Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS834.roa
File: AS834.roa (raw, json)
Hash identifier: P1U52BtX1LT3v5Un6hcKT5FTIyZV0+2n0uW1Emdi90U=
Subject key identifier: A6:E6:9C:07:D1:04:AA:E7:5E:FB:56:96:53:52:F1:61:51:7D:07:FC
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 49AB9ABFB953C15FC007A7C28FDCE0C0D69BC335
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS834.roa
Signing time: Fri 14 Feb 2025 11:15:33 +0000
ROA not before: Fri 14 Feb 2025 11:10:33 +0000
ROA not after: Fri 13 Feb 2026 11:15:33 +0000
asID: 834
IP address blocks: 45.87.185.0/24 maxlen: 24
45.95.36.0/24 maxlen: 24
92.118.162.0/24 maxlen: 24
92.242.186.0/24 maxlen: 24
179.61.198.0/24 maxlen: 24
179.61.210.0/24 maxlen: 24
179.61.212.0/24 maxlen: 24
179.61.214.0/24 maxlen: 24
179.61.226.0/23 maxlen: 24
179.61.229.0/24 maxlen: 24
181.41.196.0/24 maxlen: 24
181.214.0.0/24 maxlen: 24
181.214.4.0/24 maxlen: 24
181.214.14.0/24 maxlen: 24
181.214.79.0/24 maxlen: 24
181.214.91.0/24 maxlen: 24
181.214.119.0/24 maxlen: 24
181.214.154.0/24 maxlen: 24
181.214.161.0/24 maxlen: 24
181.214.212.0/24 maxlen: 24
181.214.223.0/24 maxlen: 24
181.214.224.0/24 maxlen: 24
181.214.233.0/24 maxlen: 24
181.214.243.0/24 maxlen: 24
181.215.62.0/24 maxlen: 24
181.215.73.0/24 maxlen: 24
181.215.91.0/24 maxlen: 24
181.215.95.0/24 maxlen: 24
181.215.108.0/24 maxlen: 24
181.215.111.0/24 maxlen: 24
181.215.112.0/22 maxlen: 24
181.215.159.0/24 maxlen: 24
181.215.186.0/23 maxlen: 24
181.215.189.0/24 maxlen: 24
181.215.204.0/24 maxlen: 24
181.215.216.0/24 maxlen: 24
181.215.225.0/24 maxlen: 24
181.215.237.0/24 maxlen: 24
181.215.250.0/24 maxlen: 24
191.96.8.0/24 maxlen: 24
191.96.16.0/24 maxlen: 24
191.96.24.0/24 maxlen: 24
191.96.27.0/24 maxlen: 24
191.96.83.0/24 maxlen: 24
191.96.99.0/24 maxlen: 24
191.96.102.0/24 maxlen: 24
191.96.105.0/24 maxlen: 24
191.96.126.0/24 maxlen: 24
191.96.164.0/24 maxlen: 24
191.101.9.0/24 maxlen: 24
191.101.22.0/24 maxlen: 24
191.101.39.0/24 maxlen: 24
191.101.56.0/24 maxlen: 24
191.101.63.0/24 maxlen: 24
191.101.76.0/24 maxlen: 24
191.101.88.0/24 maxlen: 24
191.101.95.0/24 maxlen: 24
191.101.97.0/24 maxlen: 24
191.101.102.0/24 maxlen: 24
191.101.120.0/24 maxlen: 24
191.101.124.0/24 maxlen: 24
191.101.127.0/24 maxlen: 24
191.101.148.0/24 maxlen: 24
191.101.182.0/24 maxlen: 24
191.101.192.0/24 maxlen: 24
191.101.198.0/24 maxlen: 24
191.101.252.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Feb 2025 05:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
