Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS7029.roa
File:                     AS7029.roa (raw, json)
Hash identifier:          BCZ5NooRqtsVQfGJ2j2VTpjCUOSzBiTV1iwwtBuiI+g=
Subject key identifier:   58:58:1C:F6:32:C9:3C:BC:59:D5:A3:DA:1E:DC:00:53:02:E3:2F:7B
Certificate issuer:       /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial:       3DDE71079DC7BD7585CB13820C432D21F1883266
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS7029.roa
Signing time:             Wed 08 Jul 2026 00:04:43 +0000
ROA not before:           Tue 07 Jul 2026 23:59:43 +0000
ROA not after:            Wed 07 Jul 2027 00:04:43 +0000
asID:                     7029
IP address blocks:        82.21.104.0/22 maxlen: 24
                          82.22.128.0/21 maxlen: 24
                          82.22.148.0/22 maxlen: 24
                          82.22.152.0/22 maxlen: 24
                          82.23.140.0/23 maxlen: 24
                          82.23.152.0/21 maxlen: 24
                          82.24.10.0/23 maxlen: 24
                          82.24.44.0/23 maxlen: 24
                          82.24.50.0/23 maxlen: 24
                          82.24.102.0/23 maxlen: 24
                          82.24.184.0/22 maxlen: 24
                          82.24.204.0/23 maxlen: 24
                          82.25.0.0/22 maxlen: 24
                          82.25.18.0/23 maxlen: 24
                          82.25.128.0/22 maxlen: 24
                          82.25.206.0/23 maxlen: 24
                          82.26.102.0/23 maxlen: 24
                          82.27.48.0/20 maxlen: 24
                          82.27.80.0/21 maxlen: 24
                          82.27.112.0/22 maxlen: 24
                          82.27.136.0/21 maxlen: 24
                          82.27.168.0/21 maxlen: 24
                          82.27.192.0/22 maxlen: 24
                          82.29.30.0/23 maxlen: 24
                          82.29.144.0/22 maxlen: 24
                          82.38.36.0/23 maxlen: 24
                          82.38.176.0/22 maxlen: 24
                          82.38.184.0/22 maxlen: 24
                          82.38.188.0/22 maxlen: 24
                          82.39.112.0/23 maxlen: 24
                          82.41.192.0/23 maxlen: 24
                          84.75.4.0/22 maxlen: 24
                          84.75.28.0/22 maxlen: 24
                          84.75.72.0/22 maxlen: 24
                          84.75.85.0/24 maxlen: 24
                          84.75.86.0/24 maxlen: 24
                          84.75.88.0/24 maxlen: 24
                          84.75.89.0/24 maxlen: 24
                          84.75.90.0/24 maxlen: 24
                          84.75.93.0/24 maxlen: 24
                          84.75.95.0/24 maxlen: 24
                          178.83.0.0/22 maxlen: 24
                          178.83.216.0/22 maxlen: 24
Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Jul 2026 16:14:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3d:de:71:07:9d:c7:bd:75:85:cb:13:82:0c:43:2d:21:f1:88:32:66
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
        Validity
            Not Before: Jul  7 23:59:43 2026 GMT
            Not After : Jul  7 00:04:43 2027 GMT
        Subject: CN=58581CF632C93CBC59D5A3DA1EDC005302E32F7B
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:81:ef:7d:97:f5:39:4b:36:13:3a:96:b9:22:
                    c8:46:27:d7:b4:9d:d3:24:94:9c:5d:bf:c6:f2:25:
                    73:bf:98:4b:d9:f3:92:6d:06:15:46:b7:15:fa:b8:
                    27:ac:8a:b0:05:bb:c9:be:06:10:55:dc:93:39:36:
                    45:00:61:7c:4a:65:64:99:f0:ee:4f:3d:40:81:8b:
                    81:a6:8c:16:91:1d:16:3c:c1:1b:c4:01:7e:a5:2a:
                    d9:6d:da:24:cf:a4:fd:5b:52:0d:a6:1a:86:6a:8f:
                    d8:2e:87:0b:db:58:47:fb:23:d7:19:b1:8a:c1:64:
                    12:02:9c:1a:18:20:2a:4d:e4:9c:1c:5c:3b:5f:54:
                    26:c7:56:34:62:0e:f2:dd:5d:39:c0:b3:58:25:77:
                    33:f5:c0:9a:88:36:4c:3f:6e:ef:9a:da:b7:72:b1:
                    1a:6c:b8:f1:55:98:2e:49:39:32:be:f1:17:90:98:
                    a9:03:48:da:05:d3:17:c1:63:56:bf:bd:25:d0:dd:
                    95:df:69:3d:ed:e6:cb:a8:1a:42:6e:e0:b7:c7:24:
                    dc:46:a7:f1:90:31:d3:68:e1:80:0f:03:cf:31:dd:
                    67:a0:ad:15:3a:f4:1e:eb:d8:37:12:b6:2f:0e:53:
                    1f:95:52:3b:95:bf:f4:b1:01:2f:21:f8:67:ad:af:
                    a8:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                58:58:1C:F6:32:C9:3C:BC:59:D5:A3:DA:1E:DC:00:53:02:E3:2F:7B
            X509v3 Authority Key Identifier:
                keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS7029.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.21.104.0/22
                  82.22.128.0/21
                  82.22.148.0-82.22.155.255
                  82.23.140.0/23
                  82.23.152.0/21
                  82.24.10.0/23
                  82.24.44.0/23
                  82.24.50.0/23
                  82.24.102.0/23
                  82.24.184.0/22
                  82.24.204.0/23
                  82.25.0.0/22
                  82.25.18.0/23
                  82.25.128.0/22
                  82.25.206.0/23
                  82.26.102.0/23
                  82.27.48.0/20
                  82.27.80.0/21
                  82.27.112.0/22
                  82.27.136.0/21
                  82.27.168.0/21
                  82.27.192.0/22
                  82.29.30.0/23
                  82.29.144.0/22
                  82.38.36.0/23
                  82.38.176.0/22
                  82.38.184.0/21
                  82.39.112.0/23
                  82.41.192.0/23
                  84.75.4.0/22
                  84.75.28.0/22
