Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/AS834.roa
File: AS834.roa (raw, json)
Hash identifier: U2kdLwmj194tJeCL8RYnF3UC0AaxR7IIxIkCGAj/FmA=
Subject key identifier: 53:54:76:14:32:AA:49:DC:E7:F7:6F:11:B7:4E:BC:BD:88:C9:B0:EB
Certificate issuer: /CN=88c14ec02adbf083138eddd47871176ddeb93d9d
Certificate serial: 293D6B48BDAC880563A77711AFB4748D4E296F46
Authority key identifier: 88:C1:4E:C0:2A:DB:F0:83:13:8E:DD:D4:78:71:17:6D:DE:B9:3D:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/AS834.roa
Signing time: Thu 18 Sep 2025 00:07:43 +0000
ROA not before: Thu 18 Sep 2025 00:02:43 +0000
ROA not after: Thu 17 Sep 2026 00:07:43 +0000
asID: 834
IP address blocks: 143.20.43.0/24 maxlen: 24
143.20.77.0/24 maxlen: 24
143.20.102.0/24 maxlen: 24
143.20.135.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.crl
rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.mft
rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 19 Sep 2025 01:07:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
29:3d:6b:48:bd:ac:88:05:63:a7:77:11:af:b4:74:8d:4e:29:6f:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88c14ec02adbf083138eddd47871176ddeb93d9d
Validity
Not Before: Sep 18 00:02:43 2025 GMT
Not After : Sep 17 00:07:43 2026 GMT
Subject: CN=5354761432AA49DCE7F76F11B74EBCBD88C9B0EB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:ef:83:a9:59:5a:41:48:89:cb:1c:cb:6d:28:
8e:18:53:59:a7:fb:53:a6:36:76:06:d4:92:a5:f6:
98:70:e4:dc:e2:3e:39:dc:bd:c9:a5:56:8e:8d:18:
5a:86:1f:bd:09:56:d0:9f:67:7c:70:2a:80:29:17:
c9:8d:fb:36:4b:c6:77:a5:ae:b1:5a:6c:fa:2a:54:
ba:00:0e:12:ee:7c:1c:5a:00:fc:f5:58:af:0a:12:
77:e7:82:89:00:36:30:80:3e:e1:17:cd:2f:1c:09:
64:b7:c5:bf:12:c4:f3:c9:d7:72:99:9b:2b:6e:50:
31:fa:bf:f4:e7:73:b4:8c:f4:30:44:aa:79:16:b5:
3f:98:b4:6a:19:53:18:bc:55:91:9d:d1:04:8f:6b:
50:56:1e:3a:13:88:b0:4d:60:5b:18:b5:4a:e9:7e:
f2:4d:36:94:f1:16:00:36:1b:60:ff:60:7d:11:48:
5b:6f:c8:9b:67:89:2f:6a:35:7c:0d:94:b1:93:a6:
3e:bc:0c:31:15:49:b9:30:d2:1b:fd:85:61:28:6f:
65:dd:64:e0:2b:62:0f:b8:96:59:a0:a7:e3:29:d8:
98:9a:e7:4e:0a:85:b5:8e:92:d5:a5:be:e7:a5:3c:
0f:8c:fc:52:3e:7c:a4:77:6a:1c:97:9a:42:88:ac:
1e:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:54:76:14:32:AA:49:DC:E7:F7:6F:11:B7:4E:BC:BD:88:C9:B0:EB
X509v3 Authority Key Identifier:
keyid:88:C1:4E:C0:2A:DB:F0:83:13:8E:DD:D4:78:71:17:6D:DE:B9:3D:9D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/AS834.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.20.43.0/24
143.20.77.0/24
143.20.102.0/24
143.20.135.0/24
Signature Algorithm: sha256WithRSAEncryption
