Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS834.roa
File: AS834.roa (raw, json)
Hash identifier: CbUp5VaXPaJAWGhWwsTE573PktpMrQj6j+vU4TNXRo8=
Subject key identifier: B5:64:81:61:21:80:68:C3:C0:65:29:63:52:3D:60:38:23:25:83:1F
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 41166B82B2C071832D086878F33AFBE43D1A13B5
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS834.roa
Signing time: Wed 23 Jul 2025 12:13:27 +0000
ROA not before: Wed 23 Jul 2025 12:08:27 +0000
ROA not after: Wed 22 Jul 2026 12:13:27 +0000
asID: 834
IP address blocks: 82.21.153.0/24 maxlen: 24
82.21.187.0/24 maxlen: 24
82.22.124.0/22 maxlen: 24
82.24.83.0/24 maxlen: 24
82.25.39.0/24 maxlen: 24
82.25.42.0/23 maxlen: 24
82.25.44.0/24 maxlen: 24
82.25.46.0/23 maxlen: 24
82.25.135.0/24 maxlen: 24
82.25.142.0/23 maxlen: 24
82.25.190.0/24 maxlen: 24
82.26.65.0/24 maxlen: 24
82.26.110.0/24 maxlen: 24
82.26.150.0/23 maxlen: 24
82.26.193.0/24 maxlen: 24
82.26.202.0/24 maxlen: 24
82.27.106.0/24 maxlen: 24
82.27.123.0/24 maxlen: 24
82.29.52.0/24 maxlen: 24
82.29.95.0/24 maxlen: 24
82.29.107.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 24 Jul 2025 14:02:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
41:16:6b:82:b2:c0:71:83:2d:08:68:78:f3:3a:fb:e4:3d:1a:13:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Jul 23 12:08:27 2025 GMT
Not After : Jul 22 12:13:27 2026 GMT
Subject: CN=B5648161218068C3C0652963523D60382325831F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:07:32:21:8d:e8:e0:d6:45:a0:68:de:15:bc:
d5:6f:5a:1b:75:78:bd:0e:7c:2b:3f:11:8e:cc:18:
4e:b7:27:82:1f:3b:2e:95:af:05:67:39:8a:e5:48:
72:a3:e0:27:fa:13:ab:79:7a:13:0c:05:ed:80:79:
60:c0:c5:bd:04:21:16:14:bd:35:b1:e0:75:55:a9:
bc:6a:9a:97:ee:e8:20:6f:89:49:b9:41:02:e3:68:
fb:a8:67:77:1c:3d:5a:6c:e0:9b:64:9f:50:82:37:
cd:5d:f5:36:5d:eb:23:3b:da:dd:92:b2:c5:cd:56:
50:42:c2:d8:71:20:c2:0d:16:30:d5:b7:d2:e4:2b:
0d:f9:9c:04:15:da:bd:c9:e6:54:83:12:fa:e9:ba:
7d:a5:2a:f4:7a:cf:fd:93:cc:e5:bf:01:af:fc:2a:
1f:82:03:f6:39:35:01:cf:f5:b2:3e:c5:b6:a5:3a:
79:64:00:20:d0:9b:95:1f:f4:84:fd:cc:77:17:1b:
19:a5:3f:eb:8e:af:a2:34:d7:7d:9f:c5:61:77:42:
41:b4:96:f5:98:00:11:68:ae:79:82:87:bf:dd:10:
3b:4e:22:f7:d5:df:3c:7c:8d:96:c3:ff:58:52:1f:
bd:b3:a2:9b:76:6c:e1:5b:db:65:69:63:e0:20:67:
92:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:64:81:61:21:80:68:C3:C0:65:29:63:52:3D:60:38:23:25:83:1F
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS834.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.153.0/24
82.21.187.0/24
82.22.124.0/22
82.24.83.0/24
82.25.39.0/24
82.25.42.0-82.25.44.255
82.25.46.0/23
