Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS834.roa
File: AS834.roa (raw, json)
Hash identifier: 5N5Pksk35YRy8Tn+s6OUqymG+eXz5eMH+9C0Fl32/es=
Subject key identifier: 40:D1:A7:94:84:37:44:67:9B:65:5E:CC:54:6A:A3:E6:D2:0A:D2:C8
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 2FFD131D102E22A811D9F5743D33FE302DB62552
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS834.roa
Signing time: Tue 02 Jun 2026 16:43:22 +0000
ROA not before: Tue 02 Jun 2026 16:38:22 +0000
ROA not after: Tue 01 Jun 2027 16:43:22 +0000
asID: 834
IP address blocks: 82.21.75.0/24 maxlen: 24
82.21.96.0/22 maxlen: 24
82.21.188.0/24 maxlen: 24
82.22.4.0/24 maxlen: 24
82.22.21.0/24 maxlen: 24
82.22.28.0/24 maxlen: 24
82.22.37.0/24 maxlen: 24
82.22.54.0/24 maxlen: 24
82.23.14.0/24 maxlen: 24
82.25.10.0/23 maxlen: 24
82.25.20.0/24 maxlen: 24
82.26.65.0/24 maxlen: 24
82.26.155.0/24 maxlen: 24
82.27.8.0/24 maxlen: 24
82.27.92.0/24 maxlen: 24
82.27.94.0/24 maxlen: 24
82.27.105.0/24 maxlen: 24
82.29.50.0/24 maxlen: 24
82.38.92.0/24 maxlen: 24
82.38.101.0/24 maxlen: 24
82.38.103.0/24 maxlen: 24
82.38.104.0/23 maxlen: 24
82.38.107.0/24 maxlen: 24
82.38.112.0/24 maxlen: 24
82.38.114.0/23 maxlen: 24
82.38.122.0/24 maxlen: 24
82.38.132.0/24 maxlen: 24
82.38.147.0/24 maxlen: 24
82.38.150.0/24 maxlen: 24
82.38.168.0/24 maxlen: 24
82.38.201.0/24 maxlen: 24
82.38.202.0/24 maxlen: 24
82.38.212.0/24 maxlen: 24
82.38.215.0/24 maxlen: 24
82.38.219.0/24 maxlen: 24
82.39.64.0/23 maxlen: 24
82.39.103.0/24 maxlen: 24
82.39.136.0/24 maxlen: 24
82.39.138.0/24 maxlen: 24
82.39.228.0/23 maxlen: 24
82.39.240.0/22 maxlen: 24
82.39.245.0/24 maxlen: 24
82.39.253.0/24 maxlen: 24
82.41.26.0/24 maxlen: 24
82.47.126.0/23 maxlen: 24
82.47.179.0/24 maxlen: 24
82.47.181.0/24 maxlen: 24
82.47.244.0/22 maxlen: 24
84.75.80.0/23 maxlen: 24
84.75.82.0/24 maxlen: 24
84.75.84.0/24 maxlen: 24
84.75.140.0/22 maxlen: 24
84.75.146.0/24 maxlen: 24
84.75.164.0/24 maxlen: 24
84.75.166.0/24 maxlen: 24
84.75.168.0/22 maxlen: 24
84.75.174.0/23 maxlen: 24
84.75.176.0/22 maxlen: 24
84.75.184.0/21 maxlen: 24
84.75.211.0/24 maxlen: 24
84.75.222.0/23 maxlen: 24
84.75.244.0/22 maxlen: 24
84.75.252.0/23 maxlen: 24
178.83.59.0/24 maxlen: 24
178.83.112.0/22 maxlen: 24
178.83.121.0/24 maxlen: 24
178.83.122.0/24 maxlen: 24
178.83.150.0/23 maxlen: 24
178.83.152.0/24 maxlen: 24
178.83.161.0/24 maxlen: 24
178.83.184.0/24 maxlen: 24
178.83.191.0/24 maxlen: 24
178.83.200.0/24 maxlen: 24
178.83.215.0/24 maxlen: 24
178.83.226.0/24 maxlen: 24
