Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS7029.roa
File: AS7029.roa (raw, json)
Hash identifier: ZLxzzGyGdimgdzJM0d/vW/QIhY3XABAQXTT6YJbFtms=
Subject key identifier: F2:48:62:D5:FA:F5:61:E8:E7:52:E9:03:A0:73:1A:98:E6:A0:38:64
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 31DBDB9D4B38F826D9AEC864649BCA0C9FCD3CCD
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS7029.roa
Signing time: Mon 18 May 2026 07:27:14 +0000
ROA not before: Mon 18 May 2026 07:22:14 +0000
ROA not after: Mon 17 May 2027 07:27:14 +0000
asID: 7029
IP address blocks: 82.21.104.0/22 maxlen: 24
82.22.128.0/21 maxlen: 24
82.22.148.0/22 maxlen: 24
82.22.152.0/22 maxlen: 24
82.23.140.0/23 maxlen: 24
82.23.152.0/21 maxlen: 24
82.24.10.0/23 maxlen: 24
82.24.44.0/23 maxlen: 24
82.24.50.0/23 maxlen: 24
82.24.102.0/23 maxlen: 24
82.24.184.0/22 maxlen: 24
82.24.204.0/23 maxlen: 24
82.25.0.0/22 maxlen: 24
82.25.18.0/23 maxlen: 24
82.25.128.0/22 maxlen: 24
82.25.206.0/23 maxlen: 24
82.26.102.0/23 maxlen: 24
82.27.48.0/20 maxlen: 24
82.27.80.0/21 maxlen: 24
82.27.112.0/22 maxlen: 24
82.27.136.0/21 maxlen: 24
82.27.168.0/21 maxlen: 24
82.27.192.0/22 maxlen: 24
82.29.30.0/23 maxlen: 24
82.29.144.0/22 maxlen: 24
82.38.36.0/23 maxlen: 24
82.38.176.0/22 maxlen: 24
82.38.184.0/22 maxlen: 24
82.38.188.0/22 maxlen: 24
82.39.112.0/23 maxlen: 24
82.41.192.0/23 maxlen: 24
84.75.4.0/22 maxlen: 24
84.75.28.0/22 maxlen: 24
84.75.72.0/22 maxlen: 24
84.75.85.0/24 maxlen: 24
84.75.86.0/24 maxlen: 24
84.75.88.0/24 maxlen: 24
84.75.89.0/24 maxlen: 24
84.75.90.0/24 maxlen: 24
84.75.93.0/24 maxlen: 24
84.75.95.0/24 maxlen: 24
178.83.0.0/22 maxlen: 24
178.83.128.0/22 maxlen: 24
178.83.216.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 03 Jun 2026 15:55:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
31:db:db:9d:4b:38:f8:26:d9:ae:c8:64:64:9b:ca:0c:9f:cd:3c:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: May 18 07:22:14 2026 GMT
Not After : May 17 07:27:14 2027 GMT
Subject: CN=F24862D5FAF561E8E752E903A0731A98E6A03864
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:87:6e:e5:2c:e5:86:50:45:9f:c8:23:f9:74:
08:9b:ac:3d:8c:4e:00:77:9a:48:ec:55:f6:14:5f:
6d:d9:ad:6c:7a:bf:ac:99:7f:f6:db:9f:c4:b0:93:
fb:fe:ad:8e:c6:ed:56:ef:a1:3d:1f:93:45:a4:72:
53:13:cb:38:a0:7a:a6:d9:39:a4:bb:6d:a0:2a:7f:
03:8d:07:52:ca:b4:59:ef:b5:e5:3f:dc:0a:05:67:
d6:d9:fc:95:ff:93:c0:29:85:46:79:d8:b3:e8:18:
35:bb:19:99:e4:8b:7c:24:2e:61:73:a7:5e:f2:8b:
ce:9f:12:51:d2:5b:dd:b0:a3:ba:fc:83:de:ee:04:
6e:8e:98:65:af:b8:9a:8e:f1:78:9d:d1:4a:91:d5:
fc:f6:67:98:3a:f8:97:54:ca:b4:9f:5b:ea:7c:ff:
0c:16:28:42:93:a4:35:6d:c1:e8:48:ac:e8:12:47:
86:21:9e:af:a5:bb:68:42:f8:e1:ad:c5:b6:58:e5:
43:92:d0:6a:4a:c1:d0:91:19:b6:e3:fc:2f:64:f9:
b0:c7:75:44:90:3f:d1:75:20:77:00:f7:28:37:06:
26:13:c8:c6:eb:75:d0:96:01:d9:c3:6f:88:c5:fe:
22:4c:e1:74:8b:99:b6:02:bc:0e:6f:d4:03:33:62:
b5:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:48:62:D5:FA:F5:61:E8:E7:52:E9:03:A0:73:1A:98:E6:A0:38:64
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS7029.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.104.0/22
