Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/AS834.roa
File: AS834.roa (raw, json)
Hash identifier: 0NPfi9z1uUR7XnM0Rm0WvMPqi1eM+7mP9lMUJzoXGOM=
Subject key identifier: F8:79:49:4F:F8:40:92:43:BB:A2:2F:DD:86:E2:6D:50:06:9C:C2:C6
Certificate issuer: /CN=03b1ba3fdb91d8d9ea76c5776320eb7eb2d6ed9d
Certificate serial: 3CA028FCD51EA2BB8F3DD62355B0335614512826
Authority key identifier: 03:B1:BA:3F:DB:91:D8:D9:EA:76:C5:77:63:20:EB:7E:B2:D6:ED:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/A7G6P9uR2NnqdsV3YyDrfrLW7Z0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/AS834.roa
Signing time: Mon 30 Mar 2026 12:48:05 +0000
ROA not before: Mon 30 Mar 2026 12:43:05 +0000
ROA not after: Mon 29 Mar 2027 12:48:05 +0000
asID: 834
IP address blocks: 45.157.18.0/24 maxlen: 24
193.151.181.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/03B1BA3FDB91D8D9EA76C5776320EB7EB2D6ED9D.crl
rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/03B1BA3FDB91D8D9EA76C5776320EB7EB2D6ED9D.mft
rsync://rpki.ripe.net/repository/DEFAULT/A7G6P9uR2NnqdsV3YyDrfrLW7Z0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 31 Mar 2026 12:51:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3c:a0:28:fc:d5:1e:a2:bb:8f:3d:d6:23:55:b0:33:56:14:51:28:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=03b1ba3fdb91d8d9ea76c5776320eb7eb2d6ed9d
Validity
Not Before: Mar 30 12:43:05 2026 GMT
Not After : Mar 29 12:48:05 2027 GMT
Subject: CN=F879494FF8409243BBA22FDD86E26D50069CC2C6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:28:eb:65:85:c6:bb:66:3e:af:2d:e2:54:24:
7e:a1:61:d7:94:e8:80:26:5d:d9:0b:9e:60:09:02:
41:2d:64:96:42:98:ec:7c:1a:a4:d2:76:c8:3a:88:
bb:7e:70:5a:59:70:55:9d:13:a1:1a:88:24:a3:a3:
f0:46:64:c8:62:87:68:42:07:72:b6:aa:d0:1d:9a:
b2:98:f1:5a:7a:09:f5:3e:fa:51:de:43:6e:d2:24:
41:20:83:69:dd:d5:2d:13:dc:fc:b5:fc:bd:b9:a3:
2f:d8:84:d3:d6:53:a7:14:2d:e5:e1:75:e3:e9:29:
c3:37:5d:57:a6:e5:4f:8f:c9:20:62:91:02:df:59:
a8:ad:ac:a7:20:23:a8:ab:30:a9:47:92:6a:dc:fa:
a1:d3:4c:d5:e2:c4:d5:b8:46:96:9d:9d:2b:ce:e9:
59:aa:da:8f:da:df:2d:7f:b9:8a:d3:43:5b:9a:54:
cf:29:30:7b:11:29:d3:64:61:2b:a6:4e:1f:f5:7e:
06:eb:fe:f1:dc:2d:2a:13:cd:27:2a:e2:3e:b7:cb:
25:e0:1e:18:0d:f7:b3:62:14:e8:5c:22:23:b9:0c:
34:d6:8b:e9:23:3c:27:16:79:67:00:c4:f6:5a:34:
7a:d1:d6:5e:09:dd:4a:54:e3:60:7c:be:8e:94:7e:
d9:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:79:49:4F:F8:40:92:43:BB:A2:2F:DD:86:E2:6D:50:06:9C:C2:C6
X509v3 Authority Key Identifier:
keyid:03:B1:BA:3F:DB:91:D8:D9:EA:76:C5:77:63:20:EB:7E:B2:D6:ED:9D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/03B1BA3FDB91D8D9EA76C5776320EB7EB2D6ED9D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A7G6P9uR2NnqdsV3YyDrfrLW7Z0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/AS834.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.157.18.0/24
