This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/AS834.roa File: AS834.roa (raw, json) Hash identifier: dK9AsAONqKKNAxots86eoyFIVFIPStXSb3WBBUZqZUw= Subject key identifier: 2E:9A:A3:22:46:77:DA:40:A7:D7:EC:0B:E5:7B:48:05:E0:2E:B3:D6 Certificate issuer: /CN=88c14ec02adbf083138eddd47871176ddeb93d9d Certificate serial: 770D722DB8EA4FE62110399DD55F68AB94F95A6F Authority key identifier: 88:C1:4E:C0:2A:DB:F0:83:13:8E:DD:D4:78:71:17:6D:DE:B9:3D:9D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/AS834.roa Signing time: Wed 03 Dec 2025 09:53:54 +0000 ROA not before: Wed 03 Dec 2025 09:48:54 +0000 ROA not after: Wed 02 Dec 2026 09:53:54 +0000 asID: 834 IP address blocks: 143.20.11.0/24 maxlen: 24 143.20.22.0/24 maxlen: 24 143.20.25.0/24 maxlen: 24 143.20.35.0/24 maxlen: 24 143.20.39.0/24 maxlen: 24 143.20.45.0/24 maxlen: 24 143.20.48.0/24 maxlen: 24 143.20.53.0/24 maxlen: 24 143.20.56.0/23 maxlen: 24 143.20.59.0/24 maxlen: 24 143.20.60.0/24 maxlen: 24 143.20.63.0/24 maxlen: 24 143.20.71.0/24 maxlen: 24 143.20.80.0/24 maxlen: 24 143.20.82.0/24 maxlen: 24 143.20.106.0/24 maxlen: 24 143.20.116.0/24 maxlen: 24 143.20.128.0/24 maxlen: 24 143.20.131.0/24 maxlen: 24 143.20.154.0/24 maxlen: 24 143.20.180.0/24 maxlen: 24 143.20.182.0/23 maxlen: 24 143.20.194.0/24 maxlen: 24 143.20.196.0/24 maxlen: 24 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.crl rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.mft rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 06 Dec 2025 11:00:32 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 77:0d:72:2d:b8:ea:4f:e6:21:10:39:9d:d5:5f:68:ab:94:f9:5a:6f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=88c14ec02adbf083138eddd47871176ddeb93d9d Validity Not Before: Dec 3 09:48:54 2025 GMT Not After : Dec 2 09:53:54 2026 GMT Subject: CN=2E9AA3224677DA40A7D7EC0BE57B4805E02EB3D6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:d7:54:ad:5d:b4:3b:dc:30:82:12:bb:8e:04: ac:dc:12:6d:01:bf:a4:7e:5e:3d:6f:09:98:82:da: 73:24:31:9e:07:99:ea:5c:a9:52:8c:83:40:50:db: 51:fc:dd:8c:96:cd:8a:0f:d5:7c:7d:be:4b:58:63: 01:c0:fb:2e:c9:17:d2:1a:24:e3:ec:30:0f:28:ba: 75:4b:c8:c6:33:1c:db:14:12:31:b4:7e:cc:e3:82: 44:05:a1:71:c7:a0:c3:4b:0b:a0:74:5c:22:2c:8e: e8:04:4a:3a:64:fe:fe:11:5f:60:6b:66:eb:84:ff: 20:b0:74:bf:df:21:10:25:4b:8d:48:58:03:e7:28: 8e:ba:35:45:7d:c5:4e:ff:b0:d9:2c:32:07:27:c2: d5:77:14:6f:9d:cf:c8:67:15:a7:d7:00:ef:b8:e7: 0b:4e:38:47:69:58:88:d4:72:08:15:b5:93:74:47: 1a:af:93:6f:87:e1:51:f5:ef:69:40:3c:4b:68:d5: 64:5c:df:d8:e3:9c:e9:bc:12:d2:f8:c3:71:3a:94: ac:09:af:e3:8f:54:43:17:fb:d9:bd:1f:29:b2:6d: f2:2d:a0:65:2e:ba:79:fd:33:a1:dd:d9:80:d1:70: 61:1a:82:6d:eb:e1:ed:af:84:ae:7e:4b:5b:72:bb: f0:9f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2E:9A:A3:22:46:77:DA:40:A7:D7:EC:0B:E5:7B:48:05:E0:2E:B3:D6 X509v3 Authority Key Identifier: keyid:88:C1:4E:C0:2A:DB:F0:83:13:8E:DD:D4:78:71:17:6D:DE:B9:3D:9D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/AS834.