This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS834.roa File: AS834.roa (raw, json) Hash identifier: pvw+bhTGDP3Vk2AfnP8sqoQRZqwn5w5G8tqoxYFEZm4= Subject key identifier: 20:94:04:D1:68:47:AD:3B:61:5E:FE:39:8D:A5:E3:E4:78:7B:B2:0A Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc Certificate serial: 6F0FF14E8B990ECAF8F54D75F7869F06338E2CB2 Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS834.roa Signing time: Thu 04 Dec 2025 21:38:48 +0000 ROA not before: Thu 04 Dec 2025 21:33:48 +0000 ROA not after: Thu 03 Dec 2026 21:38:48 +0000 asID: 834 IP address blocks: 96.62.71.0/24 maxlen: 24 96.62.73.0/24 maxlen: 24 96.62.100.0/23 maxlen: 24 96.62.103.0/24 maxlen: 24 96.62.114.0/24 maxlen: 24 96.62.152.0/24 maxlen: 24 96.62.220.0/24 maxlen: 24 96.62.223.0/24 maxlen: 24 96.62.231.0/24 maxlen: 24 140.150.152.0/22 maxlen: 24 140.150.224.0/23 maxlen: 24 140.233.174.0/23 maxlen: 24 143.14.6.0/23 maxlen: 24 143.14.16.0/24 maxlen: 24 143.14.46.0/23 maxlen: 24 143.14.77.0/24 maxlen: 24 143.14.78.0/24 maxlen: 24 143.14.80.0/24 maxlen: 24 143.14.92.0/24 maxlen: 24 143.14.157.0/24 maxlen: 24 143.14.166.0/24 maxlen: 24 143.14.192.0/24 maxlen: 24 143.14.194.0/24 maxlen: 24 143.14.250.0/24 maxlen: 24 143.14.254.0/24 maxlen: 24 146.103.22.0/24 maxlen: 24 147.79.1.0/24 maxlen: 24 147.79.4.0/24 maxlen: 24 147.79.18.0/23 maxlen: 24 147.79.31.0/24 maxlen: 24 148.135.172.0/23 maxlen: 24 150.241.128.0/24 maxlen: 24 150.241.131.0/24 maxlen: 24 150.241.174.0/23 maxlen: 24 150.241.238.0/23 maxlen: 24 155.117.13.0/24 maxlen: 24 155.117.22.0/24 maxlen: 24 155.117.109.0/24 maxlen: 24 155.117.110.0/24 maxlen: 24 155.117.112.0/24 maxlen: 24 155.117.115.0/24 maxlen: 24 155.117.141.0/24 maxlen: 24 155.117.144.0/22 maxlen: 24 155.117.157.0/24 maxlen: 24 155.117.166.0/24 maxlen: 24 155.117.171.0/24 maxlen: 24 155.117.196.0/24 maxlen: 24 155.117.202.0/24 maxlen: 24 155.117.205.0/24 maxlen: 24 155.117.206.0/24 maxlen: 24 155.117.255.0/24 maxlen: 24 162.141.17.0/24 maxlen: 24 162.141.69.0/24 maxlen: 24 162.141.83.0/24 maxlen: 24 162.141.104.0/23 maxlen: 24 162.141.107.0/24 maxlen: 24 162.141.123.0/24 maxlen: 24 162.141.133.0/24 maxlen: 24 162.141.136.0/24 maxlen: 24 162.141.139.0/24 maxlen: 24 162.141.142.0/24 maxlen: 24 162.141.161.0/24 maxlen: 24 162.141.167.0/24 maxlen: 24 162.141.178.0/24 maxlen: 24 167.148.0.0/24 maxlen: 24 167.148.2.0/24 maxlen: 24 167.148.8.0/24 maxlen: 24 167.148.41.0/24 maxlen: 24 167.148.43.0/24 maxlen: 24 167.148.68.0/24 maxlen: 24 167.148.75.0/24 maxlen: 24 167.148.118.0/23 maxlen: 24 167.148.120.0/24 maxlen: 24 167.148.122.0/23 maxlen: 24 167.148.141.0/24 maxlen: 24 167.148.154.0/24 maxlen: 24 167.148.156.0/23 maxlen: 24 167.148.161.0/24 maxlen: 24 167.148.162.0/24 maxlen: 24 167.148.180.0/23 maxlen: 24 167.148.183.0/24 maxlen: 24 167.148.184.0/24 maxlen: 24 167.148.192.0/24 maxlen: 24 167.148.197.0/24 maxlen: 24 167.148.200.0/24 maxlen: 24 167.148.205.0/24 maxlen: 24 167.148.211.0/24 maxlen: 24 