Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS834.roa
File: AS834.roa (raw, json)
Hash identifier: j5ixuLVLIvB1frJu6eW2d4GBwyZcUnCmyTE5Oo61Crs=
Subject key identifier: 0E:E2:3E:91:9B:CF:41:D9:F3:24:E0:D4:D7:7F:5B:24:61:CF:84:B8
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 549BC2D039422FC6B4AE9B6669545CF615CC24A7
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS834.roa
Signing time: Thu 27 Mar 2025 00:01:47 +0000
ROA not before: Wed 26 Mar 2025 23:56:47 +0000
ROA not after: Thu 26 Mar 2026 00:01:47 +0000
asID: 834
IP address blocks: 96.62.183.0/24 maxlen: 24
96.62.184.0/24 maxlen: 24
96.62.193.0/24 maxlen: 24
96.62.208.0/22 maxlen: 24
96.62.228.0/24 maxlen: 24
96.62.243.0/24 maxlen: 24
140.233.171.0/24 maxlen: 24
146.103.18.0/24 maxlen: 24
148.135.145.0/24 maxlen: 24
148.135.156.0/24 maxlen: 24
148.135.161.0/24 maxlen: 24
148.135.162.0/23 maxlen: 24
148.135.193.0/24 maxlen: 24
148.135.194.0/23 maxlen: 24
148.135.253.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
54:9b:c2:d0:39:42:2f:c6:b4:ae:9b:66:69:54:5c:f6:15:cc:24:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Mar 26 23:56:47 2025 GMT
Not After : Mar 26 00:01:47 2026 GMT
Subject: CN=0EE23E919BCF41D9F324E0D4D77F5B2461CF84B8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:fd:13:f9:02:63:cc:b2:92:ae:3b:c6:b5:a4:
4f:7e:4a:ae:69:d7:47:69:ee:6c:b5:1d:71:d8:f7:
ae:f3:d2:08:5a:8f:cf:11:46:8c:2e:2c:a4:c2:c6:
23:54:46:dc:af:b7:80:b2:c9:e6:d2:7d:7b:ba:2f:
8b:cf:a7:f4:b8:d7:27:ce:bd:a8:75:59:a6:31:9b:
7d:c6:6c:c1:bf:98:6c:df:06:c1:37:77:d9:ae:fa:
b4:fe:d4:a4:18:77:32:6a:34:92:a7:ef:48:10:be:
40:00:57:9f:0f:6e:e0:05:83:66:b8:44:0a:fb:62:
38:02:38:9c:65:7f:41:f4:e4:67:98:c1:3e:c6:95:
6a:b2:99:3a:cf:9c:c2:34:3b:1c:e3:6b:41:aa:4f:
97:03:66:5d:d0:bf:e8:1d:fd:25:f7:f8:62:a8:14:
70:25:62:ec:7f:da:78:86:04:75:6e:a7:7c:4e:20:
d7:f3:53:bb:0c:1f:8d:e4:10:a3:e6:a6:b6:ee:f5:
7b:b7:50:14:9a:e6:61:a6:9d:4e:a5:d5:55:64:c8:
7c:15:ae:93:30:75:0b:5f:e6:f4:62:a5:a6:65:2a:
56:fd:4c:02:2e:63:f0:94:0b:9f:cd:f2:c4:d4:b1:
08:02:77:7b:f6:f8:b7:d1:5c:37:54:70:fd:82:cc:
a1:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:E2:3E:91:9B:CF:41:D9:F3:24:E0:D4:D7:7F:5B:24:61:CF:84:B8
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS834.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
96.62.183.0-96.62.184.255
96.62.193.0/24
96.62.208.0/22
96.62.228.0/24
96.62.243.0/24
140.233.171.0/24
146.103.18.0/24
148.135.145.0/24
148.135.156.0/24
