Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS834.roa
File: AS834.roa (raw, json)
Hash identifier: TTx02NxRjpPm/VXnSYn8V7vSDEXmFMcRniliGLwURFg=
Subject key identifier: A5:92:C0:53:A1:A7:BB:19:85:6E:F7:AD:4D:0F:FF:16:67:2B:2F:5D
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 6B2043D049A7E757A5E9F08121A975A467E8A39F
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS834.roa
Signing time: Thu 05 Mar 2026 05:03:45 +0000
ROA not before: Thu 05 Mar 2026 04:58:45 +0000
ROA not after: Thu 04 Mar 2027 05:03:45 +0000
asID: 834
IP address blocks: 96.62.115.0/24 maxlen: 24
140.150.156.0/24 maxlen: 24
140.150.232.0/23 maxlen: 24
140.233.167.0/24 maxlen: 24
140.233.173.0/24 maxlen: 24
140.233.180.0/22 maxlen: 24
140.233.184.0/24 maxlen: 24
143.14.1.0/24 maxlen: 24
143.14.7.0/24 maxlen: 24
143.14.16.0/24 maxlen: 24
143.14.23.0/24 maxlen: 24
143.14.47.0/24 maxlen: 24
143.14.49.0/24 maxlen: 24
143.14.51.0/24 maxlen: 24
143.14.59.0/24 maxlen: 24
143.14.68.0/24 maxlen: 24
143.14.81.0/24 maxlen: 24
143.14.91.0/24 maxlen: 24
143.14.92.0/24 maxlen: 24
143.14.129.0/24 maxlen: 24
143.14.133.0/24 maxlen: 24
143.14.147.0/24 maxlen: 24
143.14.150.0/24 maxlen: 24
143.14.152.0/24 maxlen: 24
143.14.181.0/24 maxlen: 24
143.14.182.0/24 maxlen: 24
143.14.185.0/24 maxlen: 24
143.14.186.0/24 maxlen: 24
143.14.191.0/24 maxlen: 24
143.14.192.0/23 maxlen: 24
143.14.217.0/24 maxlen: 24
143.14.218.0/24 maxlen: 24
143.14.220.0/23 maxlen: 24
143.14.248.0/23 maxlen: 24
143.14.252.0/24 maxlen: 24
146.103.29.0/24 maxlen: 24
146.103.37.0/24 maxlen: 24
146.103.52.0/24 maxlen: 24
147.79.2.0/24 maxlen: 24
147.79.18.0/24 maxlen: 24
147.79.30.0/24 maxlen: 24
148.135.171.0/24 maxlen: 24
148.135.173.0/24 maxlen: 24
148.135.175.0/24 maxlen: 24
148.135.193.0/24 maxlen: 24
148.135.198.0/24 maxlen: 24
148.135.203.0/24 maxlen: 24
148.135.255.0/24 maxlen: 24
150.241.138.0/23 maxlen: 24
150.241.141.0/24 maxlen: 24
150.241.142.0/24 maxlen: 24
150.241.174.0/24 maxlen: 24
150.241.208.0/23 maxlen: 24
150.241.228.0/24 maxlen: 24
150.241.234.0/24 maxlen: 24
150.241.242.0/24 maxlen: 24
150.241.253.0/24 maxlen: 24
155.117.4.0/24 maxlen: 24
155.117.6.0/24 maxlen: 24
155.117.51.0/24 maxlen: 24
155.117.63.0/24 maxlen: 24
155.117.76.0/24 maxlen: 24
155.117.112.0/24 maxlen: 24
155.117.119.0/24 maxlen: 24
155.117.120.0/24 maxlen: 24
155.117.136.0/23 maxlen: 24
155.117.154.0/24 maxlen: 24
155.117.171.0/24 maxlen: 24
155.117.186.0/24 maxlen: 24
155.117.198.0/23 maxlen: 24
155.117.210.0/24 maxlen: 24
155.117.220.0/24 maxlen: 24
155.117.228.0/24 maxlen: 24
155.117.241.0/24 maxlen: 24
162.141.1.0/24 maxlen: 24
162.141.5.0/24 maxlen: 24
162.141.8.0/24 maxlen: 24
162.141.44.0/24 maxlen: 24
