Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS834.roa
File: AS834.roa (raw, json)
Hash identifier: aAVSG96BQI8wqsQo2oq9jeqhpHSVZWgFQuEyeKlJzow=
Subject key identifier: E3:26:B6:1D:23:6B:09:72:04:C8:4C:DC:56:90:8A:EC:07:49:E6:A2
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 50EC22C57CABB628A5EC8B597CB14597092BD7F8
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS834.roa
Signing time: Tue 22 Jul 2025 00:01:28 +0000
ROA not before: Mon 21 Jul 2025 23:56:28 +0000
ROA not after: Tue 21 Jul 2026 00:01:28 +0000
asID: 834
IP address blocks: 82.21.153.0/24 maxlen: 24
82.21.187.0/24 maxlen: 24
82.22.124.0/22 maxlen: 24
82.22.187.0/24 maxlen: 24
82.24.83.0/24 maxlen: 24
82.25.39.0/24 maxlen: 24
82.25.42.0/23 maxlen: 24
82.25.44.0/24 maxlen: 24
82.25.46.0/23 maxlen: 24
82.25.135.0/24 maxlen: 24
82.25.142.0/23 maxlen: 24
82.25.190.0/24 maxlen: 24
82.26.65.0/24 maxlen: 24
82.26.150.0/23 maxlen: 24
82.26.193.0/24 maxlen: 24
82.26.198.0/24 maxlen: 24
82.26.202.0/24 maxlen: 24
82.27.106.0/24 maxlen: 24
82.29.52.0/24 maxlen: 24
82.29.95.0/24 maxlen: 24
82.29.107.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
50:ec:22:c5:7c:ab:b6:28:a5:ec:8b:59:7c:b1:45:97:09:2b:d7:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Jul 21 23:56:28 2025 GMT
Not After : Jul 21 00:01:28 2026 GMT
Subject: CN=E326B61D236B097204C84CDC56908AEC0749E6A2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:f1:61:25:76:f6:5c:90:24:8e:9c:70:90:18:
58:64:14:80:57:23:19:a1:6f:fe:a7:4a:35:fd:84:
a4:6f:f8:63:3a:fa:6d:f2:69:8c:33:50:49:12:68:
d2:97:95:04:39:37:68:23:a6:04:af:bd:18:c4:e0:
41:50:e0:f7:25:5b:eb:52:34:d2:7b:f6:1a:bc:a9:
7b:2f:84:62:0f:81:48:2a:8d:89:00:a9:56:de:3f:
bb:e4:31:c9:af:6d:2d:f2:ee:3d:2e:4d:2c:42:50:
da:31:68:99:67:71:80:01:15:c9:d1:47:4a:6f:00:
88:d0:6b:38:c9:2f:d1:a0:c7:3e:a8:e0:a1:8f:42:
e9:65:37:b9:5b:0a:0e:25:76:59:dc:64:d3:dc:9d:
7d:2f:d3:55:25:cc:46:b7:24:6d:47:d8:8f:c3:29:
a1:9b:6b:c4:24:37:0a:6d:b4:fc:75:f3:ba:af:5b:
8c:39:88:0d:3b:76:9a:b3:5c:48:54:c7:ce:7b:39:
9a:1f:be:bd:ff:33:4c:93:31:b1:8b:9e:2a:52:33:
a3:f1:e1:0e:c3:e1:09:aa:39:06:37:4a:c2:f9:82:
57:25:2d:27:2a:1f:27:d5:c6:dc:c0:a1:af:d0:3e:
1f:1d:49:15:19:0c:d9:cb:de:f0:55:3a:df:61:8f:
60:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:26:B6:1D:23:6B:09:72:04:C8:4C:DC:56:90:8A:EC:07:49:E6:A2
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS834.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.153.0/24
82.21.187.0/24
82.22.124.0/22
82.22.187.0/24
82.24.83.0/24
82.25.39.0/24
82.25.42.0-82.25.44.255
82.25.46.0/23
82.25.135.0/24
