Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/AS834.roa
File: AS834.roa (raw, json)
Hash identifier: AATU8ztUIsrzXoHyZa/WwH5bevguvSm4NbDH5UMzUZg=
Subject key identifier: E0:71:ED:D5:89:40:AA:E3:83:4B:62:CF:44:13:62:72:63:BA:68:E8
Certificate issuer: /CN=7051b4c2f7ae9ef80b53000b32ab8f5d2f2f415b
Certificate serial: 18FC8AD3F12AF67D63CF71A7C6205754E0D4C839
Authority key identifier: 70:51:B4:C2:F7:AE:9E:F8:0B:53:00:0B:32:AB:8F:5D:2F:2F:41:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cFG0wveunvgLUwALMquPXS8vQVs.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/AS834.roa
Signing time: Wed 19 Mar 2025 00:00:36 +0000
ROA not before: Tue 18 Mar 2025 23:55:36 +0000
ROA not after: Wed 18 Mar 2026 00:00:36 +0000
asID: 834
IP address blocks: 193.32.205.0/24 maxlen: 24
193.32.206.0/24 maxlen: 24
193.38.46.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/7051B4C2F7AE9EF80B53000B32AB8F5D2F2F415B.crl
rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/7051B4C2F7AE9EF80B53000B32AB8F5D2F2F415B.mft
rsync://rpki.ripe.net/repository/DEFAULT/cFG0wveunvgLUwALMquPXS8vQVs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 16 Apr 2025 01:19:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
18:fc:8a:d3:f1:2a:f6:7d:63:cf:71:a7:c6:20:57:54:e0:d4:c8:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7051b4c2f7ae9ef80b53000b32ab8f5d2f2f415b
Validity
Not Before: Mar 18 23:55:36 2025 GMT
Not After : Mar 18 00:00:36 2026 GMT
Subject: CN=E071EDD58940AAE3834B62CF4413627263BA68E8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:83:a0:7f:7f:67:d7:9d:d6:63:5b:00:5c:f2:
51:b1:c9:34:86:30:21:c0:29:82:d0:d1:ff:13:88:
d7:6c:2d:43:3f:36:75:a0:1f:79:84:16:77:2d:45:
34:ea:9f:86:ec:4e:52:b6:06:05:ed:b5:32:a6:40:
40:d2:6e:b4:b1:64:93:51:6c:73:a0:12:a5:ec:67:
fb:9f:92:e6:36:74:4c:bc:f0:b8:ae:ae:b9:7e:ed:
64:80:14:76:38:59:a3:56:e8:6c:c5:61:06:ac:b3:
9e:cd:84:88:dc:6f:02:5b:a6:9c:5f:54:82:c4:2a:
47:be:78:a9:14:06:06:3f:b1:db:a3:50:70:5a:15:
8f:2f:fc:51:f9:b6:20:4b:62:3f:46:df:ee:6a:9e:
87:3b:a3:b8:4c:7e:83:b4:e1:7c:e6:57:ba:7c:30:
5d:0b:33:55:64:5a:f4:a8:4d:4b:d5:55:04:14:94:
e6:3c:f1:94:2d:3f:d3:60:46:01:67:52:5b:ac:53:
6e:11:b6:6c:3e:d6:43:00:e4:23:b8:cd:39:46:f4:
bf:9a:13:c6:d9:f2:40:39:0c:1b:25:8d:cd:f1:c7:
1c:f1:0f:69:40:7a:50:ec:05:e4:f4:bd:a0:b9:cf:
99:b6:46:7b:19:ee:c8:4a:7c:70:b7:f7:fa:79:2d:
09:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:71:ED:D5:89:40:AA:E3:83:4B:62:CF:44:13:62:72:63:BA:68:E8
X509v3 Authority Key Identifier:
keyid:70:51:B4:C2:F7:AE:9E:F8:0B:53:00:0B:32:AB:8F:5D:2F:2F:41:5B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/7051B4C2F7AE9EF80B53000B32AB8F5D2F2F415B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cFG0wveunvgLUwALMquPXS8vQVs.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/AS834.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.32.205.0-193.32.206.255