162.141.46.0/23 maxlen: 24
162.141.48.0/24 maxlen: 24
162.141.50.0/24 maxlen: 24
162.141.66.0/23 maxlen: 24
162.141.68.0/23 maxlen: 24
162.141.78.0/24 maxlen: 24
162.141.82.0/23 maxlen: 24
162.141.100.0/24 maxlen: 24
162.141.105.0/24 maxlen: 24
162.141.107.0/24 maxlen: 24
162.141.108.0/23 maxlen: 24
162.141.115.0/24 maxlen: 24
162.141.116.0/24 maxlen: 24
162.141.120.0/24 maxlen: 24
162.141.123.0/24 maxlen: 24
162.141.136.0/23 maxlen: 24
162.141.139.0/24 maxlen: 24
162.141.153.0/24 maxlen: 24
162.141.160.0/24 maxlen: 24
162.141.163.0/24 maxlen: 24
162.141.166.0/24 maxlen: 24
167.148.2.0/23 maxlen: 24
167.148.15.0/24 maxlen: 24
167.148.42.0/24 maxlen: 24
167.148.46.0/24 maxlen: 24
167.148.68.0/24 maxlen: 24
167.148.122.0/23 maxlen: 24
167.148.136.0/24 maxlen: 24
167.148.149.0/24 maxlen: 24
167.148.161.0/24 maxlen: 24
167.148.171.0/24 maxlen: 24
167.148.175.0/24 maxlen: 24
167.148.181.0/24 maxlen: 24
167.148.194.0/24 maxlen: 24
167.148.197.0/24 maxlen: 24
167.148.200.0/24 maxlen: 24
167.148.206.0/24 maxlen: 24
167.148.209.0/24 maxlen: 24
167.148.214.0/24 maxlen: 24
168.222.3.0/24 maxlen: 24
168.222.12.0/24 maxlen: 24
168.222.14.0/24 maxlen: 24
168.222.17.0/24 maxlen: 24
168.222.22.0/23 maxlen: 24
168.222.26.0/24 maxlen: 24
168.222.50.0/23 maxlen: 24
168.222.61.0/24 maxlen: 24
168.222.62.0/24 maxlen: 24
168.222.80.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 06 Mar 2026 07:19:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6b:20:43:d0:49:a7:e7:57:a5:e9:f0:81:21:a9:75:a4:67:e8:a3:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Mar 5 04:58:45 2026 GMT
Not After : Mar 4 05:03:45 2027 GMT
Subject: CN=A592C053A1A7BB19856EF7AD4D0FFF16672B2F5D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:90:3a:db:0f:60:3c:9d:57:b9:b8:a5:d3:0f:
61:02:dd:cb:8f:64:b9:af:1c:58:a3:58:af:e6:f1:
73:f0:d9:21:80:06:22:91:16:6c:cd:5c:31:72:48:
ec:58:5a:b8:d7:c2:5c:da:d4:ce:94:c9:3f:d6:37:
c2:23:da:40:bc:9e:eb:ca:f2:b4:ee:b8:6a:f1:72:
cb:a7:6f:52:9b:11:37:12:99:66:bb:53:0d:e6:9b:
44:bd:01:d9:e1:d6:92:ad:f3:26:5e:d9:3d:8a:af:
ae:3e:8d:b4:5f:26:36:ba:df:b0:77:e7:f7:cc:08:
36:6d:8c:57:a6:94:0f:d7:4e:9b:c0:fd:6c:ce:d0:
1f:af:a1:83:81:41:e7:7f:86:b6:18:d9:b8:19:e6:
f3:87:4e:cb:24:aa:31:98:34:d2:f3:56:45:7c:73:
73:33:18:8f:88:28:53:32:be:ed:3c:93:11:9c:58:
03:9b:ce:49:d3:16:3f:d6:7a:e4:88:0f:20:4b:35:
7a:b4:6c:2c:e0:c1:1b:3a:34:c0:0a:85:e2:70:03:
e1:6a:f5:27:4d:52:53:41:32:5e:b6:7a:2c:ca:03:
e4:9d:71:06:ef:5d:dc:27:56:05:5a:94:11:66:17:
df:1e:80:76:ed:dc:07:1a:5a:b3:bc:7b:ad:46:b2:
cc:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:92:C0:53:A1:A7:BB:19:85:6E:F7:AD:4D:0F:FF:16:67:2B:2F:5D
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS834.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
