Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS29802.roa
File: AS29802.roa (raw, json)
Hash identifier: SYPPliObdteNvI01UUMfpj11Kd2i7gwOwMx/rW/fQsI=
Subject key identifier: B0:BC:8D:AC:A4:92:45:F6:26:82:B4:6C:3F:5D:89:C4:0A:7C:D5:70
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 43BE6030A00400E1280487BE90E5AB6329ABE0C0
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS29802.roa
Signing time: Thu 13 Mar 2025 09:53:40 +0000
ROA not before: Thu 13 Mar 2025 09:48:40 +0000
ROA not after: Thu 12 Mar 2026 09:53:40 +0000
asID: 29802
IP address blocks: 82.21.41.0/24 maxlen: 24
82.21.67.0/24 maxlen: 24
82.21.74.0/24 maxlen: 24
82.21.93.0/24 maxlen: 24
82.21.103.0/24 maxlen: 24
82.21.110.0/24 maxlen: 24
82.21.113.0/24 maxlen: 24
82.21.119.0/24 maxlen: 24
82.21.122.0/24 maxlen: 24
82.21.124.0/24 maxlen: 24
82.21.132.0/24 maxlen: 24
82.21.138.0/24 maxlen: 24
82.21.139.0/24 maxlen: 24
82.21.140.0/24 maxlen: 24
82.21.143.0/24 maxlen: 24
82.21.148.0/24 maxlen: 24
82.21.152.0/24 maxlen: 24
82.21.155.0/24 maxlen: 24
82.21.157.0/24 maxlen: 24
82.21.163.0/24 maxlen: 24
82.21.188.0/24 maxlen: 24
82.24.92.0/22 maxlen: 24
82.24.96.0/22 maxlen: 24
82.24.116.0/22 maxlen: 24
82.24.128.0/22 maxlen: 24
82.24.132.0/22 maxlen: 24
82.24.136.0/22 maxlen: 24
82.24.140.0/22 maxlen: 24
82.24.148.0/22 maxlen: 24
82.24.152.0/22 maxlen: 24
82.24.156.0/22 maxlen: 24
82.24.160.0/22 maxlen: 24
82.24.164.0/22 maxlen: 24
82.24.168.0/22 maxlen: 24
82.24.176.0/22 maxlen: 24
82.24.196.0/22 maxlen: 24
82.25.146.0/23 maxlen: 24
82.25.148.0/23 maxlen: 24
82.25.150.0/23 maxlen: 24
82.25.152.0/23 maxlen: 24
82.25.154.0/23 maxlen: 24
82.25.156.0/23 maxlen: 24
82.25.158.0/23 maxlen: 24
82.25.161.0/24 maxlen: 24
82.25.162.0/23 maxlen: 24
82.25.164.0/23 maxlen: 24
82.25.166.0/23 maxlen: 24
82.25.168.0/23 maxlen: 24
82.25.170.0/23 maxlen: 24
82.25.172.0/23 maxlen: 24
82.25.176.0/23 maxlen: 24
82.25.178.0/23 maxlen: 24
82.25.182.0/23 maxlen: 24
82.25.188.0/23 maxlen: 24
82.26.66.0/24 maxlen: 24
82.26.120.0/24 maxlen: 24
82.26.156.0/24 maxlen: 24
82.26.171.0/24 maxlen: 24
82.26.174.0/24 maxlen: 24
82.26.176.0/21 maxlen: 24
82.26.184.0/21 maxlen: 24
82.26.193.0/24 maxlen: 24
82.26.194.0/24 maxlen: 24
82.26.196.0/24 maxlen: 24
2a13:9500:3::/48 maxlen: 48
2a13:9500:6::/48 maxlen: 48
2a13:9500:7::/48 maxlen: 48
2a13:9500:8::/48 maxlen: 48
2a13:9500:9::/48 maxlen: 48
2a13:9500:a::/48 maxlen: 48
2a13:9500:b::/48 maxlen: 48
2a13:9500:c::/48 maxlen: 48
