Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS834.roa
File: AS834.roa (raw, json)
Hash identifier: fuOWQvn5fUyk9CoWf4iaAGlKbdSmIqAmkMPX2Dy/t+o=
Subject key identifier: E2:5D:88:83:09:6A:B9:13:99:D3:8A:BA:D3:5C:22:10:66:97:FA:0E
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 45B1B67654186795E43EBB172577FF9DBE27E7BC
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS834.roa
Signing time: Wed 04 Jun 2025 18:44:52 +0000
ROA not before: Wed 04 Jun 2025 18:39:52 +0000
ROA not after: Wed 03 Jun 2026 18:44:52 +0000
asID: 834
IP address blocks: 82.21.0.0/24 maxlen: 24
82.21.6.0/23 maxlen: 24
82.21.8.0/24 maxlen: 24
82.21.41.0/24 maxlen: 24
82.21.43.0/24 maxlen: 24
82.21.50.0/24 maxlen: 24
82.21.65.0/24 maxlen: 24
82.21.75.0/24 maxlen: 24
82.21.138.0/24 maxlen: 24
82.21.195.0/24 maxlen: 24
82.21.204.0/24 maxlen: 24
82.22.111.0/24 maxlen: 24
82.22.114.0/24 maxlen: 24
82.22.170.0/24 maxlen: 24
82.22.174.0/24 maxlen: 24
82.22.184.0/24 maxlen: 24
82.22.190.0/24 maxlen: 24
82.22.195.0/24 maxlen: 24
82.23.146.0/24 maxlen: 24
82.23.172.0/24 maxlen: 24
82.23.246.0/24 maxlen: 24
82.23.251.0/24 maxlen: 24
82.24.31.0/24 maxlen: 24
82.24.57.0/24 maxlen: 24
82.24.64.0/24 maxlen: 24
82.24.76.0/24 maxlen: 24
82.24.79.0/24 maxlen: 24
82.24.81.0/24 maxlen: 24
82.24.83.0/24 maxlen: 24
82.24.88.0/24 maxlen: 24
82.24.91.0/24 maxlen: 24
82.24.100.0/24 maxlen: 24
82.24.122.0/24 maxlen: 24
82.24.126.0/24 maxlen: 24
82.24.144.0/23 maxlen: 24
82.24.146.0/24 maxlen: 24
82.24.174.0/24 maxlen: 24
82.24.181.0/24 maxlen: 24
82.24.191.0/24 maxlen: 24
82.24.195.0/24 maxlen: 24
82.24.201.0/24 maxlen: 24
82.25.21.0/24 maxlen: 24
82.25.32.0/20 maxlen: 24
82.25.142.0/23 maxlen: 24
82.25.161.0/24 maxlen: 24
82.25.181.0/24 maxlen: 24
82.25.190.0/24 maxlen: 24
82.25.200.0/24 maxlen: 24
82.25.205.0/24 maxlen: 24
82.26.65.0/24 maxlen: 24
82.26.122.0/24 maxlen: 24
82.26.140.0/24 maxlen: 24
82.26.160.0/24 maxlen: 24
82.27.98.0/24 maxlen: 24
82.27.100.0/24 maxlen: 24
82.27.106.0/24 maxlen: 24
82.27.118.0/24 maxlen: 24
82.27.205.0/24 maxlen: 24
82.29.41.0/24 maxlen: 24
82.29.43.0/24 maxlen: 24
82.29.44.0/24 maxlen: 24
82.29.48.0/24 maxlen: 24
82.29.50.0/24 maxlen: 24
82.29.74.0/24 maxlen: 24
82.29.88.0/24 maxlen: 24
82.29.103.0/24 maxlen: 24
82.29.107.0/24 maxlen: 24
82.29.109.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 06 Jun 2025 10:57:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
45:b1:b6:76:54:18:67:95:e4:3e:bb:17:25:77:ff:9d:be:27:e7:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Jun 4 18:39:52 2025 GMT
