Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS29802.roa
File: AS29802.roa (raw, json)
Hash identifier: qKXnPQQlRtT6ChEakRRKNcUEBauQ4/Hb1qvOfq1PmpA=
Subject key identifier: D9:21:98:39:3B:EC:B0:C6:87:FF:B5:AB:A9:17:AE:3A:0C:DC:E9:CE
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 03AA46B2592BFDBDA39B5AE3C6C7D884D1CDD9A5
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS29802.roa
Signing time: Mon 15 Sep 2025 12:34:44 +0000
ROA not before: Mon 15 Sep 2025 12:29:44 +0000
ROA not after: Mon 14 Sep 2026 12:34:44 +0000
asID: 29802
IP address blocks: 82.21.67.0/24 maxlen: 24
82.21.74.0/24 maxlen: 24
82.21.93.0/24 maxlen: 24
82.21.103.0/24 maxlen: 24
82.21.110.0/24 maxlen: 24
82.21.113.0/24 maxlen: 24
82.21.119.0/24 maxlen: 24
82.21.122.0/24 maxlen: 24
82.21.124.0/24 maxlen: 24
82.21.132.0/24 maxlen: 24
82.21.139.0/24 maxlen: 24
82.21.140.0/24 maxlen: 24
82.21.143.0/24 maxlen: 24
82.21.148.0/24 maxlen: 24
82.21.152.0/24 maxlen: 24
82.21.155.0/24 maxlen: 24
82.21.157.0/24 maxlen: 24
82.21.163.0/24 maxlen: 24
82.24.92.0/22 maxlen: 24
82.24.96.0/22 maxlen: 24
82.24.116.0/22 maxlen: 24
82.24.128.0/22 maxlen: 24
82.24.132.0/22 maxlen: 24
82.24.136.0/22 maxlen: 24
82.24.140.0/22 maxlen: 24
82.24.148.0/22 maxlen: 24
82.24.152.0/22 maxlen: 24
82.24.156.0/22 maxlen: 24
82.24.160.0/22 maxlen: 24
82.24.164.0/22 maxlen: 24
82.24.168.0/22 maxlen: 24
82.24.176.0/22 maxlen: 24
82.24.196.0/22 maxlen: 24
82.25.146.0/23 maxlen: 24
82.25.148.0/23 maxlen: 24
82.25.150.0/23 maxlen: 24
82.25.152.0/23 maxlen: 24
82.25.154.0/23 maxlen: 24
82.25.156.0/23 maxlen: 24
82.25.158.0/23 maxlen: 24
82.25.162.0/23 maxlen: 24
82.25.164.0/23 maxlen: 24
82.25.166.0/23 maxlen: 24
82.25.168.0/23 maxlen: 24
82.25.170.0/23 maxlen: 24
82.25.172.0/23 maxlen: 24
82.25.176.0/23 maxlen: 24
82.25.178.0/23 maxlen: 24
82.25.182.0/23 maxlen: 24
82.25.188.0/23 maxlen: 24
82.26.66.0/24 maxlen: 24
82.26.116.0/24 maxlen: 24
82.26.176.0/21 maxlen: 24
82.26.184.0/21 maxlen: 24
82.27.8.0/24 maxlen: 24
2a13:9500:3::/48 maxlen: 48
2a13:9500:6::/48 maxlen: 48
2a13:9500:7::/48 maxlen: 48
2a13:9500:8::/48 maxlen: 48
2a13:9500:9::/48 maxlen: 48
2a13:9500:a::/48 maxlen: 48
2a13:9500:b::/48 maxlen: 48
2a13:9500:c::/48 maxlen: 48
2a13:9500:d::/48 maxlen: 48
2a13:9500:e::/48 maxlen: 48
2a13:9500:f::/48 maxlen: 48
2a13:9500:10::/48 maxlen: 48
