Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS834.roa
File: AS834.roa (raw, json)
Hash identifier: UECGqBSXrRBpih0KU59/iOpG0FvZlGq74fZzr7ZzI+Q=
Subject key identifier: 0E:39:1A:83:F5:4C:86:07:74:31:5D:BD:24:88:D3:83:21:5A:93:DA
Certificate issuer: /CN=c2302af143c15daad50042d8455e689d0828eca9
Certificate serial: 0CC5F40D8338317B0094FD9790BE9AAE22E7C124
Authority key identifier: C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS834.roa
Signing time: Sat 05 Jul 2025 16:56:23 +0000
ROA not before: Sat 05 Jul 2025 16:51:23 +0000
ROA not after: Sat 04 Jul 2026 16:56:23 +0000
asID: 834
IP address blocks: 141.11.48.0/24 maxlen: 24
141.11.57.0/24 maxlen: 24
141.11.105.0/24 maxlen: 24
141.11.172.0/23 maxlen: 24
141.11.230.0/23 maxlen: 24
141.11.236.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.crl
rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.mft
rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Jul 2025 11:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0c:c5:f4:0d:83:38:31:7b:00:94:fd:97:90:be:9a:ae:22:e7:c1:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2302af143c15daad50042d8455e689d0828eca9
Validity
Not Before: Jul 5 16:51:23 2025 GMT
Not After : Jul 4 16:56:23 2026 GMT
Subject: CN=0E391A83F54C860774315DBD2488D383215A93DA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:1d:cb:dd:b9:aa:5c:c2:18:da:73:9d:8e:57:
18:7a:84:b2:66:fc:27:64:2b:e8:66:ab:6a:74:3a:
e1:23:66:32:6e:80:89:61:2d:cb:e3:bf:6f:09:6f:
9d:ce:60:e7:61:69:bb:dc:c1:08:f2:af:81:1f:57:
87:b3:b1:7e:04:79:75:44:90:a1:bb:35:4b:36:ef:
ea:9d:3f:53:2c:1c:2f:98:ce:e6:6b:65:a1:46:09:
75:60:28:44:8f:07:a1:4f:9d:94:59:b7:23:8a:f7:
a7:8f:99:29:f0:e2:53:e1:5c:c8:3e:04:74:1b:9c:
7c:34:51:d9:8a:d8:5c:61:6e:44:ae:17:93:19:2b:
e7:fd:53:0a:fb:e8:eb:54:d9:b7:c3:7b:3c:b0:0a:
a8:aa:42:d7:d0:e0:af:cd:e1:70:d5:eb:69:bd:7a:
76:b1:7a:67:18:21:c2:a6:5e:3c:2b:d7:e4:9a:6f:
a1:e6:97:ec:c1:11:4a:34:a3:b3:9f:88:f9:fd:3c:
36:61:62:1f:41:b7:86:c9:8c:38:14:b8:ce:e7:93:
4a:37:aa:0b:8d:dd:20:ea:b2:04:67:c4:a1:e2:ae:
2c:14:1d:3c:30:00:37:0b:b7:62:d6:97:d7:1e:31:
ca:1c:fc:39:bb:98:ef:36:56:ec:b7:ed:72:a0:ea:
70:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:39:1A:83:F5:4C:86:07:74:31:5D:BD:24:88:D3:83:21:5A:93:DA
X509v3 Authority Key Identifier:
keyid:C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS834.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.11.48.0/24
141.11.57.0/24
141.11.105.0/24
141.11.172.0/23
141.11.230.0/23
141.11.236.0/23
Signature Algorithm: sha256WithRSAEncryption
