Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS834.roa
File: AS834.roa (raw, json)
Hash identifier: ct8o1NDlklPH65ZyC480aA6GGIJ8+v24TQzCCwaYAAM=
Subject key identifier: B5:B9:44:4A:0F:A5:B9:04:EB:7D:40:AB:16:95:AE:05:2A:F6:23:9F
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 698B1B5AB87063294ED600FCDBDE0AEB4BFAF0AA
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS834.roa
Signing time: Thu 24 Jul 2025 09:48:23 +0000
ROA not before: Thu 24 Jul 2025 09:43:23 +0000
ROA not after: Thu 23 Jul 2026 09:48:23 +0000
asID: 834
IP address blocks: 82.21.153.0/24 maxlen: 24
82.21.187.0/24 maxlen: 24
82.22.124.0/22 maxlen: 24
82.22.196.0/24 maxlen: 24
82.24.83.0/24 maxlen: 24
82.25.39.0/24 maxlen: 24
82.25.42.0/23 maxlen: 24
82.25.44.0/24 maxlen: 24
82.25.46.0/23 maxlen: 24
82.25.135.0/24 maxlen: 24
82.25.142.0/23 maxlen: 24
82.25.190.0/24 maxlen: 24
82.26.65.0/24 maxlen: 24
82.26.110.0/24 maxlen: 24
82.26.150.0/23 maxlen: 24
82.26.193.0/24 maxlen: 24
82.26.202.0/24 maxlen: 24
82.27.106.0/24 maxlen: 24
82.27.123.0/24 maxlen: 24
82.29.95.0/24 maxlen: 24
82.29.107.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 25 Jul 2025 21:18:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
69:8b:1b:5a:b8:70:63:29:4e:d6:00:fc:db:de:0a:eb:4b:fa:f0:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Jul 24 09:43:23 2025 GMT
Not After : Jul 23 09:48:23 2026 GMT
Subject: CN=B5B9444A0FA5B904EB7D40AB1695AE052AF6239F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:45:10:ed:36:43:11:44:7c:0e:f0:7f:85:2a:
81:3e:2c:0e:58:9a:e3:af:0b:3f:d3:10:87:b1:aa:
3d:80:98:54:ee:26:84:df:7f:89:8b:c7:bc:26:04:
95:23:3d:39:b7:26:c2:47:9f:04:b2:65:0c:2b:09:
52:87:04:09:b6:61:9f:42:50:65:31:da:03:6b:68:
2d:72:8e:69:30:03:80:3e:b4:c7:c5:a9:5d:31:47:
95:50:b3:ab:a9:b1:f2:b6:f7:c1:19:df:20:c0:3c:
53:88:02:55:21:e2:5c:91:28:9d:07:2c:f7:b6:fd:
8e:45:9d:8a:f2:3c:c2:b9:c3:7e:50:8e:59:45:ac:
fa:e8:42:db:65:c7:ed:6c:47:62:13:be:13:8e:44:
d8:66:6c:fe:c3:17:e7:b4:87:6e:f1:26:55:24:4b:
8a:d9:d3:65:14:5c:b8:42:fd:cb:cc:aa:32:e9:9f:
e7:d0:a8:32:20:c0:89:21:fa:4a:22:dc:33:3f:26:
6b:92:44:36:c0:8d:9a:4c:cf:36:d3:f3:9f:2d:5c:
70:c9:26:86:d5:97:11:b1:c0:6c:bd:79:db:ae:be:
77:78:6a:5e:c0:53:a8:56:73:26:27:50:1e:52:47:
2a:c1:f6:12:eb:f0:41:f2:0b:0f:f1:5c:86:32:42:
d7:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:B9:44:4A:0F:A5:B9:04:EB:7D:40:AB:16:95:AE:05:2A:F6:23:9F
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS834.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.153.0/24
82.21.187.0/24
82.22.124.0/22
82.22.196.0/24
82.24.83.0/24
82.25.39.0/24
82.25.42.0-82.25.44.255
