Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS834.roa
File: AS834.roa (raw, json)
Hash identifier: ehOWhpkqixdZiRFjE0w6SVfB8tFo9M6T7x+oOOq4gAY=
Subject key identifier: B7:51:88:59:D8:06:AA:14:4C:37:33:B1:99:20:7B:25:07:02:73:D4
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 6AF4F1F6513A2C91F544DD724E8F545AA5F5E038
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS834.roa
Signing time: Sat 10 May 2025 00:02:39 +0000
ROA not before: Fri 09 May 2025 23:57:39 +0000
ROA not after: Sat 09 May 2026 00:02:39 +0000
asID: 834
IP address blocks: 5.252.82.0/24 maxlen: 24
45.87.185.0/24 maxlen: 24
45.87.187.0/24 maxlen: 24
45.95.36.0/24 maxlen: 24
92.118.162.0/24 maxlen: 24
92.119.33.0/24 maxlen: 24
92.242.186.0/24 maxlen: 24
109.106.3.0/24 maxlen: 24
130.185.127.0/24 maxlen: 24
179.61.182.0/24 maxlen: 24
179.61.226.0/23 maxlen: 24
179.61.229.0/24 maxlen: 24
179.61.243.0/24 maxlen: 24
181.41.196.0/24 maxlen: 24
181.214.0.0/24 maxlen: 24
181.214.4.0/24 maxlen: 24
181.214.14.0/24 maxlen: 24
181.214.41.0/24 maxlen: 24
181.214.79.0/24 maxlen: 24
181.214.91.0/24 maxlen: 24
181.214.94.0/24 maxlen: 24
181.214.97.0/24 maxlen: 24
181.214.100.0/24 maxlen: 24
181.214.108.0/24 maxlen: 24
181.214.111.0/24 maxlen: 24
181.214.113.0/24 maxlen: 24
181.214.119.0/24 maxlen: 24
181.214.120.0/24 maxlen: 24
181.214.124.0/23 maxlen: 24
181.214.148.0/24 maxlen: 24
181.214.154.0/24 maxlen: 24
181.214.161.0/24 maxlen: 24
181.214.201.0/24 maxlen: 24
181.214.212.0/24 maxlen: 24
181.214.216.0/24 maxlen: 24
181.214.248.0/24 maxlen: 24
181.214.254.0/24 maxlen: 24
181.215.3.0/24 maxlen: 24
181.215.22.0/23 maxlen: 24
181.215.73.0/24 maxlen: 24
181.215.91.0/24 maxlen: 24
181.215.95.0/24 maxlen: 24
181.215.108.0/23 maxlen: 24
181.215.111.0/24 maxlen: 24
181.215.112.0/22 maxlen: 24
181.215.159.0/24 maxlen: 24
181.215.186.0/23 maxlen: 24
181.215.189.0/24 maxlen: 24
181.215.200.0/24 maxlen: 24
181.215.216.0/24 maxlen: 24
181.215.225.0/24 maxlen: 24
181.215.227.0/24 maxlen: 24
181.215.237.0/24 maxlen: 24
181.215.240.0/24 maxlen: 24
181.215.250.0/24 maxlen: 24
191.96.24.0/24 maxlen: 24
191.96.58.0/24 maxlen: 24
191.96.64.0/24 maxlen: 24
191.96.88.0/23 maxlen: 24
191.96.91.0/24 maxlen: 24
191.96.99.0/24 maxlen: 24
191.96.102.0/24 maxlen: 24
191.96.105.0/24 maxlen: 24
191.96.116.0/24 maxlen: 24
191.96.120.0/24 maxlen: 24
191.96.126.0/24 maxlen: 24
