Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS834.roa
File: AS834.roa (raw, json)
Hash identifier: smICuyEZmmzWzIQFYG3TuxzBO40SZfbP1JVvKrtLyzs=
Subject key identifier: 19:F3:6B:11:C8:B7:E1:82:7F:0E:56:11:E9:81:38:3E:AA:0C:0B:BD
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 13DAF7069A3BABAF9F6968CD3B5D534226767B27
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS834.roa
Signing time: Tue 15 Apr 2025 14:53:27 +0000
ROA not before: Tue 15 Apr 2025 14:48:27 +0000
ROA not after: Tue 14 Apr 2026 14:53:27 +0000
asID: 834
IP address blocks: 82.21.7.0/24 maxlen: 24
82.21.156.0/24 maxlen: 24
82.21.187.0/24 maxlen: 24
82.21.206.0/24 maxlen: 24
82.21.228.0/24 maxlen: 24
82.21.234.0/24 maxlen: 24
82.21.239.0/24 maxlen: 24
82.21.240.0/24 maxlen: 24
82.22.78.0/24 maxlen: 24
82.22.211.0/24 maxlen: 24
82.22.233.0/24 maxlen: 24
82.22.235.0/24 maxlen: 24
82.23.203.0/24 maxlen: 24
82.23.206.0/24 maxlen: 24
82.23.216.0/24 maxlen: 24
82.23.222.0/24 maxlen: 24
82.23.226.0/24 maxlen: 24
82.23.228.0/24 maxlen: 24
82.23.246.0/24 maxlen: 24
82.23.248.0/21 maxlen: 24
82.24.81.0/24 maxlen: 24
82.24.83.0/24 maxlen: 24
82.24.126.0/24 maxlen: 24
82.24.144.0/23 maxlen: 24
82.24.183.0/24 maxlen: 24
82.24.212.0/24 maxlen: 24
82.24.219.0/24 maxlen: 24
82.24.230.0/24 maxlen: 24
82.24.233.0/24 maxlen: 24
82.24.238.0/24 maxlen: 24
82.25.21.0/24 maxlen: 24
82.25.227.0/24 maxlen: 24
82.25.239.0/24 maxlen: 24
82.26.65.0/24 maxlen: 24
82.26.208.0/24 maxlen: 24
82.26.212.0/24 maxlen: 24
82.26.218.0/24 maxlen: 24
82.26.236.0/24 maxlen: 24
82.26.238.0/24 maxlen: 24
82.27.98.0/24 maxlen: 24
82.27.226.0/24 maxlen: 24
82.27.240.0/24 maxlen: 24
82.29.148.0/24 maxlen: 24
82.29.234.0/24 maxlen: 24
82.29.238.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 16 Apr 2025 15:22:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
13:da:f7:06:9a:3b:ab:af:9f:69:68:cd:3b:5d:53:42:26:76:7b:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Apr 15 14:48:27 2025 GMT
Not After : Apr 14 14:53:27 2026 GMT
Subject: CN=19F36B11C8B7E1827F0E5611E981383EAA0C0BBD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:17:ee:da:8e:9b:02:b9:69:1c:01:e2:57:1b:
b3:35:27:24:6f:64:17:59:da:61:30:16:0e:27:26:
d3:08:92:8e:e2:e8:b0:af:01:c0:15:d8:0a:9b:4b:
1d:36:9b:84:a2:6e:16:be:3b:11:f6:0e:b8:5c:8e:
60:89:de:c5:1f:47:0f:66:85:a8:60:cf:b6:cc:ed:
35:67:ae:b3:5d:df:0d:2f:e2:49:42:21:f4:1a:2e:
20:4d:34:55:d7:69:b8:17:16:1a:11:1d:ee:2d:c6:
3c:b3:95:d5:b7:d1:4b:08:b4:74:93:fb:80:1b:1c:
53:75:fe:2a:7b:76:fc:0a:c7:cf:25:d8:63:98:4c:
3c:1d:cf:3a:2f:47:ed:a5:4e:ba:c3:1e:ec:98:60:
ee:51:87:32:dc:d1:23:76:0a:83:b9:1c:99:2e:96:
35:cb:cd:c1:85:2b:23:59:ee:50:6b:53:ae:31:4c:
09:89:36:fc:c7:20:d6:f3:7d:9e:81:c1:4e:ef:0d:
39:89:e1:4d:6a:09:6c:7e:6b:b0:37:f1:19:44:a6:
3a:8c:a4:15:b7:28:f3:bf:00:12:7a:6b:a6:12:4a:
5c:bf:5a:80:1a:77:96:44:a6:3d:07:39:76:4c:ce:
67:8e:fa:8a:73:60:a4:e7:57:c4:cf:67:48:e5:f4:
e9:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:F3:6B:11:C8:B7:E1:82:7F:0E:56:11:E9:81:38:3E:AA:0C:0B:BD
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS834.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.7.0/24
82.21.156.0/24
82.21.187.0/24
82.21.206.0/24
82.21.228.0/24
