Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS7029.roa
File: AS7029.roa (raw, json)
Hash identifier: QQAvofJdQv+Newl7kekG669h3xKCqlDodmYYLBpwCjU=
Subject key identifier: 9A:E9:3D:DA:A6:0D:04:84:13:17:B8:60:08:51:1C:C3:50:1E:CA:AC
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 1D9D258E3A285828E0B09E56CE49A011FFBE22C6
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS7029.roa
Signing time: Mon 28 Jul 2025 00:00:54 +0000
ROA not before: Sun 27 Jul 2025 23:55:54 +0000
ROA not after: Mon 27 Jul 2026 00:00:54 +0000
asID: 7029
IP address blocks: 82.21.1.0/24 maxlen: 24
82.21.3.0/24 maxlen: 24
82.21.4.0/24 maxlen: 24
82.21.5.0/24 maxlen: 24
82.21.104.0/22 maxlen: 24
82.21.138.0/24 maxlen: 24
82.22.128.0/21 maxlen: 24
82.22.148.0/22 maxlen: 24
82.22.152.0/22 maxlen: 24
82.22.190.0/24 maxlen: 24
82.23.140.0/23 maxlen: 24
82.23.162.0/23 maxlen: 24
82.24.0.0/22 maxlen: 24
82.24.31.0/24 maxlen: 24
82.24.106.0/24 maxlen: 24
82.24.107.0/24 maxlen: 24
82.24.110.0/24 maxlen: 24
82.24.111.0/24 maxlen: 24
82.25.0.0/22 maxlen: 24
82.25.10.0/24 maxlen: 24
82.25.11.0/24 maxlen: 24
82.25.12.0/24 maxlen: 24
82.25.13.0/24 maxlen: 24
82.26.174.0/24 maxlen: 24
82.27.48.0/20 maxlen: 24
82.27.136.0/21 maxlen: 24
82.27.168.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 08:52:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1d:9d:25:8e:3a:28:58:28:e0:b0:9e:56:ce:49:a0:11:ff:be:22:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Jul 27 23:55:54 2025 GMT
Not After : Jul 27 00:00:54 2026 GMT
Subject: CN=9AE93DDAA60D04841317B86008511CC3501ECAAC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:9a:3d:fc:50:ab:53:54:af:5d:55:63:17:37:
e2:56:f2:bb:ff:04:14:0a:40:f4:4f:b1:98:e2:e7:
82:43:d9:19:d7:7b:97:d6:40:26:10:fa:a6:f9:8f:
7b:94:9e:a3:23:79:5c:08:f8:5b:d9:09:7f:e1:81:
4f:aa:7c:56:ff:ae:ef:bd:cf:a7:91:e2:54:97:88:
82:81:d4:a8:3c:0d:a6:ec:5b:d8:24:fc:db:54:cf:
3f:47:7a:3c:bf:88:8a:61:8b:a6:2d:e1:d5:30:b7:
2f:68:ba:57:8c:bc:ab:b3:0f:4d:24:fb:ca:75:57:
db:7f:09:c7:78:26:50:e8:9b:70:a9:5a:8b:30:ec:
7e:c6:be:50:9d:3e:3e:44:72:3b:d9:21:4a:37:14:
bf:9e:39:7c:20:18:7e:30:f6:9e:46:e3:c7:b3:0d:
9d:69:20:78:2b:61:f6:ac:75:e3:93:f9:83:1f:03:
91:11:d1:08:08:df:ba:4d:d7:53:3b:b1:e9:34:27:
86:82:af:83:d6:c8:80:0e:00:a9:3e:63:d2:32:cd:
2f:28:5a:9a:fb:62:df:c1:89:af:71:42:f7:a8:25:
c0:53:01:2b:b8:64:4b:92:2e:f9:73:4a:44:d2:4a:
27:bf:16:d8:12:cd:5c:d1:4f:ef:10:ca:8c:ba:80:
62:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:E9:3D:DA:A6:0D:04:84:13:17:B8:60:08:51:1C:C3:50:1E:CA:AC
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS7029.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.1.0/24
