Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/AS834.roa
File: AS834.roa (raw, json)
Hash identifier: 15Gs2cXMkYeC2y0VlXzZf9fv08+GzsHuORDxqRBHpas=
Subject key identifier: 20:54:70:0A:47:89:DA:D8:6B:6F:9F:D5:B9:56:C5:F6:17:F5:21:55
Certificate issuer: /CN=3feccb17be51ee59ec74d64eed917e221ee28a1b
Certificate serial: 076E8D575C37EE9306D2376336D6506CB55DD2C6
Authority key identifier: 3F:EC:CB:17:BE:51:EE:59:EC:74:D6:4E:ED:91:7E:22:1E:E2:8A:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P-zLF75R7lnsdNZO7ZF-Ih7iihs.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/AS834.roa
Signing time: Wed 04 Mar 2026 13:54:53 +0000
ROA not before: Wed 04 Mar 2026 13:49:53 +0000
ROA not after: Wed 03 Mar 2027 13:54:53 +0000
asID: 834
IP address blocks: 46.236.209.0/24 maxlen: 24
46.236.210.0/24 maxlen: 24
46.236.212.0/23 maxlen: 24
46.236.214.0/24 maxlen: 24
46.236.217.0/24 maxlen: 24
46.236.223.0/24 maxlen: 24
46.236.241.0/24 maxlen: 24
46.236.252.0/24 maxlen: 24
46.236.254.0/23 maxlen: 24
82.139.192.0/24 maxlen: 24
82.139.194.0/24 maxlen: 24
82.139.204.0/24 maxlen: 24
82.139.206.0/24 maxlen: 24
82.139.208.0/22 maxlen: 24
82.139.212.0/23 maxlen: 24
82.139.218.0/23 maxlen: 24
82.139.220.0/23 maxlen: 24
82.139.224.0/23 maxlen: 24
82.139.227.0/24 maxlen: 24
82.139.228.0/23 maxlen: 24
82.139.231.0/24 maxlen: 24
82.139.232.0/22 maxlen: 24
82.139.236.0/24 maxlen: 24
82.139.240.0/23 maxlen: 24
82.139.245.0/24 maxlen: 24
82.139.247.0/24 maxlen: 24
82.139.248.0/23 maxlen: 24
212.60.144.0/22 maxlen: 24
212.60.148.0/23 maxlen: 24
212.60.150.0/24 maxlen: 24
212.60.154.0/24 maxlen: 24
212.60.157.0/24 maxlen: 24
212.60.159.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/3FECCB17BE51EE59EC74D64EED917E221EE28A1B.crl
rsync://rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/3FECCB17BE51EE59EC74D64EED917E221EE28A1B.mft
rsync://rpki.ripe.net/repository/DEFAULT/P-zLF75R7lnsdNZO7ZF-Ih7iihs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 07 Mar 2026 23:40:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
07:6e:8d:57:5c:37:ee:93:06:d2:37:63:36:d6:50:6c:b5:5d:d2:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3feccb17be51ee59ec74d64eed917e221ee28a1b
Validity
Not Before: Mar 4 13:49:53 2026 GMT
Not After : Mar 3 13:54:53 2027 GMT
Subject: CN=2054700A4789DAD86B6F9FD5B956C5F617F52155