178.83.234.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 03 Jun 2026 15:55:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2f:fd:13:1d:10:2e:22:a8:11:d9:f5:74:3d:33:fe:30:2d:b6:25:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Jun 2 16:38:22 2026 GMT
Not After : Jun 1 16:43:22 2027 GMT
Subject: CN=40D1A794843744679B655ECC546AA3E6D20AD2C8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:ad:c5:d6:ca:63:82:57:5d:47:55:08:a7:37:
56:54:58:cd:ef:c3:e6:26:b2:44:c2:e2:5e:94:c9:
c8:c8:4b:b3:56:7d:2d:4c:5c:c7:99:44:b5:39:70:
09:2d:63:18:32:0f:eb:d1:f2:7d:6e:a4:64:11:b7:
db:67:bc:47:0c:0f:61:34:3c:60:3c:03:8f:9f:da:
8e:95:81:fd:7e:2e:5a:ef:33:42:d0:42:30:fc:47:
48:fc:ff:4f:dc:61:43:8b:9a:af:52:ae:7c:5b:63:
da:71:48:50:dd:78:9a:a2:f7:02:5d:a6:49:fe:95:
38:ea:50:65:7a:ef:00:87:d0:9f:81:a0:79:89:b1:
28:73:84:aa:db:13:c5:0e:7d:b1:22:54:68:8e:0c:
32:b5:2e:a7:27:ab:0f:6b:9c:0a:6a:9d:67:63:69:
90:5c:3d:b6:be:18:6d:87:1e:37:c3:06:da:a4:31:
ee:10:0d:24:66:26:8e:65:54:ea:3f:a8:61:0c:98:
71:97:1a:b1:22:8e:47:e6:8d:4e:96:f4:dc:ef:d0:
6a:45:60:ad:1c:3b:b0:95:84:76:a6:0c:a5:d6:8d:
72:2a:e6:c4:a5:13:cd:b8:1f:78:bd:3e:99:36:e3:
5d:d7:30:51:75:10:42:23:44:39:7e:e6:30:ef:56:
ca:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:D1:A7:94:84:37:44:67:9B:65:5E:CC:54:6A:A3:E6:D2:0A:D2:C8
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS834.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.75.0/24
82.21.96.0/22
82.21.188.0/24
82.22.4.0/24
82.22.21.0/24
82.22.28.0/24
82.22.37.0/24
82.22.54.0/24
82.23.14.0/24
82.25.10.0/23
82.25.20.0/24
82.26.65.0/24
82.26.155.0/24
82.27.8.0/24
82.27.92.0/24
82.27.94.0/24
82.27.105.0/24
82.29.50.0/24
82.38.92.0/24
82.38.101.0/24
82.38.103.0-82.38.105.255
82.38.107.0/24
82.38.112.0/24
82.38.114.0/23
82.38.122.0/24
82.38.132.0/24
82.38.147.0/24
82.38.150.0/24
82.38.168.0/24
82.38.201.0-82.38.202.255
82.38.212.0/24
82.38.215.0/24
82.38.219.0/24
82.39.64.0/23
82.39.103.0/24
82.39.136.0/24
82.39.138.0/24
82.39.228.0/23
82.39.240.0/22
82.39.245.0/24
82.39.253.0/24
82.41.26.0/24
82.47.126.0/23
82.47.179.0/24
82.47.181.0/24
82.47.244.0/22
84.75.80.0-84.75.82.255
84.75.84.0/24
84.75.140.0/22
84.75.146.0/24
84.75.164.0/24
84.75.166.0/24
84.75.168.0/22
84.75.174.0-84.75.179.255
84.75.184.0/21
84.75.211.0/24
84.75.222.0/23
84.75.244.0/22
84.75.252.0/23
178.83.59.0/24
178.83.112.0/22
178.83.121.0-178.83.122.255
178.83.150.0-178.83.152.255
178.83.161.0/24
178.83.184.0/24
178.83.191.0/24
178.83.200.0/24
178.83.215.0/24
178.83.226.0/24
178.83.234.0/24
Signature Algorithm: sha256WithRSAEncryption
77:8a:cf:93:dc:39:30:59:60:30:f7:f5:38:b3:dc:82:3f:63:
3a:dd:f9:c9:db:52:7e:2d:c9:4f:29:92:64:92:55:5b:21:63:
d2:0a:54:4d:f5:2a:2d:31:43:75:ac:59:85:53:42:86:87:c0:
17:4d:a8:3f:23:e0:67:a5:df:45:93:1d:06:20:29:d4:69:0d:
e8:5b:45:b1:fb:87:fd:30:44:df:6d:d2:42:05:0e:22:c2:fd:
32:93:e8:a6:a8:8d:5b:13:f8:ab:ea:16:78:eb:c6:85:22:2a:
9b:f3:20:ce:18:d4:19:f9:4b:ad:de:16:ee:72:ec:3d:d0:3f:
96:02:35:b4:55:08:5e:86:29:b2:26:46:30:f7:99:a5:f7:49:
85:6f:cb:3c:c0:8f:a0:d7:6a:a5:81:ea:18:de:f7:67:0a:76:
ec:17:17:b0:84:11:5a:67:89:d8:0f:64:c6:b1:be:79:4e:9e:
ab:a5:10:83:b5:20:f1:4b:2e:56:2e:6c:18:5c:71:df:1f:af:
57:fb:0b:26:6d:3b:af:8d:89:f7:02:3f:20:af:96:f6:26:a2:
9a:1b:eb:72:e7:29:0b:50:69:15:ba:d6:8d:a9:fb:4e:64:53:
29:90:91:db:1c:e5:fe:46:8e:4e:00:da:76:86:82:50:9d:ea:
c6:7a:50:22
-----BEGIN CERTIFICATE-----
MIIG1TCCBb2gAwIBAgIUL/0THRAuIqgR2fV0PTP+MC22JVIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjA2MDIxNjM4MjJaFw0yNzA2MDExNjQzMjJaMDMxMTAvBgNV
BAMTKDQwRDFBNzk0ODQzNzQ0Njc5QjY1NUVDQzU0NkFBM0U2RDIwQUQyQzgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDErcXWymOCV11HVQinN1ZUWM3v
w+YmskTC4l6UycjIS7NWfS1MXMeZRLU5cAktYxgyD+vR8n1upGQRt9tnvEcMD2E0
PGA8A4+f2o6Vgf1+LlrvM0LQQjD8R0j8/0/cYUOLmq9SrnxbY9pxSFDdeJqi9wJd
pkn+lTjqUGV67wCH0J+BoHmJsShzhKrbE8UOfbEiVGiODDK1Lqcnqw9rnApqnWdj
aZBcPba+GG2HHjfDBtqkMe4QDSRmJo5lVOo/qGEMmHGXGrEijkfmjU6W9Nzv0GpF
YK0cO7CVhHamDKXWjXIq5sSlE824H3i9Ppk2413XMFF1EEIjRDl+5jDvVspbAgMB
AAGjggPfMIID2zAdBgNVHQ4EFgQUQNGnlIQ3RGebZV7MVGqj5tIK0sgwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIweAYIKwYBBQUHAQsEbDBqMGgGCCsGAQUFBzALhlxyc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTODM0LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIB9QYIKwYBBQUHAQcBAf8EggHkMIIB4DCCAdwEAgABMIIB
1AMEAFIVSwMEAlIVYAMEAFIVvAMEAFIWBAMEAFIWFQMEAFIWHAMEAFIWJQMEAFIW
NgMEAFIXDgMEAVIZCgMEAFIZFAMEAFIaQQMEAFIamwMEAFIbCAMEAFIbXAMEAFIb
XgMEAFIbaQMEAFIdMgMEAFImXAMEAFImZTAMAwQAUiZnAwQBUiZoAwQAUiZrAwQA
UiZwAwQBUiZyAwQAUiZ6AwQAUiaEAwQAUiaTAwQAUiaWAwQAUiaoMAwDBABSJskD
BABSJsoDBABSJtQDBABSJtcDBABSJtsDBAFSJ0ADBABSJ2cDBABSJ4gDBABSJ4oD
BAFSJ+QDBAJSJ/ADBABSJ/UDBABSJ/0DBABSKRoDBAFSL34DBABSL7MDBABSL7UD
BAJSL/QwDAMEBFRLUAMEAFRLUgMEAFRLVAMEAlRLjAMEAFRLkgMEAFRLpAMEAFRL
pgMEAlRLqDAMAwQBVEuuAwQCVEuwAwQDVEu4AwQAVEvTAwQBVEveAwQCVEv0AwQB
VEv8AwQAslM7AwQCslNwMAwDBACyU3kDBACyU3owDAMEAbJTlgMEALJTmAMEALJT
oQMEALJTuAMEALJTvwMEALJTyAMEALJT1wMEALJT4gMEALJT6jANBgkqhkiG9w0B
AQsFAAOCAQEAd4rPk9w5MFlgMPf1OLPcgj9jOt35ydtSfi3JTymSZJJVWyFj0gpU
TfUqLTFDdaxZhVNChofAF02oPyPgZ6XfRZMdBiAp1GkN6FtFsfuH/TBE323SQgUO
IsL9MpPopqiNWxP4q+oWeOvGhSIqm/MgzhjUGflLrd4W7nLsPdA/lgI1tFUIXoYp
siZGMPeZpfdJhW/LPMCPoNdqpYHqGN73Zwp27BcXsIQRWmeJ2A9kxrG+eU6eq6UQ
g7Ug8UsuVi5sGFxx3x+vV/sLJm07r42J9wI/IK+W9iaimhvrcucpC1BpFbrWjan7
TmRTKZCR2xzl/kaOTgDadoaCUJ3qxnpQIg==
-----END CERTIFICATE-----
Generated at Tue Jun 2 21:10:43 2026 by rpki-client