82.22.128.0/21
82.22.148.0-82.22.155.255
82.23.140.0/23
82.23.152.0/21
82.24.10.0/23
82.24.44.0/23
82.24.50.0/23
82.24.102.0/23
82.24.184.0/22
82.24.204.0/23
82.25.0.0/22
82.25.18.0/23
82.25.128.0/22
82.25.206.0/23
82.26.102.0/23
82.27.48.0/20
82.27.80.0/21
82.27.112.0/22
82.27.136.0/21
82.27.168.0/21
82.27.192.0/22
82.29.30.0/23
82.29.144.0/22
82.38.36.0/23
82.38.176.0/22
82.38.184.0/21
82.39.112.0/23
82.41.192.0/23
84.75.4.0/22
84.75.28.0/22
84.75.72.0/22
84.75.85.0-84.75.86.255
84.75.88.0-84.75.90.255
84.75.93.0/24
84.75.95.0/24
178.83.0.0/22
178.83.128.0/22
178.83.216.0/22
Signature Algorithm: sha256WithRSAEncryption
38:eb:0d:a7:1f:73:19:41:99:b6:ce:be:0e:b5:b9:79:15:f0:
9f:dc:93:a1:13:f0:f7:b1:32:4e:43:5e:ee:58:65:06:04:56:
94:4e:a1:79:75:49:5c:1b:d9:2f:5a:f7:98:eb:cb:e7:98:1c:
0a:01:72:fb:64:ce:27:5d:6a:20:62:5b:8a:53:98:71:5a:26:
e5:fe:03:c2:e6:7a:ff:c2:b9:df:27:2e:6a:da:0f:44:c3:9a:
fd:3a:4a:89:34:7d:04:1b:03:ba:ce:1d:da:f4:5f:ae:c8:bd:
40:a6:9b:2d:de:2c:8b:a2:55:4a:0d:1f:4e:ab:4f:62:76:32:
b0:ab:bb:ff:98:03:26:01:17:00:4d:16:4f:d9:44:43:1c:f8:
1f:f0:23:2c:8e:1c:ef:d0:76:b3:5b:1e:33:37:38:08:c5:88:
ae:4a:e1:1c:71:5c:ee:e2:8d:30:75:3e:3d:db:3e:ff:c6:b2:
77:11:cc:1e:7c:9c:fa:a3:eb:15:cb:a0:1f:81:5a:8f:ae:80:
70:dd:71:b2:18:21:79:35:08:67:57:3f:3c:6c:0a:6c:88:d9:
28:e1:0e:10:75:e9:9f:cd:a5:2a:4c:69:ce:2a:5f:1e:b5:e1:
e6:05:9d:ad:25:5b:c9:90:13:0c:eb:e7:6e:af:6c:98:d1:09:
18:80:74:97
-----BEGIN CERTIFICATE-----
MIIGBDCCBOygAwIBAgIUMdvbnUs4+CbZrshkZJvKDJ/NPM0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjA1MTgwNzIyMTRaFw0yNzA1MTcwNzI3MTRaMDMxMTAvBgNV
BAMTKEYyNDg2MkQ1RkFGNTYxRThFNzUyRTkwM0EwNzMxQTk4RTZBMDM4NjQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDfh27lLOWGUEWfyCP5dAibrD2M
TgB3mkjsVfYUX23ZrWx6v6yZf/bbn8Swk/v+rY7G7VbvoT0fk0WkclMTyzigeqbZ
OaS7baAqfwONB1LKtFnvteU/3AoFZ9bZ/JX/k8AphUZ52LPoGDW7GZnki3wkLmFz
p17yi86fElHSW92wo7r8g97uBG6OmGWvuJqO8Xid0UqR1fz2Z5g6+JdUyrSfW+p8
/wwWKEKTpDVtwehIrOgSR4Yhnq+lu2hC+OGtxbZY5UOS0GpKwdCRGbbj/C9k+bDH
dUSQP9F1IHcA9yg3BiYTyMbrddCWAdnDb4jF/iJM4XSLmbYCvA5v1AMzYrW9AgMB
AAGjggMOMIIDCjAdBgNVHQ4EFgQU8khi1fr1YejnUukDoHMamOagOGQwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTNzAyOS5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCCASMGCCsGAQUFBwEHAQH/BIIBEjCCAQ4wggEKBAIAATCC
AQIDBAJSFWgDBANSFoAwDAMEAlIWlAMEAlIWmAMEAVIXjAMEA1IXmAMEAVIYCgME
AVIYLAMEAVIYMgMEAVIYZgMEAlIYuAMEAVIYzAMEAlIZAAMEAVIZEgMEAlIZgAME
AVIZzgMEAVIaZgMEBFIbMAMEA1IbUAMEAlIbcAMEA1IbiAMEA1IbqAMEAlIbwAME
AVIdHgMEAlIdkAMEAVImJAMEAlImsAMEA1ImuAMEAVIncAMEAVIpwAMEAlRLBAME
AlRLHAMEAlRLSDAMAwQAVEtVAwQAVEtWMAwDBANUS1gDBABUS1oDBABUS10DBABU
S18DBAKyUwADBAKyU4ADBAKyU9gwDQYJKoZIhvcNAQELBQADggEBADjrDacfcxlB
mbbOvg61uXkV8J/ck6ET8PexMk5DXu5YZQYEVpROoXl1SVwb2S9a95jry+eYHAoB
cvtkziddaiBiW4pTmHFaJuX+A8Lmev/Cud8nLmraD0TDmv06Sok0fQQbA7rOHdr0
X67IvUCmmy3eLIuiVUoNH06rT2J2MrCru/+YAyYBFwBNFk/ZREMc+B/wIyyOHO/Q
drNbHjM3OAjFiK5K4RxxXO7ijTB1Pj3bPv/GsncRzB58nPqj6xXLoB+BWo+ugHDd
cbIYIXk1CGdXPzxsCmyI2SjhDhB16Z/NpSpMac4qXx614eYFna0lW8mQEwzr526v
bJjRCRiAdJc=
-----END CERTIFICATE-----
Generated at Tue Jun 2 21:10:39 2026 by rpki-client