Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS834.roa
File: AS834.roa (raw, json)
Hash identifier: iFMIw9GZKgY2/GBuY678073zvDARmQPTyzsFg1mpfRY=
Subject key identifier: B0:7E:E7:DD:A3:DC:C7:A6:5B:7B:E2:E0:9B:4B:08:A8:BC:3A:09:0C
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 1A55B96E073020914745A2D96AF2ACE9506EF94D
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS834.roa
Signing time: Fri 25 Jul 2025 10:53:36 +0000
ROA not before: Fri 25 Jul 2025 10:48:36 +0000
ROA not after: Fri 24 Jul 2026 10:53:36 +0000
asID: 834
IP address blocks: 82.21.153.0/24 maxlen: 24
82.21.187.0/24 maxlen: 24
82.22.124.0/22 maxlen: 24
82.22.196.0/24 maxlen: 24
82.24.83.0/24 maxlen: 24
82.25.39.0/24 maxlen: 24
82.25.42.0/23 maxlen: 24
82.25.44.0/24 maxlen: 24
82.25.46.0/23 maxlen: 24
82.25.135.0/24 maxlen: 24
82.25.142.0/23 maxlen: 24
82.25.190.0/24 maxlen: 24
82.26.65.0/24 maxlen: 24
82.26.110.0/24 maxlen: 24
82.26.150.0/23 maxlen: 24
82.26.193.0/24 maxlen: 24
82.26.202.0/24 maxlen: 24
82.27.106.0/24 maxlen: 24
82.27.123.0/24 maxlen: 24
82.29.95.0/24 maxlen: 24
82.29.107.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 26 Jul 2025 15:55:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1a:55:b9:6e:07:30:20:91:47:45:a2:d9:6a:f2:ac:e9:50:6e:f9:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Jul 25 10:48:36 2025 GMT
Not After : Jul 24 10:53:36 2026 GMT
Subject: CN=B07EE7DDA3DCC7A65B7BE2E09B4B08A8BC3A090C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:c6:a3:1b:6d:85:95:e8:fd:fb:0b:0f:90:eb:
02:8c:9d:64:8d:33:41:10:f2:7d:bc:bc:71:a0:39:
ed:1f:86:d9:6e:33:2c:ff:de:9b:fb:99:2b:60:5a:
77:7f:09:70:4c:cd:03:02:d8:d9:a0:e3:94:d1:e3:
0b:22:61:71:09:32:2e:15:46:1a:fd:3e:96:00:38:
5d:96:91:08:98:1b:40:8c:87:fb:07:8b:d6:57:bf:
a3:fd:90:5c:59:24:53:69:b4:61:35:88:57:7a:7a:
5a:58:ad:73:d0:a7:e6:63:3f:0f:6c:e4:a4:51:fd:
f4:09:97:d6:f8:7b:c8:73:6c:96:5a:d3:69:b0:ad:
5f:15:ed:ad:fa:75:f3:c4:72:f2:14:21:dd:fb:61:
51:b3:5e:8e:93:3a:e7:1c:53:37:b8:c2:87:73:a0:
0d:fc:1b:87:78:c9:df:d0:14:24:21:23:d8:25:98:
a3:f9:88:a8:52:b5:73:de:1e:02:dc:a0:10:6d:59:
82:99:55:38:ec:90:9e:de:d4:18:fa:ca:3e:48:54:
35:62:d9:fa:db:5a:d8:84:d3:87:48:31:56:1b:8a:
b1:e3:01:f5:88:8f:76:aa:e2:4d:2c:c2:bb:45:6a:
05:ba:44:b1:ee:84:a0:7f:91:a2:e7:80:c7:85:c9:
81:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:7E:E7:DD:A3:DC:C7:A6:5B:7B:E2:E0:9B:4B:08:A8:BC:3A:09:0C
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS834.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.153.0/24
82.21.187.0/24
82.22.124.0/22
82.22.196.0/24
82.24.83.0/24
82.25.39.0/24
82.25.42.0-82.25.44.255
