Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS834.roa
File: AS834.roa (raw, json)
Hash identifier: auk4PR8k2zt1Na3h6EF17bvJuqiu9V42HoVgjpCXJho=
Subject key identifier: 66:BF:E9:DB:5C:1B:EE:FB:4F:BA:E2:18:AC:E6:77:2A:4D:4C:D2:EA
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 68F59D34A527003CBF449F85D60F9B033FB98DC2
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS834.roa
Signing time: Wed 20 Aug 2025 00:02:07 +0000
ROA not before: Tue 19 Aug 2025 23:57:07 +0000
ROA not after: Wed 19 Aug 2026 00:02:07 +0000
asID: 834
IP address blocks: 5.182.110.0/24 maxlen: 24
45.87.185.0/24 maxlen: 24
45.88.98.0/24 maxlen: 24
45.137.118.0/24 maxlen: 24
45.139.180.0/24 maxlen: 24
85.208.72.0/24 maxlen: 24
92.242.184.0/24 maxlen: 24
92.242.186.0/24 maxlen: 24
130.185.127.0/24 maxlen: 24
179.61.140.0/24 maxlen: 24
181.214.25.0/24 maxlen: 24
181.214.130.0/24 maxlen: 24
181.214.254.0/24 maxlen: 24
181.215.73.0/24 maxlen: 24
181.215.84.0/24 maxlen: 24
181.215.91.0/24 maxlen: 24
181.215.110.0/24 maxlen: 24
181.215.112.0/24 maxlen: 24
181.215.250.0/24 maxlen: 24
185.151.58.0/24 maxlen: 24
191.96.24.0/24 maxlen: 24
191.96.102.0/24 maxlen: 24
191.101.182.0/24 maxlen: 24
191.101.192.0/24 maxlen: 24
191.101.198.0/24 maxlen: 24
191.101.252.0/24 maxlen: 24
193.58.106.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 21 Aug 2025 09:14:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
68:f5:9d:34:a5:27:00:3c:bf:44:9f:85:d6:0f:9b:03:3f:b9:8d:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Aug 19 23:57:07 2025 GMT
Not After : Aug 19 00:02:07 2026 GMT
Subject: CN=66BFE9DB5C1BEEFB4FBAE218ACE6772A4D4CD2EA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:21:3d:b1:37:42:ee:e0:86:eb:f9:57:16:9c:
3d:f4:c3:8c:e8:30:39:b9:a7:90:12:e4:37:dc:35:
97:5b:0e:62:44:84:50:c1:68:0f:59:bf:0a:b7:cd:
71:f2:0a:58:75:b1:74:11:20:24:93:6e:40:a7:84:
17:1e:22:d2:a1:ae:eb:41:51:f9:50:0b:50:08:d3:
0e:bd:65:5c:93:ab:60:4a:13:23:9d:19:97:45:ff:
7b:f4:33:1b:c4:ca:2b:d4:ec:be:df:bf:b5:d9:11:
4d:fb:42:83:8c:70:d4:cc:2f:e1:ab:36:31:37:b4:
7a:ff:10:e9:dd:b3:9d:ce:fd:df:77:6d:99:f8:ac:
6d:37:8a:42:5e:b3:d3:cf:24:92:fb:d9:02:c8:d8:
c5:98:ec:54:d1:bd:16:3e:02:2a:37:86:0c:1b:75:
8e:9b:70:59:d1:06:ed:61:3b:87:31:b0:cd:93:e2:
be:f4:f0:94:f5:c4:1f:1b:ce:96:6f:eb:2f:df:67:
17:be:a2:b3:9e:62:86:e4:c7:02:08:73:9e:ff:cf:
c8:fe:86:a3:f8:32:6c:87:06:cd:cd:71:93:97:a3:
a2:57:40:67:1e:8f:7e:46:c6:19:2b:90:c0:e8:88:
17:b4:96:42:97:c0:ec:2d:97:a7:2a:24:4d:85:82:
32:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:BF:E9:DB:5C:1B:EE:FB:4F:BA:E2:18:AC:E6:77:2A:4D:4C:D2:EA
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS834.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.110.0/24
45.87.185.0/24
45.88.98.0/24
45.137.118.0/24
45.139.180.0/24
85.208.72.0/24
92.242.184.0/24
