Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS29802.roa
File: AS29802.roa (raw, json)
Hash identifier: x0Mw7EYai8uFM4eAhmeL8LMItuhSWoHkKyZokdWXik0=
Subject key identifier: 19:E0:47:34:3C:2C:3E:D6:A9:B8:08:0B:7F:45:1B:27:8D:40:CD:71
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 05FD5673F5BCD381B07CBE7FA262F5A10F56A5BC
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS29802.roa
Signing time: Sat 01 Feb 2025 07:53:52 +0000
ROA not before: Sat 01 Feb 2025 07:48:52 +0000
ROA not after: Sat 31 Jan 2026 07:53:52 +0000
asID: 29802
IP address blocks: 82.21.41.0/24 maxlen: 24
82.21.67.0/24 maxlen: 24
82.21.74.0/24 maxlen: 24
82.21.93.0/24 maxlen: 24
82.21.103.0/24 maxlen: 24
82.21.110.0/24 maxlen: 24
82.21.113.0/24 maxlen: 24
82.21.119.0/24 maxlen: 24
82.21.122.0/24 maxlen: 24
82.21.124.0/24 maxlen: 24
82.21.132.0/24 maxlen: 24
82.21.139.0/24 maxlen: 24
82.21.140.0/24 maxlen: 24
82.21.143.0/24 maxlen: 24
82.21.148.0/24 maxlen: 24
82.21.152.0/24 maxlen: 24
82.21.155.0/24 maxlen: 24
82.21.157.0/24 maxlen: 24
82.21.163.0/24 maxlen: 24
82.21.188.0/24 maxlen: 24
82.24.92.0/22 maxlen: 24
82.24.96.0/22 maxlen: 24
82.24.116.0/22 maxlen: 24
82.24.128.0/22 maxlen: 24
82.24.132.0/22 maxlen: 24
82.24.136.0/22 maxlen: 24
82.24.140.0/22 maxlen: 24
82.24.148.0/22 maxlen: 24
82.24.152.0/22 maxlen: 24
82.24.156.0/22 maxlen: 24
82.24.160.0/22 maxlen: 24
82.24.164.0/22 maxlen: 24
82.24.168.0/22 maxlen: 24
82.24.176.0/22 maxlen: 24
82.24.196.0/22 maxlen: 24
82.25.146.0/23 maxlen: 24
82.25.148.0/23 maxlen: 24
82.25.150.0/23 maxlen: 24
82.25.152.0/23 maxlen: 24
82.25.154.0/23 maxlen: 24
82.25.156.0/23 maxlen: 24
82.25.158.0/23 maxlen: 24
82.25.162.0/23 maxlen: 24
82.25.164.0/23 maxlen: 24
82.25.166.0/23 maxlen: 24
82.25.168.0/23 maxlen: 24
82.25.170.0/23 maxlen: 24
82.25.172.0/23 maxlen: 24
82.25.176.0/23 maxlen: 24
82.25.178.0/23 maxlen: 24
82.25.182.0/23 maxlen: 24
82.25.188.0/23 maxlen: 24
82.26.176.0/21 maxlen: 24
82.26.184.0/21 maxlen: 24
2a13:9500:3::/48 maxlen: 48
2a13:9500:6::/48 maxlen: 48
2a13:9500:7::/48 maxlen: 48
2a13:9500:8::/48 maxlen: 48
2a13:9500:9::/48 maxlen: 48
2a13:9500:a::/48 maxlen: 48
2a13:9500:b::/48 maxlen: 48
2a13:9500:c::/48 maxlen: 48
2a13:9500:d::/48 maxlen: 48
2a13:9500:e::/48 maxlen: 48
2a13:9500:f::/48 maxlen: 48