96.62.115.0/24
140.150.156.0/24
140.150.232.0/23
140.233.167.0/24
140.233.173.0/24
140.233.180.0-140.233.184.255
143.14.1.0/24
143.14.7.0/24
143.14.16.0/24
143.14.23.0/24
143.14.47.0/24
143.14.49.0/24
143.14.51.0/24
143.14.59.0/24
143.14.68.0/24
143.14.81.0/24
143.14.91.0-143.14.92.255
143.14.129.0/24
143.14.133.0/24
143.14.147.0/24
143.14.150.0/24
143.14.152.0/24
143.14.181.0-143.14.182.255
143.14.185.0-143.14.186.255
143.14.191.0-143.14.193.255
143.14.217.0-143.14.218.255
143.14.220.0/23
143.14.248.0/23
143.14.252.0/24
146.103.29.0/24
146.103.37.0/24
146.103.52.0/24
147.79.2.0/24
147.79.18.0/24
147.79.30.0/24
148.135.171.0/24
148.135.173.0/24
148.135.175.0/24
148.135.193.0/24
148.135.198.0/24
148.135.203.0/24
148.135.255.0/24
150.241.138.0/23
150.241.141.0-150.241.142.255
150.241.174.0/24
150.241.208.0/23
150.241.228.0/24
150.241.234.0/24
150.241.242.0/24
150.241.253.0/24
155.117.4.0/24
155.117.6.0/24
155.117.51.0/24
155.117.63.0/24
155.117.76.0/24
155.117.112.0/24
155.117.119.0-155.117.120.255
155.117.136.0/23
155.117.154.0/24
155.117.171.0/24
155.117.186.0/24
155.117.198.0/23
155.117.210.0/24
155.117.220.0/24
155.117.228.0/24
155.117.241.0/24
162.141.1.0/24
162.141.5.0/24
162.141.8.0/24
162.141.44.0/24
162.141.46.0-162.141.48.255
162.141.50.0/24
162.141.66.0-162.141.69.255
162.141.78.0/24
162.141.82.0/23
162.141.100.0/24
162.141.105.0/24
162.141.107.0-162.141.109.255
162.141.115.0-162.141.116.255
162.141.120.0/24
162.141.123.0/24
162.141.136.0/23
162.141.139.0/24
162.141.153.0/24
162.141.160.0/24
162.141.163.0/24
162.141.166.0/24
167.148.2.0/23
167.148.15.0/24
167.148.42.0/24
167.148.46.0/24
167.148.68.0/24
167.148.122.0/23
167.148.136.0/24
167.148.149.0/24
167.148.161.0/24
167.148.171.0/24
167.148.175.0/24
167.148.181.0/24
167.148.194.0/24
167.148.197.0/24
167.148.200.0/24
167.148.206.0/24
167.148.209.0/24
167.148.214.0/24
168.222.3.0/24
168.222.12.0/24
168.222.14.0/24
168.222.17.0/24
168.222.22.0/23
168.222.26.0/24
168.222.50.0/23
168.222.61.0-168.222.62.255
168.222.80.0/20
Signature Algorithm: sha256WithRSAEncryption
0c:1b:d3:15:be:f8:cf:ba:f5:03:fe:32:c5:d2:b4:6f:25:aa:
72:d8:14:a0:40:91:d9:92:04:76:3e:27:7a:71:c4:b6:e2:f6:
c8:06:41:19:30:df:51:05:87:47:5a:ae:9f:ef:b1:06:a2:0c:
ac:95:56:f2:4a:4b:c8:e3:4d:73:bb:56:ac:b3:ca:61:b8:51:
54:10:a2:31:1f:5d:fd:a3:31:e4:06:76:e2:95:ef:33:7d:7f:
71:f3:57:09:a3:64:33:24:c5:66:1d:0e:cf:bf:da:ac:09:16:
27:4c:b1:1c:87:af:07:b6:1c:e0:25:f7:a3:24:bb:b9:2b:07:
fb:93:35:05:cb:e0:27:3d:07:7a:23:ef:0b:83:c0:cb:a1:b3:
24:3a:56:f7:6c:3c:95:54:99:2a:cc:d4:38:b3:43:22:b1:ee:
0b:1b:7f:4d:3d:90:6e:24:8c:89:45:88:0f:73:aa:d7:b0:f0:
