Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS834.roa
File: AS834.roa (raw, json)
Hash identifier: hAf+4Q3Y5lrp0jV5d/DQCFgepb/Us3T/yWhoElVu6QU=
Subject key identifier: 33:8C:77:5B:FD:A6:20:A2:D6:CA:2A:52:94:C4:38:E4:02:79:9B:96
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 6EA4E014A069D84043D68110F76D685BC0BCE7B6
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS834.roa
Signing time: Sun 19 Apr 2026 20:29:32 +0000
ROA not before: Sun 19 Apr 2026 20:24:32 +0000
ROA not after: Sun 18 Apr 2027 20:29:32 +0000
asID: 834
IP address blocks: 96.62.73.0/24 maxlen: 24
96.62.101.0/24 maxlen: 24
140.150.152.0/24 maxlen: 24
140.150.224.0/24 maxlen: 24
140.233.174.0/24 maxlen: 24
140.233.184.0/24 maxlen: 24
143.14.16.0/24 maxlen: 24
143.14.47.0/24 maxlen: 24
143.14.59.0/24 maxlen: 24
143.14.68.0/24 maxlen: 24
143.14.76.0/24 maxlen: 24
143.14.132.0/23 maxlen: 24
143.14.152.0/24 maxlen: 24
143.14.186.0/24 maxlen: 24
143.14.218.0/24 maxlen: 24
146.103.22.0/24 maxlen: 24
146.103.29.0/24 maxlen: 24
147.79.7.0/24 maxlen: 24
147.79.58.0/24 maxlen: 24
147.79.60.0/24 maxlen: 24
148.135.172.0/23 maxlen: 24
148.135.194.0/24 maxlen: 24
148.135.203.0/24 maxlen: 24
148.135.255.0/24 maxlen: 24
150.241.138.0/24 maxlen: 24
150.241.141.0/24 maxlen: 24
150.241.228.0/24 maxlen: 24
150.241.240.0/24 maxlen: 24
150.241.242.0/24 maxlen: 24
155.117.4.0/24 maxlen: 24
155.117.13.0/24 maxlen: 24
155.117.23.0/24 maxlen: 24
155.117.63.0/24 maxlen: 24
155.117.79.0/24 maxlen: 24
155.117.102.0/24 maxlen: 24
155.117.112.0/24 maxlen: 24
155.117.127.0/24 maxlen: 24
155.117.137.0/24 maxlen: 24
155.117.159.0/24 maxlen: 24
155.117.184.0/24 maxlen: 24
155.117.186.0/24 maxlen: 24
155.117.214.0/24 maxlen: 24
155.117.228.0/24 maxlen: 24
155.117.245.0/24 maxlen: 24
162.141.1.0/24 maxlen: 24
162.141.5.0/24 maxlen: 24
162.141.8.0/24 maxlen: 24
162.141.20.0/24 maxlen: 24
162.141.70.0/24 maxlen: 24
162.141.137.0/24 maxlen: 24
162.141.161.0/24 maxlen: 24
167.148.3.0/24 maxlen: 24
167.148.170.0/24 maxlen: 24
167.148.188.0/24 maxlen: 24
167.148.194.0/24 maxlen: 24
167.148.206.0/24 maxlen: 24
168.222.10.0/24 maxlen: 24
168.222.14.0/24 maxlen: 24
168.222.17.0/24 maxlen: 24
168.222.24.0/24 maxlen: 24
168.222.41.0/24 maxlen: 24
168.222.45.0/24 maxlen: 24
168.222.54.0/24 maxlen: 24
168.222.61.0/24 maxlen: 24
168.222.62.0/24 maxlen: 24
168.222.65.0/24 maxlen: 24
168.222.66.0/24 maxlen: 24
168.222.72.0/22 maxlen: 24
168.222.76.0/23 maxlen: 24
168.222.78.0/24 maxlen: 24
168.222.83.0/24 maxlen: 24
168.222.84.0/24 maxlen: 24
168.222.89.0/24 maxlen: 24
168.222.91.0/24 maxlen: 24
168.222.96.0/24 maxlen: 24
168.222.104.0/23 maxlen: 24