2a13:9500:d::/48 maxlen: 48
2a13:9500:e::/48 maxlen: 48
2a13:9500:f::/48 maxlen: 48
2a13:9500:10::/48 maxlen: 48
2a13:9500:1c::/48 maxlen: 48
2a13:9500:1d::/48 maxlen: 48
2a13:9500:1e::/48 maxlen: 48
2a13:9500:1f::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
43:be:60:30:a0:04:00:e1:28:04:87:be:90:e5:ab:63:29:ab:e0:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Mar 13 09:48:40 2025 GMT
Not After : Mar 12 09:53:40 2026 GMT
Subject: CN=B0BC8DACA49245F62682B46C3F5D89C40A7CD570
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:f1:b2:57:e0:8b:dc:55:51:36:a8:5d:73:8f:
85:1e:d1:e1:b9:cd:90:ab:c7:f1:30:d8:26:c0:83:
ef:13:24:dc:1c:a6:a2:e3:da:45:16:50:3f:79:d9:
21:4e:90:29:b2:80:2d:81:07:49:d5:03:a4:6f:29:
70:1e:87:db:9c:82:61:43:57:3a:af:2d:1a:8a:2d:
1e:fa:09:1b:c0:11:aa:da:bf:ac:3c:c1:31:c0:44:
23:f3:87:41:85:e7:a1:24:88:2f:77:ba:f2:5b:cb:
9e:0f:20:67:14:db:9a:be:3b:ab:5f:78:8c:2c:46:
15:fb:d9:cd:f1:ea:11:49:be:19:1d:be:da:29:e1:
ce:ce:35:37:35:25:80:61:de:31:df:4e:4f:ad:03:
fe:0c:2b:ff:a7:4b:62:d8:56:a9:73:7b:bc:bc:f6:
ab:6a:4c:0e:72:29:84:60:29:31:99:44:fb:b7:12:
44:2b:6c:f8:d8:8d:38:fd:8c:45:3c:9d:73:15:43:
96:36:bd:6b:0d:b6:c6:47:3a:70:3a:a1:ae:3e:0c:
89:b5:52:d6:97:4a:ad:34:a3:b2:79:24:66:ad:1e:
5f:74:6a:31:2c:1d:94:65:1e:29:a2:03:eb:f6:fc:
53:a4:7c:72:de:c6:de:d4:b1:c6:06:0b:3e:ea:e9:
45:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:BC:8D:AC:A4:92:45:F6:26:82:B4:6C:3F:5D:89:C4:0A:7C:D5:70
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS29802.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.41.0/24
82.21.67.0/24
82.21.74.0/24
82.21.93.0/24
82.21.103.0/24
82.21.110.0/24
82.21.113.0/24
82.21.119.0/24
82.21.122.0/24
82.21.124.0/24
82.21.132.0/24
82.21.138.0-82.21.140.255
82.21.143.0/24
82.21.148.0/24
82.21.152.0/24
82.21.155.0/24
82.21.157.0/24
82.21.163.0/24
82.21.188.0/24
82.24.92.0-82.24.99.255
82.24.116.0/22
82.24.128.0/20
82.24.148.0-82.24.171.255
82.24.176.0/22
82.24.196.0/22
82.25.146.0-82.25.159.255
82.25.161.0-82.25.173.255
82.25.176.0/22
82.25.182.0/23
82.25.188.0/23
82.26.66.0/24
82.26.120.0/24
82.26.156.0/24
82.26.171.0/24
82.26.174.0/24
82.26.176.0/20
82.26.193.0-82.26.194.255
82.26.196.0/24
IPv6:
2a13:9500:3::/48
2a13:9500:6::-2a13:9500:10:ffff:ffff:ffff:ffff:ffff
2a13:9500:1c::/46
Signature Algorithm: sha256WithRSAEncryption
94:a6:84:74:fc:12:ba:51:fc:c5:99:e5:5a:b1:4e:cd:06:dd:
09:5f:f5:ef:37:16:78:bb:e1:06:db:5b:d0:1f:af:f3:6d:b6:
ac:e5:9d:23:9c:6c:24:dd:02:88:f5:f1:9f:a2:8f:1e:bf:6e:
59:ac:d0:d2:78:74:13:5d:b8:37:77:9e:99:c9:93:1b:f2:98:
79:6a:56:c7:3c:95:9a:e9:88:13:a4:10:c3:79:df:d7:12:57:
8a:99:e3:5e:26:cb:ee:89:53:91:3d:9d:48:61:fe:e5:6f:ea:
80:ed:ea:fe:54:d8:f5:f4:15:4b:9c:57:ef:00:f9:f3:b1:1d:
42:b9:95:d7:ce:14:e0:4f:f9:2f:39:6f:29:c3:5d:51:01:09:
9e:84:c5:4c:2e:78:14:f2:71:db:a7:cf:e7:24:72:bc:dc:64:
33:e9:ac:05:31:f7:e5:f8:ef:0f:0d:87:8f:cc:de:a3:29:19:
b7:17:68:9a:48:bf:a3:69:c3:ce:82:da:a8:46:ac:33:10:55:
cc:64:0b:2b:9c:c6:75:87:21:74:2a:49:8f:ce:21:dc:e1:82:
56:63:15:ef:f6:b3:00:13:ad:3d:b9:7e:42:61:aa:e1:b9:d6:
be:72:c2:bd:75:78:20:58:e5:0e:ff:d5:7a:d7:29:c1:f3:41:
23:0e:cd:21
-----BEGIN CERTIFICATE-----
MIIGRTCCBS2gAwIBAgIUQ75gMKAEAOEoBIe+kOWrYymr4MAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTAzMTMwOTQ4NDBaFw0yNjAzMTIwOTUzNDBaMDMxMTAvBgNV
BAMTKEIwQkM4REFDQTQ5MjQ1RjYyNjgyQjQ2QzNGNUQ4OUM0MEE3Q0Q1NzAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCZ8bJX4IvcVVE2qF1zj4Ue0eG5
zZCrx/Ew2CbAg+8TJNwcpqLj2kUWUD952SFOkCmygC2BB0nVA6RvKXAeh9ucgmFD
VzqvLRqKLR76CRvAEarav6w8wTHARCPzh0GF56EkiC93uvJby54PIGcU25q+O6tf
eIwsRhX72c3x6hFJvhkdvtop4c7ONTc1JYBh3jHfTk+tA/4MK/+nS2LYVqlze7y8
9qtqTA5yKYRgKTGZRPu3EkQrbPjYjTj9jEU8nXMVQ5Y2vWsNtsZHOnA6oa4+DIm1
UtaXSq00o7J5JGatHl90ajEsHZRlHimiA+v2/FOkfHLext7UscYGCz7q6UWnAgMB
AAGjggNPMIIDSzAdBgNVHQ4EFgQUsLyNrKSSRfYmgrRsP12JxAp81XAwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMjk4MDIucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwggFjBggrBgEFBQcBBwEB/wSCAVIwggFOMIIBHAQCAAEw
ggEUAwQAUhUpAwQAUhVDAwQAUhVKAwQAUhVdAwQAUhVnAwQAUhVuAwQAUhVxAwQA
UhV3AwQAUhV6AwQAUhV8AwQAUhWEMAwDBAFSFYoDBABSFYwDBABSFY8DBABSFZQD
BABSFZgDBABSFZsDBABSFZ0DBABSFaMDBABSFbwwDAMEAlIYXAMEAlIYYAMEAlIY
dAMEBFIYgDAMAwQCUhiUAwQCUhioAwQCUhiwAwQCUhjEMAwDBAFSGZIDBAVSGYAw
DAMEAFIZoQMEAVIZrAMEAlIZsAMEAVIZtgMEAVIZvAMEAFIaQgMEAFIaeAMEAFIa
nAMEAFIaqwMEAFIargMEBFIasDAMAwQAUhrBAwQAUhrCAwQAUhrEMCwEAgACMCYD
BwAqE5UAAAMwEgMHASoTlQAABgMHACoTlQAAEAMHAioTlQAAHDANBgkqhkiG9w0B
AQsFAAOCAQEAlKaEdPwSulH8xZnlWrFOzQbdCV/17zcWeLvhBttb0B+v8222rOWd
I5xsJN0CiPXxn6KPHr9uWazQ0nh0E124N3eemcmTG/KYeWpWxzyVmumIE6QQw3nf
1xJXipnjXibL7olTkT2dSGH+5W/qgO3q/lTY9fQVS5xX7wD587EdQrmV184U4E/5
LzlvKcNdUQEJnoTFTC54FPJx26fP5yRyvNxkM+msBTH35fjvDw2Hj8zeoykZtxdo
mki/o2nDzoLaqEasMxBVzGQLK5zGdYchdCpJj84h3OGCVmMV7/azABOtPbl+QmGq
4bnWvnLCvXV4IFjlDv/VetcpwfNBIw7NIQ==
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:34:27 2025 by rpki-client on console.sobornost.net