Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS834.roa
File: AS834.roa (raw, json)
Hash identifier: ympDuUmNABcbuuc5Tx7G53lVxg9ZJ7w+DdNSCfAxWNk=
Subject key identifier: 57:EF:56:C6:D7:14:59:96:85:88:9D:4A:2C:46:D5:9F:C4:75:AD:17
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 35233528AD9C1238EBCADBB6086E76E45A21B7EE
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS834.roa
Signing time: Wed 17 Sep 2025 09:52:52 +0000
ROA not before: Wed 17 Sep 2025 09:47:52 +0000
ROA not after: Wed 16 Sep 2026 09:52:52 +0000
asID: 834
IP address blocks: 82.24.79.0/24 maxlen: 24
82.25.200.0/24 maxlen: 24
82.26.65.0/24 maxlen: 24
82.26.120.0/24 maxlen: 24
82.27.11.0/24 maxlen: 24
82.27.17.0/24 maxlen: 24
82.29.6.0/24 maxlen: 24
82.29.109.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 19 Sep 2025 06:41:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
35:23:35:28:ad:9c:12:38:eb:ca:db:b6:08:6e:76:e4:5a:21:b7:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Sep 17 09:47:52 2025 GMT
Not After : Sep 16 09:52:52 2026 GMT
Subject: CN=57EF56C6D714599685889D4A2C46D59FC475AD17
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:a1:e1:b1:b4:f8:1f:d0:61:e9:5a:09:89:b8:
f3:26:c4:71:8b:80:8d:32:70:aa:1c:d5:19:5a:77:
05:47:db:b0:cd:46:dc:5b:f8:a6:8d:13:f5:e3:7c:
c4:df:d5:cc:e0:91:12:3c:cf:4c:ba:e4:c3:be:6e:
f5:5d:ec:77:e3:8d:42:0c:e3:70:33:ed:8e:78:09:
dc:57:80:5c:dd:1f:2d:d8:b3:f8:50:78:28:66:7a:
14:84:23:2a:50:c6:4c:9d:1a:44:86:c1:e6:d3:57:
78:fa:8a:a1:24:a1:9e:5b:ef:ee:89:dc:fc:4b:8d:
a8:76:29:8c:a1:cc:92:59:71:aa:70:46:b4:af:c0:
4d:c3:5b:d1:dc:e7:32:96:66:e8:db:8b:b0:f6:c0:
ad:6f:3a:40:40:d8:71:29:f6:7c:a8:41:b3:49:8a:
38:94:dd:d1:bd:dc:c9:ab:1c:e0:22:12:dc:3b:d0:
83:79:c2:58:50:a7:c0:b1:f5:1b:a4:d9:79:7f:af:
db:c2:ab:8c:54:f1:60:7e:15:85:7c:f0:92:af:63:
39:38:1d:a8:f1:f4:18:82:14:78:51:ee:ca:72:9e:
08:81:92:20:d8:4b:2b:f0:a4:cf:0f:df:88:20:41:
f6:d6:73:28:69:6f:64:3a:6c:64:38:90:44:92:d1:
99:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:EF:56:C6:D7:14:59:96:85:88:9D:4A:2C:46:D5:9F:C4:75:AD:17
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS834.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.24.79.0/24
82.25.200.0/24
82.26.65.0/24
82.26.120.0/24
82.27.11.0/24
82.27.17.0/24
82.29.6.0/24
82.29.109.0/24