82.25.46.0/23
82.25.135.0/24
82.25.142.0/23
82.25.190.0/24
82.26.65.0/24
82.26.110.0/24
82.26.150.0/23
82.26.193.0/24
82.26.202.0/24
82.27.106.0/24
82.27.123.0/24
82.29.95.0/24
82.29.107.0/24
Signature Algorithm: sha256WithRSAEncryption
03:35:9a:a9:a4:97:3d:ba:a0:03:96:62:be:6d:a0:65:f7:8d:
0a:80:4b:4d:38:07:cf:53:06:f2:07:8a:18:a1:e4:f4:ee:e5:
45:be:a0:36:b1:5f:d2:b7:af:cc:52:ba:63:bb:a8:46:1c:8b:
d7:b5:dd:90:70:b2:4e:a8:fc:f4:b8:24:40:6f:20:b6:41:10:
09:52:70:6f:c4:43:5f:bb:fb:09:44:22:a3:17:1e:e9:3e:2b:
26:12:ec:68:f1:0a:93:bc:1b:e2:5f:b4:42:1b:6f:5a:f6:c2:
41:00:9c:6c:26:91:f7:9f:28:0e:4d:2a:4b:47:23:49:52:b5:
16:57:2e:37:f0:de:3e:d6:5a:0c:f4:4a:e3:0c:64:c0:32:05:
e5:d9:ce:79:c8:0b:51:4b:4c:7b:1a:88:8b:b5:ea:61:36:eb:
7e:67:2e:57:16:49:4a:f3:ea:d6:42:11:7a:39:98:b6:11:55:
8b:5d:82:d1:2d:bc:64:e2:e8:7a:51:bf:19:57:bc:9c:ae:4e:
9f:b2:9e:2f:9a:a2:17:ee:83:d0:16:fc:b6:54:62:83:6e:0b:
3c:e4:c5:bf:69:9d:50:72:f3:63:ab:12:af:9d:c4:89:af:78:
f1:be:78:9a:f8:92:46:b3:19:92:c4:7a:65:ad:2e:2c:62:78:
0f:2f:96:00
-----BEGIN CERTIFICATE-----
MIIFfDCCBGSgAwIBAgIUGlW5bgcwIJFHRaLZavKs6VBu+U0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTA3MjUxMDQ4MzZaFw0yNjA3MjQxMDUzMzZaMDMxMTAvBgNV
BAMTKEIwN0VFN0REQTNEQ0M3QTY1QjdCRTJFMDlCNEIwOEE4QkMzQTA5MEMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCkxqMbbYWV6P37Cw+Q6wKMnWSN
M0EQ8n28vHGgOe0fhtluMyz/3pv7mStgWnd/CXBMzQMC2Nmg45TR4wsiYXEJMi4V
Rhr9PpYAOF2WkQiYG0CMh/sHi9ZXv6P9kFxZJFNptGE1iFd6elpYrXPQp+ZjPw9s
5KRR/fQJl9b4e8hzbJZa02mwrV8V7a36dfPEcvIUId37YVGzXo6TOuccUze4wodz
oA38G4d4yd/QFCQhI9glmKP5iKhStXPeHgLcoBBtWYKZVTjskJ7e1Bj6yj5IVDVi
2frbWtiE04dIMVYbirHjAfWIj3aq4k0swrtFagW6RLHuhKB/kaLngMeFyYF3AgMB
AAGjggKGMIICgjAdBgNVHQ4EFgQUsH7n3aPcx6Zbe+Lgm0sIqLw6CQwwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIweAYIKwYBBQUHAQsEbDBqMGgGCCsGAQUFBzALhlxyc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTODM0LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGdBggrBgEFBQcBBwEB/wSBjTCBijCBhwQCAAEwgYADBABS
FZkDBABSFbsDBAJSFnwDBABSFsQDBABSGFMDBABSGScwDAMEAVIZKgMEAFIZLAME
AVIZLgMEAFIZhwMEAVIZjgMEAFIZvgMEAFIaQQMEAFIabgMEAVIalgMEAFIawQME
AFIaygMEAFIbagMEAFIbewMEAFIdXwMEAFIdazANBgkqhkiG9w0BAQsFAAOCAQEA
AzWaqaSXPbqgA5Zivm2gZfeNCoBLTTgHz1MG8geKGKHk9O7lRb6gNrFf0revzFK6
Y7uoRhyL17XdkHCyTqj89LgkQG8gtkEQCVJwb8RDX7v7CUQioxce6T4rJhLsaPEK
k7wb4l+0QhtvWvbCQQCcbCaR958oDk0qS0cjSVK1FlcuN/DePtZaDPRK4wxkwDIF
5dnOecgLUUtMexqIi7XqYTbrfmcuVxZJSvPq1kIRejmYthFVi12C0S28ZOLoelG/
GVe8nK5On7KeL5qiF+6D0Bb8tlRig24LPOTFv2mdUHLzY6sSr53Eia948b54mviS
RrMZksR6Za0uLGJ4Dy+WAA==
-----END CERTIFICATE-----
Generated at Sat Jul 26 02:02:11 2025 by rpki-client