Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/AS834.roa
File: AS834.roa (raw, json)
Hash identifier: lBCJ3odAZMvsrd+3W2XmjMdRA1GUKDCrctBtfP+Mc+U=
Subject key identifier: 8A:C0:46:52:3D:40:D9:C5:F4:F4:E1:04:EB:A5:3D:D2:46:3F:89:FA
Certificate issuer: /CN=6ccdc82bae7800f7d507c737924869bdeb5a76ea
Certificate serial: 1F07F663985DC17A402BF9FA8B367DF228D54A06
Authority key identifier: 6C:CD:C8:2B:AE:78:00:F7:D5:07:C7:37:92:48:69:BD:EB:5A:76:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bM3IK654APfVB8c3kkhpvetaduo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/AS834.roa
Signing time: Sat 28 Mar 2026 08:48:40 +0000
ROA not before: Sat 28 Mar 2026 08:43:40 +0000
ROA not after: Sat 27 Mar 2027 08:48:40 +0000
asID: 834
IP address blocks: 147.125.128.0/24 maxlen: 24
147.125.131.0/24 maxlen: 24
147.125.137.0/24 maxlen: 24
147.125.138.0/23 maxlen: 24
147.125.149.0/24 maxlen: 24
147.125.158.0/24 maxlen: 24
147.125.160.0/19 maxlen: 24
147.125.192.0/22 maxlen: 24
147.125.198.0/24 maxlen: 24
147.125.204.0/24 maxlen: 24
147.125.207.0/24 maxlen: 24
147.125.209.0/24 maxlen: 24
147.125.210.0/23 maxlen: 24
147.125.212.0/23 maxlen: 24
147.125.240.0/23 maxlen: 24
147.125.243.0/24 maxlen: 24
147.125.244.0/23 maxlen: 24
147.125.246.0/24 maxlen: 24
147.125.250.0/23 maxlen: 24
147.125.252.0/24 maxlen: 24
147.125.254.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/6CCDC82BAE7800F7D507C737924869BDEB5A76EA.crl
rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/6CCDC82BAE7800F7D507C737924869BDEB5A76EA.mft
rsync://rpki.ripe.net/repository/DEFAULT/bM3IK654APfVB8c3kkhpvetaduo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Mar 2026 11:51:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1f:07:f6:63:98:5d:c1:7a:40:2b:f9:fa:8b:36:7d:f2:28:d5:4a:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ccdc82bae7800f7d507c737924869bdeb5a76ea
Validity
Not Before: Mar 28 08:43:40 2026 GMT
Not After : Mar 27 08:48:40 2027 GMT
Subject: CN=8AC046523D40D9C5F4F4E104EBA53DD2463F89FA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:93:c3:78:0a:6f:ae:98:b7:0e:ce:73:fc:16:
5a:58:c3:9b:9d:a4:71:2e:ce:50:1c:27:51:a4:78:
00:69:1b:9a:ee:79:7d:0b:36:66:f0:f2:89:9f:b6:
5d:0b:e6:0b:23:9e:70:9d:c6:74:92:6d:2e:f4:f3:
23:1a:d6:b7:35:80:33:22:a2:f2:33:96:f1:7b:79:
e3:bd:6a:79:19:47:61:13:7a:2a:d4:80:37:3d:3d:
bd:b5:6f:ff:75:15:fc:32:fe:32:0d:d5:85:9d:c9:
e2:a0:12:73:0c:d0:0f:ff:2f:30:32:d8:c7:cc:f3:
07:16:e9:b9:93:c2:2d:c2:f3:91:84:4e:30:6c:91:
e6:0f:e7:76:9c:63:21:ae:f3:2e:13:db:99:14:aa:
6c:f9:0c:69:0b:d8:90:bb:98:28:e5:1b:81:2e:be:
57:f3:47:6f:28:08:f5:08:09:83:68:ff:82:56:78:
41:71:79:e1:80:7e:d9:15:b4:14:29:1d:ea:2b:fd:
75:48:ed:4c:95:7e:ae:30:ab:51:9e:1e:1b:9c:06:
05:5b:dd:25:87:98:a4:e8:82:30:6d:a3:49:91:c4:
77:02:e0:ed:dd:ae:07:62:60:70:32:c9:e9:70:dd:
1b:91:9c:19:2b:2a:ec:ec:9f:e8:b3:a5:51:02:37:
57:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:C0:46:52:3D:40:D9:C5:F4:F4:E1:04:EB:A5:3D:D2:46:3F:89:FA
X509v3 Authority Key Identifier:
keyid:6C:CD:C8:2B:AE:78:00:F7:D5:07:C7:37:92:48:69:BD:EB:5A:76:EA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/6CCDC82BAE7800F7D507C737924869BDEB5A76EA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bM3IK654APfVB8c3kkhpvetaduo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/AS834.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.125.128.0/24
