Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS29802.roa
File: AS29802.roa (raw, json)
Hash identifier: HSJps8Lx/IahoKeG9XZkclHhQphS+S/MU8yyCMQQZ7s=
Subject key identifier: DA:11:70:07:9E:8C:E0:E3:6D:83:66:90:F9:9D:07:C3:57:F4:F5:3F
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 23F1D8F2AA34FD0F0500D45A478B673E34C79DDC
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS29802.roa
Signing time: Wed 16 Jul 2025 00:00:14 +0000
ROA not before: Tue 15 Jul 2025 23:55:14 +0000
ROA not after: Wed 15 Jul 2026 00:00:14 +0000
asID: 29802
IP address blocks: 82.21.67.0/24 maxlen: 24
82.21.74.0/24 maxlen: 24
82.21.93.0/24 maxlen: 24
82.21.103.0/24 maxlen: 24
82.21.110.0/24 maxlen: 24
82.21.113.0/24 maxlen: 24
82.21.119.0/24 maxlen: 24
82.21.122.0/24 maxlen: 24
82.21.124.0/24 maxlen: 24
82.21.132.0/24 maxlen: 24
82.21.139.0/24 maxlen: 24
82.21.140.0/24 maxlen: 24
82.21.143.0/24 maxlen: 24
82.21.148.0/24 maxlen: 24
82.21.152.0/24 maxlen: 24
82.21.155.0/24 maxlen: 24
82.21.157.0/24 maxlen: 24
82.21.163.0/24 maxlen: 24
82.21.188.0/24 maxlen: 24
82.24.92.0/22 maxlen: 24
82.24.96.0/22 maxlen: 24
82.24.116.0/22 maxlen: 24
82.24.128.0/22 maxlen: 24
82.24.132.0/22 maxlen: 24
82.24.136.0/22 maxlen: 24
82.24.140.0/22 maxlen: 24
82.24.148.0/22 maxlen: 24
82.24.152.0/22 maxlen: 24
82.24.156.0/22 maxlen: 24
82.24.160.0/22 maxlen: 24
82.24.164.0/22 maxlen: 24
82.24.168.0/22 maxlen: 24
82.24.176.0/22 maxlen: 24
82.24.196.0/22 maxlen: 24
82.25.146.0/23 maxlen: 24
82.25.148.0/23 maxlen: 24
82.25.150.0/23 maxlen: 24
82.25.152.0/23 maxlen: 24
82.25.154.0/23 maxlen: 24
82.25.156.0/23 maxlen: 24
82.25.158.0/23 maxlen: 24
82.25.162.0/23 maxlen: 24
82.25.164.0/23 maxlen: 24
82.25.166.0/23 maxlen: 24
82.25.168.0/23 maxlen: 24
82.25.170.0/23 maxlen: 24
82.25.172.0/23 maxlen: 24
82.25.176.0/23 maxlen: 24
82.25.178.0/23 maxlen: 24
82.25.182.0/23 maxlen: 24
82.25.188.0/23 maxlen: 24
82.26.66.0/24 maxlen: 24
82.26.120.0/24 maxlen: 24
82.26.176.0/21 maxlen: 24
82.26.184.0/21 maxlen: 24
2a13:9500:3::/48 maxlen: 48
2a13:9500:6::/48 maxlen: 48
2a13:9500:7::/48 maxlen: 48
2a13:9500:8::/48 maxlen: 48
2a13:9500:9::/48 maxlen: 48
2a13:9500:a::/48 maxlen: 48
2a13:9500:b::/48 maxlen: 48
2a13:9500:c::/48 maxlen: 48
2a13:9500:d::/48 maxlen: 48
2a13:9500:e::/48 maxlen: 48
2a13:9500:f::/48 maxlen: 48
2a13:9500:10::/48 maxlen: 48