Not After : Jun 3 18:44:52 2026 GMT
Subject: CN=E25D8883096AB91399D38ABAD35C22106697FA0E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:79:59:1e:76:e2:ba:94:a9:4b:5e:e0:85:c3:
b9:be:57:dd:f6:73:f1:9c:66:8b:e5:39:dd:34:09:
be:63:d4:c7:91:99:ad:23:26:67:24:ee:ec:87:95:
c5:60:95:2a:6e:79:f7:c6:24:cd:18:dd:8e:63:71:
5b:ef:b0:93:98:03:51:c0:10:dd:36:d1:d0:19:de:
a9:ed:41:25:79:20:80:fd:1a:d1:1b:9f:cb:a1:4d:
d7:cd:cd:71:0d:6f:10:13:be:3a:7f:c7:73:1d:41:
09:0b:63:14:b1:67:bf:2f:91:bd:2a:26:59:d5:c3:
06:b6:20:51:46:45:99:a2:bb:49:3b:ec:0a:1f:d9:
cc:ea:fc:4c:40:71:5d:ec:a0:c3:1f:f7:a7:3e:de:
a4:4f:ff:0b:ae:1d:45:b9:20:83:e5:32:e6:d2:7d:
c1:a7:3f:b2:e4:30:0d:15:61:2d:86:ac:af:a2:61:
ec:fe:4f:48:d0:91:74:54:54:b0:e7:8e:80:44:f5:
cf:72:84:7f:70:2a:4b:00:ec:04:e5:67:9b:89:00:
e6:ce:64:59:3b:25:d8:4c:2f:4e:06:1e:46:72:b9:
52:42:2d:e7:f2:15:bd:6a:40:9b:cf:f8:fb:9f:cb:
d3:c9:fb:ce:f4:b7:97:fe:6f:21:e5:be:59:15:ac:
8e:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:5D:88:83:09:6A:B9:13:99:D3:8A:BA:D3:5C:22:10:66:97:FA:0E
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS834.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.0.0/24
82.21.6.0-82.21.8.255
82.21.41.0/24
82.21.43.0/24
82.21.50.0/24
82.21.65.0/24
82.21.75.0/24
82.21.138.0/24
82.21.195.0/24
82.21.204.0/24
82.22.111.0/24
82.22.114.0/24
82.22.170.0/24
82.22.174.0/24
82.22.184.0/24
82.22.190.0/24
82.22.195.0/24
82.23.146.0/24
82.23.172.0/24
82.23.246.0/24
82.23.251.0/24
82.24.31.0/24
82.24.57.0/24
82.24.64.0/24
82.24.76.0/24
82.24.79.0/24
82.24.81.0/24
82.24.83.0/24
82.24.88.0/24
82.24.91.0/24
82.24.100.0/24
82.24.122.0/24
82.24.126.0/24
82.24.144.0-82.24.146.255
82.24.174.0/24
82.24.181.0/24
82.24.191.0/24
82.24.195.0/24
82.24.201.0/24
82.25.21.0/24
82.25.32.0/20
82.25.142.0/23
82.25.161.0/24
82.25.181.0/24
82.25.190.0/24
82.25.200.0/24
82.25.205.0/24
82.26.65.0/24
82.26.122.0/24
82.26.140.0/24
82.26.160.0/24
82.27.98.0/24
82.27.100.0/24
82.27.106.0/24
82.27.118.0/24
82.27.205.0/24
82.29.41.0/24
82.29.43.0-82.29.44.255
82.29.48.0/24
82.29.50.0/24
82.29.74.0/24
82.29.88.0/24
82.29.103.0/24
82.29.107.0/24
82.29.109.0/24
Signature Algorithm: sha256WithRSAEncryption
5a:84:85:f5:d4:af:d7:1c:61:df:65:e4:e4:b6:13:a3:91:71:
52:e9:89:1f:74:2a:44:fe:bc:a7:21:4e:7c:96:0d:dc:b6:b9:
71:8a:7b:e4:3f:18:eb:56:12:7e:c3:ae:d1:77:9f:ce:15:d0:
2c:88:3d:e5:cd:bb:73:46:2f:e4:43:3f:0b:86:63:ef:40:32:
3f:8c:99:c3:13:c3:10:7c:f2:85:6c:1a:da:b7:91:d3:a1:1a:
3a:ad:ab:e9:8d:69:d0:2d:a1:2f:c7:49:58:ae:42:de:db:dc:
b2:3b:45:ea:c1:08:e6:15:88:77:e6:41:7e:68:97:9c:19:f3:
ee:9e:12:a2:9b:35:36:8c:fe:7d:ec:d0:38:c2:4c:ab:b4:c0:
c5:5e:06:8b:eb:f2:69:20:83:25:e9:e0:5e:ee:b0:52:42:49:
bb:d3:34:2f:81:1d:74:0c:d9:0e:1b:33:36:c6:04:85:ed:a6:
85:f2:c3:59:fe:d3:d6:76:4e:59:b9:df:6e:47:a5:ef:ad:95:
60:0e:4e:cd:a8:42:4f:e1:8a:37:02:73:f8:b2:d5:0a:ad:9a:
67:50:e5:62:28:78:b1:c1:55:cd:a9:9a:c8:9f:9d:52:4f:4e:
f4:a7:cd:d5:00:b1:fa:c6:c3:08:15:38:05:0f:3a:38:92:ac:
12:b3:f1:c3
-----BEGIN CERTIFICATE-----
MIIGnzCCBYegAwIBAgIURbG2dlQYZ5XkPrsXJXf/nb4n57wwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTA2MDQxODM5NTJaFw0yNjA2MDMxODQ0NTJaMDMxMTAvBgNV
BAMTKEUyNUQ4ODgzMDk2QUI5MTM5OUQzOEFCQUQzNUMyMjEwNjY5N0ZBMEUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDFeVkeduK6lKlLXuCFw7m+V932
c/GcZovlOd00Cb5j1MeRma0jJmck7uyHlcVglSpueffGJM0Y3Y5jcVvvsJOYA1HA
EN020dAZ3qntQSV5IID9GtEbn8uhTdfNzXENbxATvjp/x3MdQQkLYxSxZ78vkb0q
JlnVwwa2IFFGRZmiu0k77Aof2czq/ExAcV3soMMf96c+3qRP/wuuHUW5IIPlMubS
fcGnP7LkMA0VYS2GrK+iYez+T0jQkXRUVLDnjoBE9c9yhH9wKksA7ATlZ5uJAObO
ZFk7JdhML04GHkZyuVJCLefyFb1qQJvP+Pufy9PJ+870t5f+byHlvlkVrI4zAgMB
AAGjggOpMIIDpTAdBgNVHQ4EFgQU4l2IgwlquROZ04q601wiEGaX+g4wHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIweAYIKwYBBQUHAQsEbDBqMGgGCCsGAQUFBzALhlxyc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTODM0LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBvwYIKwYBBQUHAQcBAf8EggGuMIIBqjCCAaYEAgABMIIB
ngMEAFIVADAMAwQBUhUGAwQAUhUIAwQAUhUpAwQAUhUrAwQAUhUyAwQAUhVBAwQA
UhVLAwQAUhWKAwQAUhXDAwQAUhXMAwQAUhZvAwQAUhZyAwQAUhaqAwQAUhauAwQA
Uha4AwQAUha+AwQAUhbDAwQAUheSAwQAUhesAwQAUhf2AwQAUhf7AwQAUhgfAwQA
Uhg5AwQAUhhAAwQAUhhMAwQAUhhPAwQAUhhRAwQAUhhTAwQAUhhYAwQAUhhbAwQA
UhhkAwQAUhh6AwQAUhh+MAwDBARSGJADBABSGJIDBABSGK4DBABSGLUDBABSGL8D
BABSGMMDBABSGMkDBABSGRUDBARSGSADBAFSGY4DBABSGaEDBABSGbUDBABSGb4D
BABSGcgDBABSGc0DBABSGkEDBABSGnoDBABSGowDBABSGqADBABSG2IDBABSG2QD
BABSG2oDBABSG3YDBABSG80DBABSHSkwDAMEAFIdKwMEAFIdLAMEAFIdMAMEAFId
MgMEAFIdSgMEAFIdWAMEAFIdZwMEAFIdawMEAFIdbTANBgkqhkiG9w0BAQsFAAOC
AQEAWoSF9dSv1xxh32Xk5LYTo5FxUumJH3QqRP68pyFOfJYN3La5cYp75D8Y61YS
fsOu0XefzhXQLIg95c27c0Yv5EM/C4Zj70AyP4yZwxPDEHzyhWwa2reR06EaOq2r
6Y1p0C2hL8dJWK5C3tvcsjtF6sEI5hWId+ZBfmiXnBnz7p4Sops1Noz+fezQOMJM
q7TAxV4Gi+vyaSCDJengXu6wUkJJu9M0L4EddAzZDhszNsYEhe2mhfLDWf7T1nZO
Wbnfbkel762VYA5OzahCT+GKNwJz+LLVCq2aZ1DlYih4scFVzamayJ+dUk9O9KfN
1QCx+sbDCBU4BQ86OJKsErPxww==
-----END CERTIFICATE-----
Generated at Thu Jun 5 18:10:02 2025 by rpki-client