6c:53:90:2a:68:1e:fe:a7:35:4b:ef:2f:10:60:30:04:07:e5:
a2:86:9f:45:40:77:30:ff:cd:5d:2e:65:20:b8:e6:9b:24:e6:
bc:20:b2:52:ff:c5:a2:a5:6b:89:e2:d3:3d:d7:5d:e9:c2:d2:
24:40:69:10:60:a1:a4:7c:5f:8a:6d:e5:08:28:b8:75:04:af:
f4:ca:6a:c3
-----BEGIN CERTIFICATE-----
MIIIFTCCBv2gAwIBAgIUayBD0Emn51el6fCBIal1pGfoo58wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNjAzMDUwNDU4NDVaFw0yNzAzMDQwNTAzNDVaMDMxMTAvBgNV
BAMTKEE1OTJDMDUzQTFBN0JCMTk4NTZFRjdBRDREMEZGRjE2NjcyQjJGNUQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9kDrbD2A8nVe5uKXTD2EC3cuP
ZLmvHFijWK/m8XPw2SGABiKRFmzNXDFySOxYWrjXwlza1M6UyT/WN8Ij2kC8nuvK
8rTuuGrxcsunb1KbETcSmWa7Uw3mm0S9Adnh1pKt8yZe2T2Kr64+jbRfJja637B3
5/fMCDZtjFemlA/XTpvA/WzO0B+voYOBQed/hrYY2bgZ5vOHTsskqjGYNNLzVkV8
c3MzGI+IKFMyvu08kxGcWAObzknTFj/WeuSIDyBLNXq0bCzgwRs6NMAKheJwA+Fq
9SdNUlNBMl62eizKA+SdcQbvXdwnVgValBFmF98egHbt3AcaWrO8e61GsszpAgMB
AAGjggUfMIIFGzAdBgNVHQ4EFgQUpZLAU6GnuxmFbvetTQ//FmcrL10wHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIweAYIKwYBBQUHAQsEbDBqMGgGCCsGAQUFBzALhlxyc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTODM0LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIDNQYIKwYBBQUHAQcBAf8EggMkMIIDIDCCAxwEAgABMIID
FAMEAGA+cwMEAIyWnAMEAYyW6AMEAIzppwMEAIzprTAMAwQCjOm0AwQAjOm4AwQA
jw4BAwQAjw4HAwQAjw4QAwQAjw4XAwQAjw4vAwQAjw4xAwQAjw4zAwQAjw47AwQA
jw5EAwQAjw5RMAwDBACPDlsDBACPDlwDBACPDoEDBACPDoUDBACPDpMDBACPDpYD
BACPDpgwDAMEAI8OtQMEAI8OtjAMAwQAjw65AwQAjw66MAwDBACPDr8DBAGPDsAw
DAMEAI8O2QMEAI8O2gMEAY8O3AMEAY8O+AMEAI8O/AMEAJJnHQMEAJJnJQMEAJJn
NAMEAJNPAgMEAJNPEgMEAJNPHgMEAJSHqwMEAJSHrQMEAJSHrwMEAJSHwQMEAJSH
xgMEAJSHywMEAJSH/wMEAZbxijAMAwQAlvGNAwQAlvGOAwQAlvGuAwQBlvHQAwQA
lvHkAwQAlvHqAwQAlvHyAwQAlvH9AwQAm3UEAwQAm3UGAwQAm3UzAwQAm3U/AwQA
m3VMAwQAm3VwMAwDBACbdXcDBACbdXgDBAGbdYgDBACbdZoDBACbdasDBACbdboD
BAGbdcYDBACbddIDBACbddwDBACbdeQDBACbdfEDBACijQEDBACijQUDBACijQgD
BACijSwwDAMEAaKNLgMEAKKNMAMEAKKNMjAMAwQBoo1CAwQBoo1EAwQAoo1OAwQB
oo1SAwQAoo1kAwQAoo1pMAwDBACijWsDBAGijWwwDAMEAKKNcwMEAKKNdAMEAKKN
eAMEAKKNewMEAaKNiAMEAKKNiwMEAKKNmQMEAKKNoAMEAKKNowMEAKKNpgMEAaeU
AgMEAKeUDwMEAKeUKgMEAKeULgMEAKeURAMEAaeUegMEAKeUiAMEAKeUlQMEAKeU
oQMEAKeUqwMEAKeUrwMEAKeUtQMEAKeUwgMEAKeUxQMEAKeUyAMEAKeUzgMEAKeU
0QMEAKeU1gMEAKjeAwMEAKjeDAMEAKjeDgMEAKjeEQMEAajeFgMEAKjeGgMEAaje
MjAMAwQAqN49AwQAqN4+AwQEqN5QMA0GCSqGSIb3DQEBCwUAA4IBAQAMG9MVvvjP
uvUD/jLF0rRvJapy2BSgQJHZkgR2Pid6ccS24vbIBkEZMN9RBYdHWq6f77EGogys
lVbySkvI401zu1ass8phuFFUEKIxH139ozHkBnbile8zfX9x81cJo2QzJMVmHQ7P
v9qsCRYnTLEch68HthzgJfejJLu5Kwf7kzUFy+AnPQd6I+8Lg8DLobMkOlb3bDyV
VJkqzNQ4s0Mise4LG39NPZBuJIyJRYgPc6rXsPBsU5AqaB7+pzVL7y8QYDAEB+Wi
hp9FQHcw/81dLmUguOabJOa8ILJS/8WipWuJ4tM9113pwtIkQGkQYKGkfF+KbeUI
KLh1BK/0ymrD
-----END CERTIFICATE-----
Generated at Thu Mar 5 10:45:00 2026 by rpki-client