Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/AS834.roa
File: AS834.roa (raw, json)
Hash identifier: ayyLPsnr3EyNqtFq590ynxlBsg2eQr8nLraCce8KkxM=
Subject key identifier: 0B:0F:8C:24:B7:D0:4D:7E:DD:CA:B4:39:CD:2C:7F:EF:D0:B3:4A:0C
Certificate issuer: /CN=3feccb17be51ee59ec74d64eed917e221ee28a1b
Certificate serial: 07AAFD254272869CD009589F40FACF020806DB5D
Authority key identifier: 3F:EC:CB:17:BE:51:EE:59:EC:74:D6:4E:ED:91:7E:22:1E:E2:8A:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P-zLF75R7lnsdNZO7ZF-Ih7iihs.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/AS834.roa
Signing time: Tue 02 Jun 2026 12:15:37 +0000
ROA not before: Tue 02 Jun 2026 12:10:37 +0000
ROA not after: Tue 01 Jun 2027 12:15:37 +0000
asID: 834
IP address blocks: 46.236.192.0/22 maxlen: 24
46.236.197.0/24 maxlen: 24
46.236.202.0/24 maxlen: 24
46.236.209.0/24 maxlen: 24
46.236.210.0/24 maxlen: 24
46.236.212.0/23 maxlen: 24
46.236.214.0/24 maxlen: 24
46.236.223.0/24 maxlen: 24
46.236.241.0/24 maxlen: 24
46.236.243.0/24 maxlen: 24
46.236.252.0/24 maxlen: 24
46.236.254.0/23 maxlen: 24
82.139.206.0/24 maxlen: 24
82.139.218.0/24 maxlen: 24
82.139.224.0/23 maxlen: 24
82.139.227.0/24 maxlen: 24
82.139.228.0/23 maxlen: 24
82.139.231.0/24 maxlen: 24
82.139.232.0/22 maxlen: 24
82.139.236.0/24 maxlen: 24
82.139.238.0/23 maxlen: 24
82.139.248.0/23 maxlen: 24
82.139.251.0/24 maxlen: 24
212.60.144.0/22 maxlen: 24
212.60.148.0/24 maxlen: 24
212.60.152.0/24 maxlen: 24
212.60.154.0/23 maxlen: 24
212.60.156.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/3FECCB17BE51EE59EC74D64EED917E221EE28A1B.crl
rsync://rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/3FECCB17BE51EE59EC74D64EED917E221EE28A1B.mft
rsync://rpki.ripe.net/repository/DEFAULT/P-zLF75R7lnsdNZO7ZF-Ih7iihs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 07 Jun 2026 04:00:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
07:aa:fd:25:42:72:86:9c:d0:09:58:9f:40:fa:cf:02:08:06:db:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3feccb17be51ee59ec74d64eed917e221ee28a1b
Validity
Not Before: Jun 2 12:10:37 2026 GMT
Not After : Jun 1 12:15:37 2027 GMT
Subject: CN=0B0F8C24B7D04D7EDDCAB439CD2C7FEFD0B34A0C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:a0:22:61:21:c7:2c:83:b1:f3:9e:9d:91:9c:
78:5d:d0:8b:cd:ae:76:c7:eb:10:42:4a:d2:5e:a0:
86:f2:2c:2f:83:10:71:b1:00:d2:a3:83:f1:9f:d3:
0e:4f:45:fd:5c:24:84:c3:58:13:bd:11:ab:87:e5:
5f:85:9d:81:75:f0:1f:8b:6e:b3:b2:ba:65:c0:a3:
f0:26:23:ba:8a:b2:a5:93:f6:4d:45:2c:f4:8f:d0:
c1:28:ad:60:2b:e9:45:9f:68:eb:30:1f:c1:8d:cc:
0d:f2:6d:f3:47:34:b9:7c:a1:5b:fd:fe:da:0b:ab:
80:40:bc:f1:59:ca:dc:bb:4e:95:b5:c5:8d:1b:85:
4a:b7:c0:35:05:31:30:c3:a3:19:af:af:f2:39:c3:
fe:22:7e:da:a4:e8:61:03:87:c3:f3:39:a4:94:9a:
e2:9e:6f:40:f8:c8:af:6c:a5:f5:05:10:f9:07:31:
37:c3:7c:52:0f:08:d5:bb:98:1f:f2:ab:d7:56:3a:
3f:22:ad:e0:17:cf:c4:37:d5:49:49:a1:88:0f:c9:
23:d6:0e:ea:d4:98:1e:94:f1:34:0a:ec:3d:41:37:
68:3e:65:15:4d:bf:d6:dc:7d:c0:21:d1:49:88:20:
45:35:64:62:ec:d6:c4:8b:83:77:85:f1:89:a9:75:
44:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:0F:8C:24:B7:D0:4D:7E:DD:CA:B4:39:CD:2C:7F:EF:D0:B3:4A:0C
X509v3 Authority Key Identifier:
keyid:3F:EC:CB:17:BE:51:EE:59:EC:74:D6:4E:ED:91:7E:22:1E:E2:8A:1B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/3FECCB17BE51EE59EC74D64EED917E221EE28A1B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P-zLF75R7lnsdNZO7ZF-Ih7iihs.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/AS834.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.236.192.0/22
46.236.197.0/24
46.236.202.0/24
46.236.209.0-46.236.210.255
46.236.212.0-46.236.214.255
46.236.223.0/24
46.236.241.0/24
46.236.243.0/24
46.236.252.0/24
46.236.254.0/23
82.139.206.0/24
82.139.218.0/24
82.139.224.0/23
82.139.227.0-82.139.229.255
82.139.231.0-82.139.236.255
82.139.238.0/23
82.139.248.0/23
82.139.251.0/24
212.60.144.0-212.60.148.255
212.60.152.0/24
212.60.154.0-212.60.159.255
Signature Algorithm: sha256WithRSAEncryption
a0:e8:8f:cd:25:1e:cb:79:9f:4d:ea:75:7f:2c:e7:f9:9d:84:
d2:f1:f7:07:4a:e8:9a:ab:3a:e2:c0:f0:ae:54:cb:c5:3a:c9:
07:d3:3a:2d:50:7f:da:ea:81:59:73:fb:84:86:3a:60:4b:5f:
24:74:bf:73:7d:af:82:8c:e4:a3:c7:d3:c4:cb:14:8f:9d:39:
f6:98:51:95:fc:71:e2:3f:04:be:af:ae:70:08:1c:e2:64:9b:
43:bd:f6:20:8a:ce:db:8b:97:82:e7:c4:eb:ad:c4:25:6d:17:
6f:db:4f:ad:4e:32:be:3c:95:cf:ff:c9:60:83:3e:41:55:9f:
bb:59:5c:39:9a:48:f7:bb:35:93:21:e1:79:c3:e6:86:0c:53:
d5:a0:32:c2:48:4e:4f:f9:fe:4e:c3:80:d1:ea:89:03:81:d1:
a0:04:fb:52:0a:3e:39:87:89:f3:ca:4a:e7:e9:cb:07:51:94:
1c:65:73:9a:6b:13:fe:81:b0:da:8c:75:f4:b4:b9:d7:81:2a:
d8:70:ce:6c:ac:6c:6f:96:7a:0b:34:fb:7c:b7:aa:13:14:21:
1b:f7:7a:c4:c1:c4:ef:d0:d7:43:67:99:19:04:93:c3:af:ab:
d3:ef:0e:3c:a6:4e:8d:c1:bf:b7:3d:91:74:0e:d0:e5:ee:51:
1f:0a:f8:0b
-----BEGIN CERTIFICATE-----
MIIFqjCCBJKgAwIBAgIUB6r9JUJyhpzQCVifQPrPAggG210wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoM2ZlY2NiMTdiZTUxZWU1OWVjNzRkNjRlZWQ5MTdlMjIx
ZWUyOGExYjAeFw0yNjA2MDIxMjEwMzdaFw0yNzA2MDExMjE1MzdaMDMxMTAvBgNV
BAMTKDBCMEY4QzI0QjdEMDREN0VERENBQjQzOUNEMkM3RkVGRDBCMzRBMEMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCuoCJhIccsg7Hznp2RnHhd0IvN
rnbH6xBCStJeoIbyLC+DEHGxANKjg/Gf0w5PRf1cJITDWBO9EauH5V+FnYF18B+L
brOyumXAo/AmI7qKsqWT9k1FLPSP0MEorWAr6UWfaOswH8GNzA3ybfNHNLl8oVv9
/toLq4BAvPFZyty7TpW1xY0bhUq3wDUFMTDDoxmvr/I5w/4iftqk6GEDh8PzOaSU
muKeb0D4yK9spfUFEPkHMTfDfFIPCNW7mB/yq9dWOj8ireAXz8Q31UlJoYgPySPW
DurUmB6U8TQK7D1BN2g+ZRVNv9bcfcAh0UmIIEU1ZGLs1sSLg3eF8YmpdUTJAgMB
AAGjggK0MIICsDAdBgNVHQ4EFgQUCw+MJLfQTX7dyrQ5zSx/79CzSgwwHwYDVR0j
BBgwFoAUP+zLF75R7lnsdNZO7ZF+Ih7iihswDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMjJkYjc1NTUtOWFhNC00OTgzLTkzMTYtNzM4MDlkZDM1
NGJjLzAvM0ZFQ0NCMTdCRTUxRUU1OUVDNzRENjRFRUQ5MTdFMjIxRUUyOEExQi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1AtekxGNzVSN2xuc2ROWk83WkYtSWg3
aWlocy5jZXIweAYIKwYBBQUHAQsEbDBqMGgGCCsGAQUFBzALhlxyc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzIyZGI3NTU1LTlhYTQt
NDk4My05MzE2LTczODA5ZGQzNTRiYy8wL0FTODM0LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHLBggrBgEFBQcBBwEB/wSBuzCBuDCBtQQCAAEwga4DBAIu
7MADBAAu7MUDBAAu7MowDAMEAC7s0QMEAC7s0jAMAwQCLuzUAwQALuzWAwQALuzf
AwQALuzxAwQALuzzAwQALuz8AwQBLuz+AwQAUovOAwQAUovaAwQBUovgMAwDBABS
i+MDBAFSi+QwDAMEAFKL5wMEAFKL7AMEAVKL7gMEAVKL+AMEAFKL+zAMAwQE1DyQ
AwQA1DyUAwQA1DyYMAwDBAHUPJoDBAXUPIAwDQYJKoZIhvcNAQELBQADggEBAKDo
j80lHst5n03qdX8s5/mdhNLx9wdK6JqrOuLA8K5Uy8U6yQfTOi1Qf9rqgVlz+4SG
OmBLXyR0v3N9r4KM5KPH08TLFI+dOfaYUZX8ceI/BL6vrnAIHOJkm0O99iCKztuL
l4LnxOutxCVtF2/bT61OMr48lc//yWCDPkFVn7tZXDmaSPe7NZMh4XnD5oYMU9Wg
MsJITk/5/k7DgNHqiQOB0aAE+1IKPjmHifPKSufpywdRlBxlc5prE/6BsNqMdfS0
udeBKthwzmysbG+Wegs0+3y3qhMUIRv3esTBxO/Q10NnmRkEk8Ovq9PvDjymTo3B
v7c9kXQO0OXuUR8K+As=
-----END CERTIFICATE-----
Generated at Sat Jun 6 13:18:54 2026 by rpki-client