191.96.140.0/24 maxlen: 24
191.96.143.0/24 maxlen: 24
191.96.149.0/24 maxlen: 24
191.96.157.0/24 maxlen: 24
191.96.164.0/24 maxlen: 24
191.96.180.0/23 maxlen: 24
191.96.182.0/24 maxlen: 24
191.101.9.0/24 maxlen: 24
191.101.20.0/24 maxlen: 24
191.101.22.0/24 maxlen: 24
191.101.39.0/24 maxlen: 24
191.101.56.0/24 maxlen: 24
191.101.58.0/24 maxlen: 24
191.101.63.0/24 maxlen: 24
191.101.76.0/24 maxlen: 24
191.101.82.0/24 maxlen: 24
191.101.87.0/24 maxlen: 24
191.101.88.0/24 maxlen: 24
191.101.95.0/24 maxlen: 24
191.101.97.0/24 maxlen: 24
191.101.102.0/24 maxlen: 24
191.101.116.0/24 maxlen: 24
191.101.120.0/24 maxlen: 24
191.101.124.0/24 maxlen: 24
191.101.148.0/24 maxlen: 24
191.101.180.0/24 maxlen: 24
191.101.182.0/24 maxlen: 24
191.101.187.0/24 maxlen: 24
191.101.192.0/24 maxlen: 24
191.101.198.0/24 maxlen: 24
191.101.239.0/24 maxlen: 24
191.101.240.0/24 maxlen: 24
191.101.252.0/24 maxlen: 24
193.31.41.0/24 maxlen: 24
213.109.168.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 12 May 2025 14:51:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6a:f4:f1:f6:51:3a:2c:91:f5:44:dd:72:4e:8f:54:5a:a5:f5:e0:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: May 9 23:57:39 2025 GMT
Not After : May 9 00:02:39 2026 GMT
Subject: CN=B7518859D806AA144C3733B199207B25070273D4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:76:54:9f:e7:4e:50:41:67:1c:cd:1e:0c:2a:
04:86:e8:bc:42:a1:17:63:7a:f6:c7:0f:fd:04:2e:
68:71:c5:43:94:2c:68:65:a0:b2:e1:02:50:82:18:
2c:cb:10:60:2e:eb:3a:81:05:33:70:5b:30:a0:da:
e8:f0:5b:27:3b:f2:60:a8:e3:f2:a4:39:fe:6e:97:
ff:e8:16:a4:f3:f0:59:f1:9f:1f:cb:b5:5e:f8:0a:
8d:16:6d:e8:00:ff:4b:2e:0a:c9:fd:00:76:ca:96:
53:75:cc:81:d7:9f:f6:6b:03:c8:7f:0f:70:0b:a8:
fc:55:a3:c3:74:7a:65:ed:88:23:8a:fb:d7:6f:83:
e6:c6:2a:1d:12:eb:d4:f7:57:2e:66:72:5b:33:a9:
a6:53:90:93:f2:10:c4:07:77:53:42:18:87:ff:ed:
4e:05:fa:cf:1a:5d:a3:36:4c:b8:08:2c:f7:05:32:
5c:11:7c:5a:5b:1a:37:87:44:01:ed:a0:de:d1:e6:
e6:84:f2:54:d8:84:75:01:d8:ae:44:4e:31:c5:fc:
0f:a0:62:fa:c1:4c:36:c3:e1:ca:70:3d:ee:62:26:
e9:31:07:e4:c9:7c:a4:4e:f1:8b:b7:d8:f1:69:7b:
25:89:b5:2f:b2:06:af:22:f7:c2:f8:0e:0d:26:54:
82:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:51:88:59:D8:06:AA:14:4C:37:33:B1:99:20:7B:25:07:02:73:D4
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS834.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.252.82.0/24
