Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS7029.roa
File: AS7029.roa (raw, json)
Hash identifier: qcutVBncqKUX9jJaPbySuHVTjQIhjtjEkTyW9QQzhB0=
Subject key identifier: 15:C2:79:01:8A:E0:0F:13:B1:83:C3:CE:D6:F8:1E:A1:8B:E4:5F:B1
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 48A87C5C180927C221C5B1604BB8853632F0DB7B
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS7029.roa
Signing time: Sat 18 Apr 2026 09:32:16 +0000
ROA not before: Sat 18 Apr 2026 09:27:16 +0000
ROA not after: Sat 17 Apr 2027 09:32:16 +0000
asID: 7029
IP address blocks: 82.21.104.0/22 maxlen: 24
82.22.128.0/21 maxlen: 24
82.22.148.0/22 maxlen: 24
82.22.152.0/22 maxlen: 24
82.23.140.0/23 maxlen: 24
82.23.152.0/21 maxlen: 24
82.24.10.0/23 maxlen: 24
82.24.44.0/23 maxlen: 24
82.24.50.0/23 maxlen: 24
82.24.102.0/23 maxlen: 24
82.24.184.0/22 maxlen: 24
82.24.204.0/23 maxlen: 24
82.25.0.0/22 maxlen: 24
82.25.18.0/23 maxlen: 24
82.25.128.0/22 maxlen: 24
82.25.206.0/23 maxlen: 24
82.26.102.0/23 maxlen: 24
82.27.48.0/20 maxlen: 24
82.27.80.0/21 maxlen: 24
82.27.112.0/22 maxlen: 24
82.27.136.0/21 maxlen: 24
82.27.168.0/21 maxlen: 24
82.27.192.0/22 maxlen: 24
82.29.30.0/23 maxlen: 24
82.29.144.0/22 maxlen: 24
82.38.36.0/23 maxlen: 24
82.38.176.0/22 maxlen: 24
82.38.184.0/22 maxlen: 24
82.38.188.0/22 maxlen: 24
82.39.112.0/23 maxlen: 24
82.41.192.0/23 maxlen: 24
84.75.4.0/22 maxlen: 24
84.75.28.0/22 maxlen: 24
84.75.72.0/22 maxlen: 24
84.75.85.0/24 maxlen: 24
84.75.86.0/24 maxlen: 24
84.75.88.0/24 maxlen: 24
84.75.89.0/24 maxlen: 24
84.75.90.0/24 maxlen: 24
84.75.93.0/24 maxlen: 24
84.75.95.0/24 maxlen: 24
84.75.240.0/22 maxlen: 24
178.83.0.0/22 maxlen: 24
178.83.128.0/22 maxlen: 24
178.83.216.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 19 Apr 2026 09:01:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
48:a8:7c:5c:18:09:27:c2:21:c5:b1:60:4b:b8:85:36:32:f0:db:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Apr 18 09:27:16 2026 GMT
Not After : Apr 17 09:32:16 2027 GMT
Subject: CN=15C279018AE00F13B183C3CED6F81EA18BE45FB1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:03:68:a9:ea:92:4a:f5:eb:cb:d5:29:ab:92:
ad:21:ff:36:c2:fd:35:9c:fd:85:26:56:f4:72:9b:
55:da:a7:85:18:92:f4:10:71:1f:fa:51:0a:f9:89:
da:c4:8c:de:8d:94:61:ea:7d:c6:68:f3:61:af:68:
f4:4a:19:07:d5:06:e5:08:19:55:4e:8f:df:dc:cd:
a4:6f:9b:9e:a4:c8:14:45:33:fc:e6:0f:2f:cc:68:
1f:ad:cf:94:14:a7:7b:3a:5b:b7:70:de:0e:06:3c:
e4:60:0c:10:a7:50:1d:c9:79:81:af:34:1d:85:de:
47:7c:4c:4b:ec:e2:5c:e2:66:83:7d:20:11:10:01:
f3:3f:58:84:0b:fc:3b:73:95:44:b6:12:7b:18:87:
63:28:de:2f:25:b0:5e:ba:f8:24:44:10:0c:f2:43:
52:57:89:1f:0b:fd:33:a7:c0:35:30:26:66:88:62:
23:19:1b:48:31:4c:b4:09:70:3f:52:51:eb:4e:27:
9c:97:9f:41:f3:ba:45:7f:d1:26:c7:7e:2b:85:42:
49:97:23:b7:e2:04:63:7f:f6:c0:c6:0e:67:4e:7e:
e2:c5:e1:ec:47:6e:65:8a:4c:7e:0b:b3:51:c2:f7:
09:30:4d:18:a3:bd:74:00:b0:30:cd:69:35:16:44:
8d:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:C2:79:01:8A:E0:0F:13:B1:83:C3:CE:D6:F8:1E:A1:8B:E4:5F:B1
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS7029.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.104.0/22
