Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/AS834.roa
File: AS834.roa (raw, json)
Hash identifier: 1AsUQlSspoeQ5KT5y9RLBQ8dTQaxPwgviyA5gPv0pJk=
Subject key identifier: 0F:B6:0C:61:59:9E:D9:74:B6:A6:DA:2E:F7:4D:95:06:06:4D:1D:F9
Certificate issuer: /CN=88c14ec02adbf083138eddd47871176ddeb93d9d
Certificate serial: 7195FE12D12007E80A442DBE159A153B84061406
Authority key identifier: 88:C1:4E:C0:2A:DB:F0:83:13:8E:DD:D4:78:71:17:6D:DE:B9:3D:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/AS834.roa
Signing time: Thu 05 Mar 2026 18:00:56 +0000
ROA not before: Thu 05 Mar 2026 17:55:56 +0000
ROA not after: Thu 04 Mar 2027 18:00:56 +0000
asID: 834
IP address blocks: 143.20.9.0/24 maxlen: 24
143.20.11.0/24 maxlen: 24
143.20.13.0/24 maxlen: 24
143.20.14.0/24 maxlen: 24
143.20.16.0/24 maxlen: 24
143.20.18.0/24 maxlen: 24
143.20.21.0/24 maxlen: 24
143.20.22.0/24 maxlen: 24
143.20.25.0/24 maxlen: 24
143.20.26.0/24 maxlen: 24
143.20.28.0/24 maxlen: 24
143.20.32.0/24 maxlen: 24
143.20.34.0/23 maxlen: 24
143.20.42.0/23 maxlen: 24
143.20.45.0/24 maxlen: 24
143.20.47.0/24 maxlen: 24
143.20.48.0/24 maxlen: 24
143.20.53.0/24 maxlen: 24
143.20.56.0/23 maxlen: 24
143.20.59.0/24 maxlen: 24
143.20.63.0/24 maxlen: 24
143.20.65.0/24 maxlen: 24
143.20.72.0/23 maxlen: 24
143.20.77.0/24 maxlen: 24
143.20.80.0/24 maxlen: 24
143.20.103.0/24 maxlen: 24
143.20.105.0/24 maxlen: 24
143.20.106.0/24 maxlen: 24
143.20.116.0/24 maxlen: 24
143.20.120.0/24 maxlen: 24
143.20.128.0/24 maxlen: 24
143.20.131.0/24 maxlen: 24
143.20.132.0/24 maxlen: 24
143.20.151.0/24 maxlen: 24
143.20.152.0/24 maxlen: 24
143.20.157.0/24 maxlen: 24
143.20.162.0/24 maxlen: 24
143.20.168.0/24 maxlen: 24
143.20.173.0/24 maxlen: 24
143.20.178.0/23 maxlen: 24
143.20.182.0/24 maxlen: 24
143.20.194.0/24 maxlen: 24
143.20.196.0/24 maxlen: 24
143.20.198.0/24 maxlen: 24
143.20.200.0/22 maxlen: 24
143.20.206.0/24 maxlen: 24
143.20.214.0/24 maxlen: 24
143.20.216.0/23 maxlen: 24
143.20.218.0/24 maxlen: 24
143.20.220.0/22 maxlen: 24
143.20.224.0/22 maxlen: 24
143.20.231.0/24 maxlen: 24
143.20.232.0/22 maxlen: 24
143.20.237.0/24 maxlen: 24
143.20.239.0/24 maxlen: 24
143.20.244.0/23 maxlen: 24
143.20.247.0/24 maxlen: 24
143.20.248.0/23 maxlen: 24
143.20.252.0/24 maxlen: 24
143.20.254.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.crl
rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.mft
rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 06 Mar 2026 16:05:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
71:95:fe:12:d1:20:07:e8:0a:44:2d:be:15:9a:15:3b:84:06:14:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88c14ec02adbf083138eddd47871176ddeb93d9d
