Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS29802.roa
File: AS29802.roa (raw, json)
Hash identifier: GXfu4XbBYqJnIChtut4jOMryROsxsE5HglVuToIr6LM=
Subject key identifier: CD:17:BC:61:16:A6:89:E6:6F:1F:7D:33:1D:B8:61:12:FF:BA:D3:4B
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 677FB8AE97A6800D253718D8CF3706998EDF6D5C
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS29802.roa
Signing time: Fri 06 Jun 2025 00:00:07 +0000
ROA not before: Thu 05 Jun 2025 23:55:07 +0000
ROA not after: Fri 05 Jun 2026 00:00:07 +0000
asID: 29802
IP address blocks: 82.21.67.0/24 maxlen: 24
82.21.74.0/24 maxlen: 24
82.21.93.0/24 maxlen: 24
82.21.103.0/24 maxlen: 24
82.21.110.0/24 maxlen: 24
82.21.113.0/24 maxlen: 24
82.21.119.0/24 maxlen: 24
82.21.122.0/24 maxlen: 24
82.21.124.0/24 maxlen: 24
82.21.132.0/24 maxlen: 24
82.21.139.0/24 maxlen: 24
82.21.140.0/24 maxlen: 24
82.21.143.0/24 maxlen: 24
82.21.148.0/24 maxlen: 24
82.21.152.0/24 maxlen: 24
82.21.155.0/24 maxlen: 24
82.21.157.0/24 maxlen: 24
82.21.163.0/24 maxlen: 24
82.21.188.0/24 maxlen: 24
82.24.92.0/22 maxlen: 24
82.24.96.0/22 maxlen: 24
82.24.116.0/22 maxlen: 24
82.24.128.0/22 maxlen: 24
82.24.132.0/22 maxlen: 24
82.24.136.0/22 maxlen: 24
82.24.140.0/22 maxlen: 24
82.24.148.0/22 maxlen: 24
82.24.152.0/22 maxlen: 24
82.24.156.0/22 maxlen: 24
82.24.160.0/22 maxlen: 24
82.24.164.0/22 maxlen: 24
82.24.168.0/22 maxlen: 24
82.24.176.0/22 maxlen: 24
82.24.196.0/22 maxlen: 24
82.25.146.0/23 maxlen: 24
82.25.148.0/23 maxlen: 24
82.25.150.0/23 maxlen: 24
82.25.152.0/23 maxlen: 24
82.25.154.0/23 maxlen: 24
82.25.156.0/23 maxlen: 24
82.25.158.0/23 maxlen: 24
82.25.162.0/23 maxlen: 24
82.25.164.0/23 maxlen: 24
82.25.166.0/23 maxlen: 24
82.25.168.0/23 maxlen: 24
82.25.170.0/23 maxlen: 24
82.25.172.0/23 maxlen: 24
82.25.176.0/23 maxlen: 24
82.25.178.0/23 maxlen: 24
82.25.182.0/23 maxlen: 24
82.25.188.0/23 maxlen: 24
82.26.66.0/24 maxlen: 24
82.26.120.0/24 maxlen: 24
82.26.174.0/24 maxlen: 24
82.26.176.0/21 maxlen: 24
82.26.184.0/21 maxlen: 24
2a13:9500:3::/48 maxlen: 48
2a13:9500:6::/48 maxlen: 48
2a13:9500:7::/48 maxlen: 48
2a13:9500:8::/48 maxlen: 48
2a13:9500:9::/48 maxlen: 48
2a13:9500:a::/48 maxlen: 48
2a13:9500:b::/48 maxlen: 48
2a13:9500:c::/48 maxlen: 48
2a13:9500:d::/48 maxlen: 48
2a13:9500:e::/48 maxlen: 48
2a13:9500:f::/48 maxlen: 48
