Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS7029.roa
File: AS7029.roa (raw, json)
Hash identifier: c5gctDNmklmOjmWV1/0Ik72kPOtIVhdb/tNYhGRcYqM=
Subject key identifier: FA:FC:5D:F3:1C:57:28:76:0E:8D:04:39:CC:B4:03:19:0F:39:EF:5C
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 72F25A25EF03FE7C70ACE5F95FB6ED94B5D69D59
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS7029.roa
Signing time: Tue 03 Feb 2026 11:01:19 +0000
ROA not before: Tue 03 Feb 2026 10:56:19 +0000
ROA not after: Tue 02 Feb 2027 11:01:19 +0000
asID: 7029
IP address blocks: 82.21.104.0/22 maxlen: 24
82.22.128.0/21 maxlen: 24
82.22.148.0/22 maxlen: 24
82.22.152.0/22 maxlen: 24
82.23.140.0/23 maxlen: 24
82.23.152.0/21 maxlen: 24
82.24.10.0/23 maxlen: 24
82.24.44.0/23 maxlen: 24
82.24.50.0/23 maxlen: 24
82.24.102.0/23 maxlen: 24
82.24.184.0/22 maxlen: 24
82.24.204.0/23 maxlen: 24
82.25.0.0/22 maxlen: 24
82.25.18.0/23 maxlen: 24
82.25.128.0/22 maxlen: 24
82.25.206.0/23 maxlen: 24
82.26.102.0/23 maxlen: 24
82.27.48.0/20 maxlen: 24
82.27.80.0/21 maxlen: 24
82.27.112.0/22 maxlen: 24
82.27.136.0/21 maxlen: 24
82.27.168.0/21 maxlen: 24
82.27.192.0/22 maxlen: 24
82.29.30.0/23 maxlen: 24
82.29.144.0/22 maxlen: 24
82.38.176.0/22 maxlen: 24
82.38.184.0/22 maxlen: 24
82.38.188.0/22 maxlen: 24
178.83.0.0/22 maxlen: 24
178.83.128.0/22 maxlen: 24
178.83.216.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
72:f2:5a:25:ef:03:fe:7c:70:ac:e5:f9:5f:b6:ed:94:b5:d6:9d:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Feb 3 10:56:19 2026 GMT
Not After : Feb 2 11:01:19 2027 GMT
Subject: CN=FAFC5DF31C5728760E8D0439CCB403190F39EF5C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:cc:e8:99:95:79:39:18:02:2f:1f:96:d3:4a:
7a:dc:43:d2:7c:f9:ff:a3:7b:bf:2d:ac:35:21:18:
36:03:7a:13:c6:44:a7:d8:b9:44:02:87:ce:91:ab:
fa:e2:a9:a1:cb:5e:4f:e7:b8:f3:2c:80:62:cc:17:
db:d3:11:10:21:99:44:34:4d:87:31:a6:b0:49:56:
9f:dd:5d:cc:6e:ed:12:86:a8:82:af:83:7c:0b:0c:
8f:46:72:f9:69:e8:c7:48:13:fa:e0:5f:fd:ce:b1:
e8:d3:91:fb:c0:5f:36:81:41:56:ee:70:26:93:55:
36:be:ec:10:16:4f:28:9c:49:e5:f3:35:ef:d3:20:
42:99:83:96:03:11:a4:20:e6:2c:33:88:7d:5c:3e:
1f:98:e4:96:eb:8a:5b:ba:45:fd:65:b9:7e:90:49:
c1:30:a7:0a:96:a3:1f:86:17:36:81:e0:f4:2f:ee:
b9:af:dd:1a:4f:7e:77:48:c2:ee:42:1d:b2:e8:8e:
88:f5:3a:a6:10:de:30:f2:2c:0c:45:02:20:69:a5:
cf:dd:fb:2d:e8:56:0f:f0:79:95:e5:01:b3:57:10:
71:43:5e:f2:e4:b7:e2:ed:4f:1d:2c:21:79:a6:53:
b9:3f:ee:f2:9a:56:05:7b:85:22:87:29:17:82:bf:
60:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:FC:5D:F3:1C:57:28:76:0E:8D:04:39:CC:B4:03:19:0F:39:EF:5C
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS7029.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.104.0/22
82.22.128.0/21
82.22.148.0-82.22.155.255
82.23.140.0/23