b0:df:f5:fb:8d:0a:b9:a2:10:38:0e:36:a4:53:f6:25:b8:a2:
2a:e3:2e:e1:78:41:24:df:da:34:e9:a5:a7:72:9b:26:93:7c:
d6:f8:3e:98:01:6c:ed:45:8d:3b:12:9d:d6:f6:30:51:8e:5b:
37:68:79:14:7d:3e:33:14:05:0a:c5:70:4d:07:cb:3f:67:8a:
07:48:46:4c:dd:48:5f:c3:7a:8a:ce:d5:ba:02:51:59:ce:74:
65:a8:19:fc:bc:ca:67:4a:ee:15:f4:d5:61:f0:eb:04:18:44:
10:ba:b5:5a:1e:08:70:bd:9e:2e:18:e3:f4:53:57:b5:73:61:
10:2f:dd:b2:9a:8e:13:f2:bb:ce:fb:e2:4d:36:2b:28:00:8c:
23:10:39:d1:16:5f:2c:e9:5a:46:9b:64:26:45:de:1f:27:f8:
9c:15:67:ab:fa:9f:73:4e:60:a2:3f:68:06:cd:bd:29:8e:6b:
c1:f7:cd:de:d1:75:4a:ca:9e:58:a5:2d:24:72:a1:bb:4e:38:
eb:3d:61:53:4c:ae:45:7b:4f:ec:3f:b0:60:2c:4a:58:8f:6d:
00:6a:dd:9d:a6:7e:c2:cd:4b:9a:ee:fe:df:16:4e:c6:72:47:
1e:d3:20:32:5a:f2:90:ff:a8:06:48:cf:d1:75:69:bf:94:ab:
09:e3:30:03
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgIUKT1rSL2siAVjp3cRr7R0jU4pb0YwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODhjMTRlYzAyYWRiZjA4MzEzOGVkZGQ0Nzg3MTE3NmRk
ZWI5M2Q5ZDAeFw0yNTA5MTgwMDAyNDNaFw0yNjA5MTcwMDA3NDNaMDMxMTAvBgNV
BAMTKDUzNTQ3NjE0MzJBQTQ5RENFN0Y3NkYxMUI3NEVCQ0JEODhDOUIwRUIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCw74OpWVpBSInLHMttKI4YU1mn
+1OmNnYG1JKl9phw5NziPjncvcmlVo6NGFqGH70JVtCfZ3xwKoApF8mN+zZLxnel
rrFabPoqVLoADhLufBxaAPz1WK8KEnfngokANjCAPuEXzS8cCWS3xb8SxPPJ13KZ
mytuUDH6v/Tnc7SM9DBEqnkWtT+YtGoZUxi8VZGd0QSPa1BWHjoTiLBNYFsYtUrp
fvJNNpTxFgA2G2D/YH0RSFtvyJtniS9qNXwNlLGTpj68DDEVSbkw0hv9hWEob2Xd
ZOArYg+4llmgp+Mp2Jia504KhbWOktWlvuelPA+M/FI+fKR3ahyXmkKIrB4dAgMB
AAGjggIZMIICFTAdBgNVHQ4EFgQUU1R2FDKqSdzn928Rt068vYjJsOswHwYDVR0j
BBgwFoAUiMFOwCrb8IMTjt3UeHEXbd65PZ0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQwOWQ3YjItZWU2NC00OWYxLWFkODEtOGU0YTEwN2Q2
MmUwLzAvODhDMTRFQzAyQURCRjA4MzEzOEVEREQ0Nzg3MTE3NkRERUI5M0Q5RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2lNRk93Q3JiOElNVGp0M1VlSEVYYmQ2
NVBaMC5jZXIweAYIKwYBBQUHAQsEbDBqMGgGCCsGAQUFBzALhlxyc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0MDlkN2IyLWVlNjQt
NDlmMS1hZDgxLThlNGExMDdkNjJlMC8wL0FTODM0LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAjxQrAwQA
jxRNAwQAjxRmAwQAjxSHMA0GCSqGSIb3DQEBCwUAA4IBAQCw3/X7jQq5ohA4Djak
U/YluKIq4y7heEEk39o06aWncpsmk3zW+D6YAWztRY07Ep3W9jBRjls3aHkUfT4z
FAUKxXBNB8s/Z4oHSEZM3Uhfw3qKztW6AlFZznRlqBn8vMpnSu4V9NVh8OsEGEQQ
urVaHghwvZ4uGOP0U1e1c2EQL92ymo4T8rvO++JNNisoAIwjEDnRFl8s6VpGm2Qm
Rd4fJ/icFWer+p9zTmCiP2gGzb0pjmvB983e0XVKyp5YpS0kcqG7TjjrPWFTTK5F
e0/sP7BgLEpYj20Aat2dpn7CzUua7v7fFk7Gckce0yAyWvKQ/6gGSM/RdWm/lKsJ
4zAD
-----END CERTIFICATE-----
Generated at Thu Sep 18 12:03:24 2025 by rpki-client