2a13:9500:10::/48 maxlen: 48
2a13:9500:1c::/48 maxlen: 48
2a13:9500:1d::/48 maxlen: 48
2a13:9500:1e::/48 maxlen: 48
2a13:9500:1f::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 07 Jun 2025 15:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
67:7f:b8:ae:97:a6:80:0d:25:37:18:d8:cf:37:06:99:8e:df:6d:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Jun 5 23:55:07 2025 GMT
Not After : Jun 5 00:00:07 2026 GMT
Subject: CN=CD17BC6116A689E66F1F7D331DB86112FFBAD34B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:1c:71:75:f1:a2:0e:ef:8c:b2:e1:4f:5c:5a:
31:d7:8f:26:fd:95:cc:41:2a:08:ed:9e:67:cb:0a:
8c:d1:db:a9:49:75:87:23:3e:b1:32:0a:d5:42:9b:
2c:ab:f5:75:ba:4c:c3:c3:d4:f6:40:81:67:2e:32:
4d:54:8b:a2:fa:80:5f:a1:90:d6:d9:4a:d4:8d:b3:
ae:49:45:f5:44:ab:25:85:0d:1c:a8:5d:3a:d6:b0:
24:3c:41:c5:4c:88:be:bf:06:c3:b9:92:6b:ba:97:
c0:ee:39:e5:02:54:ca:ef:d8:ad:38:13:8d:3c:53:
f0:a5:1a:75:e3:dd:b9:ba:08:72:87:00:81:6e:06:
55:0a:f0:3e:32:a4:21:4a:74:d0:da:16:b0:fc:cc:
58:bb:6c:ab:12:04:9b:de:d9:75:95:df:a6:0e:e2:
f8:58:2f:45:ad:60:51:5c:cc:c3:63:d0:ce:9c:02:
8c:16:b2:be:28:dd:71:c1:c9:4b:73:6a:7e:ec:6f:
36:59:07:cd:e8:5f:1d:1c:8a:85:11:f4:51:18:03:
c5:2c:95:26:44:98:eb:f5:79:9f:da:79:52:f2:26:
42:e2:cf:09:0d:1f:09:93:45:7a:a4:9f:12:00:c0:
ef:61:f5:f5:1e:c9:3b:8d:64:e9:06:35:9f:cf:da:
85:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:17:BC:61:16:A6:89:E6:6F:1F:7D:33:1D:B8:61:12:FF:BA:D3:4B
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS29802.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.67.0/24
82.21.74.0/24
82.21.93.0/24
82.21.103.0/24
82.21.110.0/24
82.21.113.0/24
82.21.119.0/24
82.21.122.0/24
82.21.124.0/24
82.21.132.0/24
82.21.139.0-82.21.140.255
82.21.143.0/24
82.21.148.0/24
82.21.152.0/24
82.21.155.0/24
82.21.157.0/24
82.21.163.0/24
82.21.188.0/24
82.24.92.0-82.24.99.255
82.24.116.0/22
82.24.128.0/20
82.24.148.0-82.24.171.255
82.24.176.0/22
82.24.196.0/22
82.25.146.0-82.25.159.255
82.25.162.0-82.25.173.255
82.25.176.0/22
82.25.182.0/23
82.25.188.0/23
82.26.66.0/24
82.26.120.0/24
82.26.174.0/24
82.26.176.0/20
IPv6:
2a13:9500:3::/48
2a13:9500:6::-2a13:9500:10:ffff:ffff:ffff:ffff:ffff
2a13:9500:1c::/46
Signature Algorithm: sha256WithRSAEncryption
05:af:59:6d:2e:f0:f0:0c:08:65:bb:17:ca:f2:35:c6:48:b8:
cd:ed:7d:d7:75:de:b4:b0:e6:19:3e:c0:51:13:40:60:18:4c:
3e:36:c9:f5:a3:40:cd:32:93:fc:61:e7:ec:7d:f9:b7:ad:08:
50:7e:ad:68:fe:c3:ac:df:85:11:c7:3b:a0:74:86:63:18:e7:
e1:d3:ff:78:fc:1c:74:a5:28:22:80:b8:a4:36:c3:6e:6e:8e:
40:1b:a1:3a:f7:5e:6e:a5:e9:2d:eb:70:20:1b:91:43:5c:93:
be:8d:dd:8a:02:f3:a4:c6:e1:23:98:5b:86:c8:22:a3:77:af:
41:54:e3:56:9c:da:e7:9c:08:0c:88:0a:95:a7:99:07:65:66:
bc:e5:2c:99:0c:3d:1e:0f:42:ae:c7:d9:5d:71:d9:27:a3:2a:
9e:74:73:0f:13:5b:a0:a7:59:cb:d8:ad:8d:a7:6c:45:fe:3a:
2f:e6:05:a2:e8:77:2b:9c:31:44:58:72:9c:c9:68:59:19:e7:
46:11:9c:6e:06:67:30:47:02:e0:e5:9a:ff:ca:c9:d5:d3:fb:
2e:84:27:94:2e:15:e1:e7:89:73:23:a8:68:7d:47:42:5d:a6:
13:c2:e0:1b:e3:53:b2:93:78:40:07:ba:63:a0:81:20:eb:7e:
6d:f2:ca:86
-----BEGIN CERTIFICATE-----
MIIGHTCCBQWgAwIBAgIUZ3+4rpemgA0lNxjYzzcGmY7fbVwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTA2MDUyMzU1MDdaFw0yNjA2MDUwMDAwMDdaMDMxMTAvBgNV
BAMTKENEMTdCQzYxMTZBNjg5RTY2RjFGN0QzMzFEQjg2MTEyRkZCQUQzNEIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDeHHF18aIO74yy4U9cWjHXjyb9
lcxBKgjtnmfLCozR26lJdYcjPrEyCtVCmyyr9XW6TMPD1PZAgWcuMk1Ui6L6gF+h
kNbZStSNs65JRfVEqyWFDRyoXTrWsCQ8QcVMiL6/BsO5kmu6l8DuOeUCVMrv2K04
E408U/ClGnXj3bm6CHKHAIFuBlUK8D4ypCFKdNDaFrD8zFi7bKsSBJve2XWV36YO
4vhYL0WtYFFczMNj0M6cAowWsr4o3XHByUtzan7sbzZZB83oXx0cioUR9FEYA8Us
lSZEmOv1eZ/aeVLyJkLizwkNHwmTRXqknxIAwO9h9fUeyTuNZOkGNZ/P2oVJAgMB
AAGjggMnMIIDIzAdBgNVHQ4EFgQUzRe8YRamieZvH30zHbhhEv+600swHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMjk4MDIucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwggE7BggrBgEFBQcBBwEB/wSCASowggEmMIH1BAIAATCB
7gMEAFIVQwMEAFIVSgMEAFIVXQMEAFIVZwMEAFIVbgMEAFIVcQMEAFIVdwMEAFIV
egMEAFIVfAMEAFIVhDAMAwQAUhWLAwQAUhWMAwQAUhWPAwQAUhWUAwQAUhWYAwQA
UhWbAwQAUhWdAwQAUhWjAwQAUhW8MAwDBAJSGFwDBAJSGGADBAJSGHQDBARSGIAw
DAMEAlIYlAMEAlIYqAMEAlIYsAMEAlIYxDAMAwQBUhmSAwQFUhmAMAwDBAFSGaID
BAFSGawDBAJSGbADBAFSGbYDBAFSGbwDBABSGkIDBABSGngDBABSGq4DBARSGrAw
LAQCAAIwJgMHACoTlQAAAzASAwcBKhOVAAAGAwcAKhOVAAAQAwcCKhOVAAAcMA0G
CSqGSIb3DQEBCwUAA4IBAQAFr1ltLvDwDAhluxfK8jXGSLjN7X3Xdd60sOYZPsBR
E0BgGEw+Nsn1o0DNMpP8Yefsffm3rQhQfq1o/sOs34URxzugdIZjGOfh0/94/Bx0
pSgigLikNsNubo5AG6E6915upekt63AgG5FDXJO+jd2KAvOkxuEjmFuGyCKjd69B
VONWnNrnnAgMiAqVp5kHZWa85SyZDD0eD0Kux9ldcdknoyqedHMPE1ugp1nL2K2N
p2xF/jov5gWi6HcrnDFEWHKcyWhZGedGEZxuBmcwRwLg5Zr/ysnV0/suhCeULhXh
54lzI6hofUdCXaYTwuAb41Oyk3hAB7pjoIEg635t8sqG
-----END CERTIFICATE-----
Generated at Fri Jun 6 21:54:15 2025 by rpki-client