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 143.20.11.0/24 143.20.22.0/24 143.20.25.0/24 143.20.35.0/24 143.20.39.0/24 143.20.45.0/24 143.20.48.0/24 143.20.53.0/24 143.20.56.0/23 143.20.59.0-143.20.60.255 143.20.63.0/24 143.20.71.0/24 143.20.80.0/24 143.20.82.0/24 143.20.106.0/24 143.20.116.0/24 143.20.128.0/24 143.20.131.0/24 143.20.154.0/24 143.20.180.0/24 143.20.182.0/23 143.20.194.0/24 143.20.196.0/24 Signature Algorithm: sha256WithRSAEncryption b0:c3:10:3b:ef:8d:8e:ea:73:38:60:9c:40:95:04:72:6a:ab: a9:ff:60:b2:10:d0:3a:90:c6:e5:cd:d7:6b:8b:06:85:93:63: 66:cb:d1:6e:56:0c:fd:22:35:d6:ca:a0:5a:1e:32:0e:d3:8b: 4c:b0:ee:54:25:e1:a8:e7:91:1c:fb:b5:f6:64:d8:7c:47:3c: 9e:24:e0:5e:c0:64:04:07:9e:e7:e5:50:55:c5:96:c4:f8:6f: 8c:90:73:b1:09:61:c4:23:7e:ad:d9:2b:79:fe:f6:e8:f2:49: a5:9b:aa:4a:7d:1f:bc:74:b1:cb:c5:0c:88:70:79:7f:e8:87: 89:aa:4f:9e:41:d1:6b:38:80:70:4a:20:01:23:39:09:64:db: 14:8b:dd:ac:32:24:5e:a2:9a:7e:8f:c1:df:bb:ef:54:02:71: 93:9c:7b:c2:8e:37:07:0b:75:70:72:30:5a:2d:84:9c:ef:dc: 30:04:6c:ec:e1:a5:aa:a2:9c:1b:25:a5:23:59:c8:ab:e6:9c: 57:e4:9e:27:54:15:f0:9e:68:a3:c5:13:a3:e5:76:a9:72:b5: 12:0d:e9:d1:65:e1:1c:e5:d6:f3:af:38:d2:ff:2f:d5:34:82: a8:70:a5:27:05:b2:d1:32:5d:de:48:05:4a:67:a4:4b:b1:68: 58:dc:3a:27 -----BEGIN CERTIFICATE----- MIIFjjCCBHagAwIBAgIUdw1yLbjqT+YhEDmd1V9oq5T5Wm8wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoODhjMTRlYzAyYWRiZjA4MzEzOGVkZGQ0Nzg3MTE3NmRk ZWI5M2Q5ZDAeFw0yNTEyMDMwOTQ4NTRaFw0yNjEyMDIwOTUzNTRaMDMxMTAvBgNV BAMTKDJFOUFBMzIyNDY3N0RBNDBBN0Q3RUMwQkU1N0I0ODA1RTAyRUIzRDYwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC011StXbQ73DCCEruOBKzcEm0B v6R+Xj1vCZiC2nMkMZ4HmepcqVKMg0BQ21H83YyWzYoP1Xx9vktYYwHA+y7JF9Ia JOPsMA8ounVLyMYzHNsUEjG0fszjgkQFoXHHoMNLC6B0XCIsjugESjpk/v4RX2Br ZuuE/yCwdL/fIRAlS41IWAPnKI66NUV9xU7/sNksMgcnwtV3FG+dz8hnFafXAO+4 5wtOOEdpWIjUcggVtZN0Rxqvk2+H4VH172lAPEto1WRc39jjnOm8EtL4w3E6lKwJ r+OPVEMX+9m9HymybfItoGUuunn9M6Hd2YDRcGEagm3r4e2vhK5+S1tyu/CfAgMB AAGjggKYMIIClDAdBgNVHQ4EFgQULpqjIkZ32kCn1+wL5XtIBeAus9YwHwYDVR0j BBgwFoAUiMFOwCrb8IMTjt3UeHEXbd65PZ0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvYzQwOWQ3YjItZWU2NC00OWYxLWFkODEtOGU0YTEwN2Q2 MmUwLzAvODhDMTRFQzAyQURCRjA4MzEzOEVEREQ0Nzg3MTE3NkRERUI5M0Q5RC5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2lNRk93Q3JiOElNVGp0M1VlSEVYYmQ2 NVBaMC5jZXIweAYIKwYBBQUHAQsEbDBqMGgGCCsGAQUFBzALhlxyc3luYzovL3Jz eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0MDlkN2IyLWVlNjQt NDlmMS1hZDgxLThlNGExMDdkNjJlMC8wL0FTODM0LnJvYTAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMIGvBggrBgEFBQcBBwEB/wSBnzCBnDCBmQQCAAEwgZIDBACP FAsDBACPFBYDBACPFBkDBACPFCMDBACPFCcDBACPFC0DBACPFDADBACPFDUDBAGP FDgwDAMEAI8UOwMEAI8UPAMEAI8UPwMEAI8URwMEAI8UUAMEAI8UUgMEAI8UagME AI8UdAMEAI8UgAMEAI8UgwMEAI8UmgMEAI8UtAMEAY8UtgMEAI8UwgMEAI8UxDAN BgkqhkiG9w0BAQsFAAOCAQEAsMMQO++NjupzOGCcQJUEcmqrqf9gshDQOpDG5c3X a4sGhZNjZsvRblYM/SI11sqgWh4yDtOLTLDuVCXhqOeRHPu19mTYfEc8niTgXsBk BAee5+VQVcWWxPhvjJBzsQlhxCN+rdkref726PJJpZuqSn0fvHSxy8UMiHB5f+iH iapPnkHRaziAcEogASM5CWTbFIvdrDIkXqKafo/B37vvVAJxk5x7wo43Bwt1cHIw Wi2EnO/cMARs7OGlqqKcGyWlI1nIq+acV+SeJ1QV8J5oo8UTo+V2qXK1Eg3p0WXh HOXW86840v8v1TSCqHClJwWy0TJd3kgFSmekS7FoWNw6Jw== -----END CERTIFICATE-----Generated at Fri Dec 5 17:06:25 2025 by rpki-client