193.38.46.0/23
Signature Algorithm: sha256WithRSAEncryption
6a:7b:74:bd:35:58:9f:23:ad:43:59:f2:39:1f:a0:e3:8a:91:
0e:a2:ff:6a:c8:69:62:51:66:aa:59:10:44:61:5c:c6:47:2a:
7d:dc:2c:80:97:c7:a3:45:5f:f7:f2:28:a0:e3:0c:8e:ce:a8:
c1:f1:86:7b:0f:28:3a:40:40:29:57:d0:3f:a1:0d:ad:0e:a3:
8e:41:f8:df:d9:e0:5a:9c:c4:ee:c0:07:78:88:3b:40:17:90:
fd:ec:27:a4:b0:4b:66:a7:e7:8c:19:a6:d7:53:85:b6:f2:c7:
2b:89:b5:ec:e9:62:80:87:5a:3a:4f:ba:ee:2f:61:31:0a:a9:
e0:14:f9:18:5f:75:d3:7e:53:1a:61:2f:fc:ef:78:6d:45:cf:
87:58:ea:66:f8:3e:7d:ec:35:28:3d:ff:90:46:b6:a9:6f:6e:
ae:8c:8a:d0:cb:16:6a:be:b1:7d:61:76:59:e5:e8:77:f0:dd:
5a:cf:2a:01:c7:36:ad:18:0b:25:0a:52:8f:10:2b:fd:0a:9a:
5f:34:30:0f:3a:eb:66:7d:89:15:4c:cb:0a:1c:29:ca:8b:96:
fd:15:c9:35:22:f9:a6:00:df:dd:b2:3c:06:25:d9:f3:f3:a6:
d5:81:45:0b:e3:8a:32:2c:88:3b:dd:e5:1a:3d:68:59:d3:aa:
9d:e2:89:83
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgIUGPyK0/Eq9n1jz3GnxiBXVODUyDkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzA1MWI0YzJmN2FlOWVmODBiNTMwMDBiMzJhYjhmNWQy
ZjJmNDE1YjAeFw0yNTAzMTgyMzU1MzZaFw0yNjAzMTgwMDAwMzZaMDMxMTAvBgNV
BAMTKEUwNzFFREQ1ODk0MEFBRTM4MzRCNjJDRjQ0MTM2MjcyNjNCQTY4RTgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDIg6B/f2fXndZjWwBc8lGxyTSG
MCHAKYLQ0f8TiNdsLUM/NnWgH3mEFnctRTTqn4bsTlK2BgXttTKmQEDSbrSxZJNR
bHOgEqXsZ/ufkuY2dEy88Liurrl+7WSAFHY4WaNW6GzFYQass57NhIjcbwJbppxf
VILEKke+eKkUBgY/sdujUHBaFY8v/FH5tiBLYj9G3+5qnoc7o7hMfoO04XzmV7p8
MF0LM1VkWvSoTUvVVQQUlOY88ZQtP9NgRgFnUlusU24Rtmw+1kMA5CO4zTlG9L+a
E8bZ8kA5DBsljc3xxxzxD2lAelDsBeT0vaC5z5m2RnsZ7shKfHC39/p5LQl1AgMB
AAGjggIVMIICETAdBgNVHQ4EFgQU4HHt1YlAquODS2LPRBNicmO6aOgwHwYDVR0j
BBgwFoAUcFG0wveunvgLUwALMquPXS8vQVswDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOWM1Y2U5ZmEtOWE2Zi00ZTBjLTk4MDktN2E0Nzg4NzQ0
ODkzLzAvNzA1MUI0QzJGN0FFOUVGODBCNTMwMDBCMzJBQjhGNUQyRjJGNDE1Qi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NGRzB3dmV1bnZnTFV3QUxNcXVQWFM4
dlFWcy5jZXIweAYIKwYBBQUHAQsEbDBqMGgGCCsGAQUFBzALhlxyc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzljNWNlOWZhLTlhNmYt
NGUwYy05ODA5LTdhNDc4ODc0NDg5My8wL0FTODM0LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBADBIM0D
BADBIM4DBAHBJi4wDQYJKoZIhvcNAQELBQADggEBAGp7dL01WJ8jrUNZ8jkfoOOK
kQ6i/2rIaWJRZqpZEERhXMZHKn3cLICXx6NFX/fyKKDjDI7OqMHxhnsPKDpAQClX
0D+hDa0Oo45B+N/Z4FqcxO7AB3iIO0AXkP3sJ6SwS2an54wZptdThbbyxyuJtezp
YoCHWjpPuu4vYTEKqeAU+RhfddN+UxphL/zveG1Fz4dY6mb4Pn3sNSg9/5BGtqlv
bq6MitDLFmq+sX1hdlnl6Hfw3VrPKgHHNq0YCyUKUo8QK/0Kml80MA8662Z9iRVM
ywocKcqLlv0VyTUi+aYA392yPAYl2fPzptWBRQvjijIsiDvd5Ro9aFnTqp3iiYM=
-----END CERTIFICATE-----
Generated at Tue Apr 15 09:35:22 2025 by rpki-client