49:ab:9a:bf:b9:53:c1:5f:c0:07:a7:c2:8f:dc:e0:c0:d6:9b:c3:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Feb 14 11:10:33 2025 GMT
Not After : Feb 13 11:15:33 2026 GMT
Subject: CN=A6E69C07D104AAE75EFB56965352F161517D07FC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:4e:e9:95:27:25:74:3f:dd:d5:4a:4b:81:7d:
93:b3:fb:45:d8:5f:22:7d:a1:f3:af:33:d1:e9:60:
0e:c3:88:d5:0c:f6:c3:b8:46:16:33:bf:54:6c:3c:
54:49:76:c6:b0:af:c4:41:ef:a2:f6:83:b4:88:c0:
8c:71:a6:10:98:f8:11:3c:61:eb:5b:dd:a4:41:ec:
2b:00:13:1d:84:0d:9b:16:71:c7:f5:51:20:cd:60:
a4:12:43:70:f2:ca:f0:1c:2d:dc:5f:80:35:bd:e9:
31:06:7b:32:06:e5:83:f5:fe:f2:dd:fd:9a:b7:1c:
65:68:5b:81:cf:a2:d0:4e:e7:38:eb:06:5e:01:1b:
4c:cb:fa:eb:28:5c:27:35:b3:c3:c9:df:21:c1:4e:
01:1f:83:ed:a4:9c:79:3a:3a:69:21:78:7e:ca:d1:
e6:cf:e6:b8:a9:fc:67:08:c7:1b:a2:6d:c3:3b:b4:
00:70:f1:ca:fe:fa:38:b4:10:a0:b1:75:0f:35:d3:
f9:48:79:86:11:2c:88:25:79:22:0c:f9:f7:0e:96:
ae:71:00:58:ff:58:28:15:93:bf:0f:a9:09:ae:e5:
e5:50:f6:11:b7:61:5e:25:bf:e0:54:3f:b6:f0:12:
0d:31:58:60:9c:b2:31:8d:03:be:19:c0:27:fc:f7:
15:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:E6:9C:07:D1:04:AA:E7:5E:FB:56:96:53:52:F1:61:51:7D:07:FC
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS834.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.87.185.0/24
45.95.36.0/24
92.118.162.0/24
92.242.186.0/24
179.61.198.0/24
179.61.210.0/24
179.61.212.0/24
179.61.214.0/24
179.61.226.0/23
179.61.229.0/24
181.41.196.0/24
181.214.0.0/24
181.214.4.0/24
181.214.14.0/24
181.214.79.0/24
181.214.91.0/24
181.214.119.0/24
181.214.154.0/24
181.214.161.0/24
181.214.212.0/24
181.214.223.0-181.214.224.255
181.214.233.0/24
181.214.243.0/24
181.215.62.0/24
181.215.73.0/24
181.215.91.0/24
181.215.95.0/24
181.215.108.0/24
181.215.111.0-181.215.115.255
181.215.159.0/24
181.215.186.0/23
181.215.189.0/24
181.215.204.0/24
181.215.216.0/24
181.215.225.0/24
181.215.237.0/24
181.215.250.0/24
191.96.8.0/24
191.96.16.0/24
191.96.24.0/24
191.96.27.0/24
191.96.83.0/24
191.96.99.0/24
191.96.102.0/24
191.96.105.0/24
191.96.126.0/24
191.96.164.0/24
191.101.9.0/24
191.101.22.0/24
191.101.39.0/24
191.101.56.0/24
191.101.63.0/24
191.101.76.0/24
191.101.88.0/24
191.101.95.0/24
191.101.97.0/24
191.101.102.0/24
191.101.120.0/24
191.101.124.0/24
191.101.127.0/24
191.101.148.0/24
191.101.182.0/24
191.101.192.0/24
191.101.198.0/24
191.101.252.0/24
Signature Algorithm: sha256WithRSAEncryption
8b:dc:88:a9:b0:05:03:ab:5a:d5:49:e8:e1:f3:38:aa:61:05:
5f:46:6d:82:57:83:47:7c:a8:42:d1:42:30:06:4e:c6:f7:84:
16:62:b9:79:b5:61:29:c5:4b:bc:b1:2e:ab:21:14:2e:2d:e4:
c4:ac:47:40:14:a3:8b:52:2f:b8:28:64:a6:ec:c5:2d:7a:a0:
5b:f4:72:31:78:a4:65:e1:eb:3e:11:0c:0a:20:15:4d:af:46:
a6:dd:d7:6d:6a:71:3d:bc:2a:f0:e4:1e:b1:96:19:4a:2e:c3:
e3:72:97:1c:8c:06:c6:d4:d0:dc:64:bd:92:65:94:c4:86:bd:
e4:8c:52:58:b0:c0:d0:4c:71:93:77:bb:c3:fd:03:00:26:dd:
d4:ac:b7:07:5f:15:5f:e6:a1:f7:04:95:e6:58:45:98:77:0f:
98:29:1e:57:92:f0:dc:ab:49:97:d0:0f:51:ff:bf:0d:d9:77:
b6:65:5c:ed:41:45:cd:7d:05:8f:03:0d:64:06:23:71:b3:b3:
5a:4d:c8:a6:5f:98:fe:df:ef:11:f5:17:7a:0b:12:8e:77:79:
d9:bc:33:4d:59:ee:c8:b5:87:76:29:7b:b0:01:74:0f:39:ac:
d4:3e:55:66:dd:ef:0a:92:43:85:a3:63:36:89:9f:dc:02:fb:
03:89:ba:f4
-----BEGIN CERTIFICATE-----
MIIGlzCCBX+gAwIBAgIUSauav7lTwV/AB6fCj9zgwNabwzUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNTAyMTQxMTEwMzNaFw0yNjAyMTMxMTE1MzNaMDMxMTAvBgNV
BAMTKEE2RTY5QzA3RDEwNEFBRTc1RUZCNTY5NjUzNTJGMTYxNTE3RDA3RkMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCwTumVJyV0P93VSkuBfZOz+0XY
XyJ9ofOvM9HpYA7DiNUM9sO4RhYzv1RsPFRJdsawr8RB76L2g7SIwIxxphCY+BE8
Yetb3aRB7CsAEx2EDZsWccf1USDNYKQSQ3DyyvAcLdxfgDW96TEGezIG5YP1/vLd
/Zq3HGVoW4HPotBO5zjrBl4BG0zL+usoXCc1s8PJ3yHBTgEfg+2knHk6OmkheH7K
0ebP5rip/GcIxxuibcM7tABw8cr++ji0EKCxdQ810/lIeYYRLIgleSIM+fcOlq5x
AFj/WCgVk78PqQmu5eVQ9hG3YV4lv+BUP7bwEg0xWGCcsjGNA74ZwCf89xVFAgMB
AAGjggOhMIIDnTAdBgNVHQ4EFgQUpuacB9EEqude+1aWU1LxYVF9B/wwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIweAYIKwYBBQUHAQsEbDBqMGgGCCsGAQUFBzALhlxyc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTODM0LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBtwYIKwYBBQUHAQcBAf8EggGmMIIBojCCAZ4EAgABMIIB
lgMEAC1XuQMEAC1fJAMEAFx2ogMEAFzyugMEALM9xgMEALM90gMEALM91AMEALM9
1gMEAbM94gMEALM95QMEALUpxAMEALXWAAMEALXWBAMEALXWDgMEALXWTwMEALXW
WwMEALXWdwMEALXWmgMEALXWoQMEALXW1DAMAwQAtdbfAwQAtdbgAwQAtdbpAwQA
tdbzAwQAtdc+AwQAtddJAwQAtddbAwQAtddfAwQAtddsMAwDBAC1128DBAK113AD
BAC1158DBAG117oDBAC1170DBAC118wDBAC119gDBAC11+EDBAC11+0DBAC11/oD
BAC/YAgDBAC/YBADBAC/YBgDBAC/YBsDBAC/YFMDBAC/YGMDBAC/YGYDBAC/YGkD
BAC/YH4DBAC/YKQDBAC/ZQkDBAC/ZRYDBAC/ZScDBAC/ZTgDBAC/ZT8DBAC/ZUwD
BAC/ZVgDBAC/ZV8DBAC/ZWEDBAC/ZWYDBAC/ZXgDBAC/ZXwDBAC/ZX8DBAC/ZZQD
BAC/ZbYDBAC/ZcADBAC/ZcYDBAC/ZfwwDQYJKoZIhvcNAQELBQADggEBAIvciKmw
BQOrWtVJ6OHzOKphBV9GbYJXg0d8qELRQjAGTsb3hBZiuXm1YSnFS7yxLqshFC4t
5MSsR0AUo4tSL7goZKbsxS16oFv0cjF4pGXh6z4RDAogFU2vRqbd121qcT28KvDk
HrGWGUouw+NylxyMBsbU0NxkvZJllMSGveSMUliwwNBMcZN3u8P9AwAm3dSstwdf
FV/mofcEleZYRZh3D5gpHleS8NyrSZfQD1H/vw3Zd7ZlXO1BRc19BY8DDWQGI3Gz
s1pNyKZfmP7f7xH1F3oLEo53edm8M01Z7si1h3Ype7ABdA85rNQ+VWbd7wqSQ4Wj
YzaJn9wC+wOJuvQ=
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:21:15 2025 by rpki-client