Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS7029.roa
File: AS7029.roa (raw, json)
Hash identifier: VjbjDsAEDaIdqKM1BgCl8nTjvuBkSh82vjjiHvIbxE0=
Subject key identifier: 8C:9B:B1:13:6F:6F:28:95:63:C5:C6:3B:59:A9:E3:FA:F3:73:D7:39
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 57E83BD269EE58E1CEEA0B2A8F227AE1870CBE60
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS7029.roa
Signing time: Wed 08 Apr 2026 22:58:04 +0000
ROA not before: Wed 08 Apr 2026 22:53:04 +0000
ROA not after: Wed 07 Apr 2027 22:58:04 +0000
asID: 7029
IP address blocks: 82.21.104.0/22 maxlen: 24
82.22.128.0/21 maxlen: 24
82.22.148.0/22 maxlen: 24
82.22.152.0/22 maxlen: 24
82.23.140.0/23 maxlen: 24
82.23.152.0/21 maxlen: 24
82.24.10.0/23 maxlen: 24
82.24.44.0/23 maxlen: 24
82.24.50.0/23 maxlen: 24
82.24.102.0/23 maxlen: 24
82.24.184.0/22 maxlen: 24
82.24.204.0/23 maxlen: 24
82.25.0.0/22 maxlen: 24
82.25.18.0/23 maxlen: 24
82.25.128.0/22 maxlen: 24
82.25.206.0/23 maxlen: 24
82.26.102.0/23 maxlen: 24
82.27.48.0/20 maxlen: 24
82.27.80.0/21 maxlen: 24
82.27.112.0/22 maxlen: 24
82.27.136.0/21 maxlen: 24
82.27.168.0/21 maxlen: 24
82.27.192.0/22 maxlen: 24
82.29.30.0/23 maxlen: 24
82.29.144.0/22 maxlen: 24
82.38.36.0/23 maxlen: 24
82.38.176.0/22 maxlen: 24
82.38.184.0/22 maxlen: 24
82.38.188.0/22 maxlen: 24
82.39.112.0/23 maxlen: 24
82.41.192.0/23 maxlen: 24
84.75.4.0/22 maxlen: 24
84.75.28.0/22 maxlen: 24
84.75.72.0/22 maxlen: 24
84.75.85.0/24 maxlen: 24
84.75.86.0/24 maxlen: 24
84.75.88.0/24 maxlen: 24
84.75.89.0/24 maxlen: 24
84.75.90.0/24 maxlen: 24
84.75.93.0/24 maxlen: 24
84.75.95.0/24 maxlen: 24
178.83.0.0/22 maxlen: 24
178.83.128.0/22 maxlen: 24
178.83.216.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 07:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
57:e8:3b:d2:69:ee:58:e1:ce:ea:0b:2a:8f:22:7a:e1:87:0c:be:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Apr 8 22:53:04 2026 GMT
Not After : Apr 7 22:58:04 2027 GMT
Subject: CN=8C9BB1136F6F289563C5C63B59A9E3FAF373D739
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:bd:a5:6d:25:07:15:f2:47:47:46:b7:f6:32:
82:41:51:ad:cb:b7:9b:2b:ad:7d:75:5f:b4:09:b4:
6c:e2:45:36:79:2f:51:e4:e5:d9:42:e9:d0:60:88:
00:15:7b:d2:14:ef:1e:82:c0:6e:01:c8:57:f4:dd:
43:0c:3b:33:2d:b1:25:9f:16:6a:3f:ba:b5:3a:1b:
7e:1a:30:9b:97:fc:fb:84:b3:6a:e2:5f:7f:48:2d:
be:8a:b9:7d:8c:0d:8c:0a:6b:ac:cd:f6:f1:8e:15:
56:17:94:e1:02:8b:36:3e:83:ba:d6:bb:2f:8a:3a:
3b:58:0a:f6:dd:b1:9c:fc:bb:2b:d2:ce:3b:71:86:
7d:85:bf:b9:17:7d:14:c9:68:fa:d1:17:ec:bd:02:
4a:0b:de:8a:10:53:c2:87:42:2a:b7:b3:9a:a9:b0:
0b:26:f3:01:50:2d:04:fb:ce:ec:76:6d:16:77:28:
01:e7:dc:ab:0a:2e:1e:cf:7b:5d:24:8f:e4:30:90:
36:17:68:c3:eb:fb:24:ac:90:be:ed:c4:e0:12:0f:
95:6e:52:62:eb:7e:c3:71:89:d5:2e:8f:36:80:1b:
a5:25:c0:67:f7:67:9c:72:cf:ed:05:cb:93:4c:6c:
76:ff:41:77:52:36:9c:75:5e:b2:27:fb:6e:4d:ec:
de:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:9B:B1:13:6F:6F:28:95:63:C5:C6:3B:59:A9:E3:FA:F3:73:D7:39
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS7029.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.104.0/22