82.21.234.0/24
82.21.239.0-82.21.240.255
82.22.78.0/24
82.22.211.0/24
82.22.233.0/24
82.22.235.0/24
82.23.203.0/24
82.23.206.0/24
82.23.216.0/24
82.23.222.0/24
82.23.226.0/24
82.23.228.0/24
82.23.246.0/24
82.23.248.0/21
82.24.81.0/24
82.24.83.0/24
82.24.126.0/24
82.24.144.0/23
82.24.183.0/24
82.24.212.0/24
82.24.219.0/24
82.24.230.0/24
82.24.233.0/24
82.24.238.0/24
82.25.21.0/24
82.25.227.0/24
82.25.239.0/24
82.26.65.0/24
82.26.208.0/24
82.26.212.0/24
82.26.218.0/24
82.26.236.0/24
82.26.238.0/24
82.27.98.0/24
82.27.226.0/24
82.27.240.0/24
82.29.148.0/24
82.29.234.0/24
82.29.238.0/23
Signature Algorithm: sha256WithRSAEncryption
a7:33:97:b8:8d:72:c6:75:60:e5:1e:7e:25:a2:02:a2:a3:7f:
49:33:b7:ae:fc:99:ff:83:20:ba:7e:03:44:f9:39:67:f1:47:
94:21:3e:dc:c3:c9:22:bb:13:c2:7b:14:ca:09:52:d8:0b:3d:
a4:7f:ec:8a:10:2f:ba:b4:99:e4:39:c7:89:68:7e:37:ee:f6:
ff:be:51:58:6d:7e:50:fe:4a:ce:ef:b5:c6:7b:a0:55:fd:84:
f6:f3:2f:95:d3:e2:eb:5f:a0:e9:1d:d4:25:8a:6a:e7:0e:d4:
41:83:1a:e6:eb:ec:61:03:97:33:b4:a9:91:44:3a:34:e1:9c:
2b:b9:e2:86:20:c0:dc:af:a1:10:f5:46:fe:e1:92:1c:7d:a8:
7d:ce:2e:b6:e5:86:82:66:e0:76:4b:c0:e9:90:60:54:0e:7e:
02:5a:bc:b9:74:b9:70:29:21:fb:69:f0:2d:1a:62:2f:d2:1e:
a8:31:c9:46:bb:40:1a:5b:1b:80:a2:75:5b:97:4e:6d:f3:98:
df:c0:73:79:2f:e4:2f:72:68:93:cf:24:3d:88:f2:72:7a:0d:
1a:21:72:ce:0f:4e:61:6a:71:67:8a:63:9e:10:9f:a2:cb:c5:
a1:d1:1e:5a:ae:d4:e6:2f:25:8d:52:77:5e:24:fc:12:9b:f0:
1b:3c:74:ef
-----BEGIN CERTIFICATE-----
MIIGETCCBPmgAwIBAgIUE9r3Bpo7q6+faWjNO11TQiZ2eycwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTA0MTUxNDQ4MjdaFw0yNjA0MTQxNDUzMjdaMDMxMTAvBgNV
BAMTKDE5RjM2QjExQzhCN0UxODI3RjBFNTYxMUU5ODEzODNFQUEwQzBCQkQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCxF+7ajpsCuWkcAeJXG7M1JyRv
ZBdZ2mEwFg4nJtMIko7i6LCvAcAV2AqbSx02m4Sibha+OxH2DrhcjmCJ3sUfRw9m
hahgz7bM7TVnrrNd3w0v4klCIfQaLiBNNFXXabgXFhoRHe4txjyzldW30UsItHST
+4AbHFN1/ip7dvwKx88l2GOYTDwdzzovR+2lTrrDHuyYYO5RhzLc0SN2CoO5HJku
ljXLzcGFKyNZ7lBrU64xTAmJNvzHINbzfZ6BwU7vDTmJ4U1qCWx+a7A38RlEpjqM
pBW3KPO/ABJ6a6YSSly/WoAad5ZEpj0HOXZMzmeO+opzYKTnV8TPZ0jl9OmnAgMB
AAGjggMbMIIDFzAdBgNVHQ4EFgQUGfNrEci34YJ/DlYR6YE4PqoMC70wHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIweAYIKwYBBQUHAQsEbDBqMGgGCCsGAQUFBzALhlxyc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTODM0LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBMQYIKwYBBQUHAQcBAf8EggEgMIIBHDCCARgEAgABMIIB
EAMEAFIVBwMEAFIVnAMEAFIVuwMEAFIVzgMEAFIV5AMEAFIV6jAMAwQAUhXvAwQA
UhXwAwQAUhZOAwQAUhbTAwQAUhbpAwQAUhbrAwQAUhfLAwQAUhfOAwQAUhfYAwQA
UhfeAwQAUhfiAwQAUhfkAwQAUhf2AwQDUhf4AwQAUhhRAwQAUhhTAwQAUhh+AwQB
UhiQAwQAUhi3AwQAUhjUAwQAUhjbAwQAUhjmAwQAUhjpAwQAUhjuAwQAUhkVAwQA
UhnjAwQAUhnvAwQAUhpBAwQAUhrQAwQAUhrUAwQAUhraAwQAUhrsAwQAUhruAwQA
UhtiAwQAUhviAwQAUhvwAwQAUh2UAwQAUh3qAwQBUh3uMA0GCSqGSIb3DQEBCwUA
A4IBAQCnM5e4jXLGdWDlHn4logKio39JM7eu/Jn/gyC6fgNE+Tln8UeUIT7cw8ki
uxPCexTKCVLYCz2kf+yKEC+6tJnkOceJaH437vb/vlFYbX5Q/krO77XGe6BV/YT2
8y+V0+LrX6DpHdQlimrnDtRBgxrm6+xhA5cztKmRRDo04ZwrueKGIMDcr6EQ9Ub+
4ZIcfah9zi625YaCZuB2S8DpkGBUDn4CWry5dLlwKSH7afAtGmIv0h6oMclGu0Aa
WxuAonVbl05t85jfwHN5L+QvcmiTzyQ9iPJyeg0aIXLOD05hanFnimOeEJ+iy8Wh
0R5artTmLyWNUndeJPwSm/AbPHTv
-----END CERTIFICATE-----
Generated at Tue Apr 15 23:18:41 2025 by rpki-client