                  84.75.72.0/22
                  84.75.85.0-84.75.86.255
                  84.75.88.0-84.75.90.255
                  84.75.93.0/24
                  84.75.95.0/24
                  178.83.0.0/22
                  178.83.216.0/22

    Signature Algorithm: sha256WithRSAEncryption
         38:51:22:a4:a9:b4:8f:05:28:62:4a:ae:90:06:6c:34:18:05:
         56:47:38:e0:23:9b:c5:cb:11:39:95:41:8f:3d:11:a7:b5:e6:
         23:de:74:dd:56:4e:38:b0:b0:83:45:98:c3:fa:2a:9f:76:6d:
         5c:36:26:62:31:6e:3b:4f:3b:95:e9:18:fd:18:f3:db:4b:a1:
         fc:53:ae:ba:91:4c:d1:4d:ff:74:83:f3:bb:7a:21:ea:8f:7f:
         17:d9:79:f8:9b:54:9d:d8:bb:ba:9b:c3:a5:dc:53:f6:09:46:
         e2:0c:ab:16:cc:4e:7c:b3:05:20:3c:3e:64:8e:ae:bb:0e:70:
         5c:e1:1b:e0:db:1f:b0:8c:ac:77:d0:97:3d:d8:b2:ed:66:3e:
         7e:ec:ee:f1:dc:72:59:83:93:92:ba:31:1e:60:0f:7d:bc:f1:
         09:0b:2f:39:9f:74:e5:7d:e9:63:c0:18:c0:06:64:45:e2:21:
         81:e6:76:a1:82:27:a5:ca:83:bb:13:0b:78:7b:de:cf:e6:2c:
         4c:34:5e:8e:bd:ff:27:50:cf:ee:dc:1e:02:69:f3:56:0c:fd:
         79:3a:57:fa:f1:bf:96:61:a8:bd:e1:e3:4e:15:35:fd:43:0c:
         eb:73:9b:aa:ea:08:52:43:10:a9:5c:e8:76:3e:0d:b6:36:64:
         08:85:75:a2
-----BEGIN CERTIFICATE-----
MIIF/TCCBOWgAwIBAgIUPd5xB53HvXWFyxOCDEMtIfGIMmYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjA3MDcyMzU5NDNaFw0yNzA3MDcwMDA0NDNaMDMxMTAvBgNV
BAMTKDU4NTgxQ0Y2MzJDOTNDQkM1OUQ1QTNEQTFFREMwMDUzMDJFMzJGN0IwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCuge99l/U5SzYTOpa5IshGJ9e0
ndMklJxdv8byJXO/mEvZ85JtBhVGtxX6uCesirAFu8m+BhBV3JM5NkUAYXxKZWSZ
8O5PPUCBi4GmjBaRHRY8wRvEAX6lKtlt2iTPpP1bUg2mGoZqj9guhwvbWEf7I9cZ
sYrBZBICnBoYICpN5JwcXDtfVCbHVjRiDvLdXTnAs1gldzP1wJqINkw/bu+a2rdy
sRpsuPFVmC5JOTK+8ReQmKkDSNoF0xfBY1a/vSXQ3ZXfaT3t5suoGkJu4LfHJNxG
p/GQMdNo4YAPA88x3WegrRU69B7r2DcSti8OUx+VUjuVv/SxAS8h+Getr6jTAgMB
AAGjggMHMIIDAzAdBgNVHQ4EFgQUWFgc9jLJPLxZ1aPaHtwAUwLjL3swHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTNzAyOS5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCCARwGCCsGAQUFBwEHAQH/BIIBCzCCAQcwggEDBAIAATCB
/AMEAlIVaAMEA1IWgDAMAwQCUhaUAwQCUhaYAwQBUheMAwQDUheYAwQBUhgKAwQB
UhgsAwQBUhgyAwQBUhhmAwQCUhi4AwQBUhjMAwQCUhkAAwQBUhkSAwQCUhmAAwQB
UhnOAwQBUhpmAwQEUhswAwQDUhtQAwQCUhtwAwQDUhuIAwQDUhuoAwQCUhvAAwQB
Uh0eAwQCUh2QAwQBUiYkAwQCUiawAwQDUia4AwQBUidwAwQBUinAAwQCVEsEAwQC
VEscAwQCVEtIMAwDBABUS1UDBABUS1YwDAMEA1RLWAMEAFRLWgMEAFRLXQMEAFRL
XwMEArJTAAMEArJT2DANBgkqhkiG9w0BAQsFAAOCAQEAOFEipKm0jwUoYkqukAZs
NBgFVkc44CObxcsROZVBjz0Rp7XmI9503VZOOLCwg0WYw/oqn3ZtXDYmYjFuO087
lekY/Rjz20uh/FOuupFM0U3/dIPzu3oh6o9/F9l5+JtUndi7upvDpdxT9glG4gyr
FsxOfLMFIDw+ZI6uuw5wXOEb4NsfsIysd9CXPdiy7WY+fuzu8dxyWYOTkroxHmAP
fbzxCQsvOZ905X3pY8AYwAZkReIhgeZ2oYInpcqDuxMLeHvez+YsTDRejr3/J1DP
7tweAmnzVgz9eTpX+vG/lmGoveHjThU1/UMM63ObquoIUkMQqVzodj4NtjZkCIV1
og==
-----END CERTIFICATE-----
Generated at Fri Jul 17 23:05:58 2026 by rpki-client