Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS7029.roa
File: AS7029.roa (raw, json)
Hash identifier: q4dBstxXCSRZbsSB3JB6ppmq4ISatB4Mr5tH8Um0y3E=
Subject key identifier: 2B:90:11:22:35:CD:1E:A9:87:79:85:F2:70:E1:A1:2F:11:07:25:F8
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 7AB1F3CCE76CB3AB8B8255370195A5039680B6D9
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS7029.roa
Signing time: Tue 18 Mar 2025 13:01:51 +0000
ROA not before: Tue 18 Mar 2025 12:56:51 +0000
ROA not after: Tue 17 Mar 2026 13:01:51 +0000
asID: 7029
IP address blocks: 82.21.1.0/24 maxlen: 24
82.21.3.0/24 maxlen: 24
82.21.4.0/24 maxlen: 24
82.21.5.0/24 maxlen: 24
82.21.104.0/22 maxlen: 24
82.22.128.0/21 maxlen: 24
82.22.148.0/22 maxlen: 24
82.22.152.0/22 maxlen: 24
82.24.106.0/24 maxlen: 24
82.24.107.0/24 maxlen: 24
82.24.110.0/24 maxlen: 24
82.24.111.0/24 maxlen: 24
82.24.112.0/24 maxlen: 24
82.24.113.0/24 maxlen: 24
82.24.120.0/24 maxlen: 24
82.24.123.0/24 maxlen: 24
82.25.0.0/22 maxlen: 24
82.25.10.0/24 maxlen: 24
82.25.11.0/24 maxlen: 24
82.25.12.0/24 maxlen: 24
82.25.13.0/24 maxlen: 24
82.27.48.0/20 maxlen: 24
82.27.136.0/21 maxlen: 24
82.27.168.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7a:b1:f3:cc:e7:6c:b3:ab:8b:82:55:37:01:95:a5:03:96:80:b6:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Mar 18 12:56:51 2025 GMT
Not After : Mar 17 13:01:51 2026 GMT
Subject: CN=2B90112235CD1EA9877985F270E1A12F110725F8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:46:d3:a1:01:99:d8:e5:a2:37:81:f6:6e:e9:
2a:a6:e4:32:8c:70:e7:f4:1b:ae:a9:b2:1c:6f:12:
1d:9a:ab:e0:56:da:1d:b1:20:a8:cb:53:81:2a:d9:
33:c4:eb:5b:0f:b8:32:4e:3f:5d:66:12:ef:6e:98:
9a:a9:69:25:53:25:06:74:fd:d4:30:47:81:b5:af:
71:01:a9:d4:36:33:89:b8:c0:3c:ad:05:7c:e9:1d:
0a:2a:3a:57:e9:18:4f:4c:c5:62:93:b5:3f:4f:d1:
15:df:72:3a:3c:10:88:34:c7:df:64:cc:00:82:21:
63:ab:4b:ea:4b:6f:ed:9c:72:6a:5f:95:17:61:70:
ed:11:3d:a1:da:cc:01:c3:cc:0e:ea:a3:72:fd:12:
9c:11:0c:ea:32:d3:8d:3a:aa:72:f0:44:ac:bd:92:
1b:eb:dd:55:2b:da:85:f0:4c:93:c6:7c:9d:19:65:
b3:08:fb:78:e7:89:93:21:6b:3f:b7:16:f2:f6:1f:
55:b4:3f:b7:af:92:49:40:a5:15:c7:f7:47:eb:35:
6e:88:fc:91:39:aa:7c:50:b2:a2:dd:ea:af:11:f0:
1c:89:67:d5:24:a7:21:16:91:50:be:97:68:90:ff:
6d:37:49:15:ed:46:cf:16:6b:0e:ca:8f:1d:ec:47:
22:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:90:11:22:35:CD:1E:A9:87:79:85:F2:70:E1:A1:2F:11:07:25:F8
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS7029.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.1.0/24
