
Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS7029.roa
File: AS7029.roa (raw, json)
Hash identifier: BCZ5NooRqtsVQfGJ2j2VTpjCUOSzBiTV1iwwtBuiI+g=
Subject key identifier: 58:58:1C:F6:32:C9:3C:BC:59:D5:A3:DA:1E:DC:00:53:02:E3:2F:7B
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 3DDE71079DC7BD7585CB13820C432D21F1883266
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS7029.roa
Signing time: Wed 08 Jul 2026 00:04:43 +0000
ROA not before: Tue 07 Jul 2026 23:59:43 +0000
ROA not after: Wed 07 Jul 2027 00:04:43 +0000
asID: 7029
IP address blocks: 82.21.104.0/22 maxlen: 24
82.22.128.0/21 maxlen: 24
82.22.148.0/22 maxlen: 24
82.22.152.0/22 maxlen: 24
82.23.140.0/23 maxlen: 24
82.23.152.0/21 maxlen: 24
82.24.10.0/23 maxlen: 24
82.24.44.0/23 maxlen: 24
82.24.50.0/23 maxlen: 24
82.24.102.0/23 maxlen: 24
82.24.184.0/22 maxlen: 24
82.24.204.0/23 maxlen: 24
82.25.0.0/22 maxlen: 24
82.25.18.0/23 maxlen: 24
82.25.128.0/22 maxlen: 24
82.25.206.0/23 maxlen: 24
82.26.102.0/23 maxlen: 24
82.27.48.0/20 maxlen: 24
82.27.80.0/21 maxlen: 24
82.27.112.0/22 maxlen: 24
82.27.136.0/21 maxlen: 24
82.27.168.0/21 maxlen: 24
82.27.192.0/22 maxlen: 24
82.29.30.0/23 maxlen: 24
82.29.144.0/22 maxlen: 24
82.38.36.0/23 maxlen: 24
82.38.176.0/22 maxlen: 24
82.38.184.0/22 maxlen: 24
82.38.188.0/22 maxlen: 24
82.39.112.0/23 maxlen: 24
82.41.192.0/23 maxlen: 24
84.75.4.0/22 maxlen: 24
84.75.28.0/22 maxlen: 24
84.75.72.0/22 maxlen: 24
84.75.85.0/24 maxlen: 24
84.75.86.0/24 maxlen: 24
84.75.88.0/24 maxlen: 24
84.75.89.0/24 maxlen: 24
84.75.90.0/24 maxlen: 24
84.75.93.0/24 maxlen: 24
84.75.95.0/24 maxlen: 24
178.83.0.0/22 maxlen: 24
178.83.216.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Jul 2026 16:14:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3d:de:71:07:9d:c7:bd:75:85:cb:13:82:0c:43:2d:21:f1:88:32:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Jul 7 23:59:43 2026 GMT
Not After : Jul 7 00:04:43 2027 GMT
Subject: CN=58581CF632C93CBC59D5A3DA1EDC005302E32F7B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:81:ef:7d:97:f5:39:4b:36:13:3a:96:b9:22:
c8:46:27:d7:b4:9d:d3:24:94:9c:5d:bf:c6:f2:25:
73:bf:98:4b:d9:f3:92:6d:06:15:46:b7:15:fa:b8:
27:ac:8a:b0:05:bb:c9:be:06:10:55:dc:93:39:36:
45:00:61:7c:4a:65:64:99:f0:ee:4f:3d:40:81:8b:
81:a6:8c:16:91:1d:16:3c:c1:1b:c4:01:7e:a5:2a:
d9:6d:da:24:cf:a4:fd:5b:52:0d:a6:1a:86:6a:8f:
d8:2e:87:0b:db:58:47:fb:23:d7:19:b1:8a:c1:64:
12:02:9c:1a:18:20:2a:4d:e4:9c:1c:5c:3b:5f:54:
26:c7:56:34:62:0e:f2:dd:5d:39:c0:b3:58:25:77:
33:f5:c0:9a:88:36:4c:3f:6e:ef:9a:da:b7:72:b1:
1a:6c:b8:f1:55:98:2e:49:39:32:be:f1:17:90:98:
a9:03:48:da:05:d3:17:c1:63:56:bf:bd:25:d0:dd:
95:df:69:3d:ed:e6:cb:a8:1a:42:6e:e0:b7:c7:24:
dc:46:a7:f1:90:31:d3:68:e1:80:0f:03:cf:31:dd:
67:a0:ad:15:3a:f4:1e:eb:d8:37:12:b6:2f:0e:53:
1f:95:52:3b:95:bf:f4:b1:01:2f:21:f8:67:ad:af:
a8:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:58:1C:F6:32:C9:3C:BC:59:D5:A3:DA:1E:DC:00:53:02:E3:2F:7B
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS7029.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.104.0/22
