Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/55b4d9e8-4111-4394-a3a6-bd8251e7fbbd/0/AS834.roa
File: AS834.roa (raw, json)
Hash identifier: qNmlT3Gausn/jADf7rQUGF38711EYHp7DSf0f9i+Q6g=
Subject key identifier: 34:42:2D:9C:D0:F0:53:4F:95:DA:6A:F4:CB:27:CD:AA:DE:84:D3:04
Certificate issuer: /CN=9dfbff217105df8877d463f6e9bac28a4084d20c
Certificate serial: 1C26D22B00374AD30786194A709E76E299670ED0
Authority key identifier: 9D:FB:FF:21:71:05:DF:88:77:D4:63:F6:E9:BA:C2:8A:40:84:D2:0C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nfv_IXEF34h31GP26brCikCE0gw.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/55b4d9e8-4111-4394-a3a6-bd8251e7fbbd/0/AS834.roa
Signing time: Fri 19 Jun 2026 09:22:26 +0000
ROA not before: Fri 19 Jun 2026 09:17:26 +0000
ROA not after: Fri 18 Jun 2027 09:22:26 +0000
asID: 834
IP address blocks: 83.171.246.0/24 maxlen: 24
139.28.50.0/24 maxlen: 24
188.119.69.0/24 maxlen: 24
193.32.207.0/24 maxlen: 24
193.187.108.0/23 maxlen: 24
193.187.133.0/24 maxlen: 24
193.187.134.0/24 maxlen: 24
194.93.50.0/23 maxlen: 24
212.115.102.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/55b4d9e8-4111-4394-a3a6-bd8251e7fbbd/0/9DFBFF217105DF8877D463F6E9BAC28A4084D20C.crl
rsync://rsync.paas.rpki.ripe.net/repository/55b4d9e8-4111-4394-a3a6-bd8251e7fbbd/0/9DFBFF217105DF8877D463F6E9BAC28A4084D20C.mft
rsync://rpki.ripe.net/repository/DEFAULT/nfv_IXEF34h31GP26brCikCE0gw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 28 Jun 2026 07:25:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1c:26:d2:2b:00:37:4a:d3:07:86:19:4a:70:9e:76:e2:99:67:0e:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9dfbff217105df8877d463f6e9bac28a4084d20c
Validity
Not Before: Jun 19 09:17:26 2026 GMT
Not After : Jun 18 09:22:26 2027 GMT
Subject: CN=34422D9CD0F0534F95DA6AF4CB27CDAADE84D304
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:c2:8a:e3:c9:12:89:ac:f9:f1:3c:13:8d:62:
76:f5:e7:2a:db:9d:f7:be:f2:a2:27:60:90:dd:cd:
7a:3f:75:a7:75:8c:d6:36:18:0e:2a:88:ed:24:ce:
98:2d:2c:1a:81:a3:ca:02:a8:9f:d8:b8:55:bc:13:
ed:0e:e1:b8:3f:b2:30:4d:58:c1:f5:60:0d:57:f0:
6b:d2:e9:e1:a5:8b:7e:48:b0:bf:04:37:ac:8b:6d:
08:65:f1:8c:09:c3:38:1e:3b:3f:8a:de:22:8e:e4:
34:cb:82:58:94:32:3e:7c:db:03:b8:3b:d1:b7:2b:
bd:99:00:77:e7:d7:42:0a:2e:00:41:68:f6:bd:33:
b2:c2:99:a4:9d:17:df:cf:34:a1:5f:e1:44:04:31:
5c:e3:71:eb:a1:ab:97:56:be:8e:04:5c:6e:59:50:
21:b4:47:19:48:69:9d:2d:f6:5c:e4:5d:bb:be:61:
00:d1:c2:66:45:1d:f8:c0:42:5c:2e:cd:b5:cd:1d:
de:74:b5:e7:0f:3c:73:8f:f8:d8:3f:37:d8:ab:41:
55:85:a9:f6:4e:ce:49:94:d7:ee:ab:84:f9:b1:25:
c4:8e:ef:92:18:55:ad:f0:ad:bf:bd:17:8a:27:62:
45:89:0c:71:69:cc:d7:bd:d0:84:8c:bd:88:c0:1e:
19:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:42:2D:9C:D0:F0:53:4F:95:DA:6A:F4:CB:27:CD:AA:DE:84:D3:04
X509v3 Authority Key Identifier:
keyid:9D:FB:FF:21:71:05:DF:88:77:D4:63:F6:E9:BA:C2:8A:40:84:D2:0C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/55b4d9e8-4111-4394-a3a6-bd8251e7fbbd/0/9DFBFF217105DF8877D463F6E9BAC28A4084D20C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nfv_IXEF34h31GP26brCikCE0gw.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/55b4d9e8-4111-4394-a3a6-bd8251e7fbbd/0/AS834.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.171.246.0/24
139.28.50.0/24
188.119.69.0/24
193.32.207.0/24
193.187.108.0/23
193.187.133.0-193.187.134.255
194.93.50.0/23
212.115.102.0/24
Signature Algorithm: sha256WithRSAEncryption
d1:4b:43:78:b4:ea:f7:56:75:ad:d3:95:61:9d:e2:19:a6:d6:
3b:a1:05:43:c6:b1:f5:3b:ae:7b:cf:da:05:bd:41:9c:00:d5:
54:9e:4f:50:c3:27:6a:fa:f5:f4:fb:e8:87:0c:9d:49:95:ad:
dd:65:40:27:bb:2c:e9:cc:ff:45:20:ad:00:06:61:89:73:3a:
47:37:ef:30:44:a3:81:b2:02:aa:17:22:da:e6:bb:6c:39:55:
cd:26:d1:1e:28:f2:a4:39:d4:e5:f8:e7:3a:7c:45:05:ed:94:
e3:1d:ee:c6:ba:17:ac:a7:f5:5e:5a:7b:28:8f:f4:47:10:f4:
c7:c6:d6:55:65:bb:e9:aa:61:b3:db:65:2a:30:5f:5c:9a:31:
7b:c7:50:2a:d6:ae:89:90:d6:8a:aa:28:03:9f:72:ac:89:46:
7d:cc:38:ec:31:65:f1:0a:d9:53:6d:6e:0a:33:a4:77:a4:ef:
f4:c3:b4:b1:a9:0d:9e:27:b2:b2:70:b7:6a:8e:78:38:2a:87:
49:22:03:87:92:79:85:29:7c:b4:e8:cb:20:73:09:bb:78:da:
5a:17:d3:e6:4c:90:68:37:04:0d:51:36:54:de:d7:01:d1:f8:
ca:1f:f4:1d:cb:a8:4e:1e:87:52:8a:db:45:9f:2a:eb:dd:c8:
8c:80:d8:e0
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIUHCbSKwA3StMHhhlKcJ524plnDtAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWRmYmZmMjE3MTA1ZGY4ODc3ZDQ2M2Y2ZTliYWMyOGE0
MDg0ZDIwYzAeFw0yNjA2MTkwOTE3MjZaFw0yNzA2MTgwOTIyMjZaMDMxMTAvBgNV
BAMTKDM0NDIyRDlDRDBGMDUzNEY5NURBNkFGNENCMjdDREFBREU4NEQzMDQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC8worjyRKJrPnxPBONYnb15yrb
nfe+8qInYJDdzXo/dad1jNY2GA4qiO0kzpgtLBqBo8oCqJ/YuFW8E+0O4bg/sjBN
WMH1YA1X8GvS6eGli35IsL8EN6yLbQhl8YwJwzgeOz+K3iKO5DTLgliUMj582wO4
O9G3K72ZAHfn10IKLgBBaPa9M7LCmaSdF9/PNKFf4UQEMVzjceuhq5dWvo4EXG5Z
UCG0RxlIaZ0t9lzkXbu+YQDRwmZFHfjAQlwuzbXNHd50tecPPHOP+Ng/N9irQVWF
qfZOzkmU1+6rhPmxJcSO75IYVa3wrb+9F4onYkWJDHFpzNe90ISMvYjAHhn5AgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQUNEItnNDwU0+V2mr0yyfNqt6E0wQwHwYDVR0j
BBgwFoAUnfv/IXEF34h31GP26brCikCE0gwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTViNGQ5ZTgtNDExMS00Mzk0LWEzYTYtYmQ4MjUxZTdm
YmJkLzAvOURGQkZGMjE3MTA1REY4ODc3RDQ2M0Y2RTlCQUMyOEE0MDg0RDIwQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL25mdl9JWEVGMzRoMzFHUDI2YnJDaWtD
RTBndy5jZXIweAYIKwYBBQUHAQsEbDBqMGgGCCsGAQUFBzALhlxyc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzU1YjRkOWU4LTQxMTEt
NDM5NC1hM2E2LWJkODI1MWU3ZmJiZC8wL0FTODM0LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAATA4AwQAU6v2AwQA
ixwyAwQAvHdFAwQAwSDPAwQBwbtsMAwDBADBu4UDBADBu4YDBAHCXTIDBADUc2Yw
DQYJKoZIhvcNAQELBQADggEBANFLQ3i06vdWda3TlWGd4hmm1juhBUPGsfU7rnvP
2gW9QZwA1VSeT1DDJ2r69fT76IcMnUmVrd1lQCe7LOnM/0UgrQAGYYlzOkc37zBE
o4GyAqoXItrmu2w5Vc0m0R4o8qQ51OX45zp8RQXtlOMd7sa6F6yn9V5aeyiP9EcQ
9MfG1lVlu+mqYbPbZSowX1yaMXvHUCrWromQ1oqqKAOfcqyJRn3MOOwxZfEK2VNt
bgozpHek7/TDtLGpDZ4nsrJwt2qOeDgqh0kiA4eSeYUpfLToyyBzCbt42loX0+ZM
kGg3BA1RNlTe1wHR+Mof9B3LqE4eh1KK20WfKuvdyIyA2OA=
-----END CERTIFICATE-----
Generated at Sat Jun 27 20:31:49 2026 by rpki-client