1e:27:e3:fc:4d:6a:1f:77:fc:5e:e6:3c:a6:40:ac:e9:40:ed:
bb:05:eb:86:32:64:6a:2a:88:83:dd:2f:09:ed:33:2c:2a:38:
af:51:b1:65:9e:f5:d1:1f:22:69:0d:f3:58:2f:85:35:18:01:
97:18:4e:cc:46:1f:7c:8b:3e:55:c0:d5:9d:57:df:b2:fa:40:
4c:fc:41:e2:e6:14:29:d2:53:bb:76:c6:e6:0f:51:66:72:5f:
ae:a3:db:4e:dc:ce:10:be:41:88:0e:77:db:f2:49:00:6a:cd:
89:a5:34:3d:37:7c:a2:18:12:90:c2:e9:89:63:25:d4:27:c2:
01:d8:b4:5b:db:ef:9e:df:00:86:3a:4f:15:f3:2c:ed:ca:0e:
78:8f:f9:f3:ab:cc:1d:2c:ec:c0:39:b1:f4:68:2d:44:f3:1e:
12:51:49:d8:cc:45:f5:91:40:44:99:b6:4f:c2:84:3d:12:b3:
fc:27:9c:2b:7e:d9:66:6f:cf:39:e7:a8:0a:1b:0f:0b:1e:89:
97:4d:85:d3:0f:5b:95:f5:39:79:91:cb:55:34:8a:07:25:8c:
a9:dc:0d:f4:33:ba:78:81:dc:0b:09:df:4d:ef:50:2e:5a:53:
7d:7f:28:b9:90:b6:db:92:d1:a4:d7:47:1e:5d:8d:e4:a5:cf:
fa:18:09:48
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgIUDMX0DYM4MXsAlP2XkL6ariLnwSQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYzIzMDJhZjE0M2MxNWRhYWQ1MDA0MmQ4NDU1ZTY4OWQw
ODI4ZWNhOTAeFw0yNTA3MDUxNjUxMjNaFw0yNjA3MDQxNjU2MjNaMDMxMTAvBgNV
BAMTKDBFMzkxQTgzRjU0Qzg2MDc3NDMxNURCRDI0ODhEMzgzMjE1QTkzREEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDPHcvduapcwhjac52OVxh6hLJm
/CdkK+hmq2p0OuEjZjJugIlhLcvjv28Jb53OYOdhabvcwQjyr4EfV4ezsX4EeXVE
kKG7NUs27+qdP1MsHC+YzuZrZaFGCXVgKESPB6FPnZRZtyOK96ePmSnw4lPhXMg+
BHQbnHw0UdmK2FxhbkSuF5MZK+f9Uwr76OtU2bfDezywCqiqQtfQ4K/N4XDV62m9
enaxemcYIcKmXjwr1+Sab6Hml+zBEUo0o7OfiPn9PDZhYh9Bt4bJjDgUuM7nk0o3
qguN3SDqsgRnxKHiriwUHTwwADcLt2LWl9ceMcoc/Dm7mO82Vuy37XKg6nCrAgMB
AAGjggIlMIICITAdBgNVHQ4EFgQUDjkag/VMhgd0MV29JIjTgyFak9owHwYDVR0j
BBgwFoAUwjAq8UPBXarVAELYRV5onQgo7KkwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYTkzY2I1NWMtOTU3MS00NGM4LTkwZTEtOTY1YjkyNzY5
ZTRlLzAvQzIzMDJBRjE0M0MxNURBQUQ1MDA0MkQ4NDU1RTY4OUQwODI4RUNBOS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3dqQXE4VVBCWGFyVkFFTFlSVjVvblFn
bzdLay5jZXIweAYIKwYBBQUHAQsEbDBqMGgGCCsGAQUFBzALhlxyc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2E5M2NiNTVjLTk1NzEt
NDRjOC05MGUxLTk2NWI5Mjc2OWU0ZS8wL0FTODM0LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAjQswAwQA
jQs5AwQAjQtpAwQBjQusAwQBjQvmAwQBjQvsMA0GCSqGSIb3DQEBCwUAA4IBAQAe
J+P8TWofd/xe5jymQKzpQO27BeuGMmRqKoiD3S8J7TMsKjivUbFlnvXRHyJpDfNY
L4U1GAGXGE7MRh98iz5VwNWdV9+y+kBM/EHi5hQp0lO7dsbmD1Fmcl+uo9tO3M4Q
vkGIDnfb8kkAas2JpTQ9N3yiGBKQwumJYyXUJ8IB2LRb2++e3wCGOk8V8yztyg54
j/nzq8wdLOzAObH0aC1E8x4SUUnYzEX1kUBEmbZPwoQ9ErP8J5wrftlmb88556gK
Gw8LHomXTYXTD1uV9Tl5kctVNIoHJYyp3A30M7p4gdwLCd9N71AuWlN9fyi5kLbb
ktGk10ceXY3kpc/6GAlI
-----END CERTIFICATE-----
Generated at Sat Jul 5 20:00:57 2025 by rpki-client