Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/AS834.roa
File: AS834.roa (raw, json)
Hash identifier: jWE4ADlQLUiF8aEBjQf758hmQz+xm/xQNo5l85g8Tc4=
Subject key identifier: 30:11:B1:A9:10:12:68:87:BE:F4:A1:76:D5:83:1D:24:B0:51:6D:1D
Certificate issuer: /CN=88c14ec02adbf083138eddd47871176ddeb93d9d
Certificate serial: 0AC4CB6C7D199096165C8E227076DE313ADE188A
Authority key identifier: 88:C1:4E:C0:2A:DB:F0:83:13:8E:DD:D4:78:71:17:6D:DE:B9:3D:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/AS834.roa
Signing time: Wed 03 Jun 2026 21:03:20 +0000
ROA not before: Wed 03 Jun 2026 20:58:20 +0000
ROA not after: Wed 02 Jun 2027 21:03:20 +0000
asID: 834
IP address blocks: 143.20.8.0/23 maxlen: 24
143.20.11.0/24 maxlen: 24
143.20.13.0/24 maxlen: 24
143.20.14.0/24 maxlen: 24
143.20.16.0/24 maxlen: 24
143.20.18.0/24 maxlen: 24
143.20.21.0/24 maxlen: 24
143.20.22.0/24 maxlen: 24
143.20.24.0/22 maxlen: 24
143.20.28.0/24 maxlen: 24
143.20.32.0/24 maxlen: 24
143.20.34.0/23 maxlen: 24
143.20.36.0/24 maxlen: 24
143.20.42.0/23 maxlen: 24
143.20.45.0/24 maxlen: 24
143.20.47.0/24 maxlen: 24
143.20.48.0/24 maxlen: 24
143.20.50.0/24 maxlen: 24
143.20.53.0/24 maxlen: 24
143.20.56.0/23 maxlen: 24
143.20.59.0/24 maxlen: 24
143.20.63.0/24 maxlen: 24
143.20.65.0/24 maxlen: 24
143.20.70.0/23 maxlen: 24
143.20.72.0/23 maxlen: 24
143.20.74.0/24 maxlen: 24
143.20.77.0/24 maxlen: 24
143.20.80.0/24 maxlen: 24
143.20.103.0/24 maxlen: 24
143.20.105.0/24 maxlen: 24
143.20.106.0/23 maxlen: 24
143.20.108.0/23 maxlen: 24
143.20.113.0/24 maxlen: 24
143.20.116.0/24 maxlen: 24
143.20.118.0/24 maxlen: 24
143.20.120.0/24 maxlen: 24
143.20.128.0/24 maxlen: 24
143.20.139.0/24 maxlen: 24
143.20.151.0/24 maxlen: 24
143.20.152.0/24 maxlen: 24
143.20.162.0/24 maxlen: 24
143.20.167.0/24 maxlen: 24
143.20.168.0/24 maxlen: 24
143.20.173.0/24 maxlen: 24
143.20.176.0/24 maxlen: 24
143.20.178.0/23 maxlen: 24
143.20.180.0/24 maxlen: 24
143.20.182.0/24 maxlen: 24
143.20.196.0/24 maxlen: 24
143.20.206.0/24 maxlen: 24
143.20.213.0/24 maxlen: 24
143.20.214.0/24 maxlen: 24
143.20.216.0/23 maxlen: 24
143.20.218.0/24 maxlen: 24
143.20.221.0/24 maxlen: 24
143.20.222.0/23 maxlen: 24
143.20.224.0/22 maxlen: 24
143.20.229.0/24 maxlen: 24
143.20.231.0/24 maxlen: 24
143.20.232.0/22 maxlen: 24
143.20.237.0/24 maxlen: 24
143.20.239.0/24 maxlen: 24
143.20.240.0/22 maxlen: 24
143.20.244.0/23 maxlen: 24
143.20.248.0/22 maxlen: 24
143.20.254.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.crl
rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.mft
rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 04 Jun 2026 21:46:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0a:c4:cb:6c:7d:19:90:96:16:5c:8e:22:70:76:de:31:3a:de:18:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88c14ec02adbf083138eddd47871176ddeb93d9d