82.22.128.0/21
82.22.148.0-82.22.155.255
82.23.140.0/23
82.23.152.0/21
82.24.10.0/23
82.24.44.0/23
82.24.50.0/23
82.24.102.0/23
82.24.184.0/22
82.24.204.0/23
82.25.0.0/22
82.25.18.0/23
82.25.128.0/22
82.25.206.0/23
82.26.102.0/23
82.27.48.0/20
82.27.80.0/21
82.27.112.0/22
82.27.136.0/21
82.27.168.0/21
82.27.192.0/22
82.29.30.0/23
82.29.144.0/22
82.38.36.0/23
82.38.176.0/22
82.38.184.0/21
82.39.112.0/23
82.41.192.0/23
84.75.4.0/22
84.75.28.0/22
84.75.72.0/22
84.75.85.0-84.75.86.255
84.75.88.0-84.75.90.255
84.75.93.0/24
84.75.95.0/24
178.83.0.0/22
178.83.128.0/22
178.83.216.0/22
Signature Algorithm: sha256WithRSAEncryption
5f:70:9d:ec:8d:6f:77:fe:d6:e2:fb:1b:51:77:ef:7e:ed:61:
1e:3d:ba:e5:11:9d:69:2c:97:80:f7:8b:f8:f1:8e:d0:4f:30:
5e:47:75:e8:3a:2b:b2:7c:24:b3:ed:d5:ff:f9:81:a2:ef:a2:
c9:51:f1:cb:2d:aa:83:9d:27:37:87:01:d9:ac:42:cf:35:63:
1d:61:ad:fc:7b:45:71:48:01:61:3a:c0:bb:2a:49:9d:13:3e:
a6:45:84:4a:20:7f:d7:1d:1f:96:c5:19:71:61:6c:08:13:58:
77:b7:25:ed:54:ab:18:78:76:48:b3:e4:b5:ec:81:ca:cd:b7:
fe:e7:eb:4a:f2:65:cd:98:1d:af:94:ed:11:5a:06:c5:d4:8f:
2c:21:41:24:d3:a1:85:c0:a0:31:80:4d:ba:26:e4:8b:1e:b3:
97:e0:61:73:91:a1:4b:87:3d:5e:42:01:a0:af:66:03:40:94:
ad:14:4e:ce:b5:d0:98:24:e6:09:8a:ba:33:bf:8c:ac:1e:6a:
0d:ab:69:dd:5d:2d:ac:bf:ac:29:5c:a9:0d:b1:15:17:2c:8d:
93:49:c1:5c:f4:16:67:51:04:ca:bb:a4:9f:3a:3d:68:2f:e0:
27:e9:59:bf:e6:0c:6e:c0:d7:c6:a6:8a:27:09:64:4f:dd:9d:
8f:70:aa:78
-----BEGIN CERTIFICATE-----
MIIGBDCCBOygAwIBAgIUV+g70mnuWOHO6gsqjyJ64YcMvmAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjA0MDgyMjUzMDRaFw0yNzA0MDcyMjU4MDRaMDMxMTAvBgNV
BAMTKDhDOUJCMTEzNkY2RjI4OTU2M0M1QzYzQjU5QTlFM0ZBRjM3M0Q3MzkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCjvaVtJQcV8kdHRrf2MoJBUa3L
t5srrX11X7QJtGziRTZ5L1Hk5dlC6dBgiAAVe9IU7x6CwG4ByFf03UMMOzMtsSWf
Fmo/urU6G34aMJuX/PuEs2riX39ILb6KuX2MDYwKa6zN9vGOFVYXlOECizY+g7rW
uy+KOjtYCvbdsZz8uyvSzjtxhn2Fv7kXfRTJaPrRF+y9AkoL3ooQU8KHQiq3s5qp
sAsm8wFQLQT7zux2bRZ3KAHn3KsKLh7Pe10kj+QwkDYXaMPr+ySskL7txOASD5Vu
UmLrfsNxidUujzaAG6UlwGf3Z5xyz+0Fy5NMbHb/QXdSNpx1XrIn+25N7N6DAgMB
AAGjggMOMIIDCjAdBgNVHQ4EFgQUjJuxE29vKJVjxcY7Wanj+vNz1zkwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTNzAyOS5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCCASMGCCsGAQUFBwEHAQH/BIIBEjCCAQ4wggEKBAIAATCC
AQIDBAJSFWgDBANSFoAwDAMEAlIWlAMEAlIWmAMEAVIXjAMEA1IXmAMEAVIYCgME
AVIYLAMEAVIYMgMEAVIYZgMEAlIYuAMEAVIYzAMEAlIZAAMEAVIZEgMEAlIZgAME
AVIZzgMEAVIaZgMEBFIbMAMEA1IbUAMEAlIbcAMEA1IbiAMEA1IbqAMEAlIbwAME
AVIdHgMEAlIdkAMEAVImJAMEAlImsAMEA1ImuAMEAVIncAMEAVIpwAMEAlRLBAME
AlRLHAMEAlRLSDAMAwQAVEtVAwQAVEtWMAwDBANUS1gDBABUS1oDBABUS10DBABU
S18DBAKyUwADBAKyU4ADBAKyU9gwDQYJKoZIhvcNAQELBQADggEBAF9wneyNb3f+
1uL7G1F3737tYR49uuURnWksl4D3i/jxjtBPMF5Hdeg6K7J8JLPt1f/5gaLvoslR
8cstqoOdJzeHAdmsQs81Yx1hrfx7RXFIAWE6wLsqSZ0TPqZFhEogf9cdH5bFGXFh
bAgTWHe3Je1Uqxh4dkiz5LXsgcrNt/7n60ryZc2YHa+U7RFaBsXUjywhQSTToYXA
oDGATbom5Ises5fgYXORoUuHPV5CAaCvZgNAlK0UTs610Jgk5gmKujO/jKweag2r
ad1dLay/rClcqQ2xFRcsjZNJwVz0FmdRBMq7pJ86PWgv4CfpWb/mDG7A18amiicJ
ZE/dnY9wqng=
-----END CERTIFICATE-----
Generated at Fri Apr 17 15:47:09 2026 by rpki-client