168.222.106.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Apr 2026 13:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6e:a4:e0:14:a0:69:d8:40:43:d6:81:10:f7:6d:68:5b:c0:bc:e7:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Apr 19 20:24:32 2026 GMT
Not After : Apr 18 20:29:32 2027 GMT
Subject: CN=338C775BFDA620A2D6CA2A5294C438E402799B96
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:96:c1:5e:72:70:58:55:1e:35:30:8d:e1:84:
09:5f:6f:f0:6a:9e:be:c5:8a:ec:47:08:ca:b7:0a:
a2:bc:fd:d5:a7:ca:98:47:7c:b3:ab:41:8e:0f:bb:
bf:2e:2b:7f:5d:9b:7f:e9:29:e2:eb:e2:35:f6:f2:
fe:8a:aa:87:c6:cd:1c:73:c6:9a:0d:5b:9b:89:0c:
3b:21:2e:fa:0b:2d:22:ae:7d:a1:91:2e:9a:c0:ac:
12:32:81:b6:d6:ad:f6:17:6d:99:19:11:da:85:91:
91:a0:15:6b:ad:da:77:53:57:26:0c:19:34:1e:8e:
36:a4:8a:21:e6:ce:50:42:f3:9e:a3:6e:6e:d7:41:
6a:43:4e:6b:db:f2:45:f1:b7:91:35:d6:14:1f:e1:
8d:a8:cc:48:8a:df:c4:14:68:e6:b6:88:87:84:3d:
da:37:e9:c3:cf:6e:c4:8e:f0:a5:f2:14:81:ba:20:
6e:b6:13:9d:48:d5:a2:e0:11:5b:08:7c:a2:94:ec:
04:55:71:6b:04:25:32:f2:0e:ae:74:6b:9c:e7:64:
5e:6f:88:ac:ba:93:d1:70:65:fb:f6:0f:a8:b1:3d:
99:e9:34:3a:b4:0e:4a:1f:51:96:94:fe:26:15:de:
af:a3:2f:d2:e2:d1:4b:f5:b7:d3:40:5e:0d:a4:a8:
bc:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:8C:77:5B:FD:A6:20:A2:D6:CA:2A:52:94:C4:38:E4:02:79:9B:96
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS834.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
96.62.73.0/24
96.62.101.0/24
140.150.152.0/24
140.150.224.0/24
140.233.174.0/24
140.233.184.0/24
143.14.16.0/24
143.14.47.0/24
143.14.59.0/24
143.14.68.0/24
143.14.76.0/24
143.14.132.0/23
143.14.152.0/24
143.14.186.0/24
143.14.218.0/24
146.103.22.0/24
146.103.29.0/24
147.79.7.0/24
147.79.58.0/24
147.79.60.0/24
148.135.172.0/23
148.135.194.0/24
148.135.203.0/24
148.135.255.0/24
150.241.138.0/24
150.241.141.0/24
150.241.228.0/24
150.241.240.0/24
150.241.242.0/24
155.117.4.0/24
155.117.13.0/24
155.117.23.0/24
155.117.63.0/24
155.117.79.0/24
155.117.102.0/24
155.117.112.0/24
155.117.127.0/24
155.117.137.0/24
155.117.159.0/24
155.117.184.0/24
155.117.186.0/24
155.117.214.0/24
155.117.228.0/24
155.117.245.0/24
162.141.1.0/24
162.141.5.0/24
162.141.8.0/24
162.141.20.0/24
162.141.70.0/24
162.141.137.0/24
162.141.161.0/24
167.148.3.0/24
167.148.170.0/24
167.148.188.0/24
167.148.194.0/24
167.148.206.0/24
168.222.10.0/24
168.222.14.0/24
168.222.17.0/24
168.222.24.0/24
168.222.41.0/24
168.222.45.0/24
168.222.54.0/24
168.222.61.0-168.222.62.255
168.222.65.0-168.222.66.255
168.222.72.0-168.222.78.255
168.222.83.0-168.222.84.255
168.222.89.0/24
168.222.91.0/24
168.222.96.0/24
168.222.104.0-168.222.106.255
Signature Algorithm: sha256WithRSAEncryption
25:81:53:bd:87:af:ee:7a:48:6c:e8:cc:55:9f:32:73:ae:14:
c7:20:b5:f7:59:71:d2:3c:f5:42:52:e1:73:d9:7e:fb:e4:ed:
e2:fc:ce:9b:90:86:2f:a9:dc:b5:8e:b2:9e:1e:2a:6c:ac:49:
56:24:de:3c:0b:0c:b1:01:aa:bd:23:41:ea:56:41:f6:f2:08:
75:cc:28:73:0b:7f:49:3c:5e:8d:44:d9:e6:31:7a:3c:8f:34:
64:9e:93:b7:15:2d:ad:eb:37:71:d4:bb:ac:51:4c:03:87:34:
de:5a:1d:70:64:33:0f:4a:d8:03:3f:2e:11:f6:12:5d:a4:68:
8d:47:3f:63:91:9c:af:4f:31:03:a3:fb:32:54:4f:f2:b5:dd:
6f:19:31:87:e2:4d:2d:7e:06:b6:e1:13:9b:28:48:4e:f5:ba:
26:13:85:f4:82:0a:d3:d4:d3:35:da:97:50:d8:8b:8c:90:7b:
ce:e1:1e:b8:71:a9:55:51:11:d6:4d:63:e6:5d:ee:d2:d4:02:
6f:30:b3:c8:34:45:21:55:cf:3a:39:28:e6:ed:1a:ea:ed:0c:
53:3a:29:f5:cf:bb:dd:19:fb:0f:a0:63:de:60:87:48:61:92:
8c:7b:45:56:eb:1b:5e:02:cf:5c:a2:c6:b1:c8:0c:0a:d0:6e:
2b:34:9f:78
-----BEGIN CERTIFICATE-----
MIIG0zCCBbugAwIBAgIUbqTgFKBp2EBD1oEQ921oW8C857YwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNjA0MTkyMDI0MzJaFw0yNzA0MTgyMDI5MzJaMDMxMTAvBgNV
BAMTKDMzOEM3NzVCRkRBNjIwQTJENkNBMkE1Mjk0QzQzOEU0MDI3OTlCOTYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCwlsFecnBYVR41MI3hhAlfb/Bq
nr7FiuxHCMq3CqK8/dWnyphHfLOrQY4Pu78uK39dm3/pKeLr4jX28v6KqofGzRxz
xpoNW5uJDDshLvoLLSKufaGRLprArBIygbbWrfYXbZkZEdqFkZGgFWut2ndTVyYM
GTQejjakiiHmzlBC856jbm7XQWpDTmvb8kXxt5E11hQf4Y2ozEiK38QUaOa2iIeE
Pdo36cPPbsSO8KXyFIG6IG62E51I1aLgEVsIfKKU7ARVcWsEJTLyDq50a5znZF5v
iKy6k9FwZfv2D6ixPZnpNDq0DkofUZaU/iYV3q+jL9Li0Uv1t9NAXg2kqLzlAgMB
AAGjggPdMIID2TAdBgNVHQ4EFgQUM4x3W/2mIKLWyipSlMQ45AJ5m5YwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIweAYIKwYBBQUHAQsEbDBqMGgGCCsGAQUFBzALhlxyc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTODM0LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIB8wYIKwYBBQUHAQcBAf8EggHiMIIB3jCCAdoEAgABMIIB
0gMEAGA+SQMEAGA+ZQMEAIyWmAMEAIyW4AMEAIzprgMEAIzpuAMEAI8OEAMEAI8O
LwMEAI8OOwMEAI8ORAMEAI8OTAMEAY8OhAMEAI8OmAMEAI8OugMEAI8O2gMEAJJn
FgMEAJJnHQMEAJNPBwMEAJNPOgMEAJNPPAMEAZSHrAMEAJSHwgMEAJSHywMEAJSH
/wMEAJbxigMEAJbxjQMEAJbx5AMEAJbx8AMEAJbx8gMEAJt1BAMEAJt1DQMEAJt1
FwMEAJt1PwMEAJt1TwMEAJt1ZgMEAJt1cAMEAJt1fwMEAJt1iQMEAJt1nwMEAJt1
uAMEAJt1ugMEAJt11gMEAJt15AMEAJt19QMEAKKNAQMEAKKNBQMEAKKNCAMEAKKN
FAMEAKKNRgMEAKKNiQMEAKKNoQMEAKeUAwMEAKeUqgMEAKeUvAMEAKeUwgMEAKeU
zgMEAKjeCgMEAKjeDgMEAKjeEQMEAKjeGAMEAKjeKQMEAKjeLQMEAKjeNjAMAwQA
qN49AwQAqN4+MAwDBACo3kEDBACo3kIwDAMEA6jeSAMEAKjeTjAMAwQAqN5TAwQA
qN5UAwQAqN5ZAwQAqN5bAwQAqN5gMAwDBAOo3mgDBACo3mowDQYJKoZIhvcNAQEL
BQADggEBACWBU72Hr+56SGzozFWfMnOuFMcgtfdZcdI89UJS4XPZfvvk7eL8zpuQ
hi+p3LWOsp4eKmysSVYk3jwLDLEBqr0jQepWQfbyCHXMKHMLf0k8Xo1E2eYxejyP
NGSek7cVLa3rN3HUu6xRTAOHNN5aHXBkMw9K2AM/LhH2El2kaI1HP2ORnK9PMQOj
+zJUT/K13W8ZMYfiTS1+BrbhE5soSE71uiYThfSCCtPU0zXal1DYi4yQe87hHrhx
qVVREdZNY+Zd7tLUAm8ws8g0RSFVzzo5KObtGurtDFM6KfXPu90Z+w+gY95gh0hh
kox7RVbrG14Cz1yixrHIDArQbis0n3g=
-----END CERTIFICATE-----
Generated at Sun Apr 19 23:01:47 2026 by rpki-client