Validity
Not Before: Jun 3 20:58:20 2026 GMT
Not After : Jun 2 21:03:20 2027 GMT
Subject: CN=3011B1A910126887BEF4A176D5831D24B0516D1D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:05:37:fa:5f:e8:d5:ae:1e:32:74:15:c9:e7:
d3:7c:14:b8:dd:ae:0b:72:19:f4:9f:92:3d:a9:4e:
c0:cf:87:75:b7:e2:72:ab:1f:5b:9e:2f:6e:50:d7:
a8:17:2f:cc:5a:08:11:62:88:72:a2:1d:31:ca:d2:
e2:69:d2:11:ff:ca:4e:9b:02:64:a2:85:83:bc:b7:
0b:06:9e:4a:ca:f0:f0:df:7b:5b:8f:83:6d:fd:4f:
92:33:3b:35:87:e0:9a:10:9a:f8:1e:09:90:c1:c3:
c2:28:d0:2b:f2:bf:9f:d7:0f:2f:39:3f:85:7d:29:
28:3b:b9:89:54:25:08:39:d2:bb:4e:a8:53:4d:22:
73:81:7e:96:dd:56:8e:06:16:98:ce:dd:33:91:82:
01:c6:ae:36:f4:16:78:ef:43:42:a9:6b:1b:a8:c8:
bc:ff:f0:f6:3b:ea:6a:e9:4b:c5:ab:a9:72:2c:29:
c3:70:2b:a2:95:c8:9d:a2:dc:48:c7:8a:8c:19:f5:
25:08:7d:11:b9:98:bb:b1:4f:35:6f:85:ac:34:97:
95:81:08:ad:f7:8b:fd:86:93:58:de:86:e5:aa:48:
b6:75:0f:d5:75:6b:b9:8d:57:16:4a:8e:3c:13:2c:
6f:1a:ed:6e:74:ed:ed:69:c5:18:e3:33:28:b5:0f:
6f:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:11:B1:A9:10:12:68:87:BE:F4:A1:76:D5:83:1D:24:B0:51:6D:1D
X509v3 Authority Key Identifier:
keyid:88:C1:4E:C0:2A:DB:F0:83:13:8E:DD:D4:78:71:17:6D:DE:B9:3D:9D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/AS834.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.20.8.0/23
143.20.11.0/24
143.20.13.0-143.20.14.255
143.20.16.0/24
143.20.18.0/24
143.20.21.0-143.20.22.255
143.20.24.0-143.20.28.255
143.20.32.0/24
143.20.34.0-143.20.36.255
143.20.42.0/23
143.20.45.0/24
143.20.47.0-143.20.48.255
143.20.50.0/24
143.20.53.0/24
143.20.56.0/23
143.20.59.0/24
143.20.63.0/24
143.20.65.0/24
143.20.70.0-143.20.74.255
143.20.77.0/24
143.20.80.0/24
143.20.103.0/24
143.20.105.0-143.20.109.255
143.20.113.0/24
143.20.116.0/24
143.20.118.0/24
143.20.120.0/24
143.20.128.0/24
143.20.139.0/24
143.20.151.0-143.20.152.255
143.20.162.0/24
143.20.167.0-143.20.168.255
143.20.173.0/24
143.20.176.0/24
143.20.178.0-143.20.180.255
143.20.182.0/24
143.20.196.0/24
143.20.206.0/24
143.20.213.0-143.20.214.255
143.20.216.0-143.20.218.255
143.20.221.0-143.20.227.255
143.20.229.0/24
143.20.231.0-143.20.235.255
143.20.237.0/24
143.20.239.0-143.20.245.255
143.20.248.0/22
143.20.254.0/24
Signature Algorithm: sha256WithRSAEncryption
b4:df:bc:76:d2:a8:6f:15:7f:e7:47:51:75:ac:0f:bf:a0:5f:
e3:a2:fa:8f:fc:59:ec:51:90:ed:fb:a3:da:d6:48:56:05:cc:
82:8f:2c:c5:45:d7:06:05:b7:03:61:df:be:e0:d3:22:5a:cf:
b2:9c:92:b3:19:f8:75:c0:c2:ac:85:de:72:d7:c8:2c:73:14:
b3:1f:d6:1f:00:0d:d2:5c:41:6f:79:14:2e:5e:71:d5:29:1c:
75:df:e2:b0:1a:a7:59:39:19:53:2a:11:a8:4e:77:2b:fc:5c:
0d:31:28:06:9b:cb:48:69:5d:2e:2a:b2:ad:eb:ab:39:8c:b0:
37:6c:4c:fd:aa:10:cc:8a:8e:c1:f2:51:37:a2:a6:df:b3:76:
d8:ba:91:b9:a2:26:08:4c:5f:40:98:29:1c:97:b1:75:31:a7:
a7:5f:96:ea:90:e6:f4:19:d8:1c:b6:9d:68:6f:74:19:aa:0b:
e6:60:cb:94:fe:86:58:4e:bb:24:15:fe:3d:0e:c6:0a:9d:5d:
d0:1e:b1:8f:5e:e7:ef:21:b7:4f:b2:ef:3b:5d:aa:7b:18:cc:
56:db:ec:76:cd:bd:14:9b:96:83:2e:ff:e7:95:26:d9:0d:82:
53:42:77:55:88:2b:f9:20:37:ba:56:48:05:f2:57:81:34:cc:
fc:1a:60:4a
-----BEGIN CERTIFICATE-----
MIIGkzCCBXugAwIBAgIUCsTLbH0ZkJYWXI4icHbeMTreGIowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODhjMTRlYzAyYWRiZjA4MzEzOGVkZGQ0Nzg3MTE3NmRk
ZWI5M2Q5ZDAeFw0yNjA2MDMyMDU4MjBaFw0yNzA2MDIyMTAzMjBaMDMxMTAvBgNV
BAMTKDMwMTFCMUE5MTAxMjY4ODdCRUY0QTE3NkQ1ODMxRDI0QjA1MTZEMUQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCbBTf6X+jVrh4ydBXJ59N8FLjd
rgtyGfSfkj2pTsDPh3W34nKrH1ueL25Q16gXL8xaCBFiiHKiHTHK0uJp0hH/yk6b
AmSihYO8twsGnkrK8PDfe1uPg239T5IzOzWH4JoQmvgeCZDBw8Io0Cvyv5/XDy85
P4V9KSg7uYlUJQg50rtOqFNNInOBfpbdVo4GFpjO3TORggHGrjb0FnjvQ0Kpaxuo
yLz/8PY76mrpS8WrqXIsKcNwK6KVyJ2i3EjHiowZ9SUIfRG5mLuxTzVvhaw0l5WB
CK33i/2Gk1jehuWqSLZ1D9V1a7mNVxZKjjwTLG8a7W507e1pxRjjMyi1D2+hAgMB
AAGjggOdMIIDmTAdBgNVHQ4EFgQUMBGxqRASaIe+9KF21YMdJLBRbR0wHwYDVR0j
BBgwFoAUiMFOwCrb8IMTjt3UeHEXbd65PZ0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQwOWQ3YjItZWU2NC00OWYxLWFkODEtOGU0YTEwN2Q2
MmUwLzAvODhDMTRFQzAyQURCRjA4MzEzOEVEREQ0Nzg3MTE3NkRERUI5M0Q5RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2lNRk93Q3JiOElNVGp0M1VlSEVYYmQ2
NVBaMC5jZXIweAYIKwYBBQUHAQsEbDBqMGgGCCsGAQUFBzALhlxyc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0MDlkN2IyLWVlNjQt
NDlmMS1hZDgxLThlNGExMDdkNjJlMC8wL0FTODM0LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBswYIKwYBBQUHAQcBAf8EggGiMIIBnjCCAZoEAgABMIIB
kgMEAY8UCAMEAI8UCzAMAwQAjxQNAwQAjxQOAwQAjxQQAwQAjxQSMAwDBACPFBUD
BACPFBYwDAMEA48UGAMEAI8UHAMEAI8UIDAMAwQBjxQiAwQAjxQkAwQBjxQqAwQA
jxQtMAwDBACPFC8DBACPFDADBACPFDIDBACPFDUDBAGPFDgDBACPFDsDBACPFD8D
BACPFEEwDAMEAY8URgMEAI8USgMEAI8UTQMEAI8UUAMEAI8UZzAMAwQAjxRpAwQB
jxRsAwQAjxRxAwQAjxR0AwQAjxR2AwQAjxR4AwQAjxSAAwQAjxSLMAwDBACPFJcD
BACPFJgDBACPFKIwDAMEAI8UpwMEAI8UqAMEAI8UrQMEAI8UsDAMAwQBjxSyAwQA
jxS0AwQAjxS2AwQAjxTEAwQAjxTOMAwDBACPFNUDBACPFNYwDAMEA48U2AMEAI8U
2jAMAwQAjxTdAwQCjxTgAwQAjxTlMAwDBACPFOcDBAKPFOgDBACPFO0wDAMEAI8U
7wMEAY8U9AMEAo8U+AMEAI8U/jANBgkqhkiG9w0BAQsFAAOCAQEAtN+8dtKobxV/
50dRdawPv6Bf46L6j/xZ7FGQ7fuj2tZIVgXMgo8sxUXXBgW3A2HfvuDTIlrPspyS
sxn4dcDCrIXectfILHMUsx/WHwAN0lxBb3kULl5x1Skcdd/isBqnWTkZUyoRqE53
K/xcDTEoBpvLSGldLiqyreurOYywN2xM/aoQzIqOwfJRN6Km37N22LqRuaImCExf
QJgpHJexdTGnp1+W6pDm9BnYHLadaG90GaoL5mDLlP6GWE67JBX+PQ7GCp1d0B6x
j17n7yG3T7LvO12qexjMVtvsds29FJuWgy7/55Um2Q2CU0J3VYgr+SA3ulZIBfJX
gTTM/BpgSg==
-----END CERTIFICATE-----
Generated at Thu Jun 4 10:04:49 2026 by rpki-client