Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS29802.roa
File: AS29802.roa (raw, json)
Hash identifier: OYTOwSx2FFdldlwEiS7u3d6ychQ1CCoz7oGkzCnCJFs=
Subject key identifier: 71:7B:0D:8E:C2:70:D3:87:8C:00:BF:C6:34:B6:AE:E6:B2:47:24:93
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 037B17F16C241DD39AF42EE310A3ADCDC3A6366D
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS29802.roa
Signing time: Tue 02 Jun 2026 12:15:12 +0000
ROA not before: Tue 02 Jun 2026 12:10:12 +0000
ROA not after: Tue 01 Jun 2027 12:15:12 +0000
asID: 29802
IP address blocks: 82.21.67.0/24 maxlen: 24
82.21.74.0/24 maxlen: 24
82.21.93.0/24 maxlen: 24
82.21.103.0/24 maxlen: 24
82.21.110.0/24 maxlen: 24
82.21.113.0/24 maxlen: 24
82.21.119.0/24 maxlen: 24
82.21.122.0/24 maxlen: 24
82.21.124.0/24 maxlen: 24
82.21.132.0/24 maxlen: 24
82.21.139.0/24 maxlen: 24
82.21.140.0/24 maxlen: 24
82.21.143.0/24 maxlen: 24
82.21.148.0/24 maxlen: 24
82.21.152.0/24 maxlen: 24
82.21.155.0/24 maxlen: 24
82.21.157.0/24 maxlen: 24
82.21.163.0/24 maxlen: 24
82.22.61.0/24 maxlen: 24
82.24.92.0/22 maxlen: 24
82.24.96.0/22 maxlen: 24
82.24.116.0/22 maxlen: 24
82.24.128.0/22 maxlen: 24
82.24.132.0/22 maxlen: 24
82.24.136.0/22 maxlen: 24
82.24.140.0/22 maxlen: 24
82.24.148.0/22 maxlen: 24
82.24.152.0/22 maxlen: 24
82.24.156.0/22 maxlen: 24
82.24.160.0/22 maxlen: 24
82.24.164.0/22 maxlen: 24
82.24.168.0/22 maxlen: 24
82.24.176.0/22 maxlen: 24
82.24.196.0/22 maxlen: 24
82.25.146.0/23 maxlen: 24
82.25.148.0/23 maxlen: 24
82.25.150.0/23 maxlen: 24
82.25.152.0/23 maxlen: 24
82.25.154.0/23 maxlen: 24
82.25.156.0/23 maxlen: 24
82.25.158.0/23 maxlen: 24
82.25.162.0/23 maxlen: 24
82.25.164.0/23 maxlen: 24
82.25.166.0/23 maxlen: 24
82.25.168.0/23 maxlen: 24
82.25.170.0/23 maxlen: 24
82.25.172.0/23 maxlen: 24
82.25.176.0/23 maxlen: 24
82.25.178.0/23 maxlen: 24
82.25.182.0/23 maxlen: 24
82.25.188.0/23 maxlen: 24
82.26.116.0/24 maxlen: 24
82.26.176.0/21 maxlen: 24
82.26.184.0/21 maxlen: 24
82.38.174.0/24 maxlen: 24
82.39.223.0/24 maxlen: 24
82.47.240.0/23 maxlen: 24
2a13:9500:6::/48 maxlen: 48
2a13:9500:7::/48 maxlen: 48
2a13:9500:8::/48 maxlen: 48
2a13:9500:9::/48 maxlen: 48
2a13:9500:a::/48 maxlen: 48
2a13:9500:b::/48 maxlen: 48
2a13:9500:c::/48 maxlen: 48
2a13:9500:d::/48 maxlen: 48
2a13:9500:e::/48 maxlen: 48
2a13:9500:f::/48 maxlen: 48