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:a8:1f:fe:ff:07:2e:76:1f:08:7c:c1:6b:76:
e3:ff:e7:52:81:4c:6e:c6:0c:f0:eb:17:ff:2a:0d:
ad:48:5f:5e:99:1c:b2:5c:cb:4a:af:df:3c:ec:aa:
a9:f2:c7:94:68:16:c9:47:2c:b3:b8:bb:8b:94:cf:
e9:19:1e:34:9d:46:1f:e8:65:37:a4:55:15:24:30:
3d:34:4d:b1:a6:7e:5e:c5:d1:ac:36:07:b0:82:34:
37:d9:0e:d3:69:5c:09:52:80:0a:ec:ee:7b:5b:e1:
2d:13:f6:c6:cf:b0:d3:a5:fe:a7:06:78:4d:cb:ad:
16:43:b9:7b:48:26:10:92:8f:08:a8:ce:08:80:60:
2e:e8:ef:27:41:2c:8b:5f:e8:91:cf:b0:c9:86:14:
f0:96:a5:d4:2d:67:22:32:d1:4d:3e:f8:3f:76:d8:
16:5d:e4:5a:1f:45:3a:82:39:83:a2:b6:91:8b:04:
af:18:4a:28:39:ba:0c:53:1c:75:4b:e9:6e:42:bb:
a0:69:40:e5:d5:da:57:7c:9e:51:80:5b:7f:c1:8e:
fb:f0:95:2b:43:bb:fc:c1:9b:7a:d8:eb:7b:e3:ab:
f9:74:f0:dd:7b:8a:e2:05:0f:de:cd:b8:62:0d:35:
36:ce:d0:7c:f6:e4:75:ec:ab:2b:e2:e8:49:7b:4b:
d1:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:54:70:0A:47:89:DA:D8:6B:6F:9F:D5:B9:56:C5:F6:17:F5:21:55
X509v3 Authority Key Identifier:
keyid:3F:EC:CB:17:BE:51:EE:59:EC:74:D6:4E:ED:91:7E:22:1E:E2:8A:1B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/3FECCB17BE51EE59EC74D64EED917E221EE28A1B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P-zLF75R7lnsdNZO7ZF-Ih7iihs.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/AS834.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.236.209.0-46.236.210.255
46.236.212.0-46.236.214.255
46.236.217.0/24
46.236.223.0/24
46.236.241.0/24
46.236.252.0/24
46.236.254.0/23
82.139.192.0/24
82.139.194.0/24
82.139.204.0/24
82.139.206.0/24
82.139.208.0-82.139.213.255
82.139.218.0-82.139.221.255
82.139.224.0/23
82.139.227.0-82.139.229.255
82.139.231.0-82.139.236.255
82.139.240.0/23
82.139.245.0/24
82.139.247.0-82.139.249.255
212.60.144.0-212.60.150.255
212.60.154.0/24
212.60.157.0/24
212.60.159.0/24
Signature Algorithm: sha256WithRSAEncryption
38:a1:be:44:70:04:54:b7:8d:a5:ef:84:cb:e5:f9:a9:8e:b5:
89:e1:cd:3c:5c:09:73:ab:70:af:50:c2:ab:45:c1:d9:97:38:
fb:94:4c:48:83:bb:84:95:29:e2:62:45:d5:0b:32:aa:01:2b:
1f:0d:f3:1f:df:d1:86:d3:11:29:54:6c:0c:a2:62:be:e4:b2:
69:bc:15:75:cc:1e:17:f4:10:a7:2a:1c:a2:a1:da:ac:d1:5f:
12:42:4f:e2:c3:db:9f:f0:49:cf:9d:41:c4:58:9f:51:36:4f:
94:43:f5:a8:c8:03:36:57:27:3a:68:34:84:57:10:46:b5:1d:
fe:26:1d:2e:4d:e0:6d:bf:27:9d:ff:63:4f:e3:ca:65:5c:cb:
a7:ac:f8:88:01:f8:03:2d:3f:5d:0d:41:ee:15:7f:fc:5d:fe:
