Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS834.roa
File: AS834.roa (raw, json)
Hash identifier: O3fAdIo4m98SRKtRf8kRkCeRTcsZE3y5w9M456g1VWs=
Subject key identifier: C4:A4:4A:64:81:BD:F7:79:00:00:F2:8E:8A:DE:9B:BD:C2:7A:B0:18
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 7403F247AC1D2CECB832F8086B83F1707F375B75
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS834.roa
Signing time: Thu 18 Sep 2025 09:24:32 +0000
ROA not before: Thu 18 Sep 2025 09:19:32 +0000
ROA not after: Thu 17 Sep 2026 09:24:32 +0000
asID: 834
IP address blocks: 96.62.103.0/24 maxlen: 24
96.62.114.0/24 maxlen: 24
96.62.217.0/24 maxlen: 24
140.233.177.0/24 maxlen: 24
143.14.0.0/24 maxlen: 24
143.14.2.0/24 maxlen: 24
143.14.8.0/24 maxlen: 24
143.14.10.0/24 maxlen: 24
143.14.15.0/24 maxlen: 24
143.14.34.0/24 maxlen: 24
143.14.45.0/24 maxlen: 24
143.14.48.0/24 maxlen: 24
143.14.52.0/22 maxlen: 24
143.14.56.0/22 maxlen: 24
143.14.62.0/24 maxlen: 24
143.14.64.0/24 maxlen: 24
143.14.67.0/24 maxlen: 24
143.14.70.0/24 maxlen: 24
143.14.75.0/24 maxlen: 24
143.14.76.0/22 maxlen: 24
143.14.80.0/22 maxlen: 24
143.14.90.0/24 maxlen: 24
143.14.104.0/22 maxlen: 24
143.14.138.0/23 maxlen: 24
143.14.151.0/24 maxlen: 24
143.14.160.0/23 maxlen: 24
143.14.169.0/24 maxlen: 24
143.14.188.0/24 maxlen: 24
143.14.190.0/24 maxlen: 24
143.14.199.0/24 maxlen: 24
143.14.201.0/24 maxlen: 24
143.14.203.0/24 maxlen: 24
143.14.223.0/24 maxlen: 24
143.14.225.0/24 maxlen: 24
143.14.227.0/24 maxlen: 24
143.14.230.0/24 maxlen: 24
143.14.249.0/24 maxlen: 24
143.14.250.0/24 maxlen: 24
146.103.52.0/23 maxlen: 24
147.79.3.0/24 maxlen: 24
148.135.145.0/24 maxlen: 24
148.135.156.0/24 maxlen: 24
148.135.201.0/24 maxlen: 24
150.241.254.0/24 maxlen: 24
155.117.6.0/24 maxlen: 24
155.117.21.0/24 maxlen: 24
155.117.99.0/24 maxlen: 24
155.117.107.0/24 maxlen: 24
155.117.112.0/24 maxlen: 24
155.117.114.0/24 maxlen: 24
155.117.122.0/24 maxlen: 24
155.117.142.0/24 maxlen: 24
155.117.163.0/24 maxlen: 24
155.117.165.0/24 maxlen: 24
155.117.197.0/24 maxlen: 24
155.117.219.0/24 maxlen: 24
155.117.223.0/24 maxlen: 24
155.117.227.0/24 maxlen: 24
155.117.245.0/24 maxlen: 24
162.141.13.0/24 maxlen: 24
162.141.17.0/24 maxlen: 24
162.141.112.0/24 maxlen: 24
162.141.137.0/24 maxlen: 24
167.148.33.0/24 maxlen: 24
167.148.115.0/24 maxlen: 24
167.148.161.0/24 maxlen: 24
167.148.172.0/24 maxlen: 24
167.148.177.0/24 maxlen: 24
167.148.206.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 19 Sep 2025 09:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