82.22.128.0/21
82.22.148.0-82.22.155.255
82.23.140.0/23
82.23.152.0/21
82.24.10.0/23
82.24.44.0/23
82.24.50.0/23
82.24.102.0/23
82.24.184.0/22
82.24.204.0/23
82.25.0.0/22
82.25.18.0/23
82.25.128.0/22
82.25.206.0/23
82.26.102.0/23
82.27.48.0/20
82.27.80.0/21
82.27.112.0/22
82.27.136.0/21
82.27.168.0/21
82.27.192.0/22
82.29.30.0/23
82.29.144.0/22
82.38.36.0/23
82.38.176.0/22
82.38.184.0/21
82.39.112.0/23
82.41.192.0/23
84.75.4.0/22
84.75.28.0/22
84.75.72.0/22
84.75.85.0-84.75.86.255
84.75.88.0-84.75.90.255
84.75.93.0/24
84.75.95.0/24
178.83.0.0/22
178.83.216.0/22
Signature Algorithm: sha256WithRSAEncryption
38:51:22:a4:a9:b4:8f:05:28:62:4a:ae:90:06:6c:34:18:05:
56:47:38:e0:23:9b:c5:cb:11:39:95:41:8f:3d:11:a7:b5:e6:
23:de:74:dd:56:4e:38:b0:b0:83:45:98:c3:fa:2a:9f:76:6d:
5c:36:26:62:31:6e:3b:4f:3b:95:e9:18:fd:18:f3:db:4b:a1:
fc:53:ae:ba:91:4c:d1:4d:ff:74:83:f3:bb:7a:21:ea:8f:7f:
17:d9:79:f8:9b:54:9d:d8:bb:ba:9b:c3:a5:dc:53:f6:09:46:
e2:0c:ab:16:cc:4e:7c:b3:05:20:3c:3e:64:8e:ae:bb:0e:70:
5c:e1:1b:e0:db:1f:b0:8c:ac:77:d0:97:3d:d8:b2:ed:66:3e:
7e:ec:ee:f1:dc:72:59:83:93:92:ba:31:1e:60:0f:7d:bc:f1:
09:0b:2f:39:9f:74:e5:7d:e9:63:c0:18:c0:06:64:45:e2:21:
81:e6:76:a1:82:27:a5:ca:83:bb:13:0b:78:7b:de:cf:e6:2c:
4c:34:5e:8e:bd:ff:27:50:cf:ee:dc:1e:02:69:f3:56:0c:fd:
79:3a:57:fa:f1:bf:96:61:a8:bd:e1:e3:4e:15:35:fd:43:0c:
eb:73:9b:aa:ea:08:52:43:10:a9:5c:e8:76:3e:0d:b6:36:64:
08:85:75:a2
-----BEGIN CERTIFICATE-----
MIIF/TCCBOWgAwIBAgIUPd5xB53HvXWFyxOCDEMtIfGIMmYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjA3MDcyMzU5NDNaFw0yNzA3MDcwMDA0NDNaMDMxMTAvBgNV
BAMTKDU4NTgxQ0Y2MzJDOTNDQkM1OUQ1QTNEQTFFREMwMDUzMDJFMzJGN0IwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCuge99l/U5SzYTOpa5IshGJ9e0
ndMklJxdv8byJXO/mEvZ85JtBhVGtxX6uCesirAFu8m+BhBV3JM5NkUAYXxKZWSZ
8O5PPUCBi4GmjBaRHRY8wRvEAX6lKtlt2iTPpP1bUg2mGoZqj9guhwvbWEf7I9cZ
sYrBZBICnBoYICpN5JwcXDtfVCbHVjRiDvLdXTnAs1gldzP1wJqINkw/bu+a2rdy
sRpsuPFVmC5JOTK+8ReQmKkDSNoF0xfBY1a/vSXQ3ZXfaT3t5suoGkJu4LfHJNxG
p/GQMdNo4YAPA88x3WegrRU69B7r2DcSti8OUx+VUjuVv/SxAS8h+Getr6jTAgMB
AAGjggMHMIIDAzAdBgNVHQ4EFgQUWFgc9jLJPLxZ1aPaHtwAUwLjL3swHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTNzAyOS5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCCARwGCCsGAQUFBwEHAQH/BIIBCzCCAQcwggEDBAIAATCB
/AMEAlIVaAMEA1IWgDAMAwQCUhaUAwQCUhaYAwQBUheMAwQDUheYAwQBUhgKAwQB
UhgsAwQBUhgyAwQBUhhmAwQCUhi4AwQBUhjMAwQCUhkAAwQBUhkSAwQCUhmAAwQB
UhnOAwQBUhpmAwQEUhswAwQDUhtQAwQCUhtwAwQDUhuIAwQDUhuoAwQCUhvAAwQB
Uh0eAwQCUh2QAwQBUiYkAwQCUiawAwQDUia4AwQBUidwAwQBUinAAwQCVEsEAwQC
VEscAwQCVEtIMAwDBABUS1UDBABUS1YwDAMEA1RLWAMEAFRLWgMEAFRLXQMEAFRL
XwMEArJTAAMEArJT2DANBgkqhkiG9w0BAQsFAAOCAQEAOFEipKm0jwUoYkqukAZs
NBgFVkc44CObxcsROZVBjz0Rp7XmI9503VZOOLCwg0WYw/oqn3ZtXDYmYjFuO087
lekY/Rjz20uh/FOuupFM0U3/dIPzu3oh6o9/F9l5+JtUndi7upvDpdxT9glG4gyr
FsxOfLMFIDw+ZI6uuw5wXOEb4NsfsIysd9CXPdiy7WY+fuzu8dxyWYOTkroxHmAP
fbzxCQsvOZ905X3pY8AYwAZkReIhgeZ2oYInpcqDuxMLeHvez+YsTDRejr3/J1DP
7tweAmnzVgz9eTpX+vG/lmGoveHjThU1/UMM63ObquoIUkMQqVzodj4NtjZkCIV1
og==
-----END CERTIFICATE-----
Generated at Fri Jul 17 23:05:58 2026 by rpki-client