82.25.135.0/24
82.25.142.0/23
82.25.190.0/24
82.26.65.0/24
82.26.110.0/24
82.26.150.0/23
82.26.193.0/24
82.26.202.0/24
82.27.106.0/24
82.27.123.0/24
82.29.52.0/24
82.29.95.0/24
82.29.107.0/24
Signature Algorithm: sha256WithRSAEncryption
42:78:3e:d6:07:79:a1:6c:20:71:99:a5:5d:ba:a3:63:f3:63:
b6:f8:16:0e:fa:0c:0f:6a:8a:ca:35:a6:53:31:19:0a:d0:4e:
c6:62:e0:26:07:55:dd:bb:d1:4b:ab:96:b7:39:63:0a:a1:db:
a2:9f:d8:aa:30:2d:84:5d:4d:1b:a8:87:e3:e0:cf:f8:76:83:
14:fb:2c:07:0d:b4:d6:6c:ad:62:27:2a:9e:aa:b2:57:c1:29:
4d:11:e5:ae:14:10:60:46:2a:56:ee:33:d6:d3:f0:a8:65:ea:
dc:c1:db:b0:5b:bc:9c:df:4f:61:b4:c3:52:22:96:36:0a:cb:
2b:23:95:6d:62:0c:78:45:54:69:aa:97:59:22:03:51:bd:8e:
21:01:8a:7e:83:9c:55:53:cd:44:86:b6:08:b1:7d:02:37:9b:
8f:81:7d:33:12:b0:c6:8e:53:ec:cb:7c:12:21:39:2f:4c:03:
fa:7d:36:95:d3:ce:1c:00:3d:3c:c8:aa:b9:66:59:9d:3c:43:
24:95:af:fd:ae:09:3e:0c:0f:3c:30:2d:e6:a7:84:21:34:57:
aa:3f:11:f5:a7:01:d8:73:75:05:b7:4b:03:c4:c9:87:1b:4f:
38:90:84:68:85:f2:cb:42:73:08:d1:59:53:91:4d:66:91:57:
5d:24:a2:ce
-----BEGIN CERTIFICATE-----
MIIFfDCCBGSgAwIBAgIUQRZrgrLAcYMtCGh48zr75D0aE7UwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTA3MjMxMjA4MjdaFw0yNjA3MjIxMjEzMjdaMDMxMTAvBgNV
BAMTKEI1NjQ4MTYxMjE4MDY4QzNDMDY1Mjk2MzUyM0Q2MDM4MjMyNTgzMUYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCtBzIhjejg1kWgaN4VvNVvWht1
eL0OfCs/EY7MGE63J4IfOy6VrwVnOYrlSHKj4Cf6E6t5ehMMBe2AeWDAxb0EIRYU
vTWx4HVVqbxqmpfu6CBviUm5QQLjaPuoZ3ccPVps4Jtkn1CCN81d9TZd6yM72t2S
ssXNVlBCwthxIMINFjDVt9LkKw35nAQV2r3J5lSDEvrpun2lKvR6z/2TzOW/Aa/8
Kh+CA/Y5NQHP9bI+xbalOnlkACDQm5Uf9IT9zHcXGxmlP+uOr6I0132fxWF3QkG0
lvWYABFornmCh7/dEDtOIvfV3zx8jZbD/1hSH72zopt2bOFb22VpY+AgZ5IfAgMB
AAGjggKGMIICgjAdBgNVHQ4EFgQUtWSBYSGAaMPAZSljUj1gOCMlgx8wHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIweAYIKwYBBQUHAQsEbDBqMGgGCCsGAQUFBzALhlxyc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTODM0LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGdBggrBgEFBQcBBwEB/wSBjTCBijCBhwQCAAEwgYADBABS
FZkDBABSFbsDBAJSFnwDBABSGFMDBABSGScwDAMEAVIZKgMEAFIZLAMEAVIZLgME
AFIZhwMEAVIZjgMEAFIZvgMEAFIaQQMEAFIabgMEAVIalgMEAFIawQMEAFIaygME
AFIbagMEAFIbewMEAFIdNAMEAFIdXwMEAFIdazANBgkqhkiG9w0BAQsFAAOCAQEA
Qng+1gd5oWwgcZmlXbqjY/NjtvgWDvoMD2qKyjWmUzEZCtBOxmLgJgdV3bvRS6uW
tzljCqHbop/YqjAthF1NG6iH4+DP+HaDFPssBw201mytYicqnqqyV8EpTRHlrhQQ
YEYqVu4z1tPwqGXq3MHbsFu8nN9PYbTDUiKWNgrLKyOVbWIMeEVUaaqXWSIDUb2O
IQGKfoOcVVPNRIa2CLF9Ajebj4F9MxKwxo5T7Mt8EiE5L0wD+n02ldPOHAA9PMiq
uWZZnTxDJJWv/a4JPgwPPDAt5qeEITRXqj8R9acB2HN1BbdLA8TJhxtPOJCEaIXy
y0JzCNFZU5FNZpFXXSSizg==
-----END CERTIFICATE-----
Generated at Thu Jul 24 03:49:13 2025 by rpki-client