2a13:9500:10::/48 maxlen: 48
2a13:9500:1c::/48 maxlen: 48
2a13:9500:1d::/48 maxlen: 48
2a13:9500:1e::/48 maxlen: 48
2a13:9500:1f::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
05:fd:56:73:f5:bc:d3:81:b0:7c:be:7f:a2:62:f5:a1:0f:56:a5:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Feb 1 07:48:52 2025 GMT
Not After : Jan 31 07:53:52 2026 GMT
Subject: CN=19E047343C2C3ED6A9B8080B7F451B278D40CD71
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:12:e0:90:ec:99:ca:ab:4f:a2:46:53:d3:34:
68:b1:41:d3:71:a5:f3:ec:b5:f1:fd:7b:74:e4:c7:
a3:16:ed:fb:13:27:2f:d2:7e:1e:4b:06:ab:e5:21:
95:80:2c:63:d6:90:7f:fc:6c:6c:5a:d1:6b:4e:78:
eb:66:ab:4b:d5:1f:cb:33:df:97:98:72:63:42:36:
b5:59:a3:d0:e7:0e:31:72:00:35:c7:8f:e4:37:91:
02:c9:53:d4:0d:45:b7:91:72:af:40:b1:19:5a:0b:
96:f2:59:57:fe:85:bd:9a:18:ec:b4:99:bd:61:9c:
76:b6:8d:1f:f8:e8:f3:89:5e:ef:e4:2c:46:77:75:
1d:12:eb:89:61:c5:8c:59:fa:48:8e:b0:46:b0:df:
60:e5:cc:b0:0a:b7:35:79:29:35:4d:d4:d9:01:20:
c8:95:5f:96:07:07:58:08:da:3e:86:44:9f:1c:97:
bd:97:0f:2e:21:c2:da:1c:b0:f3:2e:d5:ba:a9:78:
9e:69:b6:3a:f1:4a:e7:56:da:e4:ee:1d:f4:d6:9b:
0e:3f:30:b3:c9:59:d9:c4:95:9c:99:d1:d8:12:65:
73:b2:3d:d9:33:f5:8c:a1:66:33:b1:2e:c2:d4:3c:
20:ac:bc:74:8e:36:fc:40:42:5c:ea:ab:69:cd:fa:
10:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:E0:47:34:3C:2C:3E:D6:A9:B8:08:0B:7F:45:1B:27:8D:40:CD:71
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS29802.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.41.0/24
82.21.67.0/24
82.21.74.0/24
82.21.93.0/24
82.21.103.0/24
82.21.110.0/24
82.21.113.0/24
82.21.119.0/24
82.21.122.0/24
82.21.124.0/24
82.21.132.0/24
82.21.139.0-82.21.140.255
82.21.143.0/24
82.21.148.0/24
82.21.152.0/24
82.21.155.0/24
82.21.157.0/24
82.21.163.0/24
82.21.188.0/24
82.24.92.0-82.24.99.255
82.24.116.0/22
82.24.128.0/20
82.24.148.0-82.24.171.255
82.24.176.0/22
82.24.196.0/22
82.25.146.0-82.25.159.255
82.25.162.0-82.25.173.255
82.25.176.0/22
82.25.182.0/23
82.25.188.0/23
82.26.176.0/20
IPv6:
2a13:9500:3::/48
2a13:9500:6::-2a13:9500:10:ffff:ffff:ffff:ffff:ffff
2a13:9500:1c::/46
Signature Algorithm: sha256WithRSAEncryption
3b:05:82:da:8c:f3:6e:2b:1b:48:45:a4:32:7d:00:01:c4:3d:
b1:42:01:bd:84:56:3e:dd:a9:b4:e1:af:5a:1d:2c:aa:3d:62:
f2:dc:6f:c0:e4:54:3b:91:23:b3:8b:54:ca:4a:69:ff:b0:7c:
58:71:e2:cb:c5:2a:28:f8:97:7e:38:81:a8:23:2b:01:42:e8:
a3:4c:a4:85:89:d1:a8:09:dc:2a:f3:fc:f0:e8:16:93:34:20:
65:86:32:ed:a5:9d:90:bd:1f:f8:15:de:95:6e:34:9b:8c:5f:
29:b9:59:a9:49:9a:fe:e4:68:94:2e:14:84:40:a1:62:68:a2:
d6:56:89:64:22:d2:26:c0:9a:39:73:d7:4e:f0:31:bd:f4:1c:
e9:f0:4e:42:82:91:29:e3:ee:3d:7b:7d:fa:63:f6:fb:7d:83:
90:93:81:a4:48:34:09:51:50:51:0f:00:c6:ec:ca:78:3e:89:
f0:71:7d:c5:b1:17:23:c6:25:df:e4:00:53:44:96:33:c9:70:
cc:0c:25:a3:62:ab:44:70:8e:a8:48:72:aa:e6:d8:22:b0:58:
d2:5d:8a:bd:69:90:57:3b:5c:f8:fe:42:17:f0:3d:70:35:7d:
10:15:e5:34:1b:a4:ba:fc:06:25:9a:3e:23:17:ba:5c:ce:2e:
7d:ab:d6:ad
-----BEGIN CERTIFICATE-----
MIIGETCCBPmgAwIBAgIUBf1Wc/W804GwfL5/omL1oQ9WpbwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTAyMDEwNzQ4NTJaFw0yNjAxMzEwNzUzNTJaMDMxMTAvBgNV
BAMTKDE5RTA0NzM0M0MyQzNFRDZBOUI4MDgwQjdGNDUxQjI3OEQ0MENENzEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDlEuCQ7JnKq0+iRlPTNGixQdNx
pfPstfH9e3Tkx6MW7fsTJy/Sfh5LBqvlIZWALGPWkH/8bGxa0WtOeOtmq0vVH8sz
35eYcmNCNrVZo9DnDjFyADXHj+Q3kQLJU9QNRbeRcq9AsRlaC5byWVf+hb2aGOy0
mb1hnHa2jR/46POJXu/kLEZ3dR0S64lhxYxZ+kiOsEaw32DlzLAKtzV5KTVN1NkB
IMiVX5YHB1gI2j6GRJ8cl72XDy4hwtocsPMu1bqpeJ5ptjrxSudW2uTuHfTWmw4/
MLPJWdnElZyZ0dgSZXOyPdkz9YyhZjOxLsLUPCCsvHSONvxAQlzqq2nN+hBhAgMB
AAGjggMbMIIDFzAdBgNVHQ4EFgQUGeBHNDwsPtapuAgLf0UbJ41AzXEwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMjk4MDIucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwggEvBggrBgEFBQcBBwEB/wSCAR4wggEaMIHpBAIAATCB
4gMEAFIVKQMEAFIVQwMEAFIVSgMEAFIVXQMEAFIVZwMEAFIVbgMEAFIVcQMEAFIV
dwMEAFIVegMEAFIVfAMEAFIVhDAMAwQAUhWLAwQAUhWMAwQAUhWPAwQAUhWUAwQA
UhWYAwQAUhWbAwQAUhWdAwQAUhWjAwQAUhW8MAwDBAJSGFwDBAJSGGADBAJSGHQD
BARSGIAwDAMEAlIYlAMEAlIYqAMEAlIYsAMEAlIYxDAMAwQBUhmSAwQFUhmAMAwD
BAFSGaIDBAFSGawDBAJSGbADBAFSGbYDBAFSGbwDBARSGrAwLAQCAAIwJgMHACoT
lQAAAzASAwcBKhOVAAAGAwcAKhOVAAAQAwcCKhOVAAAcMA0GCSqGSIb3DQEBCwUA
A4IBAQA7BYLajPNuKxtIRaQyfQABxD2xQgG9hFY+3am04a9aHSyqPWLy3G/A5FQ7
kSOzi1TKSmn/sHxYceLLxSoo+Jd+OIGoIysBQuijTKSFidGoCdwq8/zw6BaTNCBl
hjLtpZ2QvR/4Fd6VbjSbjF8puVmpSZr+5GiULhSEQKFiaKLWVolkItImwJo5c9dO
8DG99Bzp8E5CgpEp4+49e336Y/b7fYOQk4GkSDQJUVBRDwDG7Mp4PonwcX3FsRcj
xiXf5ABTRJYzyXDMDCWjYqtEcI6oSHKq5tgisFjSXYq9aZBXO1z4/kIX8D1wNX0Q
FeU0G6S6/AYlmj4jF7pczi59q9at
-----END CERTIFICATE-----
Generated at Sun Feb 2 09:49:40 2025 by rpki-client