Validity
Not Before: Mar 5 17:55:56 2026 GMT
Not After : Mar 4 18:00:56 2027 GMT
Subject: CN=0FB60C61599ED974B6A6DA2EF74D9506064D1DF9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:e8:01:ca:07:84:c1:7a:05:44:44:46:6c:17:
8a:ba:3c:0b:12:0d:5d:50:7d:c4:ca:75:fc:fe:a9:
c1:96:9f:e7:68:b4:85:62:6a:1e:61:a5:c1:e2:66:
c4:0d:bb:83:db:d8:5e:5b:e2:b1:63:db:2b:66:d2:
77:ec:ce:14:64:ec:d2:ab:a5:9c:0b:ef:91:3a:5d:
5f:e4:05:68:59:90:9a:75:31:db:da:ac:91:b5:20:
59:b6:49:8c:99:21:1b:14:16:a7:33:15:45:9d:c2:
e2:cf:8c:13:70:60:7a:de:8e:14:b9:1b:6f:50:a0:
bd:cc:dc:26:61:1d:dd:34:77:bc:09:08:45:13:c6:
cc:7e:40:bb:87:32:a1:93:f8:fc:40:b6:2f:7d:75:
67:b8:59:9e:00:a0:03:2b:1e:e1:e9:c3:09:72:41:
b4:c0:4b:ca:5d:fc:4c:3d:7d:ab:67:6d:4c:fa:6e:
fc:cb:7d:8c:e0:c7:91:c3:8e:84:54:6e:fd:e0:70:
06:01:54:3d:3c:36:0e:c2:ba:6d:0f:06:6f:1a:29:
29:f0:7d:d9:3a:49:9c:98:a0:d4:65:17:8b:ca:98:
c1:1d:1b:5d:77:e8:5a:9a:a8:aa:8e:a1:d3:9c:6a:
71:70:c3:2a:84:55:54:89:56:75:30:ac:41:8f:c7:
78:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:B6:0C:61:59:9E:D9:74:B6:A6:DA:2E:F7:4D:95:06:06:4D:1D:F9
X509v3 Authority Key Identifier:
keyid:88:C1:4E:C0:2A:DB:F0:83:13:8E:DD:D4:78:71:17:6D:DE:B9:3D:9D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/AS834.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.20.9.0/24
143.20.11.0/24
143.20.13.0-143.20.14.255
143.20.16.0/24
143.20.18.0/24
143.20.21.0-143.20.22.255
143.20.25.0-143.20.26.255
143.20.28.0/24
143.20.32.0/24
143.20.34.0/23
143.20.42.0/23
143.20.45.0/24
143.20.47.0-143.20.48.255
143.20.53.0/24
143.20.56.0/23
143.20.59.0/24
143.20.63.0/24
143.20.65.0/24
143.20.72.0/23
143.20.77.0/24
143.20.80.0/24
143.20.103.0/24
143.20.105.0-143.20.106.255
143.20.116.0/24
143.20.120.0/24
143.20.128.0/24
143.20.131.0-143.20.132.255
143.20.151.0-143.20.152.255
143.20.157.0/24
143.20.162.0/24
143.20.168.0/24
143.20.173.0/24
143.20.178.0/23
143.20.182.0/24
143.20.194.0/24
143.20.196.0/24
143.20.198.0/24
143.20.200.0/22
143.20.206.0/24
143.20.214.0/24
143.20.216.0-143.20.218.255
143.20.220.0-143.20.227.255
143.20.231.0-143.20.235.255
143.20.237.0/24
143.20.239.0/24
143.20.244.0/23
143.20.247.0-143.20.249.255
143.20.252.0/24
143.20.254.0/24
Signature Algorithm: sha256WithRSAEncryption
a2:5d:69:a9:df:7f:17:78:61:40:d9:01:14:18:b0:d5:ae:b3:
c5:96:c9:1a:86:67:fc:76:35:90:fb:95:c1:df:8a:05:1c:fd:
f5:7f:aa:7b:dd:13:af:6d:b7:2a:0a:71:a9:a8:72:bd:10:81:
cd:25:1b:4f:58:8b:7a:94:76:8c:5e:81:29:c6:66:8d:38:ed:
db:58:95:42:2c:08:5a:21:d4:b1:1e:7a:96:a8:e7:cf:6c:26:
77:3a:e4:08:60:c4:cd:76:2e:d5:a0:5d:f8:78:bc:99:42:f6:
7d:f0:a4:6b:5c:0d:ac:e5:e1:3c:56:b8:4a:a2:75:19:d2:49:
3a:d9:76:72:f2:9f:2c:36:c7:18:32:60:aa:67:a1:0a:c7:f6:
03:81:19:be:84:03:78:b3:f2:be:58:a4:f7:5d:c3:e8:58:b8:
ac:12:6e:de:3b:f1:7f:19:31:ec:7e:0e:3d:d2:03:96:4f:a1:
21:0a:b7:f0:19:26:94:1f:33:7a:35:9d:ca:aa:33:ad:db:b2:
78:1d:69:76:3d:64:a7:d5:e7:24:58:a1:63:06:63:78:95:84:
c5:c6:ef:8f:06:ba:16:22:98:a6:3b:a7:30:9f:8e:17:e5:fc:
9a:80:60:fd:6e:0c:75:1b:4e:5c:4d:6b:91:83:4f:6b:7a:73:
05:a5:dc:49
-----BEGIN CERTIFICATE-----
MIIGfzCCBWegAwIBAgIUcZX+EtEgB+gKRC2+FZoVO4QGFAYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODhjMTRlYzAyYWRiZjA4MzEzOGVkZGQ0Nzg3MTE3NmRk
ZWI5M2Q5ZDAeFw0yNjAzMDUxNzU1NTZaFw0yNzAzMDQxODAwNTZaMDMxMTAvBgNV
BAMTKDBGQjYwQzYxNTk5RUQ5NzRCNkE2REEyRUY3NEQ5NTA2MDY0RDFERjkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCR6AHKB4TBegVEREZsF4q6PAsS
DV1QfcTKdfz+qcGWn+dotIViah5hpcHiZsQNu4Pb2F5b4rFj2ytm0nfszhRk7NKr
pZwL75E6XV/kBWhZkJp1MdvarJG1IFm2SYyZIRsUFqczFUWdwuLPjBNwYHrejhS5
G29QoL3M3CZhHd00d7wJCEUTxsx+QLuHMqGT+PxAti99dWe4WZ4AoAMrHuHpwwly
QbTAS8pd/Ew9fatnbUz6bvzLfYzgx5HDjoRUbv3gcAYBVD08Ng7Cum0PBm8aKSnw
fdk6SZyYoNRlF4vKmMEdG1136FqaqKqOodOcanFwwyqEVVSJVnUwrEGPx3iHAgMB
AAGjggOJMIIDhTAdBgNVHQ4EFgQUD7YMYVme2XS2ptou902VBgZNHfkwHwYDVR0j
BBgwFoAUiMFOwCrb8IMTjt3UeHEXbd65PZ0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQwOWQ3YjItZWU2NC00OWYxLWFkODEtOGU0YTEwN2Q2
MmUwLzAvODhDMTRFQzAyQURCRjA4MzEzOEVEREQ0Nzg3MTE3NkRERUI5M0Q5RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2lNRk93Q3JiOElNVGp0M1VlSEVYYmQ2
NVBaMC5jZXIweAYIKwYBBQUHAQsEbDBqMGgGCCsGAQUFBzALhlxyc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0MDlkN2IyLWVlNjQt
NDlmMS1hZDgxLThlNGExMDdkNjJlMC8wL0FTODM0LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBnwYIKwYBBQUHAQcBAf8EggGOMIIBijCCAYYEAgABMIIB
fgMEAI8UCQMEAI8UCzAMAwQAjxQNAwQAjxQOAwQAjxQQAwQAjxQSMAwDBACPFBUD
BACPFBYwDAMEAI8UGQMEAI8UGgMEAI8UHAMEAI8UIAMEAY8UIgMEAY8UKgMEAI8U
LTAMAwQAjxQvAwQAjxQwAwQAjxQ1AwQBjxQ4AwQAjxQ7AwQAjxQ/AwQAjxRBAwQB
jxRIAwQAjxRNAwQAjxRQAwQAjxRnMAwDBACPFGkDBACPFGoDBACPFHQDBACPFHgD
BACPFIAwDAMEAI8UgwMEAI8UhDAMAwQAjxSXAwQAjxSYAwQAjxSdAwQAjxSiAwQA
jxSoAwQAjxStAwQBjxSyAwQAjxS2AwQAjxTCAwQAjxTEAwQAjxTGAwQCjxTIAwQA
jxTOAwQAjxTWMAwDBAOPFNgDBACPFNowDAMEAo8U3AMEAo8U4DAMAwQAjxTnAwQC
jxToAwQAjxTtAwQAjxTvAwQBjxT0MAwDBACPFPcDBAGPFPgDBACPFPwDBACPFP4w
DQYJKoZIhvcNAQELBQADggEBAKJdaanffxd4YUDZARQYsNWus8WWyRqGZ/x2NZD7
lcHfigUc/fV/qnvdE69ttyoKcamocr0Qgc0lG09Yi3qUdoxegSnGZo047dtYlUIs
CFoh1LEeepao589sJnc65AhgxM12LtWgXfh4vJlC9n3wpGtcDazl4TxWuEqidRnS
STrZdnLynyw2xxgyYKpnoQrH9gOBGb6EA3iz8r5YpPddw+hYuKwSbt478X8ZMex+
Dj3SA5ZPoSEKt/AZJpQfM3o1ncqqM63bsngdaXY9ZKfV5yRYoWMGY3iVhMXG748G
uhYimKY7pzCfjhfl/JqAYP1uDHUbTlxNa5GDT2t6cwWl3Ek=
-----END CERTIFICATE-----
Generated at Thu Mar 5 23:40:51 2026 by rpki-client