92.242.186.0/24
130.185.127.0/24
179.61.140.0/24
181.214.25.0/24
181.214.130.0/24
181.214.254.0/24
181.215.73.0/24
181.215.84.0/24
181.215.91.0/24
181.215.110.0/24
181.215.112.0/24
181.215.250.0/24
185.151.58.0/24
191.96.24.0/24
191.96.102.0/24
191.101.182.0/24
191.101.192.0/24
191.101.198.0/24
191.101.252.0/24
193.58.106.0/24
Signature Algorithm: sha256WithRSAEncryption
ac:c0:7b:b8:e1:92:89:a2:cf:c4:6c:30:07:77:81:b9:97:e0:
87:66:e8:9e:97:14:0c:3d:aa:35:ff:34:d7:0a:9a:74:54:b3:
59:7f:2b:f5:bc:5d:1b:74:96:60:f3:df:83:65:5b:4b:25:17:
30:c4:d2:df:ca:e3:a5:0a:59:b8:ad:bd:29:c8:47:e5:0e:ce:
cc:06:21:b5:ed:5f:9a:4c:65:5f:ff:bd:cb:69:70:0c:9b:a1:
bf:5a:6d:e3:ae:46:2f:ce:85:a8:47:a7:97:8a:2b:25:ec:b5:
d0:7b:10:d7:c3:d5:ff:4c:f5:54:38:b8:dc:93:ad:56:5a:f6:
2f:cc:6a:6d:a6:06:a0:54:d4:a0:f3:6f:79:e0:40:48:14:d2:
f4:2e:ff:e2:4b:9c:6a:3f:41:40:a8:f6:08:fb:bb:89:70:e5:
bc:28:4b:66:bd:5e:19:65:d7:56:e9:a7:d9:e4:58:b2:7e:07:
40:94:ae:ba:74:32:c6:76:e1:e6:59:29:41:27:17:f7:52:74:
d1:df:d0:60:48:23:10:e2:63:50:48:22:9e:48:40:2f:60:cf:
80:2e:61:5a:3e:a7:98:15:a4:d6:f0:f1:33:46:1b:4f:52:8b:
e1:01:75:f7:1a:ad:e7:90:57:38:2d:cd:c9:0a:27:b0:2e:d9:
c7:7f:90:6a
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUaPWdNKUnADy/RJ+F1g+bAz+5jcIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNTA4MTkyMzU3MDdaFw0yNjA4MTkwMDAyMDdaMDMxMTAvBgNV
BAMTKDY2QkZFOURCNUMxQkVFRkI0RkJBRTIxOEFDRTY3NzJBNEQ0Q0QyRUEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDOIT2xN0Lu4Ibr+VcWnD30w4zo
MDm5p5AS5DfcNZdbDmJEhFDBaA9Zvwq3zXHyClh1sXQRICSTbkCnhBceItKhrutB
UflQC1AI0w69ZVyTq2BKEyOdGZdF/3v0MxvEyivU7L7fv7XZEU37QoOMcNTML+Gr
NjE3tHr/EOnds53O/d93bZn4rG03ikJes9PPJJL72QLI2MWY7FTRvRY+Aio3hgwb
dY6bcFnRBu1hO4cxsM2T4r708JT1xB8bzpZv6y/fZxe+orOeYobkxwIIc57/z8j+
hqP4MmyHBs3NcZOXo6JXQGcej35GxhkrkMDoiBe0lkKXwOwtl6cqJE2FgjLfAgMB
AAGjggKoMIICpDAdBgNVHQ4EFgQUZr/p21wb7vtPuuIYrOZ3Kk1M0uowHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIweAYIKwYBBQUHAQsEbDBqMGgGCCsGAQUFBzALhlxyc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTODM0LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG/BggrBgEFBQcBBwEB/wSBrzCBrDCBqQQCAAEwgaIDBAAF
tm4DBAAtV7kDBAAtWGIDBAAtiXYDBAAti7QDBABV0EgDBABc8rgDBABc8roDBACC
uX8DBACzPYwDBAC11hkDBAC11oIDBAC11v4DBAC110kDBAC111QDBAC111sDBAC1
124DBAC113ADBAC11/oDBAC5lzoDBAC/YBgDBAC/YGYDBAC/ZbYDBAC/ZcADBAC/
ZcYDBAC/ZfwDBADBOmowDQYJKoZIhvcNAQELBQADggEBAKzAe7jhkomiz8RsMAd3
gbmX4Idm6J6XFAw9qjX/NNcKmnRUs1l/K/W8XRt0lmDz34NlW0slFzDE0t/K46UK
WbitvSnIR+UOzswGIbXtX5pMZV//vctpcAybob9abeOuRi/OhahHp5eKKyXstdB7
ENfD1f9M9VQ4uNyTrVZa9i/Mam2mBqBU1KDzb3ngQEgU0vQu/+JLnGo/QUCo9gj7
u4lw5bwoS2a9Xhll11bpp9nkWLJ+B0CUrrp0MsZ24eZZKUEnF/dSdNHf0GBIIxDi
Y1BIIp5IQC9gz4AuYVo+p5gVpNbw8TNGG09Si+EBdfcareeQVzgtzckKJ7Au2cd/
kGo=
-----END CERTIFICATE-----
Generated at Wed Aug 20 21:12:47 2025 by rpki-client