147.125.131.0/24
147.125.137.0-147.125.139.255
147.125.149.0/24
147.125.158.0/24
147.125.160.0-147.125.195.255
147.125.198.0/24
147.125.204.0/24
147.125.207.0/24
147.125.209.0-147.125.213.255
147.125.240.0/23
147.125.243.0-147.125.246.255
147.125.250.0-147.125.252.255
147.125.254.0/24
Signature Algorithm: sha256WithRSAEncryption
80:5a:4e:59:91:fd:80:ee:a5:7f:5d:34:fd:f3:ac:68:7a:62:
4f:31:07:99:12:85:45:9b:59:93:4a:3e:4c:00:fa:88:b9:b6:
be:dd:6d:39:08:c9:df:68:35:8d:e0:c9:56:9f:5f:b1:07:00:
c4:6a:44:24:71:3e:ed:b7:a9:88:cc:f9:97:72:04:23:7c:63:
46:d9:c6:47:3f:29:f1:69:10:cc:25:a5:dd:f6:67:86:88:72:
0c:dc:bd:2e:ff:9f:c5:e9:22:4b:1f:7d:9c:50:c0:b1:7a:3b:
da:10:f0:95:d4:11:f3:4a:e3:81:f5:d6:71:a5:30:0a:38:60:
fe:13:0a:28:4e:f4:29:cd:ba:81:5c:92:d1:51:a5:b0:e8:23:
24:49:d3:c5:6e:20:c5:81:6e:3d:6d:d0:25:f7:98:77:0a:d5:
c4:34:c7:94:0e:b8:05:a5:32:95:72:cb:69:f7:7b:8b:bc:b4:
b8:10:23:cf:b1:be:30:1d:ee:ba:29:45:1b:03:50:5e:93:4d:
62:af:7f:bb:dc:f6:a4:1b:f4:70:ef:b9:a0:86:cd:af:88:a0:
54:d9:c1:2f:c4:71:9c:22:ee:b9:2a:c9:5c:4f:04:e1:92:e6:
8a:49:f1:e9:90:86:1a:a3:e7:5e:10:b5:19:20:6e:a5:16:6a:
93:28:e4:5d
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgIUHwf2Y5hdwXpAK/n6izZ98ijVSgYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNmNjZGM4MmJhZTc4MDBmN2Q1MDdjNzM3OTI0ODY5YmRl
YjVhNzZlYTAeFw0yNjAzMjgwODQzNDBaFw0yNzAzMjcwODQ4NDBaMDMxMTAvBgNV
BAMTKDhBQzA0NjUyM0Q0MEQ5QzVGNEY0RTEwNEVCQTUzREQyNDYzRjg5RkEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCNk8N4Cm+umLcOznP8FlpYw5ud
pHEuzlAcJ1GkeABpG5rueX0LNmbw8omftl0L5gsjnnCdxnSSbS708yMa1rc1gDMi
ovIzlvF7eeO9ankZR2ETeirUgDc9Pb21b/91Ffwy/jIN1YWdyeKgEnMM0A//LzAy
2MfM8wcW6bmTwi3C85GETjBskeYP53acYyGu8y4T25kUqmz5DGkL2JC7mCjlG4Eu
vlfzR28oCPUICYNo/4JWeEFxeeGAftkVtBQpHeor/XVI7UyVfq4wq1GeHhucBgVb
3SWHmKTogjBto0mRxHcC4O3drgdiYHAyyelw3RuRnBkrKuzsn+izpVECN1fFAgMB
AAGjggKBMIICfTAdBgNVHQ4EFgQUisBGUj1A2cX09OEE66U90kY/ifowHwYDVR0j
BBgwFoAUbM3IK654APfVB8c3kkhpvetaduowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvY2NkMzg4NGEtYzM4NS00YjY1LTk4NjYtNGY2MzgzMTcy
NjcyLzAvNkNDREM4MkJBRTc4MDBGN0Q1MDdDNzM3OTI0ODY5QkRFQjVBNzZFQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2JNM0lLNjU0QVBmVkI4YzNra2hwdmV0
YWR1by5jZXIweAYIKwYBBQUHAQsEbDBqMGgGCCsGAQUFBzALhlxyc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2NjZDM4ODRhLWMzODUt
NGI2NS05ODY2LTRmNjM4MzE3MjY3Mi8wL0FTODM0LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGYBggrBgEFBQcBBwEB/wSBiDCBhTCBggQCAAEwfAMEAJN9
gAMEAJN9gzAMAwQAk32JAwQCk32IAwQAk32VAwQAk32eMAwDBAWTfaADBAKTfcAD
BACTfcYDBACTfcwDBACTfc8wDAMEAJN90QMEAZN91AMEAZN98DAMAwQAk33zAwQA
k332MAwDBAGTffoDBACTffwDBACTff4wDQYJKoZIhvcNAQELBQADggEBAIBaTlmR
/YDupX9dNP3zrGh6Yk8xB5kShUWbWZNKPkwA+oi5tr7dbTkIyd9oNY3gyVafX7EH
AMRqRCRxPu23qYjM+ZdyBCN8Y0bZxkc/KfFpEMwlpd32Z4aIcgzcvS7/n8XpIksf
fZxQwLF6O9oQ8JXUEfNK44H11nGlMAo4YP4TCihO9CnNuoFcktFRpbDoIyRJ08Vu
IMWBbj1t0CX3mHcK1cQ0x5QOuAWlMpVyy2n3e4u8tLgQI8+xvjAd7ropRRsDUF6T
TWKvf7vc9qQb9HDvuaCGza+IoFTZwS/EcZwi7rkqyVxPBOGS5opJ8emQhhqj514Q
tRkgbqUWapMo5F0=
-----END CERTIFICATE-----
Generated at Sat Mar 28 23:13:16 2026 by rpki-client