82.23.152.0/21
82.24.10.0/23
82.24.44.0/23
82.24.50.0/23
82.24.102.0/23
82.24.184.0/22
82.24.204.0/23
82.25.0.0/22
82.25.18.0/23
82.25.128.0/22
82.25.206.0/23
82.26.102.0/23
82.27.48.0/20
82.27.80.0/21
82.27.112.0/22
82.27.136.0/21
82.27.168.0/21
82.27.192.0/22
82.29.30.0/23
82.29.144.0/22
82.38.176.0/22
82.38.184.0/21
178.83.0.0/22
178.83.128.0/22
178.83.216.0/22
Signature Algorithm: sha256WithRSAEncryption
80:d9:13:96:4a:33:7e:2c:c8:32:03:ee:ff:82:ec:dd:07:8d:
fe:71:ef:ae:87:b7:9d:00:79:f1:83:a0:81:f5:05:1f:fa:5b:
a3:5b:34:ac:7c:3d:fa:49:58:9b:4e:39:e0:05:39:36:55:fd:
19:f8:b7:4b:53:4b:c7:9c:e4:e1:5e:53:32:f0:53:a1:4a:3a:
69:6c:e2:7e:90:e6:1f:62:c0:26:c3:67:69:28:da:45:2e:cc:
a4:ca:e2:66:eb:de:41:56:f4:be:f1:83:5f:04:4c:b2:ed:42:
b6:e5:fd:70:f8:21:47:1a:cd:20:a8:d9:d3:00:d8:7a:72:56:
24:42:a2:d5:0b:80:9c:65:63:f8:19:a1:7e:ec:8f:d4:51:30:
91:2c:75:76:a9:1b:85:b0:8b:85:7a:35:a3:6a:a1:06:f3:8f:
a8:1d:7a:1a:9a:d3:4a:e6:01:66:1c:31:2a:24:e1:cd:b3:f0:
10:16:78:80:b9:14:9d:3e:5a:e1:fd:8a:ea:47:3a:dd:2f:97:
df:65:5f:d8:83:fd:fc:92:c8:d9:60:7c:9e:f8:6f:cc:1e:79:
78:e6:ee:7c:4f:c0:ae:a0:a3:cd:5a:ef:6b:34:45:56:2a:65:
8a:58:2f:f5:db:8d:7c:03:07:f5:52:34:21:76:58:95:94:96:
76:a0:6f:6d
-----BEGIN CERTIFICATE-----
MIIFszCCBJugAwIBAgIUcvJaJe8D/nxwrOX5X7btlLXWnVkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjAyMDMxMDU2MTlaFw0yNzAyMDIxMTAxMTlaMDMxMTAvBgNV
BAMTKEZBRkM1REYzMUM1NzI4NzYwRThEMDQzOUNDQjQwMzE5MEYzOUVGNUMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCozOiZlXk5GAIvH5bTSnrcQ9J8
+f+je78trDUhGDYDehPGRKfYuUQCh86Rq/riqaHLXk/nuPMsgGLMF9vTERAhmUQ0
TYcxprBJVp/dXcxu7RKGqIKvg3wLDI9Gcvlp6MdIE/rgX/3OsejTkfvAXzaBQVbu
cCaTVTa+7BAWTyicSeXzNe/TIEKZg5YDEaQg5iwziH1cPh+Y5Jbrilu6Rf1luX6Q
ScEwpwqWox+GFzaB4PQv7rmv3RpPfndIwu5CHbLojoj1OqYQ3jDyLAxFAiBppc/d
+y3oVg/weZXlAbNXEHFDXvLkt+LtTx0sIXmmU7k/7vKaVgV7hSKHKReCv2AnAgMB
AAGjggK9MIICuTAdBgNVHQ4EFgQU+vxd8xxXKHYOjQQ5zLQDGQ8571wwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTNzAyOS5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCB0wYIKwYBBQUHAQcBAf8EgcMwgcAwgb0EAgABMIG2AwQC
UhVoAwQDUhaAMAwDBAJSFpQDBAJSFpgDBAFSF4wDBANSF5gDBAFSGAoDBAFSGCwD
BAFSGDIDBAFSGGYDBAJSGLgDBAFSGMwDBAJSGQADBAFSGRIDBAJSGYADBAFSGc4D
BAFSGmYDBARSGzADBANSG1ADBAJSG3ADBANSG4gDBANSG6gDBAJSG8ADBAFSHR4D
BAJSHZADBAJSJrADBANSJrgDBAKyUwADBAKyU4ADBAKyU9gwDQYJKoZIhvcNAQEL
BQADggEBAIDZE5ZKM34syDID7v+C7N0Hjf5x766Ht50AefGDoIH1BR/6W6NbNKx8
PfpJWJtOOeAFOTZV/Rn4t0tTS8ec5OFeUzLwU6FKOmls4n6Q5h9iwCbDZ2ko2kUu
zKTK4mbr3kFW9L7xg18ETLLtQrbl/XD4IUcazSCo2dMA2HpyViRCotULgJxlY/gZ
oX7sj9RRMJEsdXapG4Wwi4V6NaNqoQbzj6gdehqa00rmAWYcMSok4c2z8BAWeIC5
FJ0+WuH9iupHOt0vl99lX9iD/fySyNlgfJ74b8weeXjm7nxPwK6go81a72s0RVYq
ZYpYL/XbjXwDB/VSNCF2WJWUlnagb20=
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:54:14 2026 by rpki-client