82.21.3.0-82.21.5.255
82.21.104.0/22
82.21.138.0/24
82.22.128.0/21
82.22.148.0-82.22.155.255
82.22.190.0/24
82.23.140.0/23
82.23.162.0/23
82.24.0.0/22
82.24.31.0/24
82.24.106.0/23
82.24.110.0/23
82.25.0.0/22
82.25.10.0-82.25.13.255
82.26.174.0/24
82.27.48.0/20
82.27.136.0/21
82.27.168.0/21
Signature Algorithm: sha256WithRSAEncryption
a8:af:2e:ef:f2:80:b6:6d:19:2f:20:7b:5f:69:9c:7b:c9:21:
07:64:75:8e:92:82:2b:1e:86:60:59:8c:6f:5c:07:b6:46:cf:
d7:00:a6:7d:d4:06:cf:1c:97:61:09:75:e2:29:6c:49:5e:21:
85:fb:d5:5c:d2:48:f5:de:50:ad:48:d9:8c:fa:02:83:af:25:
15:73:c7:5d:7f:9c:9e:00:8a:f3:f9:e5:ab:e1:79:a2:a3:96:
17:24:7a:29:42:fc:60:28:81:dc:af:c4:53:f1:8c:84:ad:97:
5c:b8:20:a6:f1:7c:a7:6d:bd:8f:c2:fd:94:93:d4:05:34:7a:
10:10:e9:19:40:13:3c:4f:50:42:6b:9b:a1:f2:ab:47:75:63:
f3:83:74:3b:75:10:e1:7e:e1:e4:b3:c5:b9:02:3d:f8:3f:07:
85:5b:fc:8c:67:c4:3a:cd:fc:b9:88:d4:88:c7:66:3c:89:2c:
f2:e3:d6:0a:85:e0:6b:a9:78:14:08:60:f8:03:6d:7b:24:23:
16:0c:27:a3:a0:52:d6:db:01:75:81:30:64:a3:dd:4d:ab:6f:
b6:0a:b7:ed:cb:5a:4c:b3:74:46:61:78:81:ec:54:47:d7:15:
9d:0d:05:9e:21:e3:3d:48:6f:da:79:aa:1f:40:ca:c5:fb:2f:
08:f3:4c:ed
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgIUHZ0ljjooWCjgsJ5WzkmgEf++IsYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTA3MjcyMzU1NTRaFw0yNjA3MjcwMDAwNTRaMDMxMTAvBgNV
BAMTKDlBRTkzRERBQTYwRDA0ODQxMzE3Qjg2MDA4NTExQ0MzNTAxRUNBQUMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDHmj38UKtTVK9dVWMXN+JW8rv/
BBQKQPRPsZji54JD2RnXe5fWQCYQ+qb5j3uUnqMjeVwI+FvZCX/hgU+qfFb/ru+9
z6eR4lSXiIKB1Kg8DabsW9gk/NtUzz9Hejy/iIphi6Yt4dUwty9ouleMvKuzD00k
+8p1V9t/Ccd4JlDom3CpWosw7H7GvlCdPj5EcjvZIUo3FL+eOXwgGH4w9p5G48ez
DZ1pIHgrYfasdeOT+YMfA5ER0QgI37pN11M7sek0J4aCr4PWyIAOAKk+Y9IyzS8o
Wpr7Yt/Bia9xQveoJcBTASu4ZEuSLvlzSkTSSie/FtgSzVzRT+8Qyoy6gGIFAgMB
AAGjggKRMIICjTAdBgNVHQ4EFgQUmuk92qYNBIQTF7hgCFEcw1AeyqwwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTNzAyOS5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCBpwYIKwYBBQUHAQcBAf8EgZcwgZQwgZEEAgABMIGKAwQA
UhUBMAwDBABSFQMDBAFSFQQDBAJSFWgDBABSFYoDBANSFoAwDAMEAlIWlAMEAlIW
mAMEAFIWvgMEAVIXjAMEAVIXogMEAlIYAAMEAFIYHwMEAVIYagMEAVIYbgMEAlIZ
ADAMAwQBUhkKAwQBUhkMAwQAUhquAwQEUhswAwQDUhuIAwQDUhuoMA0GCSqGSIb3
DQEBCwUAA4IBAQCory7v8oC2bRkvIHtfaZx7ySEHZHWOkoIrHoZgWYxvXAe2Rs/X
AKZ91AbPHJdhCXXiKWxJXiGF+9Vc0kj13lCtSNmM+gKDryUVc8ddf5yeAIrz+eWr
4Xmio5YXJHopQvxgKIHcr8RT8YyErZdcuCCm8Xynbb2Pwv2Uk9QFNHoQEOkZQBM8
T1BCa5uh8qtHdWPzg3Q7dRDhfuHks8W5Aj34PweFW/yMZ8Q6zfy5iNSIx2Y8iSzy
49YKheBrqXgUCGD4A217JCMWDCejoFLW2wF1gTBko91Nq2+2Crfty1pMs3RGYXiB
7FRH1xWdDQWeIeM9SG/aeaofQMrF+y8I80zt
-----END CERTIFICATE-----
Generated at Mon Aug 4 13:56:13 2025 by rpki-client