Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS834.roa
File: AS834.roa (raw, json)
Hash identifier: JLAn56tBbAxk1eZwg2kamcpa7kkLA+b6FwuLFcen4aE=
Subject key identifier: 76:A2:46:89:4C:4D:7A:0D:92:1F:81:65:BB:09:1D:3C:24:CF:6B:F6
Certificate issuer: /CN=c2302af143c15daad50042d8455e689d0828eca9
Certificate serial: 4B4A88D62F315BE8CDF9A463DC58D9764462E8C3
Authority key identifier: C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS834.roa
Signing time: Mon 18 Aug 2025 16:06:53 +0000
ROA not before: Mon 18 Aug 2025 16:01:53 +0000
ROA not after: Mon 17 Aug 2026 16:06:53 +0000
asID: 834
IP address blocks: 141.11.40.0/24 maxlen: 24
141.11.48.0/24 maxlen: 24
141.11.144.0/24 maxlen: 24
141.11.172.0/24 maxlen: 24
141.11.196.0/24 maxlen: 24
141.11.198.0/24 maxlen: 24
141.11.237.0/24 maxlen: 24
141.11.243.0/24 maxlen: 24
194.60.93.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.crl
rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.mft
rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 21 Aug 2025 06:51:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4b:4a:88:d6:2f:31:5b:e8:cd:f9:a4:63:dc:58:d9:76:44:62:e8:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2302af143c15daad50042d8455e689d0828eca9
Validity
Not Before: Aug 18 16:01:53 2025 GMT
Not After : Aug 17 16:06:53 2026 GMT
Subject: CN=76A246894C4D7A0D921F8165BB091D3C24CF6BF6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:53:56:3a:b4:b3:2a:45:70:3c:16:4d:db:1c:
64:7d:ba:bb:16:78:3a:01:76:5d:f6:2a:15:37:8c:
fa:56:cd:ca:26:2d:f5:e8:b5:51:ac:db:cf:80:45:
67:31:03:a9:7f:2f:b0:19:21:f4:23:ec:35:33:4c:
0d:25:82:46:9b:b9:27:ca:99:3f:52:e1:03:a3:fb:
0a:4b:07:6e:fd:6d:f2:19:35:b7:b1:25:a0:a1:74:
47:15:c3:45:0a:29:03:33:1f:f9:df:f7:c4:c4:f9:
3a:c7:51:57:aa:f7:bc:9b:54:48:3e:78:dd:e3:37:
fa:cd:11:b1:18:31:85:0a:0d:f7:72:93:a9:b6:cd:
af:9b:b5:13:bc:95:9e:00:b5:2d:ab:66:55:1a:85:
32:78:5f:95:0e:09:ca:17:b2:84:c0:47:9d:24:b6:
f3:91:e5:2f:be:21:84:10:ef:8a:20:89:6d:6d:99:
57:1e:88:11:35:48:b2:fd:1f:99:ca:66:73:cd:11:
9d:c8:29:ca:e6:56:0b:9b:b5:ec:cc:6b:eb:72:4c:
b5:1e:2c:98:32:cb:3d:6f:66:db:5b:ce:97:89:ab:
46:27:4f:a5:40:1a:59:1e:40:e2:5b:5a:8a:48:b2:
30:c0:49:82:c7:fd:9e:3b:0a:a1:b5:ac:35:00:72:
9c:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:A2:46:89:4C:4D:7A:0D:92:1F:81:65:BB:09:1D:3C:24:CF:6B:F6
X509v3 Authority Key Identifier:
keyid:C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS834.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.11.40.0/24
141.11.48.0/24
141.11.144.0/24
141.11.172.0/24
141.11.196.0/24
141.11.198.0/24
141.11.237.0/24
141.11.243.0/24
194.60.93.0/24