2a13:9500:10::/48 maxlen: 48
2a13:9500:1c::/48 maxlen: 48
2a13:9500:1d::/48 maxlen: 48
2a13:9500:1e::/48 maxlen: 48
2a13:9500:1f::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 03 Jun 2026 15:55:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
03:7b:17:f1:6c:24:1d:d3:9a:f4:2e:e3:10:a3:ad:cd:c3:a6:36:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Jun 2 12:10:12 2026 GMT
Not After : Jun 1 12:15:12 2027 GMT
Subject: CN=717B0D8EC270D3878C00BFC634B6AEE6B2472493
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:b3:df:8d:30:cf:77:a9:eb:ab:23:59:77:fe:
66:e8:37:ba:ce:20:2b:a2:e5:9c:eb:3d:36:59:83:
3a:60:8e:22:4e:a6:6b:e4:66:92:7b:08:7e:7e:50:
dd:f6:5d:0f:fd:19:9d:3e:8c:47:5e:be:e3:09:cd:
ae:d2:09:a2:b8:6b:bc:bd:8a:08:be:58:51:40:8e:
3c:89:a2:42:74:3e:d7:f0:05:d2:32:1c:f1:ee:f1:
7a:56:81:22:51:1b:1b:70:30:ec:89:40:c3:dd:d9:
fa:19:59:47:f7:da:95:04:af:75:8c:37:31:ec:38:
f6:54:2c:ad:f9:28:2d:29:57:44:59:29:47:d2:30:
e5:33:58:a5:04:3c:78:4d:ac:6b:f7:aa:b7:23:80:
82:17:5c:9a:38:8a:52:47:cd:12:19:d1:09:53:30:
9a:c1:de:ab:4e:87:35:de:5d:1b:52:48:0f:dd:50:
eb:36:6c:2e:4f:b1:19:4d:ed:05:e6:07:4b:20:e9:
40:9a:f7:fa:1d:5a:d2:cd:0d:1b:23:c5:b9:f2:95:
d9:f0:bf:50:da:82:82:bc:19:d3:74:65:2c:7e:b7:
9c:0d:e4:55:85:68:34:9c:e9:9b:aa:87:9d:41:8d:
83:15:d1:9d:9e:4b:5f:da:ec:e8:e3:d8:8e:e3:29:
eb:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:7B:0D:8E:C2:70:D3:87:8C:00:BF:C6:34:B6:AE:E6:B2:47:24:93
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS29802.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.67.0/24
82.21.74.0/24
82.21.93.0/24
82.21.103.0/24
82.21.110.0/24
82.21.113.0/24
82.21.119.0/24
82.21.122.0/24
82.21.124.0/24
82.21.132.0/24
82.21.139.0-82.21.140.255
82.21.143.0/24
82.21.148.0/24
82.21.152.0/24
82.21.155.0/24
82.21.157.0/24
82.21.163.0/24
82.22.61.0/24
82.24.92.0-82.24.99.255
82.24.116.0/22
82.24.128.0/20
82.24.148.0-82.24.171.255
82.24.176.0/22
82.24.196.0/22
82.25.146.0-82.25.159.255
82.25.162.0-82.25.173.255
82.25.176.0/22
82.25.182.0/23
82.25.188.0/23
82.26.116.0/24
82.26.176.0/20
82.38.174.0/24
82.39.223.0/24
82.47.240.0/23
IPv6:
2a13:9500:6::-2a13:9500:10:ffff:ffff:ffff:ffff:ffff
2a13:9500:1c::/46
Signature Algorithm: sha256WithRSAEncryption
7e:2e:9a:25:3f:47:5c:9f:e2:19:8f:73:28:49:52:00:5c:ab:
92:10:f1:29:34:d1:c2:98:98:0a:25:2d:8a:55:09:9f:d0:27:
16:96:c8:0d:a6:5a:d6:8d:87:36:2d:87:45:98:22:9c:78:db:
2f:cc:e3:ff:bd:37:61:65:91:67:da:82:40:62:c8:a1:7c:3d:
c4:4a:57:5b:72:f1:b3:cc:88:1d:8d:e6:51:06:f3:d9:27:56:
37:49:4a:29:82:b6:a3:d3:77:d0:1c:0a:c0:19:db:07:8d:a4:
36:10:e9:03:c0:ea:f6:1c:27:a5:17:74:07:be:74:0f:29:ae:
19:94:05:97:7c:6c:63:9b:9c:ec:67:7f:b6:9d:61:1c:ce:e8:
6b:c3:c2:e7:19:62:02:88:65:95:2f:76:70:3e:9f:22:d6:04:
78:ae:85:82:1a:55:4c:51:12:7f:dc:55:16:f7:a8:51:de:38:
69:f6:bd:de:de:44:81:33:14:5f:c5:b6:e1:9e:a6:63:e4:de:
f6:38:8f:68:0b:63:15:fd:7a:c2:15:36:2a:aa:eb:d3:34:66:
da:36:b6:0a:14:5a:01:47:dc:5e:c9:73:77:f3:8e:8f:85:04:
3b:03:c2:82:73:b6:bc:76:d7:6f:a1:39:86:58:e6:49:17:75:
ac:4d:0f:b9
-----BEGIN CERTIFICATE-----
MIIGGjCCBQKgAwIBAgIUA3sX8WwkHdOa9C7jEKOtzcOmNm0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjA2MDIxMjEwMTJaFw0yNzA2MDExMjE1MTJaMDMxMTAvBgNV
BAMTKDcxN0IwRDhFQzI3MEQzODc4QzAwQkZDNjM0QjZBRUU2QjI0NzI0OTMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCfs9+NMM93qeurI1l3/mboN7rO
ICui5ZzrPTZZgzpgjiJOpmvkZpJ7CH5+UN32XQ/9GZ0+jEdevuMJza7SCaK4a7y9
igi+WFFAjjyJokJ0PtfwBdIyHPHu8XpWgSJRGxtwMOyJQMPd2foZWUf32pUEr3WM
NzHsOPZULK35KC0pV0RZKUfSMOUzWKUEPHhNrGv3qrcjgIIXXJo4ilJHzRIZ0QlT
MJrB3qtOhzXeXRtSSA/dUOs2bC5PsRlN7QXmB0sg6UCa9/odWtLNDRsjxbnyldnw
v1DagoK8GdN0ZSx+t5wN5FWFaDSc6Zuqh51BjYMV0Z2eS1/a7Ojj2I7jKeuRAgMB
AAGjggMkMIIDIDAdBgNVHQ4EFgQUcXsNjsJw04eMAL/GNLau5rJHJJMwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMjk4MDIucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwggE4BggrBgEFBQcBBwEB/wSCAScwggEjMIH7BAIAATCB
9AMEAFIVQwMEAFIVSgMEAFIVXQMEAFIVZwMEAFIVbgMEAFIVcQMEAFIVdwMEAFIV
egMEAFIVfAMEAFIVhDAMAwQAUhWLAwQAUhWMAwQAUhWPAwQAUhWUAwQAUhWYAwQA
UhWbAwQAUhWdAwQAUhWjAwQAUhY9MAwDBAJSGFwDBAJSGGADBAJSGHQDBARSGIAw
DAMEAlIYlAMEAlIYqAMEAlIYsAMEAlIYxDAMAwQBUhmSAwQFUhmAMAwDBAFSGaID
BAFSGawDBAJSGbADBAFSGbYDBAFSGbwDBABSGnQDBARSGrADBABSJq4DBABSJ98D
BAFSL/AwIwQCAAIwHTASAwcBKhOVAAAGAwcAKhOVAAAQAwcCKhOVAAAcMA0GCSqG
SIb3DQEBCwUAA4IBAQB+LpolP0dcn+IZj3MoSVIAXKuSEPEpNNHCmJgKJS2KVQmf
0CcWlsgNplrWjYc2LYdFmCKceNsvzOP/vTdhZZFn2oJAYsihfD3ESldbcvGzzIgd
jeZRBvPZJ1Y3SUopgraj03fQHArAGdsHjaQ2EOkDwOr2HCelF3QHvnQPKa4ZlAWX
fGxjm5zsZ3+2nWEczuhrw8LnGWICiGWVL3ZwPp8i1gR4roWCGlVMURJ/3FUW96hR
3jhp9r3e3kSBMxRfxbbhnqZj5N72OI9oC2MV/XrCFTYqquvTNGbaNrYKFFoBR9xe
yXN3846PhQQ7A8KCc7a8dtdvoTmGWOZJF3WsTQ+5
-----END CERTIFICATE-----
Generated at Tue Jun 2 21:10:45 2026 by rpki-client