82.21.3.0-82.21.5.255
82.21.104.0/22
82.22.128.0/21
82.22.148.0-82.22.155.255
82.24.106.0/23
82.24.110.0-82.24.113.255
82.24.120.0/24
82.24.123.0/24
82.25.0.0/22
82.25.10.0-82.25.13.255
82.27.48.0/20
82.27.136.0/21
82.27.168.0/21
Signature Algorithm: sha256WithRSAEncryption
51:bc:38:4e:0a:b7:6e:c8:ce:e0:20:0e:b9:2c:ff:d5:08:d1:
7a:04:b9:0a:4f:17:d6:13:a2:c5:d5:13:f8:b8:11:b1:4c:71:
01:28:05:00:bf:93:38:37:b2:af:ba:4d:16:03:f6:03:13:9b:
94:b3:1d:92:07:46:41:f7:1f:e7:85:18:b9:c8:0e:8f:4e:6c:
b2:05:91:af:b4:74:de:16:c8:69:94:1a:23:cf:e5:17:8b:16:
94:e7:20:61:3d:96:27:53:82:9c:b1:dc:47:7a:d3:27:b2:1f:
76:5d:96:af:cd:48:42:70:14:22:0b:44:1c:f4:a0:32:d8:8a:
1f:92:cc:58:e4:4e:f7:68:ef:26:50:e7:58:52:eb:59:51:a7:
77:ae:96:97:d4:c1:1f:a2:a4:8d:d2:85:35:4f:68:f4:24:87:
df:bc:53:50:4c:01:9c:a9:7c:1f:e1:c7:17:2c:72:77:d3:e5:
03:2f:78:70:cd:fa:3a:c3:8b:e5:0f:da:11:cd:05:75:ab:8d:
84:e1:84:22:88:0d:b0:d9:08:8e:01:af:d7:79:f1:5c:f7:09:
7d:3f:68:ae:8a:90:ea:ff:55:8e:73:c9:cd:a9:a1:54:be:d3:
b7:45:01:27:3c:a0:69:7a:ca:67:fe:41:d5:3e:95:d8:7e:ba:
49:72:1d:42
-----BEGIN CERTIFICATE-----
MIIFbTCCBFWgAwIBAgIUerHzzOdss6uLglU3AZWlA5aAttkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTAzMTgxMjU2NTFaFw0yNjAzMTcxMzAxNTFaMDMxMTAvBgNV
BAMTKDJCOTAxMTIyMzVDRDFFQTk4Nzc5ODVGMjcwRTFBMTJGMTEwNzI1RjgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCcRtOhAZnY5aI3gfZu6Sqm5DKM
cOf0G66pshxvEh2aq+BW2h2xIKjLU4Eq2TPE61sPuDJOP11mEu9umJqpaSVTJQZ0
/dQwR4G1r3EBqdQ2M4m4wDytBXzpHQoqOlfpGE9MxWKTtT9P0RXfcjo8EIg0x99k
zACCIWOrS+pLb+2ccmpflRdhcO0RPaHazAHDzA7qo3L9EpwRDOoy0406qnLwRKy9
khvr3VUr2oXwTJPGfJ0ZZbMI+3jniZMhaz+3FvL2H1W0P7evkklApRXH90frNW6I
/JE5qnxQsqLd6q8R8ByJZ9UkpyEWkVC+l2iQ/203SRXtRs8Waw7Kjx3sRyKxAgMB
AAGjggJ3MIICczAdBgNVHQ4EFgQUK5ARIjXNHqmHeYXycOGhLxEHJfgwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTNzAyOS5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCBjQYIKwYBBQUHAQcBAf8EfjB8MHoEAgABMHQDBABSFQEw
DAMEAFIVAwMEAVIVBAMEAlIVaAMEA1IWgDAMAwQCUhaUAwQCUhaYAwQBUhhqMAwD
BAFSGG4DBAFSGHADBABSGHgDBABSGHsDBAJSGQAwDAMEAVIZCgMEAVIZDAMEBFIb
MAMEA1IbiAMEA1IbqDANBgkqhkiG9w0BAQsFAAOCAQEAUbw4Tgq3bsjO4CAOuSz/
1QjRegS5Ck8X1hOixdUT+LgRsUxxASgFAL+TODeyr7pNFgP2AxOblLMdkgdGQfcf
54UYucgOj05ssgWRr7R03hbIaZQaI8/lF4sWlOcgYT2WJ1OCnLHcR3rTJ7Ifdl2W
r81IQnAUIgtEHPSgMtiKH5LMWORO92jvJlDnWFLrWVGnd66Wl9TBH6KkjdKFNU9o
9CSH37xTUEwBnKl8H+HHFyxyd9PlAy94cM36OsOL5Q/aEc0FdauNhOGEIogNsNkI
jgGv13nxXPcJfT9oroqQ6v9VjnPJzamhVL7Tt0UBJzygaXrKZ/5B1T6V2H66SXId
Qg==
-----END CERTIFICATE-----
Generated at Sat Apr 5 17:51:12 2025 by rpki-client