92:b2:ef:b3:6b:56:88:6e:84:3a:c7:04:ac:00:22:24:9f:5f:
87:9d:65:b3:90:18:42:8f:2f:7a:ac:b9:59:38:35:30:a2:78:
e6:6d:7c:f6:61:90:f2:bc:82:8a:1d:4a:8a:d6:30:29:27:33:
48:62:1b:8e:97:48:89:fa:25:b3:49:23:20:e1:9d:5a:27:8a:
81:c5:88:ae:35:6b:74:51:8a:52:1b:a1:40:15:9b:18:71:5a:
8d:d9:d0:ae
-----BEGIN CERTIFICATE-----
MIIFxjCCBK6gAwIBAgIUB26NV1w37pMG0jdjNtZQbLVd0sYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoM2ZlY2NiMTdiZTUxZWU1OWVjNzRkNjRlZWQ5MTdlMjIx
ZWUyOGExYjAeFw0yNjAzMDQxMzQ5NTNaFw0yNzAzMDMxMzU0NTNaMDMxMTAvBgNV
BAMTKDIwNTQ3MDBBNDc4OURBRDg2QjZGOUZENUI5NTZDNUY2MTdGNTIxNTUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC3qB/+/wcudh8IfMFrduP/51KB
TG7GDPDrF/8qDa1IX16ZHLJcy0qv3zzsqqnyx5RoFslHLLO4u4uUz+kZHjSdRh/o
ZTekVRUkMD00TbGmfl7F0aw2B7CCNDfZDtNpXAlSgArs7ntb4S0T9sbPsNOl/qcG
eE3LrRZDuXtIJhCSjwiozgiAYC7o7ydBLItf6JHPsMmGFPCWpdQtZyIy0U0++D92
2BZd5FofRTqCOYOitpGLBK8YSig5ugxTHHVL6W5Cu6BpQOXV2ld8nlGAW3/Bjvvw
lStDu/zBm3rY63vjq/l08N17iuIFD97NuGINNTbO0Hz25HXsqyvi6El7S9FpAgMB
AAGjggLQMIICzDAdBgNVHQ4EFgQUIFRwCkeJ2thrb5/VuVbF9hf1IVUwHwYDVR0j
BBgwFoAUP+zLF75R7lnsdNZO7ZF+Ih7iihswDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMjJkYjc1NTUtOWFhNC00OTgzLTkzMTYtNzM4MDlkZDM1
NGJjLzAvM0ZFQ0NCMTdCRTUxRUU1OUVDNzRENjRFRUQ5MTdFMjIxRUUyOEExQi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1AtekxGNzVSN2xuc2ROWk83WkYtSWg3
aWlocy5jZXIweAYIKwYBBQUHAQsEbDBqMGgGCCsGAQUFBzALhlxyc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzIyZGI3NTU1LTlhYTQt
NDk4My05MzE2LTczODA5ZGQzNTRiYy8wL0FTODM0LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHnBggrBgEFBQcBBwEB/wSB1zCB1DCB0QQCAAEwgcowDAME
AC7s0QMEAC7s0jAMAwQCLuzUAwQALuzWAwQALuzZAwQALuzfAwQALuzxAwQALuz8
AwQBLuz+AwQAUovAAwQAUovCAwQAUovMAwQAUovOMAwDBARSi9ADBAFSi9QwDAME
AVKL2gMEAVKL3AMEAVKL4DAMAwQAUovjAwQBUovkMAwDBABSi+cDBABSi+wDBAFS
i/ADBABSi/UwDAMEAFKL9wMEAVKL+DAMAwQE1DyQAwQA1DyWAwQA1DyaAwQA1Dyd
AwQA1DyfMA0GCSqGSIb3DQEBCwUAA4IBAQA4ob5EcARUt42l74TL5fmpjrWJ4c08
XAlzq3CvUMKrRcHZlzj7lExIg7uElSniYkXVCzKqASsfDfMf39GG0xEpVGwMomK+
5LJpvBV1zB4X9BCnKhyiodqs0V8SQk/iw9uf8EnPnUHEWJ9RNk+UQ/WoyAM2Vyc6
aDSEVxBGtR3+Jh0uTeBtvyed/2NP48plXMunrPiIAfgDLT9dDUHuFX/8Xf6Ssu+z
a1aIboQ6xwSsACIkn1+HnWWzkBhCjy96rLlZODUwonjmbXz2YZDyvIKKHUqK1jAp
JzNIYhuOl0iJ+iWzSSMg4Z1aJ4qBxYiuNWt0UYpSG6FAFZsYcVqN2dCu
-----END CERTIFICATE-----
Generated at Sat Mar 7 16:48:24 2026 by rpki-client