74:03:f2:47:ac:1d:2c:ec:b8:32:f8:08:6b:83:f1:70:7f:37:5b:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Sep 18 09:19:32 2025 GMT
Not After : Sep 17 09:24:32 2026 GMT
Subject: CN=C4A44A6481BDF7790000F28E8ADE9BBDC27AB018
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:7b:33:d6:bb:47:29:81:57:ca:03:74:85:9d:
99:0d:fc:b4:37:94:8f:bd:3a:cc:f2:77:f3:e0:10:
1e:e9:9a:d2:56:ed:0b:0d:bf:f4:be:64:cf:4b:51:
7c:ec:ff:ea:ad:16:8c:03:51:92:20:bb:83:c5:83:
55:56:53:01:be:4f:7e:3d:85:77:92:81:a0:b7:df:
c5:7e:7e:40:f4:cc:7a:23:9e:68:ad:5a:16:78:7d:
01:50:89:a5:e5:fc:2e:43:ac:70:b8:03:28:4e:51:
38:58:70:13:27:13:f3:08:80:b8:15:15:ea:55:18:
6e:91:05:1a:8a:8d:f4:5e:53:00:de:1c:bb:32:fc:
1b:41:f4:b4:c9:ef:dd:88:c3:4c:3b:83:79:26:e1:
8b:e5:21:c4:a4:2b:a6:8e:c4:ac:16:01:fd:43:99:
69:95:5b:5c:72:8e:77:8a:ef:69:89:57:c9:22:c6:
2d:4c:c0:6b:93:1e:12:84:9f:95:10:bc:ca:ba:eb:
74:a5:49:6b:02:83:e7:04:d4:ae:43:cd:a3:1f:37:
01:ff:86:5d:40:64:ce:8d:41:3c:70:29:ef:44:cf:
ba:c3:7d:f1:9a:3c:0a:14:ea:82:1e:82:45:73:b9:
a3:14:c0:c5:93:1e:6f:8d:66:01:83:5f:46:7d:9e:
62:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:A4:4A:64:81:BD:F7:79:00:00:F2:8E:8A:DE:9B:BD:C2:7A:B0:18
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS834.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
96.62.103.0/24
96.62.114.0/24
96.62.217.0/24
140.233.177.0/24
143.14.0.0/24
143.14.2.0/24
143.14.8.0/24
143.14.10.0/24
143.14.15.0/24
143.14.34.0/24
143.14.45.0/24
143.14.48.0/24
143.14.52.0-143.14.59.255
143.14.62.0/24
143.14.64.0/24
143.14.67.0/24
143.14.70.0/24
143.14.75.0-143.14.83.255
143.14.90.0/24
143.14.104.0/22
143.14.138.0/23
143.14.151.0/24
143.14.160.0/23
143.14.169.0/24
143.14.188.0/24
143.14.190.0/24
143.14.199.0/24
143.14.201.0/24
143.14.203.0/24
143.14.223.0/24
143.14.225.0/24
143.14.227.0/24
143.14.230.0/24
143.14.249.0-143.14.250.255
146.103.52.0/23
147.79.3.0/24
148.135.145.0/24
148.135.156.0/24
148.135.201.0/24
150.241.254.0/24
155.117.6.0/24
155.117.21.0/24
155.117.99.0/24
155.117.107.0/24
155.117.112.0/24
155.117.114.0/24
155.117.122.0/24
155.117.142.0/24
155.117.163.0/24
155.117.165.0/24
155.117.197.0/24
155.117.219.0/24
155.117.223.0/24
155.117.227.0/24
155.117.245.0/24
162.141.13.0/24
162.141.17.0/24
162.141.112.0/24
162.141.137.0/24
167.148.33.0/24
167.148.115.0/24
167.148.161.0/24
167.148.172.0/24
167.148.177.0/24
167.148.206.0/24
Signature Algorithm: sha256WithRSAEncryption
88:d8:d5:b1:2c:bf:24:c6:80:6b:4e:18:d4:b4:7b:cb:3c:f4:
85:c8:43:06:c8:d7:ff:fc:6f:49:eb:6a:cb:9c:d0:c8:d5:27:
30:b1:5a:41:c5:a4:86:f3:b2:9b:33:d7:7d:10:68:70:38:ec:
ba:b3:c7:f8:76:df:26:c1:e2:d6:99:45:6e:db:8e:ca:6d:72:
67:f8:c8:88:4f:4e:43:d9:32:f0:f7:d6:b4:9e:52:cd:f3:36:
e2:16:ce:f2:f3:d5:7c:3e:54:b4:a0:96:bf:b2:56:f4:93:97:
b6:f7:55:0d:7e:53:f0:28:34:71:a2:8e:64:1a:d0:d5:50:d4:
28:3f:03:a9:07:df:49:8c:99:92:cb:eb:5d:b1:e7:ce:ff:5d:
41:9b:35:6c:a6:f7:6d:17:dc:b4:cb:c9:45:1f:9d:14:b1:df:
91:53:3e:87:1b:5f:fb:ba:29:5e:44:cb:f4:94:e7:2f:24:e9:
71:0d:11:6f:c4:b4:88:a3:75:dc:5e:0d:29:fb:ff:25:44:de:
17:6c:f5:0a:cf:8a:d2:39:78:8b:20:5e:ec:43:b6:6a:b5:4c:
56:ae:4e:39:a6:ec:7e:91:a4:56:c8:f6:a8:c4:27:47:d9:8f:
d3:72:85:6b:37:d4:5a:5e:31:e9:66:b4:48:02:35:99:75:4d:
2b:d5:f6:ed
-----BEGIN CERTIFICATE-----
MIIGnzCCBYegAwIBAgIUdAPyR6wdLOy4MvgIa4PxcH83W3UwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTA5MTgwOTE5MzJaFw0yNjA5MTcwOTI0MzJaMDMxMTAvBgNV
BAMTKEM0QTQ0QTY0ODFCREY3NzkwMDAwRjI4RThBREU5QkJEQzI3QUIwMTgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCaezPWu0cpgVfKA3SFnZkN/LQ3
lI+9Oszyd/PgEB7pmtJW7QsNv/S+ZM9LUXzs/+qtFowDUZIgu4PFg1VWUwG+T349
hXeSgaC338V+fkD0zHojnmitWhZ4fQFQiaXl/C5DrHC4AyhOUThYcBMnE/MIgLgV
FepVGG6RBRqKjfReUwDeHLsy/BtB9LTJ792Iw0w7g3km4YvlIcSkK6aOxKwWAf1D
mWmVW1xyjneK72mJV8kixi1MwGuTHhKEn5UQvMq663SlSWsCg+cE1K5DzaMfNwH/
hl1AZM6NQTxwKe9Ez7rDffGaPAoU6oIegkVzuaMUwMWTHm+NZgGDX0Z9nmLTAgMB
AAGjggOpMIIDpTAdBgNVHQ4EFgQUxKRKZIG993kAAPKOit6bvcJ6sBgwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIweAYIKwYBBQUHAQsEbDBqMGgGCCsGAQUFBzALhlxyc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTODM0LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBvwYIKwYBBQUHAQcBAf8EggGuMIIBqjCCAaYEAgABMIIB
ngMEAGA+ZwMEAGA+cgMEAGA+2QMEAIzpsQMEAI8OAAMEAI8OAgMEAI8OCAMEAI8O
CgMEAI8ODwMEAI8OIgMEAI8OLQMEAI8OMDAMAwQCjw40AwQCjw44AwQAjw4+AwQA
jw5AAwQAjw5DAwQAjw5GMAwDBACPDksDBAKPDlADBACPDloDBAKPDmgDBAGPDooD
BACPDpcDBAGPDqADBACPDqkDBACPDrwDBACPDr4DBACPDscDBACPDskDBACPDssD
BACPDt8DBACPDuEDBACPDuMDBACPDuYwDAMEAI8O+QMEAI8O+gMEAZJnNAMEAJNP
AwMEAJSHkQMEAJSHnAMEAJSHyQMEAJbx/gMEAJt1BgMEAJt1FQMEAJt1YwMEAJt1
awMEAJt1cAMEAJt1cgMEAJt1egMEAJt1jgMEAJt1owMEAJt1pQMEAJt1xQMEAJt1
2wMEAJt13wMEAJt14wMEAJt19QMEAKKNDQMEAKKNEQMEAKKNcAMEAKKNiQMEAKeU
IQMEAKeUcwMEAKeUoQMEAKeUrAMEAKeUsQMEAKeUzjANBgkqhkiG9w0BAQsFAAOC
AQEAiNjVsSy/JMaAa04Y1LR7yzz0hchDBsjX//xvSetqy5zQyNUnMLFaQcWkhvOy
mzPXfRBocDjsurPH+HbfJsHi1plFbtuOym1yZ/jIiE9OQ9ky8PfWtJ5SzfM24hbO
8vPVfD5UtKCWv7JW9JOXtvdVDX5T8Cg0caKOZBrQ1VDUKD8DqQffSYyZksvrXbHn
zv9dQZs1bKb3bRfctMvJRR+dFLHfkVM+hxtf+7opXkTL9JTnLyTpcQ0Rb8S0iKN1
3F4NKfv/JUTeF2z1Cs+K0jl4iyBe7EO2arVMVq5OOabsfpGkVsj2qMQnR9mP03KF
azfUWl4x6Wa0SAI1mXVNK9X27Q==
-----END CERTIFICATE-----
Generated at Thu Sep 18 12:04:15 2025 by rpki-client