148.135.161.0-148.135.163.255
148.135.193.0-148.135.195.255
148.135.253.0/24
Signature Algorithm: sha256WithRSAEncryption
5a:74:d2:8c:33:a1:ef:83:ba:0b:a3:4e:d4:48:55:30:84:e0:
1d:9a:10:bc:e9:49:67:b7:91:4b:4c:ec:87:02:ac:74:55:39:
21:ca:b1:61:93:d8:64:9b:86:a0:2d:85:86:65:68:33:f2:78:
c6:61:4e:d9:7b:53:07:50:ac:d9:54:13:bb:a4:9e:6c:3c:b0:
65:c5:29:c5:0c:c9:ed:62:27:4c:6d:b5:69:88:20:cf:8d:45:
61:3b:cd:af:7d:84:ac:c2:27:e7:67:25:c3:86:1e:e5:dc:bb:
22:ce:81:bb:95:20:05:d1:f9:89:e4:2c:bd:2f:cb:61:fb:7d:
95:88:88:51:a7:29:05:40:0c:9f:2a:92:bd:b8:c4:12:8e:6a:
5b:38:b8:6d:89:9d:9f:bf:7f:5c:fd:cb:70:29:b4:8c:68:11:
06:ef:f2:6e:b1:77:e6:28:af:4c:5a:44:4d:8d:55:81:a9:01:
47:5b:20:fe:46:b9:76:8e:ac:3e:d0:60:b1:ec:da:cb:7e:2e:
81:be:b4:26:8a:6e:b4:30:a4:f9:74:ba:e1:0b:0e:90:3d:9e:
91:0d:6b:55:3d:d9:ea:e8:35:fd:94:ac:18:fc:31:4d:3c:d8:
7d:18:70:65:72:28:30:d4:bd:b1:a9:07:35:32:c7:7f:da:d2:
41:0a:9b:8a
-----BEGIN CERTIFICATE-----
MIIFVzCCBD+gAwIBAgIUVJvC0DlCL8a0rptmaVRc9hXMJKcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTAzMjYyMzU2NDdaFw0yNjAzMjYwMDAxNDdaMDMxMTAvBgNV
BAMTKDBFRTIzRTkxOUJDRjQxRDlGMzI0RTBENEQ3N0Y1QjI0NjFDRjg0QjgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCs/RP5AmPMspKuO8a1pE9+Sq5p
10dp7my1HXHY967z0ghaj88RRowuLKTCxiNURtyvt4CyyebSfXu6L4vPp/S41yfO
vah1WaYxm33GbMG/mGzfBsE3d9mu+rT+1KQYdzJqNJKn70gQvkAAV58PbuAFg2a4
RAr7YjgCOJxlf0H05GeYwT7GlWqymTrPnMI0Oxzja0GqT5cDZl3Qv+gd/SX3+GKo
FHAlYux/2niGBHVup3xOINfzU7sMH43kEKPmprbu9Xu3UBSa5mGmnU6l1VVkyHwV
rpMwdQtf5vRipaZlKlb9TAIuY/CUC5/N8sTUsQgCd3v2+LfRXDdUcP2CzKFBAgMB
AAGjggJhMIICXTAdBgNVHQ4EFgQUDuI+kZvPQdnzJODU139bJGHPhLgwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIweAYIKwYBBQUHAQsEbDBqMGgGCCsGAQUFBzALhlxyc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTODM0LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHkGCCsGAQUFBwEHAQH/BGowaDBmBAIAATBgMAwDBABgPrcD
BABgPrgDBABgPsEDBAJgPtADBABgPuQDBABgPvMDBACM6asDBACSZxIDBACUh5ED
BACUh5wwDAMEAJSHoQMEApSHoDAMAwQAlIfBAwQClIfAAwQAlIf9MA0GCSqGSIb3
DQEBCwUAA4IBAQBadNKMM6Hvg7oLo07USFUwhOAdmhC86Ulnt5FLTOyHAqx0VTkh
yrFhk9hkm4agLYWGZWgz8njGYU7Ze1MHUKzZVBO7pJ5sPLBlxSnFDMntYidMbbVp
iCDPjUVhO82vfYSswifnZyXDhh7l3LsizoG7lSAF0fmJ5Cy9L8th+32ViIhRpykF
QAyfKpK9uMQSjmpbOLhtiZ2fv39c/ctwKbSMaBEG7/JusXfmKK9MWkRNjVWBqQFH
WyD+Rrl2jqw+0GCx7NrLfi6BvrQmim60MKT5dLrhCw6QPZ6RDWtVPdnq6DX9lKwY
/DFNPNh9GHBlcigw1L2xqQc1Msd/2tJBCpuK
-----END CERTIFICATE-----
Generated at Fri Apr 4 20:50:30 2025 by rpki-client