2a13:9500:1c::/48 maxlen: 48
2a13:9500:1d::/48 maxlen: 48
2a13:9500:1e::/48 maxlen: 48
2a13:9500:1f::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 31 Jul 2025 15:09:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
23:f1:d8:f2:aa:34:fd:0f:05:00:d4:5a:47:8b:67:3e:34:c7:9d:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Jul 15 23:55:14 2025 GMT
Not After : Jul 15 00:00:14 2026 GMT
Subject: CN=DA1170079E8CE0E36D836690F99D07C357F4F53F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:42:9f:89:24:cb:b2:27:dc:c4:7b:89:b4:6d:
f1:56:9e:fe:53:c5:01:a3:c7:2d:9c:7a:54:f8:d5:
96:1b:2e:27:0f:d0:c2:8a:1d:36:34:96:55:dd:e8:
03:e0:e6:83:fd:ad:48:c0:3d:ec:d3:89:7d:3a:35:
c0:5c:d5:3b:e8:a9:8d:0f:04:20:2d:61:93:a9:af:
55:61:b4:38:39:f4:c3:d2:a9:ad:15:d3:12:c3:db:
f1:d9:f3:1c:c7:e6:be:93:22:55:5d:eb:89:93:56:
c2:b4:98:e7:0b:18:a5:29:f3:c5:b8:08:a1:86:17:
67:2b:56:88:2d:4c:a7:b2:45:4e:6d:70:0a:22:3b:
d9:ea:ac:02:4e:bc:a5:f9:a1:b8:46:d3:cb:8a:4c:
44:c5:d5:89:77:ee:0e:a8:af:de:81:ee:61:1c:85:
f2:7a:66:92:1b:94:89:5b:83:0e:35:f3:f8:ff:5b:
2d:58:58:07:9c:59:2b:f3:85:b2:11:04:d6:b1:b5:
49:4f:2d:ab:04:8b:d0:9f:44:98:2c:99:4c:75:19:
fc:b4:2e:f8:74:13:0b:32:da:33:61:7f:2b:70:0a:
fb:54:fc:fe:f3:39:68:3b:1b:53:10:32:46:89:f7:
91:1a:6a:2d:d1:d3:4e:b4:30:7b:4b:21:15:bb:3e:
a8:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:11:70:07:9E:8C:E0:E3:6D:83:66:90:F9:9D:07:C3:57:F4:F5:3F
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS29802.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.67.0/24
82.21.74.0/24
82.21.93.0/24
82.21.103.0/24
82.21.110.0/24
82.21.113.0/24
82.21.119.0/24
82.21.122.0/24
82.21.124.0/24
82.21.132.0/24
82.21.139.0-82.21.140.255
82.21.143.0/24
82.21.148.0/24
82.21.152.0/24
82.21.155.0/24
82.21.157.0/24
82.21.163.0/24
82.21.188.0/24
82.24.92.0-82.24.99.255
82.24.116.0/22
82.24.128.0/20
82.24.148.0-82.24.171.255
82.24.176.0/22
82.24.196.0/22
82.25.146.0-82.25.159.255
82.25.162.0-82.25.173.255
82.25.176.0/22
82.25.182.0/23
82.25.188.0/23
82.26.66.0/24
82.26.120.0/24
82.26.176.0/20
IPv6:
2a13:9500:3::/48
2a13:9500:6::-2a13:9500:10:ffff:ffff:ffff:ffff:ffff
2a13:9500:1c::/46
Signature Algorithm: sha256WithRSAEncryption
91:b7:bb:e8:ae:e5:49:51:f0:72:ac:df:6b:ec:ee:00:11:a9:
29:12:5b:2e:e7:c0:50:ad:66:4e:c9:0f:da:a9:d1:c7:bb:30:
fb:70:04:7d:a4:72:d1:8c:cd:05:e0:59:93:88:c3:0d:ba:07:
ae:35:14:6f:20:af:ee:c6:e2:68:18:84:a1:23:20:89:8f:a6:
78:9d:02:c2:eb:04:09:14:05:ed:99:6f:3f:44:11:45:03:81:
2e:e0:34:91:fc:98:63:d8:2c:a0:60:8a:43:56:78:a1:b2:d9:
c8:ab:1a:04:39:94:ba:01:7e:ab:b8:87:43:a8:32:3b:0c:16:
ba:aa:e6:ac:da:4c:a1:07:74:7e:e6:5c:0e:70:76:50:6b:71:
3b:93:27:5c:0c:2c:f9:f6:ca:d7:45:1d:34:6e:15:9d:33:96:
68:17:2e:a6:49:03:ca:60:79:2f:49:06:e2:d4:f2:27:32:87:
f5:16:3b:5d:86:80:dc:0b:f1:4f:67:8a:78:78:c2:ef:20:9b:
35:60:67:6c:44:59:12:42:7a:d7:fa:60:03:a9:84:8d:bd:c5:
58:7b:d0:5b:60:5a:bc:fc:f4:0a:18:74:f7:6e:c1:43:9a:6d:
67:4a:88:07:46:61:c9:e1:43:fe:05:c6:5c:2b:e8:ea:4c:6f:
45:c3:47:29
-----BEGIN CERTIFICATE-----
MIIGFzCCBP+gAwIBAgIUI/HY8qo0/Q8FANRaR4tnPjTHndwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTA3MTUyMzU1MTRaFw0yNjA3MTUwMDAwMTRaMDMxMTAvBgNV
BAMTKERBMTE3MDA3OUU4Q0UwRTM2RDgzNjY5MEY5OUQwN0MzNTdGNEY1M0YwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDcQp+JJMuyJ9zEe4m0bfFWnv5T
xQGjxy2celT41ZYbLicP0MKKHTY0llXd6APg5oP9rUjAPezTiX06NcBc1TvoqY0P
BCAtYZOpr1VhtDg59MPSqa0V0xLD2/HZ8xzH5r6TIlVd64mTVsK0mOcLGKUp88W4
CKGGF2crVogtTKeyRU5tcAoiO9nqrAJOvKX5obhG08uKTETF1Yl37g6or96B7mEc
hfJ6ZpIblIlbgw418/j/Wy1YWAecWSvzhbIRBNaxtUlPLasEi9CfRJgsmUx1Gfy0
Lvh0Ewsy2jNhfytwCvtU/P7zOWg7G1MQMkaJ95Eaai3R0060MHtLIRW7PqhZAgMB
AAGjggMhMIIDHTAdBgNVHQ4EFgQU2hFwB56M4ONtg2aQ+Z0Hw1f09T8wHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMjk4MDIucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwggE1BggrBgEFBQcBBwEB/wSCASQwggEgMIHvBAIAATCB
6AMEAFIVQwMEAFIVSgMEAFIVXQMEAFIVZwMEAFIVbgMEAFIVcQMEAFIVdwMEAFIV
egMEAFIVfAMEAFIVhDAMAwQAUhWLAwQAUhWMAwQAUhWPAwQAUhWUAwQAUhWYAwQA
UhWbAwQAUhWdAwQAUhWjAwQAUhW8MAwDBAJSGFwDBAJSGGADBAJSGHQDBARSGIAw
DAMEAlIYlAMEAlIYqAMEAlIYsAMEAlIYxDAMAwQBUhmSAwQFUhmAMAwDBAFSGaID
BAFSGawDBAJSGbADBAFSGbYDBAFSGbwDBABSGkIDBABSGngDBARSGrAwLAQCAAIw
JgMHACoTlQAAAzASAwcBKhOVAAAGAwcAKhOVAAAQAwcCKhOVAAAcMA0GCSqGSIb3
DQEBCwUAA4IBAQCRt7voruVJUfByrN9r7O4AEakpElsu58BQrWZOyQ/aqdHHuzD7
cAR9pHLRjM0F4FmTiMMNugeuNRRvIK/uxuJoGIShIyCJj6Z4nQLC6wQJFAXtmW8/
RBFFA4Eu4DSR/Jhj2CygYIpDVnihstnIqxoEOZS6AX6ruIdDqDI7DBa6quas2kyh
B3R+5lwOcHZQa3E7kydcDCz59srXRR00bhWdM5ZoFy6mSQPKYHkvSQbi1PInMof1
FjtdhoDcC/FPZ4p4eMLvIJs1YGdsRFkSQnrX+mADqYSNvcVYe9BbYFq8/PQKGHT3
bsFDmm1nSogHRmHJ4UP+BcZcK+jqTG9Fw0cp
-----END CERTIFICATE-----
Generated at Thu Jul 31 00:45:48 2025 by rpki-client