45.87.185.0/24
45.87.187.0/24
45.95.36.0/24
92.118.162.0/24
92.119.33.0/24
92.242.186.0/24
109.106.3.0/24
130.185.127.0/24
179.61.182.0/24
179.61.226.0/23
179.61.229.0/24
179.61.243.0/24
181.41.196.0/24
181.214.0.0/24
181.214.4.0/24
181.214.14.0/24
181.214.41.0/24
181.214.79.0/24
181.214.91.0/24
181.214.94.0/24
181.214.97.0/24
181.214.100.0/24
181.214.108.0/24
181.214.111.0/24
181.214.113.0/24
181.214.119.0-181.214.120.255
181.214.124.0/23
181.214.148.0/24
181.214.154.0/24
181.214.161.0/24
181.214.201.0/24
181.214.212.0/24
181.214.216.0/24
181.214.248.0/24
181.214.254.0/24
181.215.3.0/24
181.215.22.0/23
181.215.73.0/24
181.215.91.0/24
181.215.95.0/24
181.215.108.0/23
181.215.111.0-181.215.115.255
181.215.159.0/24
181.215.186.0/23
181.215.189.0/24
181.215.200.0/24
181.215.216.0/24
181.215.225.0/24
181.215.227.0/24
181.215.237.0/24
181.215.240.0/24
181.215.250.0/24
191.96.24.0/24
191.96.58.0/24
191.96.64.0/24
191.96.88.0/23
191.96.91.0/24
191.96.99.0/24
191.96.102.0/24
191.96.105.0/24
191.96.116.0/24
191.96.120.0/24
191.96.126.0/24
191.96.140.0/24
191.96.143.0/24
191.96.149.0/24
191.96.157.0/24
191.96.164.0/24
191.96.180.0-191.96.182.255
191.101.9.0/24
191.101.20.0/24
191.101.22.0/24
191.101.39.0/24
191.101.56.0/24
191.101.58.0/24
191.101.63.0/24
191.101.76.0/24
191.101.82.0/24
191.101.87.0-191.101.88.255
191.101.95.0/24
191.101.97.0/24
191.101.102.0/24
191.101.116.0/24
191.101.120.0/24
191.101.124.0/24
191.101.148.0/24
191.101.180.0/24
191.101.182.0/24
191.101.187.0/24
191.101.192.0/24
191.101.198.0/24
191.101.239.0-191.101.240.255
191.101.252.0/24
193.31.41.0/24
213.109.168.0/24
Signature Algorithm: sha256WithRSAEncryption
24:1c:1f:3a:30:70:2c:c7:20:58:35:ce:46:fd:b3:76:af:2b:
91:5d:25:bd:96:72:21:7d:56:e1:ca:b0:2e:2a:4f:d8:a3:c2:
63:5c:b0:71:46:e7:37:f9:be:2c:88:3f:ed:50:c5:80:c0:2f:
c1:5e:ec:a8:a4:e6:3a:28:1e:30:87:74:e5:82:aa:88:80:8f:
17:47:6c:0d:84:6f:6a:f8:e3:c2:81:87:cf:b2:28:cf:c4:77:
9d:df:07:d6:71:7d:5f:5f:49:ae:91:26:26:6b:26:5a:bb:ef:
12:5f:f3:f8:f5:38:0d:40:7f:5b:73:f1:5a:77:24:f4:d8:ff:
5e:9b:b0:62:e3:75:fa:ae:16:a4:b1:24:bc:b9:aa:22:0a:ef:
c8:4c:8e:8e:ae:15:08:04:cf:44:16:c3:0c:7f:80:66:6c:dc:
bf:15:7c:08:0f:35:9a:1a:43:29:c7:2b:03:5f:6d:db:11:d0:
65:42:64:87:44:80:b1:fe:2a:3c:ea:d5:04:60:f3:28:ee:15:
37:79:fc:ae:c8:34:dc:b1:4d:13:e1:06:48:19:85:4b:5c:28:
7b:ad:2e:28:0d:56:23:26:9c:5a:b1:c4:0d:d5:e3:7f:f8:bc:
35:81:33:60:f2:92:c5:72:2f:03:99:c6:15:5b:30:76:76:d6:
72:fd:29:b6
-----BEGIN CERTIFICATE-----
MIIHaTCCBlGgAwIBAgIUavTx9lE6LJH1RN1yTo9UWqX14DgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNTA1MDkyMzU3MzlaFw0yNjA1MDkwMDAyMzlaMDMxMTAvBgNV
BAMTKEI3NTE4ODU5RDgwNkFBMTQ0QzM3MzNCMTk5MjA3QjI1MDcwMjczRDQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDZdlSf505QQWcczR4MKgSG6LxC
oRdjevbHD/0ELmhxxUOULGhloLLhAlCCGCzLEGAu6zqBBTNwWzCg2ujwWyc78mCo
4/KkOf5ul//oFqTz8Fnxnx/LtV74Co0WbegA/0suCsn9AHbKllN1zIHXn/ZrA8h/
D3ALqPxVo8N0emXtiCOK+9dvg+bGKh0S69T3Vy5mclszqaZTkJPyEMQHd1NCGIf/
7U4F+s8aXaM2TLgILPcFMlwRfFpbGjeHRAHtoN7R5uaE8lTYhHUB2K5ETjHF/A+g
YvrBTDbD4cpwPe5iJukxB+TJfKRO8Yu32PFpeyWJtS+yBq8i98L4Dg0mVIJVAgMB
AAGjggRzMIIEbzAdBgNVHQ4EFgQUt1GIWdgGqhRMNzOxmSB7JQcCc9QwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIweAYIKwYBBQUHAQsEbDBqMGgGCCsGAQUFBzALhlxyc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTODM0LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIICiQYIKwYBBQUHAQcBAf8EggJ4MIICdDCCAnAEAgABMIIC
aAMEAAX8UgMEAC1XuQMEAC1XuwMEAC1fJAMEAFx2ogMEAFx3IQMEAFzyugMEAG1q
AwMEAIK5fwMEALM9tgMEAbM94gMEALM95QMEALM98wMEALUpxAMEALXWAAMEALXW
BAMEALXWDgMEALXWKQMEALXWTwMEALXWWwMEALXWXgMEALXWYQMEALXWZAMEALXW
bAMEALXWbwMEALXWcTAMAwQAtdZ3AwQAtdZ4AwQBtdZ8AwQAtdaUAwQAtdaaAwQA
tdahAwQAtdbJAwQAtdbUAwQAtdbYAwQAtdb4AwQAtdb+AwQAtdcDAwQBtdcWAwQA
tddJAwQAtddbAwQAtddfAwQBtddsMAwDBAC1128DBAK113ADBAC1158DBAG117oD
BAC1170DBAC118gDBAC119gDBAC11+EDBAC11+MDBAC11+0DBAC11/ADBAC11/oD
BAC/YBgDBAC/YDoDBAC/YEADBAG/YFgDBAC/YFsDBAC/YGMDBAC/YGYDBAC/YGkD
BAC/YHQDBAC/YHgDBAC/YH4DBAC/YIwDBAC/YI8DBAC/YJUDBAC/YJ0DBAC/YKQw
DAMEAr9gtAMEAL9gtgMEAL9lCQMEAL9lFAMEAL9lFgMEAL9lJwMEAL9lOAMEAL9l
OgMEAL9lPwMEAL9lTAMEAL9lUjAMAwQAv2VXAwQAv2VYAwQAv2VfAwQAv2VhAwQA
v2VmAwQAv2V0AwQAv2V4AwQAv2V8AwQAv2WUAwQAv2W0AwQAv2W2AwQAv2W7AwQA
v2XAAwQAv2XGMAwDBAC/Ze8DBAC/ZfADBAC/ZfwDBADBHykDBADVbagwDQYJKoZI
hvcNAQELBQADggEBACQcHzowcCzHIFg1zkb9s3avK5FdJb2WciF9VuHKsC4qT9ij
wmNcsHFG5zf5viyIP+1QxYDAL8Fe7Kik5jooHjCHdOWCqoiAjxdHbA2Eb2r448KB
h8+yKM/Ed53fB9ZxfV9fSa6RJiZrJlq77xJf8/j1OA1Af1tz8Vp3JPTY/16bsGLj
dfquFqSxJLy5qiIK78hMjo6uFQgEz0QWwwx/gGZs3L8VfAgPNZoaQynHKwNfbdsR
0GVCZIdEgLH+Kjzq1QRg8yjuFTd5/K7INNyxTRPhBkgZhUtcKHutLigNViMmnFqx
xA3V43/4vDWBM2DyksVyLwOZxhVbMHZ21nL9KbY=
-----END CERTIFICATE-----
Generated at Sun May 11 19:28:19 2025 by rpki-client