Signature Algorithm: sha256WithRSAEncryption
25:81:66:99:19:8e:f7:97:84:9b:01:ce:3d:da:fe:01:3b:70:
e5:16:bd:77:b6:61:af:f9:33:e9:12:cc:4c:03:95:3b:de:8b:
b2:2c:1d:68:25:5f:b1:e9:0c:97:ec:19:8d:c1:73:99:f3:5d:
b9:79:94:42:65:61:2f:6b:7b:80:59:60:3d:0b:62:10:bf:0b:
31:67:3b:57:82:3f:56:f7:2c:81:11:cd:91:86:a6:44:66:a6:
a5:79:c3:80:93:97:42:82:70:8c:7f:51:60:56:56:5b:db:c1:
37:0b:f8:d1:d4:cc:f2:32:8b:6c:91:99:12:2c:f1:e4:d9:7e:
73:57:e6:10:a1:11:3a:59:ad:6c:08:f5:d7:b7:24:31:a4:fe:
4e:0b:ca:91:9c:93:38:90:9d:61:4a:6c:9f:e1:02:8a:54:33:
3f:25:25:65:13:6a:a0:81:c2:0e:f9:33:43:ad:6b:5e:3e:d8:
55:73:1e:ed:3b:d8:8c:12:35:e1:9c:7c:ff:33:a1:12:2e:6b:
6a:83:cb:e8:95:62:87:86:d2:a5:fc:43:5f:82:8e:44:e8:a9:
43:a2:b4:69:51:27:9c:a9:b1:b9:a0:f6:1c:2b:74:04:aa:23:
f1:f8:8b:d6:21:7a:69:cb:28:01:a7:b5:8c:57:23:a8:93:ee:
07:c3:3e:77
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgIUS0qI1i8xW+jN+aRj3FjZdkRi6MMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYzIzMDJhZjE0M2MxNWRhYWQ1MDA0MmQ4NDU1ZTY4OWQw
ODI4ZWNhOTAeFw0yNTA4MTgxNjAxNTNaFw0yNjA4MTcxNjA2NTNaMDMxMTAvBgNV
BAMTKDc2QTI0Njg5NEM0RDdBMEQ5MjFGODE2NUJCMDkxRDNDMjRDRjZCRjYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDcU1Y6tLMqRXA8Fk3bHGR9ursW
eDoBdl32KhU3jPpWzcomLfXotVGs28+ARWcxA6l/L7AZIfQj7DUzTA0lgkabuSfK
mT9S4QOj+wpLB279bfIZNbexJaChdEcVw0UKKQMzH/nf98TE+TrHUVeq97ybVEg+
eN3jN/rNEbEYMYUKDfdyk6m2za+btRO8lZ4AtS2rZlUahTJ4X5UOCcoXsoTAR50k
tvOR5S++IYQQ74ogiW1tmVceiBE1SLL9H5nKZnPNEZ3IKcrmVgubtezMa+tyTLUe
LJgyyz1vZttbzpeJq0YnT6VAGlkeQOJbWopIsjDASYLH/Z47CqG1rDUAcpzbAgMB
AAGjggI3MIICMzAdBgNVHQ4EFgQUdqJGiUxNeg2SH4FluwkdPCTPa/YwHwYDVR0j
BBgwFoAUwjAq8UPBXarVAELYRV5onQgo7KkwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYTkzY2I1NWMtOTU3MS00NGM4LTkwZTEtOTY1YjkyNzY5
ZTRlLzAvQzIzMDJBRjE0M0MxNURBQUQ1MDA0MkQ4NDU1RTY4OUQwODI4RUNBOS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3dqQXE4VVBCWGFyVkFFTFlSVjVvblFn
bzdLay5jZXIweAYIKwYBBQUHAQsEbDBqMGgGCCsGAQUFBzALhlxyc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2E5M2NiNTVjLTk1NzEt
NDRjOC05MGUxLTk2NWI5Mjc2OWU0ZS8wL0FTODM0LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQAjQsoAwQA
jQswAwQAjQuQAwQAjQusAwQAjQvEAwQAjQvGAwQAjQvtAwQAjQvzAwQAwjxdMA0G
CSqGSIb3DQEBCwUAA4IBAQAlgWaZGY73l4SbAc492v4BO3DlFr13tmGv+TPpEsxM
A5U73ouyLB1oJV+x6QyX7BmNwXOZ8125eZRCZWEva3uAWWA9C2IQvwsxZztXgj9W
9yyBEc2RhqZEZqalecOAk5dCgnCMf1FgVlZb28E3C/jR1MzyMotskZkSLPHk2X5z
V+YQoRE6Wa1sCPXXtyQxpP5OC8qRnJM4kJ1hSmyf4QKKVDM/JSVlE2qggcIO+TND
rWtePthVcx7tO9iMEjXhnHz/M6ESLmtqg8volWKHhtKl/ENfgo5E6KlDorRpUSec
qbG5oPYcK3QEqiPx+IvWIXppyygBp7WMVyOok+4Hwz53
-----END CERTIFICATE-----
Generated at Wed Aug 20 21:12:44 2025 by rpki-client