168.222.64.0/18 maxlen: 24 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 05 Dec 2025 21:22:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6f:0f:f1:4e:8b:99:0e:ca:f8:f5:4d:75:f7:86:9f:06:33:8e:2c:b2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc Validity Not Before: Dec 4 21:33:48 2025 GMT Not After : Dec 3 21:38:48 2026 GMT Subject: CN=209404D16847AD3B615EFE398DA5E3E4787BB20A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:13:4e:e9:b1:f8:cd:d2:d7:d7:eb:c2:42:87: c7:22:9f:cd:ad:7c:c5:ea:7a:f7:90:17:e0:c0:ed: a7:c1:42:2a:97:e7:fc:a2:c3:12:40:4e:93:8a:aa: d5:db:84:fe:82:6b:fd:b4:aa:cb:91:e2:c7:34:36: e9:44:e0:ea:8e:1f:47:eb:b3:13:d9:0a:6e:02:b8: 1f:78:9c:ff:3e:0a:0d:2c:4f:65:35:8c:1e:bf:af: 6f:f4:ac:eb:be:eb:60:8c:e3:7c:1a:06:52:4d:c3: 8f:89:35:c9:21:72:79:c4:e8:a9:5a:1c:72:67:45: 49:a1:19:13:a8:16:93:6b:4b:15:64:34:43:e3:39: 30:87:4e:f3:f9:30:5b:f6:f3:ee:af:0b:55:64:ee: c6:ce:26:9a:a5:c7:c1:20:32:d8:e2:bc:40:e5:dd: 67:3c:53:28:ca:1b:68:72:6d:9a:9e:00:b3:96:30: b1:1f:b8:84:f5:c1:cb:7c:ed:b5:0e:58:bf:72:c7: d8:b6:f3:7e:31:bf:d2:a5:a5:48:b1:f7:a8:26:88: 40:67:54:cf:41:2d:6a:33:0b:18:0c:af:89:07:02: ef:78:df:50:7c:ac:13:29:9e:8e:47:f2:60:fa:10: 4c:ee:0a:93:94:2a:7d:5d:42:49:d8:2a:0f:e2:49: c2:2d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 20:94:04:D1:68:47:AD:3B:61:5E:FE:39:8D:A5:E3:E4:78:7B:B2:0A X509v3 Authority Key Identifier: keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS834.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 96.62.71.0/24 96.62.73.0/24 96.62.100.0/23 96.62.103.0/24 96.62.114.0/24 96.62.152.0/24 96.62.220.0/24 96.62.223.0/24 96.62.231.0/24 140.150.152.0/22 140.150.224.0/23 140.233.174.0/23 143.14.6.0/23 143.14.16.0/24 143.14.46.0/23 143.14.77.0-143.14.78.255 143.14.80.0/24 143.14.92.0/24 143.14.157.0/24 143.14.166.0/24 143.14.192.0/24 143.14.194.0/24 143.14.250.0/24 143.14.254.0/24 146.103.22.0/24 147.79.1.0/24 147.79.4.0/24 147.79.18.0/23 147.79.31.0/24 148.135.172.0/23 150.241.128.0/24 150.241.131.0/24 150.241.174.0/23 150.241.238.0/23 155.117.13.0/24 155.117.22.0/24 155.117.109.0-155.117.110.255 155.117.112.0/24 155.117.115.0/24 155.117.141.0/24 155.117.144.0/22 155.117.157.0/24 155.117.166.0/24 155.117.171.0/24 155.117.196.0/24 155.117.202.0/24 155.117.205.0-155.117.206.255 155.117.255.0/24 162.141.17.0/24 162.141.69.0/24 162.141.83.0/24 162.141.104.0/23 162.141.107.0/24 162.141.123.0/24 162.141.133.0/24 162.141.136.0/24 162.141.139.0/24 162.141.142.0/24 162.141.161.0/24 162.141.167.0/24 162.141.178.0/24 167.148.0.0/24 167.148.2.0/24 167.148.8.0/24 167.148.41.0/24 167.148.43.0/24 167.148.68.0/24 167.148.75.0/24 167.148.118.0-167.148.120.255 167.148.122.0/23 167.148.141.0/24 167.148.154.0/24 167.148.156.0/23 167.148.161.0-167.148.162.255 167.148.180.0/23 167.148.183.0-167.148.184.255 167.148.192.0/24 167.148.197.0/24 167.148.200.0/24 167.148.205.0/24 167.148.211.0/24 168.222.64.0/18 Signature Algorithm: sha256WithRSAEncryption 