15:54:57:
69:1e:e6:82:17:ed:50:0b:c5:7c:5b:52:d4:02:6e:
b8:d8:02:97:dc:86:9a:d5:83:db:7f:6a:a5:99:75:
4a:93:ed:45:6c:30:7a:1e:c9:12:02:f6:dd:57:ef:
dc:08:ad:b2:49:47:dc:00:8c:dd:11:a2:58:87:0f:
8c:02:9c:f3:97:65:ed:4e:be:7e:55:27:c9:c3:4d:
0e:6b:e2:2c:5d:cd:93:bb:16:77:d6:3c:9d:13:dd:
5a:1f:c1:e2:21:ed:06:4d:9e:4e:c7:f1:e6:69:a5:
a0:57:d6:85:9c:b9:c5:c2:9f:7b:94:ee:86:48:1c:
6e:71:43:24:4d:29:11:f8:98:fe:35:48:e5:f0:ac:
22:90:82:31:93:a0:27:76:fc:4c:62:21:0c:eb:ce:
f6:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:93:CA:C3:C0:C4:4C:B9:5E:AD:EC:04:3C:F1:BC:19:AA:A0:82:6C
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS7029.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.104.0/22
82.22.128.0/21
82.22.148.0-82.22.155.255
82.23.140.0/23
82.24.10.0/23
82.24.44.0/23
82.24.50.0/23
82.24.102.0/23
82.24.184.0/22
82.24.204.0/23
82.25.0.0/22
82.25.18.0/23
82.25.128.0/22
82.25.206.0/23
82.26.102.0/23
82.27.48.0/20
82.27.80.0/21
82.27.112.0/22
82.27.136.0/21
82.27.168.0/21
82.27.192.0/22
82.29.30.0/23
82.29.144.0/22
82.38.12.0/22
82.38.124.0/22
82.38.140.0/22
82.41.44.0/22
82.41.52.0/22
82.41.68.0/22
Signature Algorithm: sha256WithRSAEncryption
8d:a6:b7:0b:58:19:3d:46:1e:03:cd:33:7a:ae:35:02:19:94:
4d:9c:53:53:6d:14:c5:2f:57:00:4e:e2:23:16:e8:8f:d9:4f:
4a:ab:46:d4:1a:02:1c:25:d5:eb:ab:00:aa:7b:a6:9d:3f:96:
db:94:6b:c6:bd:8b:9e:cb:84:48:5a:bf:a1:a3:6a:a1:bf:65:
8f:6b:2e:f0:93:58:21:e5:a1:92:1f:09:ae:05:18:39:c4:56:
5b:10:af:33:c3:2a:ae:52:64:41:9f:91:78:68:6e:39:2b:6d:
b1:d1:e4:53:13:ae:48:7a:d8:04:95:f0:33:0c:5b:a9:a8:aa:
ac:ef:f2:1e:42:07:98:3b:0a:75:43:c5:08:b9:15:60:f9:af:
8f:55:42:0e:bf:ba:ba:53:ff:42:b7:39:b5:b0:9b:8c:6b:b9:
6a:8d:2c:30:d4:63:76:3d:a0:a5:f8:90:71:a0:bf:1c:02:f2:
ab:55:29:9e:57:43:d5:d0:20:d1:d7:ae:d3:bc:af:b4:7a:e6:
59:63:45:9c:d2:f7:a5:78:03:19:e4:e8:ad:e0:b0:79:45:e6:
0c:67:ce:62:71:c0:e3:41:b1:a8:46:97:31:ae:ff:e0:b1:91:
2c:83:4b:52:47:91:7e:c9:6f:42:7f:b5:6d:b7:96:4c:af:6a:
32:75:f1:29
-----BEGIN CERTIFICATE-----
MIIFszCCBJugAwIBAgIUdYFXPFQaoUXw4W/12uKVxBye8gMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTExMDQxODM0MTBaFw0yNjExMDMxODM5MTBaMDMxMTAvBgNV
BAMTKEFFOTNDQUMzQzBDNDRDQjk1RUFERUMwNDNDRjFCQzE5QUFBMDgyNkMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDlAV+wiD9NW9dBKCU0Q5kKfpUh
mOV+0XSmRZasju8grl7e22puFyrzDzPrsNQAbiKZxVCQ1KGlf+LGy/VrJuvX3G9n
RfUJCp+kBQ7rtckCaQol/niQ/4zQJBWKWek7P/TGGBRC+xVUV2ke5oIX7VALxXxb
UtQCbrjYApfchprVg9t/aqWZdUqT7UVsMHoeyRIC9t1X79wIrbJJR9wAjN0RoliH
D4wCnPOXZe1Ovn5VJ8nDTQ5r4ixdzZO7FnfWPJ0T3VofweIh7QZNnk7H8eZppaBX
1oWcucXCn3uU7oZIHG5xQyRNKRH4mP41SOXwrCKQgjGToCd2/ExiIQzrzvZnAgMB
AAGjggK9MIICuTAdBgNVHQ4EFgQUrpPKw8DETLlerewEPPG8GaqggmwwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTNzAyOS5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCB0wYIKwYBBQUHAQcBAf8EgcMwgcAwgb0EAgABMIG2AwQC
UhVoAwQDUhaAMAwDBAJSFpQDBAJSFpgDBAFSF4wDBAFSGAoDBAFSGCwDBAFSGDID
BAFSGGYDBAJSGLgDBAFSGMwDBAJSGQADBAFSGRIDBAJSGYADBAFSGc4DBAFSGmYD
BARSGzADBANSG1ADBAJSG3ADBANSG4gDBANSG6gDBAJSG8ADBAFSHR4DBAJSHZAD
BAJSJgwDBAJSJnwDBAJSJowDBAJSKSwDBAJSKTQDBAJSKUQwDQYJKoZIhvcNAQEL
BQADggEBAI2mtwtYGT1GHgPNM3quNQIZlE2cU1NtFMUvVwBO4iMW6I/ZT0qrRtQa
Ahwl1eurAKp7pp0/ltuUa8a9i57LhEhav6GjaqG/ZY9rLvCTWCHloZIfCa4FGDnE
VlsQrzPDKq5SZEGfkXhobjkrbbHR5FMTrkh62ASV8DMMW6moqqzv8h5CB5g7CnVD
xQi5FWD5r49VQg6/urpT/0K3ObWwm4xruWqNLDDUY3Y9oKX4kHGgvxwC8qtVKZ5X
Q9XQINHXrtO8r7R65lljRZzS96V4Axnk6K3gsHlF5gxnzmJxwONBsahGlzGu/+Cx
kSyDS1JHkX7Jb0J/tW23lkyvajJ18Sk=
-----END CERTIFICATE-----
Generated at Wed Nov 5 20:28:08 2025 by rpki-client