82.25.142.0/23
82.25.190.0/24
82.26.65.0/24
82.26.150.0/23
82.26.193.0/24
82.26.198.0/24
82.26.202.0/24
82.27.106.0/24
82.29.52.0/24
82.29.95.0/24
82.29.107.0/24
Signature Algorithm: sha256WithRSAEncryption
a8:18:36:be:36:4b:11:fd:01:80:58:b2:c9:84:bc:13:f5:db:
3f:7e:4c:47:1d:0a:c7:2d:36:38:6d:f9:cc:fe:67:c9:6c:d2:
80:64:65:bc:87:5b:ac:af:e2:bd:18:c5:d5:16:52:a7:02:26:
c5:ee:71:58:f0:c4:af:94:e9:3e:a9:77:41:e4:93:7f:9b:ec:
86:74:e9:83:38:0a:60:d0:c2:dd:64:45:fc:70:4f:f9:13:b8:
71:62:05:40:1f:4f:2b:de:fa:f2:43:ca:56:86:2b:03:eb:40:
4a:90:5c:07:01:17:37:1f:35:9b:98:06:64:5b:b9:14:fc:00:
0c:1f:12:60:d0:db:4d:34:ca:9e:36:61:b0:eb:3f:37:86:64:
4a:6e:2c:20:ae:4b:ab:02:b7:b5:c2:c4:14:48:b5:9f:4f:03:
9e:61:f7:11:44:ab:29:39:e2:e7:63:41:1c:ab:f3:67:0e:db:
44:7e:c0:c0:aa:c2:5c:af:89:02:89:e6:99:aa:c8:ff:44:7e:
04:0f:10:ac:65:ce:e3:f5:1f:cf:bb:8c:c3:42:3b:c5:cc:77:
30:cd:e9:06:a6:91:48:17:2d:f8:82:48:15:10:9f:c0:12:41:
41:9b:d4:b2:e6:21:b2:8a:11:76:a7:9e:d4:44:4d:ab:fa:18:
d1:4c:99:f2
-----BEGIN CERTIFICATE-----
MIIFfDCCBGSgAwIBAgIUUOwixXyrtiil7ItZfLFFlwkr1/gwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTA3MjEyMzU2MjhaFw0yNjA3MjEwMDAxMjhaMDMxMTAvBgNV
BAMTKEUzMjZCNjFEMjM2QjA5NzIwNEM4NENEQzU2OTA4QUVDMDc0OUU2QTIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC98WEldvZckCSOnHCQGFhkFIBX
Ixmhb/6nSjX9hKRv+GM6+m3yaYwzUEkSaNKXlQQ5N2gjpgSvvRjE4EFQ4PclW+tS
NNJ79hq8qXsvhGIPgUgqjYkAqVbeP7vkMcmvbS3y7j0uTSxCUNoxaJlncYABFcnR
R0pvAIjQazjJL9Ggxz6o4KGPQullN7lbCg4ldlncZNPcnX0v01UlzEa3JG1H2I/D
KaGba8QkNwpttPx187qvW4w5iA07dpqzXEhUx857OZofvr3/M0yTMbGLnipSM6Px
4Q7D4QmqOQY3SsL5glclLScqHyfVxtzAoa/QPh8dSRUZDNnL3vBVOt9hj2BBAgMB
AAGjggKGMIICgjAdBgNVHQ4EFgQU4ya2HSNrCXIEyEzcVpCK7AdJ5qIwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIweAYIKwYBBQUHAQsEbDBqMGgGCCsGAQUFBzALhlxyc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTODM0LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGdBggrBgEFBQcBBwEB/wSBjTCBijCBhwQCAAEwgYADBABS
FZkDBABSFbsDBAJSFnwDBABSFrsDBABSGFMDBABSGScwDAMEAVIZKgMEAFIZLAME
AVIZLgMEAFIZhwMEAVIZjgMEAFIZvgMEAFIaQQMEAVIalgMEAFIawQMEAFIaxgME
AFIaygMEAFIbagMEAFIdNAMEAFIdXwMEAFIdazANBgkqhkiG9w0BAQsFAAOCAQEA
qBg2vjZLEf0BgFiyyYS8E/XbP35MRx0Kxy02OG35zP5nyWzSgGRlvIdbrK/ivRjF
1RZSpwImxe5xWPDEr5TpPql3QeSTf5vshnTpgzgKYNDC3WRF/HBP+RO4cWIFQB9P
K9768kPKVoYrA+tASpBcBwEXNx81m5gGZFu5FPwADB8SYNDbTTTKnjZhsOs/N4Zk
Sm4sIK5LqwK3tcLEFEi1n08DnmH3EUSrKTni52NBHKvzZw7bRH7AwKrCXK+JAonm
marI/0R+BA8QrGXO4/Ufz7uMw0I7xcx3MM3pBqaRSBct+IJIFRCfwBJBQZvUsuYh
sooRdqee1ERNq/oY0UyZ8g==
-----END CERTIFICATE-----
Generated at Tue Jul 22 19:29:44 2025 by rpki-client