50:ac:47:0e:1a:aa:7c:01:3e:42:1f:f6:92:a9:75:95:59:d3: f9:17:08:e7:f1:eb:73:2d:b1:17:b4:5b:3b:d0:b0:6d:87:86: 18:00:cf:74:6c:0f:1f:a9:a7:f4:f8:90:13:5d:01:eb:8d:51: cc:8a:a8:cb:17:0c:7b:46:54:44:6b:11:fa:ba:dc:73:bd:64: ca:8d:2e:33:d6:c5:ff:2b:a9:b5:42:5d:3d:88:bd:65:2b:62: e2:de:9d:f1:69:92:23:41:99:2c:19:bb:12:8c:08:a7:a7:dc: 69:0b:e4:3a:51:da:32:2a:1a:25:20:68:a0:a8:aa:a2:e1:ae: f7:50:46:3b:35:d4:0a:38:51:a9:e8:5a:41:89:9e:83:bb:a3: ab:21:87:80:3d:58:7a:96:89:45:8e:af:59:10:77:26:d2:4a: 83:7b:4b:56:74:55:a7:a3:bd:a9:24:a1:f5:00:aa:b7:81:cd: de:71:1f:4f:6f:d2:d0:b2:41:5c:b2:14:f4:30:b9:f3:f5:44: 12:ae:45:7b:29:e1:5b:f1:28:d9:18:70:46:c1:eb:83:f9:38: a3:89:ce:1e:92:63:76:56:6c:8d:f8:50:e5:6d:4c:02:a3:2b: 78:7d:92:e2:2b:3c:d2:8d:a5:3b:31:8f:1d:60:49:6f:99:a5: e9:54:71:4e -----BEGIN CERTIFICATE----- MIIHHTCCBgWgAwIBAgIUbw/xTouZDsr49U1194afBjOOLLIwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi MjQ2YmZjYzAeFw0yNTEyMDQyMTMzNDhaFw0yNjEyMDMyMTM4NDhaMDMxMTAvBgNV BAMTKDIwOTQwNEQxNjg0N0FEM0I2MTVFRkUzOThEQTVFM0U0Nzg3QkIyMEEwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDPE07psfjN0tfX68JCh8cin82t fMXqeveQF+DA7afBQiqX5/yiwxJATpOKqtXbhP6Ca/20qsuR4sc0NulE4OqOH0fr sxPZCm4CuB94nP8+Cg0sT2U1jB6/r2/0rOu+62CM43waBlJNw4+JNckhcnnE6Kla HHJnRUmhGROoFpNrSxVkNEPjOTCHTvP5MFv28+6vC1Vk7sbOJpqlx8EgMtjivEDl 3Wc8UyjKG2hybZqeALOWMLEfuIT1wct87bUOWL9yx9i2834xv9KlpUix96gmiEBn VM9BLWozCxgMr4kHAu9431B8rBMpno5H8mD6EEzuCpOUKn1dQknYKg/iScItAgMB AAGjggQnMIIEIzAdBgNVHQ4EFgQUIJQE0WhHrTthXv45jaXj5Hh7sgowHwYDVR0j BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK R3Y4dy5jZXIweAYIKwYBBQUHAQsEbDBqMGgGCCsGAQUFBzALhlxyc3luYzovL3Jz eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTODM0LnJvYTAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMIICPQYIKwYBBQUHAQcBAf8EggIsMIICKDCCAiQEAgABMIIC HAMEAGA+RwMEAGA+SQMEAWA+ZAMEAGA+ZwMEAGA+cgMEAGA+mAMEAGA+3AMEAGA+ 3wMEAGA+5wMEAoyWmAMEAYyW4AMEAYzprgMEAY8OBgMEAI8OEAMEAY8OLjAMAwQA jw5NAwQAjw5OAwQAjw5QAwQAjw5cAwQAjw6dAwQAjw6mAwQAjw7AAwQAjw7CAwQA jw76AwQAjw7+AwQAkmcWAwQAk08BAwQAk08EAwQBk08SAwQAk08fAwQBlIesAwQA lvGAAwQAlvGDAwQBlvGuAwQBlvHuAwQAm3UNAwQAm3UWMAwDBACbdW0DBACbdW4D BACbdXADBACbdXMDBACbdY0DBAKbdZADBACbdZ0DBACbdaYDBACbdasDBACbdcQD BACbdcowDAMEAJt1zQMEAJt1zgMEAJt1/wMEAKKNEQMEAKKNRQMEAKKNUwMEAaKN aAMEAKKNawMEAKKNewMEAKKNhQMEAKKNiAMEAKKNiwMEAKKNjgMEAKKNoQMEAKKN pwMEAKKNsgMEAKeUAAMEAKeUAgMEAKeUCAMEAKeUKQMEAKeUKwMEAKeURAMEAKeU SzAMAwQBp5R2AwQAp5R4AwQBp5R6AwQAp5SNAwQAp5SaAwQBp5ScMAwDBACnlKED BACnlKIDBAGnlLQwDAMEAKeUtwMEAKeUuAMEAKeUwAMEAKeUxQMEAKeUyAMEAKeU zQMEAKeU0wMEBqjeQDANBgkqhkiG9w0BAQsFAAOCAQEAUKxHDhqqfAE+Qh/2kql1 lVnT+RcI5/Hrcy2xF7RbO9CwbYeGGADPdGwPH6mn9PiQE10B641RzIqoyxcMe0ZU RGsR+rrcc71kyo0uM9bF/yuptUJdPYi9ZSti4t6d8WmSI0GZLBm7EowIp6fcaQvk OlHaMioaJSBooKiqouGu91BGOzXUCjhRqehaQYmeg7ujqyGHgD1YepaJRY6vWRB3 JtJKg3tLVnRVp6O9qSSh9QCqt4HN3nEfT2/S0LJBXLIU9DC58/VEEq5FeynhW/Eo 2RhwRsHrg/k4o4nOHpJjdlZsjfhQ5W1MAqMreH2S4is80o2lOzGPHWBJb5ml6VRx Tg== -----END CERTIFICATE-----Generated at Fri Dec 5 05:06:39 2025 by rpki-client