193.151.181.0/24
Signature Algorithm: sha256WithRSAEncryption
31:7b:2a:76:99:2f:44:33:fc:6b:54:a3:c2:a2:f2:39:75:45:
43:71:1a:07:89:35:be:22:cd:94:82:7a:b9:97:de:63:4a:07:
c7:ac:8f:54:ff:5a:a6:66:8c:b0:e7:31:7a:b1:88:6a:df:cc:
96:18:a1:9f:0a:14:a9:98:03:7e:b5:be:9c:76:f9:06:3f:d5:
38:2d:3c:76:8b:6a:26:d6:49:28:8b:5b:50:ff:df:8d:76:27:
2f:d1:2e:29:80:4a:c2:53:cb:f6:02:e8:97:8a:73:6c:b4:26:
fc:0c:1a:0c:c2:56:6e:7e:cf:a4:36:cc:10:24:61:90:71:7c:
9d:3c:55:84:ac:7f:95:a2:11:ed:0a:9f:b9:28:57:c5:8a:f6:
2a:55:cc:2a:9a:16:91:c8:8d:21:a5:78:6c:27:bb:22:96:4e:
dd:5f:cf:18:38:6f:85:99:99:05:51:61:8d:fa:02:0f:67:56:
f4:58:64:82:81:7c:d0:77:dc:bf:a1:bf:08:23:bd:10:c2:33:
f6:1f:42:30:2e:1a:2c:fc:1c:e5:a9:ca:63:bc:96:73:b4:0d:
38:84:3f:88:fd:f4:ac:30:35:56:fb:aa:d7:dc:d9:ab:91:70:
e2:01:05:90:d5:ab:95:6a:46:ac:7e:1d:41:86:7e:55:97:2c:
51:9b:3d:0b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIUPKAo/NUeoruPPdYjVbAzVhRRKCYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDNiMWJhM2ZkYjkxZDhkOWVhNzZjNTc3NjMyMGViN2Vi
MmQ2ZWQ5ZDAeFw0yNjAzMzAxMjQzMDVaFw0yNzAzMjkxMjQ4MDVaMDMxMTAvBgNV
BAMTKEY4Nzk0OTRGRjg0MDkyNDNCQkEyMkZERDg2RTI2RDUwMDY5Q0MyQzYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCmKOtlhca7Zj6vLeJUJH6hYdeU
6IAmXdkLnmAJAkEtZJZCmOx8GqTSdsg6iLt+cFpZcFWdE6EaiCSjo/BGZMhih2hC
B3K2qtAdmrKY8Vp6CfU++lHeQ27SJEEgg2nd1S0T3Py1/L25oy/YhNPWU6cULeXh
dePpKcM3XVem5U+PySBikQLfWaitrKcgI6irMKlHkmrc+qHTTNXixNW4RpadnSvO
6Vmq2o/a3y1/uYrTQ1uaVM8pMHsRKdNkYSumTh/1fgbr/vHcLSoTzScq4j63yyXg
HhgN97NiFOhcIiO5DDTWi+kjPCcWeWcAxPZaNHrR1l4J3UpU42B8vo6UftlfAgMB
AAGjggINMIICCTAdBgNVHQ4EFgQU+HlJT/hAkkO7oi/dhuJtUAacwsYwHwYDVR0j
BBgwFoAUA7G6P9uR2NnqdsV3YyDrfrLW7Z0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvN2ZmMGY1NTUtZGJhNy00MTkyLWEwMWQtZjY5MTZkNWJi
ODRlLzAvMDNCMUJBM0ZEQjkxRDhEOUVBNzZDNTc3NjMyMEVCN0VCMkQ2RUQ5RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0E3RzZQOXVSMk5ucWRzVjNZeURyZnJM
VzdaMC5jZXIweAYIKwYBBQUHAQsEbDBqMGgGCCsGAQUFBzALhlxyc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzdmZjBmNTU1LWRiYTct
NDE5Mi1hMDFkLWY2OTE2ZDViYjg0ZS8wL0FTODM0LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALZ0SAwQA
wZe1MA0GCSqGSIb3DQEBCwUAA4IBAQAxeyp2mS9EM/xrVKPCovI5dUVDcRoHiTW+
Is2Ugnq5l95jSgfHrI9U/1qmZoyw5zF6sYhq38yWGKGfChSpmAN+tb6cdvkGP9U4
LTx2i2om1kkoi1tQ/9+Ndicv0S4pgErCU8v2AuiXinNstCb8DBoMwlZufs+kNswQ
JGGQcXydPFWErH+VohHtCp+5KFfFivYqVcwqmhaRyI0hpXhsJ7silk7dX88YOG+F
mZkFUWGN+gIPZ1b0WGSCgXzQd9y/ob8II70QwjP2H0IwLhos/BzlqcpjvJZztA04
hD+I/fSsMDVW+6rX3NmrkXDiAQWQ1auVakasfh1Bhn5VlyxRmz0L
-----END CERTIFICATE-----
Generated at Mon Mar 30 23:20:28 2026 by rpki-client