2a13:9500:1c::/48 maxlen: 48
2a13:9500:1d::/48 maxlen: 48
2a13:9500:1e::/48 maxlen: 48
2a13:9500:1f::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 19 Sep 2025 12:04:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
03:aa:46:b2:59:2b:fd:bd:a3:9b:5a:e3:c6:c7:d8:84:d1:cd:d9:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Sep 15 12:29:44 2025 GMT
Not After : Sep 14 12:34:44 2026 GMT
Subject: CN=D92198393BECB0C687FFB5ABA917AE3A0CDCE9CE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:12:3a:58:99:34:98:b3:82:89:10:b5:e1:fb:
51:87:bf:8d:86:c7:85:6b:72:27:14:97:29:3a:17:
0d:66:79:21:aa:2f:06:39:70:34:10:ac:03:a4:14:
0e:ea:69:44:17:97:c2:18:37:b2:68:7b:77:b9:6a:
c2:3b:5f:50:71:a3:4d:0c:57:77:8c:e1:ac:57:73:
2a:32:62:86:f2:79:ce:27:5b:c9:f5:6c:f3:f9:2c:
fa:d8:36:c4:51:bd:a7:17:20:e2:93:de:80:5f:56:
ef:35:ad:0a:22:3b:e0:e3:b9:af:d2:4c:7b:bf:93:
a2:4d:3a:78:a6:ae:88:5a:0f:b4:eb:91:f2:af:2c:
16:10:0e:44:e5:6d:6b:a7:54:71:4e:e0:2f:84:3f:
85:7b:3d:a4:a8:c6:6a:e7:68:e6:ff:2a:33:d8:64:
1e:1c:9e:67:8b:b7:ef:5b:79:9c:a5:f3:6b:28:52:
0e:10:8d:c6:f4:d2:11:ea:e9:f1:71:cf:1f:63:21:
2c:64:f2:dc:b1:14:c0:91:39:f4:6f:8c:3f:f4:bb:
09:51:d5:d5:db:b5:c6:c0:49:78:fc:a0:6c:5f:89:
cf:7a:8f:b2:b1:1e:31:cb:e5:bd:62:77:de:0e:05:
22:1f:a1:ab:d7:fa:54:06:1c:83:6d:d4:b8:f6:ef:
65:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:21:98:39:3B:EC:B0:C6:87:FF:B5:AB:A9:17:AE:3A:0C:DC:E9:CE
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS29802.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.67.0/24
82.21.74.0/24
82.21.93.0/24
82.21.103.0/24
82.21.110.0/24
82.21.113.0/24
82.21.119.0/24
82.21.122.0/24
82.21.124.0/24
82.21.132.0/24
82.21.139.0-82.21.140.255
82.21.143.0/24
82.21.148.0/24
82.21.152.0/24
82.21.155.0/24
82.21.157.0/24
82.21.163.0/24
82.24.92.0-82.24.99.255
82.24.116.0/22
82.24.128.0/20
82.24.148.0-82.24.171.255
82.24.176.0/22
82.24.196.0/22
82.25.146.0-82.25.159.255
82.25.162.0-82.25.173.255
82.25.176.0/22
82.25.182.0/23
82.25.188.0/23
82.26.66.0/24
82.26.116.0/24
82.26.176.0/20
82.27.8.0/24
IPv6:
2a13:9500:3::/48
2a13:9500:6::-2a13:9500:10:ffff:ffff:ffff:ffff:ffff
2a13:9500:1c::/46
Signature Algorithm: sha256WithRSAEncryption
15:e7:da:99:20:75:a7:52:ba:aa:b1:94:c0:22:43:d1:53:bd:
83:ec:78:99:72:18:5e:aa:6e:cf:1a:af:93:ff:00:a0:39:a5:
2f:7a:d0:73:1f:01:d7:a9:92:08:75:f6:8d:39:c3:28:28:0a:
4a:f0:4d:b9:ad:65:4a:c2:25:17:18:db:31:5e:4e:75:ef:1d:
bd:7b:92:39:f1:84:71:20:52:a2:25:0e:2a:93:f5:15:ec:bb:
c0:e3:89:97:96:2d:6a:06:23:3b:8d:6d:ae:13:46:3c:38:51:
c2:be:25:cf:2a:a8:fd:26:f3:e2:16:d7:74:c7:b7:7c:ae:83:
50:22:03:f9:ed:98:7f:b8:bd:dc:05:28:be:d2:00:d0:98:13:
50:e2:c3:53:9f:27:be:47:90:a6:1c:ac:70:f2:37:4e:af:8d:
f1:3b:8f:3e:96:89:1e:dd:48:e1:73:09:da:b8:6a:80:9f:50:
4e:60:c6:c6:e0:3b:cf:f5:f0:62:f3:e7:3d:2e:42:c1:18:68:
cf:87:03:9f:de:c5:dd:42:ca:11:dd:23:51:6a:99:ad:b9:d7:
c0:0f:df:1e:92:a9:bc:16:7f:7a:3b:3d:ef:74:f4:ba:19:a2:
54:db:5b:f8:b5:08:10:9d:cb:5b:5a:3e:fc:02:ed:a5:7b:24:
dd:95:cc:ae
-----BEGIN CERTIFICATE-----
MIIGFzCCBP+gAwIBAgIUA6pGslkr/b2jm1rjxsfYhNHN2aUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTA5MTUxMjI5NDRaFw0yNjA5MTQxMjM0NDRaMDMxMTAvBgNV
BAMTKEQ5MjE5ODM5M0JFQ0IwQzY4N0ZGQjVBQkE5MTdBRTNBMENEQ0U5Q0UwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCmEjpYmTSYs4KJELXh+1GHv42G
x4VrcicUlyk6Fw1meSGqLwY5cDQQrAOkFA7qaUQXl8IYN7Joe3e5asI7X1Bxo00M
V3eM4axXcyoyYobyec4nW8n1bPP5LPrYNsRRvacXIOKT3oBfVu81rQoiO+Djua/S
THu/k6JNOnimrohaD7TrkfKvLBYQDkTlbWunVHFO4C+EP4V7PaSoxmrnaOb/KjPY
ZB4cnmeLt+9beZyl82soUg4Qjcb00hHq6fFxzx9jISxk8tyxFMCROfRvjD/0uwlR
1dXbtcbASXj8oGxfic96j7KxHjHL5b1id94OBSIfoavX+lQGHINt1Lj272UpAgMB
AAGjggMhMIIDHTAdBgNVHQ4EFgQU2SGYOTvssMaH/7WrqReuOgzc6c4wHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMjk4MDIucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwggE1BggrBgEFBQcBBwEB/wSCASQwggEgMIHvBAIAATCB
6AMEAFIVQwMEAFIVSgMEAFIVXQMEAFIVZwMEAFIVbgMEAFIVcQMEAFIVdwMEAFIV
egMEAFIVfAMEAFIVhDAMAwQAUhWLAwQAUhWMAwQAUhWPAwQAUhWUAwQAUhWYAwQA
UhWbAwQAUhWdAwQAUhWjMAwDBAJSGFwDBAJSGGADBAJSGHQDBARSGIAwDAMEAlIY
lAMEAlIYqAMEAlIYsAMEAlIYxDAMAwQBUhmSAwQFUhmAMAwDBAFSGaIDBAFSGawD
BAJSGbADBAFSGbYDBAFSGbwDBABSGkIDBABSGnQDBARSGrADBABSGwgwLAQCAAIw
JgMHACoTlQAAAzASAwcBKhOVAAAGAwcAKhOVAAAQAwcCKhOVAAAcMA0GCSqGSIb3
DQEBCwUAA4IBAQAV59qZIHWnUrqqsZTAIkPRU72D7HiZchheqm7PGq+T/wCgOaUv
etBzHwHXqZIIdfaNOcMoKApK8E25rWVKwiUXGNsxXk517x29e5I58YRxIFKiJQ4q
k/UV7LvA44mXli1qBiM7jW2uE0Y8OFHCviXPKqj9JvPiFtd0x7d8roNQIgP57Zh/
uL3cBSi+0gDQmBNQ4sNTnye+R5CmHKxw8jdOr43xO48+loke3UjhcwnauGqAn1BO
YMbG4DvP9fBi8+c9LkLBGGjPhwOf3sXdQsoR3SNRapmtudfAD98ekqm8Fn96Oz3v
dPS6GaJU21v4tQgQnctbWj78Au2leyTdlcyu
-----END CERTIFICATE-----
Generated at Thu Sep 18 14:16:26 2025 by rpki-client