Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS7029.roa
File: AS7029.roa (raw, json)
Hash identifier: nY9O5RgA+cqGJuA87eMbTxewEDNZT+fwbgAT55oSXkI=
Subject key identifier: C6:88:20:C1:F8:55:F1:E1:45:27:4E:18:11:56:F6:83:63:1A:DD:52
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 2E8DC903B9944640939B64CA6BC389DA0A4EEDF1
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS7029.roa
Signing time: Sun 28 Sep 2025 00:04:48 +0000
ROA not before: Sat 27 Sep 2025 23:59:48 +0000
ROA not after: Sun 27 Sep 2026 00:04:48 +0000
asID: 7029
IP address blocks: 82.21.104.0/22 maxlen: 24
82.22.128.0/21 maxlen: 24
82.22.148.0/22 maxlen: 24
82.22.152.0/22 maxlen: 24
82.23.140.0/23 maxlen: 24
82.24.10.0/23 maxlen: 24
82.24.44.0/23 maxlen: 24
82.24.50.0/23 maxlen: 24
82.24.102.0/23 maxlen: 24
82.24.184.0/22 maxlen: 24
82.24.204.0/23 maxlen: 24
82.25.0.0/22 maxlen: 24
82.25.10.0/24 maxlen: 24
82.25.18.0/23 maxlen: 24
82.25.128.0/22 maxlen: 24
82.25.206.0/23 maxlen: 24
82.26.102.0/23 maxlen: 24
82.27.48.0/20 maxlen: 24
82.27.80.0/21 maxlen: 24
82.27.112.0/22 maxlen: 24
82.27.136.0/21 maxlen: 24
82.27.168.0/21 maxlen: 24
82.27.192.0/22 maxlen: 24
82.29.30.0/23 maxlen: 24
82.29.144.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 01:50:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2e:8d:c9:03:b9:94:46:40:93:9b:64:ca:6b:c3:89:da:0a:4e:ed:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Sep 27 23:59:48 2025 GMT
Not After : Sep 27 00:04:48 2026 GMT
Subject: CN=C68820C1F855F1E145274E181156F683631ADD52
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:13:02:08:f4:29:1e:26:26:de:5e:f1:63:11:
91:5f:81:5e:b7:2b:6d:fa:9a:2b:64:df:9a:5a:33:
39:10:55:1f:70:08:d8:34:08:90:8e:31:43:73:cc:
a3:17:63:56:a5:56:27:95:e3:38:20:96:0d:91:51:
2e:85:0f:d3:a3:c3:93:a1:37:c3:68:58:25:d9:8a:
a5:c3:9d:56:7d:49:0c:51:1b:c7:75:0d:30:25:31:
6c:42:d1:b6:c5:5e:3b:01:05:dd:78:8e:2d:4c:18:
8b:2e:b4:49:43:ea:8c:b8:3c:06:f6:a3:dd:00:47:
8e:86:2d:30:90:78:15:3e:ee:d0:87:87:40:57:34:
10:1f:ee:ef:3e:e6:16:db:cf:4d:ca:6f:52:d3:bc:
c4:ac:3b:65:99:b5:ba:32:b0:4d:f9:4b:ae:c6:63:
66:96:42:e9:49:4e:e8:ae:fa:5b:fa:70:c7:0f:a7:
bf:63:32:dc:09:fe:4e:99:ca:fd:0a:cc:ae:b1:1e:
df:1a:c2:5c:0f:9c:7c:82:35:ec:ba:df:fa:9d:90:
4f:7e:2a:6b:62:5c:30:f1:95:e0:8a:af:45:74:a4:
da:46:c1:ed:34:0e:eb:3d:96:d3:c1:d9:77:81:66:
df:01:6c:d3:1e:a4:56:96:87:71:49:66:38:a4:0e:
4c:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:88:20:C1:F8:55:F1:E1:45:27:4E:18:11:56:F6:83:63:1A:DD:52
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS7029.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.104.0/22
82.22.128.0/21
82.22.148.0-82.22.155.255