Signature Algorithm: sha256WithRSAEncryption
1c:d6:08:3b:00:aa:4b:73:99:aa:8b:14:84:05:8d:e0:f1:7b:
ce:d9:d2:d8:72:1e:33:7f:d9:de:a7:69:a5:3c:43:2a:62:19:
53:47:56:f0:48:c2:5e:91:70:6f:60:8f:26:4d:e2:0b:b9:9b:
87:73:5e:c7:8a:e9:72:0c:f2:20:a4:34:5c:14:08:6c:c7:7f:
b2:11:95:1c:14:7f:01:7a:cb:b7:4f:5b:94:26:7a:67:d9:3b:
1b:b9:2e:0d:ed:6a:d4:30:02:df:ed:f5:f3:6b:6d:d7:84:fb:
ea:a9:92:43:b1:50:ea:8e:e6:1e:80:c3:ac:39:9e:6a:c8:aa:
fa:4e:dc:6a:13:45:9f:7c:77:12:e8:cf:4d:b2:c7:cd:90:c8:
f3:c4:72:63:ea:4c:2a:09:fd:cc:1b:7e:68:cb:e0:20:13:40:
b4:57:76:f5:40:4a:d8:da:13:5f:6d:e0:02:eb:4c:ea:a5:4e:
2b:bd:b7:d6:6a:13:5d:11:7a:b4:9e:81:82:de:86:85:82:70:
3a:e6:f4:9b:10:12:6a:25:ed:a2:32:89:e0:80:6c:1e:41:bc:
60:5b:26:50:51:6e:3d:b9:af:68:63:d8:0b:94:16:a4:69:cc:
f0:70:05:a4:af:6a:7e:01:ee:ce:7b:90:5c:a3:b7:67:15:14:
ea:da:9f:4b
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgIUNSM1KK2cEjjrytu2CG525Foht+4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTA5MTcwOTQ3NTJaFw0yNjA5MTYwOTUyNTJaMDMxMTAvBgNV
BAMTKDU3RUY1NkM2RDcxNDU5OTY4NTg4OUQ0QTJDNDZENTlGQzQ3NUFEMTcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvoeGxtPgf0GHpWgmJuPMmxHGL
gI0ycKoc1RladwVH27DNRtxb+KaNE/XjfMTf1czgkRI8z0y65MO+bvVd7HfjjUIM
43Az7Y54CdxXgFzdHy3Ys/hQeChmehSEIypQxkydGkSGwebTV3j6iqEkoZ5b7+6J
3PxLjah2KYyhzJJZcapwRrSvwE3DW9Hc5zKWZujbi7D2wK1vOkBA2HEp9nyoQbNJ
ijiU3dG93MmrHOAiEtw70IN5wlhQp8Cx9Ruk2Xl/r9vCq4xU8WB+FYV88JKvYzk4
Hajx9BiCFHhR7spyngiBkiDYSyvwpM8P34ggQfbWcyhpb2Q6bGQ4kESS0Zl/AgMB
AAGjggIxMIICLTAdBgNVHQ4EFgQUV+9WxtcUWZaFiJ1KLEbVn8R1rRcwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIweAYIKwYBBQUHAQsEbDBqMGgGCCsGAQUFBzALhlxyc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTODM0LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQAUhhPAwQA
UhnIAwQAUhpBAwQAUhp4AwQAUhsLAwQAUhsRAwQAUh0GAwQAUh1tMA0GCSqGSIb3
DQEBCwUAA4IBAQAc1gg7AKpLc5mqixSEBY3g8XvO2dLYch4zf9nep2mlPEMqYhlT
R1bwSMJekXBvYI8mTeILuZuHc17HiulyDPIgpDRcFAhsx3+yEZUcFH8Besu3T1uU
Jnpn2TsbuS4N7WrUMALf7fXza23XhPvqqZJDsVDqjuYegMOsOZ5qyKr6TtxqE0Wf
fHcS6M9NssfNkMjzxHJj6kwqCf3MG35oy+AgE0C0V3b1QErY2hNfbeAC60zqpU4r
vbfWahNdEXq0noGC3oaFgnA65vSbEBJqJe2iMonggGweQbxgWyZQUW49ua9oY9gL
lBakaczwcAWkr2p+Ae7Oe5Bco7dnFRTq2p9L
-----END CERTIFICATE-----
Generated at Thu Sep 18 12:03:31 2025 by rpki-client