82.25.46.0/23
82.25.135.0/24
82.25.142.0/23
82.25.190.0/24
82.26.65.0/24
82.26.110.0/24
82.26.150.0/23
82.26.193.0/24
82.26.202.0/24
82.27.106.0/24
82.27.123.0/24
82.29.95.0/24
82.29.107.0/24
Signature Algorithm: sha256WithRSAEncryption
79:41:d6:97:a3:58:d9:84:bc:a0:67:35:a3:f7:f7:cb:87:d7:
9d:8f:68:a2:0e:29:62:52:e1:9f:71:73:89:82:e8:9a:d4:12:
7a:99:aa:9f:d9:2a:58:cc:e4:0d:2b:be:99:26:93:13:38:c4:
8d:22:d8:d9:e6:24:13:97:ae:95:07:0a:6a:63:e3:c8:7b:c8:
ee:e5:00:2c:f5:8c:b1:81:06:bc:17:28:d0:8d:47:b5:f3:89:
09:be:7c:f4:d4:a9:49:fe:4b:6f:3d:2d:fb:cc:04:97:59:58:
48:ba:88:44:b2:ca:39:28:6e:e8:03:0a:52:bf:1a:1f:00:7c:
4d:44:84:df:d2:16:69:d6:a4:d5:c7:b4:aa:51:11:75:54:94:
dc:81:ac:ad:5b:13:b4:a5:56:4f:7f:3e:2a:6c:4a:c4:66:8c:
dd:23:92:59:73:a9:51:df:1b:ce:6e:4d:de:40:d1:70:9b:b7:
04:f3:ea:1a:30:bd:0e:9d:49:d2:ed:e0:d9:ce:5b:b0:6b:07:
25:d0:0e:dd:af:8e:06:7b:a7:78:28:53:1c:9f:87:9f:e1:2b:
58:9f:97:e7:b0:e7:34:dd:47:8d:21:08:49:36:79:b0:35:de:
dc:52:cd:e5:68:8f:1f:14:ec:5e:f6:b6:e2:59:08:c7:dc:e3:
e0:f2:63:ff
-----BEGIN CERTIFICATE-----
MIIFfDCCBGSgAwIBAgIUaYsbWrhwYylO1gD8294K60v68KowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTA3MjQwOTQzMjNaFw0yNjA3MjMwOTQ4MjNaMDMxMTAvBgNV
BAMTKEI1Qjk0NDRBMEZBNUI5MDRFQjdENDBBQjE2OTVBRTA1MkFGNjIzOUYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDARRDtNkMRRHwO8H+FKoE+LA5Y
muOvCz/TEIexqj2AmFTuJoTff4mLx7wmBJUjPTm3JsJHnwSyZQwrCVKHBAm2YZ9C
UGUx2gNraC1yjmkwA4A+tMfFqV0xR5VQs6upsfK298EZ3yDAPFOIAlUh4lyRKJ0H
LPe2/Y5FnYryPMK5w35QjllFrProQttlx+1sR2ITvhOORNhmbP7DF+e0h27xJlUk
S4rZ02UUXLhC/cvMqjLpn+fQqDIgwIkh+koi3DM/JmuSRDbAjZpMzzbT858tXHDJ
JobVlxGxwGy9eduuvnd4al7AU6hWcyYnUB5SRyrB9hLr8EHyCw/xXIYyQtc9AgMB
AAGjggKGMIICgjAdBgNVHQ4EFgQUtblESg+luQTrfUCrFpWuBSr2I58wHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIweAYIKwYBBQUHAQsEbDBqMGgGCCsGAQUFBzALhlxyc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTODM0LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGdBggrBgEFBQcBBwEB/wSBjTCBijCBhwQCAAEwgYADBABS
FZkDBABSFbsDBAJSFnwDBABSFsQDBABSGFMDBABSGScwDAMEAVIZKgMEAFIZLAME
AVIZLgMEAFIZhwMEAVIZjgMEAFIZvgMEAFIaQQMEAFIabgMEAVIalgMEAFIawQME
AFIaygMEAFIbagMEAFIbewMEAFIdXwMEAFIdazANBgkqhkiG9w0BAQsFAAOCAQEA
eUHWl6NY2YS8oGc1o/f3y4fXnY9oog4pYlLhn3FziYLomtQSepmqn9kqWMzkDSu+
mSaTEzjEjSLY2eYkE5eulQcKamPjyHvI7uUALPWMsYEGvBco0I1HtfOJCb589NSp
Sf5Lbz0t+8wEl1lYSLqIRLLKOShu6AMKUr8aHwB8TUSE39IWadak1ce0qlERdVSU
3IGsrVsTtKVWT38+KmxKxGaM3SOSWXOpUd8bzm5N3kDRcJu3BPPqGjC9Dp1J0u3g
2c5bsGsHJdAO3a+OBnuneChTHJ+Hn+ErWJ+X57DnNN1HjSEISTZ5sDXe3FLN5WiP
HxTsXva24lkIx9zj4PJj/w==
-----END CERTIFICATE-----
Generated at Fri Jul 25 03:48:03 2025 by rpki-client