82.23.140.0/23
82.24.10.0/23
82.24.44.0/23
82.24.50.0/23
82.24.102.0/23
82.24.184.0/22
82.24.204.0/23
82.25.0.0/22
82.25.10.0/24
82.25.18.0/23
82.25.128.0/22
82.25.206.0/23
82.26.102.0/23
82.27.48.0/20
82.27.80.0/21
82.27.112.0/22
82.27.136.0/21
82.27.168.0/21
82.27.192.0/22
82.29.30.0/23
82.29.144.0/22
Signature Algorithm: sha256WithRSAEncryption
5a:0b:18:0b:cc:86:f2:dd:54:79:ed:bb:01:93:ee:a0:14:84:
71:e0:db:a2:cc:22:e1:d2:8f:91:df:c6:91:a3:2e:46:fc:5a:
76:ba:ec:61:fd:33:b6:e1:ce:0e:3c:60:75:c4:8d:9b:62:da:
59:12:2a:57:69:bb:be:17:a7:de:fe:65:a5:81:13:f0:1a:ba:
ea:ef:76:5b:b3:48:17:9d:b2:18:2c:97:41:05:66:b0:93:14:
47:2e:fe:cc:c3:f0:07:fa:3f:ab:51:5d:e3:17:f5:cf:a5:73:
07:ea:e8:9f:e3:f8:db:6a:f5:8e:e5:40:30:4e:8e:1a:3b:64:
dc:89:93:9c:ab:64:9a:86:a1:dd:78:20:cf:0a:af:30:02:bc:
35:89:fc:8d:86:36:32:91:82:b8:40:20:aa:ee:5e:be:80:ce:
36:14:7c:df:84:f2:c0:26:3b:94:8d:97:59:ca:67:09:92:5f:
de:a7:fb:fb:4f:dc:b3:17:f4:65:66:65:e2:5b:f8:c6:eb:45:
f4:bc:b6:a7:24:cd:e4:ae:6d:30:c9:7c:4c:45:11:3a:99:f1:
37:cb:71:45:27:cb:1c:04:d1:fb:8f:fc:bf:ee:e0:74:2e:3d:
b8:b6:4c:d6:18:1b:c3:75:35:5a:e7:c8:0f:7d:09:6c:96:ff:
7e:82:5e:8a
-----BEGIN CERTIFICATE-----
MIIFlTCCBH2gAwIBAgIULo3JA7mURkCTm2TKa8OJ2gpO7fEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTA5MjcyMzU5NDhaFw0yNjA5MjcwMDA0NDhaMDMxMTAvBgNV
BAMTKEM2ODgyMEMxRjg1NUYxRTE0NTI3NEUxODExNTZGNjgzNjMxQURENTIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDGEwII9CkeJibeXvFjEZFfgV63
K236mitk35paMzkQVR9wCNg0CJCOMUNzzKMXY1alVieV4zgglg2RUS6FD9Ojw5Oh
N8NoWCXZiqXDnVZ9SQxRG8d1DTAlMWxC0bbFXjsBBd14ji1MGIsutElD6oy4PAb2
o90AR46GLTCQeBU+7tCHh0BXNBAf7u8+5hbbz03Kb1LTvMSsO2WZtboysE35S67G
Y2aWQulJTuiu+lv6cMcPp79jMtwJ/k6Zyv0KzK6xHt8awlwPnHyCNey63/qdkE9+
KmtiXDDxleCKr0V0pNpGwe00Dus9ltPB2XeBZt8BbNMepFaWh3FJZjikDkznAgMB
AAGjggKfMIICmzAdBgNVHQ4EFgQUxoggwfhV8eFFJ04YEVb2g2Ma3VIwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTNzAyOS5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCBtQYIKwYBBQUHAQcBAf8EgaUwgaIwgZ8EAgABMIGYAwQC
UhVoAwQDUhaAMAwDBAJSFpQDBAJSFpgDBAFSF4wDBAFSGAoDBAFSGCwDBAFSGDID
BAFSGGYDBAJSGLgDBAFSGMwDBAJSGQADBABSGQoDBAFSGRIDBAJSGYADBAFSGc4D
BAFSGmYDBARSGzADBANSG1ADBAJSG3ADBANSG4gDBANSG6gDBAJSG8ADBAFSHR4D
BAJSHZAwDQYJKoZIhvcNAQELBQADggEBAFoLGAvMhvLdVHntuwGT7qAUhHHg26LM
IuHSj5HfxpGjLkb8Wna67GH9M7bhzg48YHXEjZti2lkSKldpu74Xp97+ZaWBE/Aa
uurvdluzSBedshgsl0EFZrCTFEcu/szD8Af6P6tRXeMX9c+lcwfq6J/j+Ntq9Y7l
QDBOjho7ZNyJk5yrZJqGod14IM8KrzACvDWJ/I2GNjKRgrhAIKruXr6AzjYUfN+E
8sAmO5SNl1nKZwmSX96n+/tP3LMX9GVmZeJb+MbrRfS8tqckzeSubTDJfExFETqZ
8TfLcUUnyxwE0fuP/L/u4HQuPbi2TNYYG8N1NVrnyA99CWyW/36CXoo=
-----END CERTIFICATE-----
Generated at Sun Oct 19 18:35:07 2025 by rpki-client