82.22.128.0/21
82.22.148.0-82.22.155.255
82.23.140.0/23
82.23.152.0/21
82.24.10.0/23
82.24.44.0/23
82.24.50.0/23
82.24.102.0/23
82.24.184.0/22
82.24.204.0/23
82.25.0.0/22
82.25.18.0/23
82.25.128.0/22
82.25.206.0/23
82.26.102.0/23
82.27.48.0/20
82.27.80.0/21
82.27.112.0/22
82.27.136.0/21
82.27.168.0/21
82.27.192.0/22
82.29.30.0/23
82.29.144.0/22
82.38.36.0/23
82.38.176.0/22
82.38.184.0/21
82.39.112.0/23
82.41.192.0/23
84.75.4.0/22
84.75.28.0/22
84.75.72.0/22
84.75.85.0-84.75.86.255
84.75.88.0-84.75.90.255
84.75.93.0/24
84.75.95.0/24
84.75.240.0/22
178.83.0.0/22
178.83.128.0/22
178.83.216.0/22
Signature Algorithm: sha256WithRSAEncryption
4f:3b:ab:93:b9:20:b0:d4:be:72:96:89:79:dc:a7:f8:33:f4:
f2:12:a2:6a:94:12:58:71:42:73:8e:1e:87:ef:1d:2b:41:ee:
1d:eb:57:ea:69:28:04:42:df:16:82:35:e0:5b:c6:5b:89:c7:
04:c3:52:9d:2a:91:51:1c:ef:f0:5c:d6:2b:71:8b:f4:c0:31:
27:ad:82:53:4f:b7:11:19:42:cf:ff:43:70:db:85:0b:5c:dd:
ec:88:bd:a5:c4:6f:f2:16:33:3e:d8:87:e9:0f:e9:37:7e:86:
d0:07:04:bf:27:36:e0:ad:56:28:e3:39:20:e0:87:4d:2b:2a:
69:0f:1a:0a:46:56:c9:e7:cb:50:b0:77:fd:40:ab:3d:79:4a:
e0:4f:03:c5:14:3b:df:5b:64:4b:a1:eb:c9:a0:9d:27:05:dc:
81:c8:0e:a3:8f:3b:7e:27:8c:31:ec:78:85:60:82:f5:f6:0c:
69:8d:7f:fe:0c:03:e7:c1:f9:85:f6:0f:12:78:fd:47:e4:c4:
8b:1e:b0:70:57:6a:26:73:29:5f:91:23:b9:31:15:f9:16:60:
40:58:0e:e7:85:58:f7:b8:c9:9a:dc:cf:ee:89:b5:af:10:a8:
8c:ac:03:16:de:11:5f:99:2f:84:11:26:e9:10:7b:5f:1a:12:
28:c8:a6:b4
-----BEGIN CERTIFICATE-----
MIIGCjCCBPKgAwIBAgIUSKh8XBgJJ8IhxbFgS7iFNjLw23swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjA0MTgwOTI3MTZaFw0yNzA0MTcwOTMyMTZaMDMxMTAvBgNV
BAMTKDE1QzI3OTAxOEFFMDBGMTNCMTgzQzNDRUQ2RjgxRUExOEJFNDVGQjEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCiA2ip6pJK9evL1Smrkq0h/zbC
/TWc/YUmVvRym1Xap4UYkvQQcR/6UQr5idrEjN6NlGHqfcZo82GvaPRKGQfVBuUI
GVVOj9/czaRvm56kyBRFM/zmDy/MaB+tz5QUp3s6W7dw3g4GPORgDBCnUB3JeYGv
NB2F3kd8TEvs4lziZoN9IBEQAfM/WIQL/DtzlUS2EnsYh2Mo3i8lsF66+CREEAzy
Q1JXiR8L/TOnwDUwJmaIYiMZG0gxTLQJcD9SUetOJ5yXn0HzukV/0SbHfiuFQkmX
I7fiBGN/9sDGDmdOfuLF4exHbmWKTH4Ls1HC9wkwTRijvXQAsDDNaTUWRI0rAgMB
AAGjggMUMIIDEDAdBgNVHQ4EFgQUFcJ5AYrgDxOxg8PO1vgeoYvkX7EwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTNzAyOS5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCCASkGCCsGAQUFBwEHAQH/BIIBGDCCARQwggEQBAIAATCC
AQgDBAJSFWgDBANSFoAwDAMEAlIWlAMEAlIWmAMEAVIXjAMEA1IXmAMEAVIYCgME
AVIYLAMEAVIYMgMEAVIYZgMEAlIYuAMEAVIYzAMEAlIZAAMEAVIZEgMEAlIZgAME
AVIZzgMEAVIaZgMEBFIbMAMEA1IbUAMEAlIbcAMEA1IbiAMEA1IbqAMEAlIbwAME
AVIdHgMEAlIdkAMEAVImJAMEAlImsAMEA1ImuAMEAVIncAMEAVIpwAMEAlRLBAME
AlRLHAMEAlRLSDAMAwQAVEtVAwQAVEtWMAwDBANUS1gDBABUS1oDBABUS10DBABU
S18DBAJUS/ADBAKyUwADBAKyU4ADBAKyU9gwDQYJKoZIhvcNAQELBQADggEBAE87
q5O5ILDUvnKWiXncp/gz9PISomqUElhxQnOOHofvHStB7h3rV+ppKARC3xaCNeBb
xluJxwTDUp0qkVEc7/Bc1itxi/TAMSetglNPtxEZQs//Q3DbhQtc3eyIvaXEb/IW
Mz7Yh+kP6Td+htAHBL8nNuCtVijjOSDgh00rKmkPGgpGVsnny1Cwd/1Aqz15SuBP
A8UUO99bZEuh68mgnScF3IHIDqOPO34njDHseIVggvX2DGmNf/4MA+fB+YX2DxJ4
/UfkxIsesHBXaiZzKV+RI7kxFfkWYEBYDueFWPe4yZrcz+6Jta8QqIysAxbeEV+Z
L4QRJukQe18aEijIprQ=
-----END CERTIFICATE-----
Generated at Sat Apr 18 17:05:42 2026 by rpki-client