Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS834.roa
File: AS834.roa (raw, json)
Hash identifier: BaeICUCF1za/UdaYtGzWf1r/4QNgdOcrzjh1WPuYVvY=
Subject key identifier: 2E:15:E9:8A:D1:D3:D0:F6:A4:D7:1C:EA:50:8F:0B:30:9A:98:05:08
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 0B61EE18CC1B989752A67A29D871A05DC3C8D78A
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS834.roa
Signing time: Tue 04 Nov 2025 18:15:46 +0000
ROA not before: Tue 04 Nov 2025 18:10:46 +0000
ROA not after: Tue 03 Nov 2026 18:15:46 +0000
asID: 834
IP address blocks: 96.62.74.0/24 maxlen: 24
96.62.100.0/24 maxlen: 24
96.62.223.0/24 maxlen: 24
96.62.228.0/24 maxlen: 24
96.62.231.0/24 maxlen: 24
96.62.243.0/24 maxlen: 24
96.62.250.0/24 maxlen: 24
140.150.232.0/23 maxlen: 24
140.233.173.0/24 maxlen: 24
140.233.174.0/23 maxlen: 24
143.14.66.0/24 maxlen: 24
143.14.81.0/24 maxlen: 24
143.14.82.0/23 maxlen: 24
143.14.152.0/24 maxlen: 24
143.14.166.0/24 maxlen: 24
143.14.193.0/24 maxlen: 24
143.14.194.0/24 maxlen: 24
143.14.198.0/23 maxlen: 24
143.14.200.0/24 maxlen: 24
143.14.208.0/23 maxlen: 24
143.14.218.0/24 maxlen: 24
143.14.229.0/24 maxlen: 24
143.14.245.0/24 maxlen: 24
143.14.248.0/24 maxlen: 24
143.14.250.0/24 maxlen: 24
146.103.27.0/24 maxlen: 24
147.79.2.0/24 maxlen: 24
147.79.16.0/24 maxlen: 24
147.79.60.0/23 maxlen: 24
148.135.145.0/24 maxlen: 24
148.135.156.0/24 maxlen: 24
148.135.171.0/24 maxlen: 24
148.135.201.0/24 maxlen: 24
150.241.128.0/24 maxlen: 24
150.241.174.0/23 maxlen: 24
150.241.228.0/24 maxlen: 24
155.117.34.0/24 maxlen: 24
155.117.79.0/24 maxlen: 24
155.117.99.0/24 maxlen: 24
155.117.119.0/24 maxlen: 24
155.117.201.0/24 maxlen: 24
155.117.203.0/24 maxlen: 24
155.117.210.0/24 maxlen: 24
155.117.218.0/24 maxlen: 24
155.117.255.0/24 maxlen: 24
162.141.96.0/24 maxlen: 24
167.148.205.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 18:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0b:61:ee:18:cc:1b:98:97:52:a6:7a:29:d8:71:a0:5d:c3:c8:d7:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Nov 4 18:10:46 2025 GMT
Not After : Nov 3 18:15:46 2026 GMT
Subject: CN=2E15E98AD1D3D0F6A4D71CEA508F0B309A980508
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:dd:1b:b2:0b:0f:f5:c5:79:69:de:25:0a:b1:
15:01:5f:94:90:17:cb:df:76:b6:fb:0c:1f:35:f3:
de:b6:ad:c6:f1:c7:0d:f7:be:a0:1e:25:e4:cc:e9:
2e:09:9f:da:62:a3:44:01:fe:5a:6b:c8:6b:65:0f:
f7:f7:e3:fe:67:22:b0:36:30:04:16:55:b2:0b:0b:
47:32:75:4c:7f:d5:2f:c5:f1:ec:35:72:84:bb:c9:
e2:2e:ba:d2:1d:37:f3:e8:60:ef:6e:c9:06:05:aa:
60:4a:4e:6a:4f:c2:35:18:6e:60:df:cd:4c:58:c9:
f8:17:53:a8:46:10:cc:61:67:7f:ca:2f:1d:74:a1:
a8:ff:46:b2:11:2c:db:cf:4d:f4:5f:2e:0f:19:4d:
e5:ec:1b:56:3f:b8:76:0f:bf:7d:50:7b:1b:02:c9:
01:69:fe:8c:c1:63:2e:23:bd:86:b2:73:bf:77:9b:
87:a5:96:2e:e9:d6:34:6d:91:01:4c:43:4e:fa:91:
50:28:4a:28:de:e3:5d:ca:54:bc:f6:e1:70:ec:f9:
19:64:d8:9e:bd:83:24:bb:a7:4d:58:ae:eb:8f:9c:
6f:50:24:83:e4:e4:9e:45:2e:79:d6:fc:62:13:39:
d3:54:5c:59:40:d6:94:24:6d:dd:51:6a:db:0d:bb:
45:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:15:E9:8A:D1:D3:D0:F6:A4:D7:1C:EA:50:8F:0B:30:9A:98:05:08
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS834.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
96.62.74.0/24
96.62.100.0/24
96.62.223.0/24
96.62.228.0/24
96.62.231.0/24
96.62.243.0/24
96.62.250.0/24
140.150.232.0/23
140.233.173.0-140.233.175.255
143.14.66.0/24
143.14.81.0-143.14.83.255
143.14.152.0/24
143.14.166.0/24
143.14.193.0-143.14.194.255
143.14.198.0-143.14.200.255
143.14.208.0/23
143.14.218.0/24
143.14.229.0/24
143.14.245.0/24
143.14.248.0/24
143.14.250.0/24
146.103.27.0/24
147.79.2.0/24
147.79.16.0/24
147.79.60.0/23
148.135.145.0/24
148.135.156.0/24
148.135.171.0/24
148.135.201.0/24
150.241.128.0/24
150.241.174.0/23
150.241.228.0/24
155.117.34.0/24
155.117.79.0/24
155.117.99.0/24
155.117.119.0/24
155.117.201.0/24
155.117.203.0/24
155.117.210.0/24
155.117.218.0/24
155.117.255.0/24
162.141.96.0/24
167.148.205.0/24
Signature Algorithm: sha256WithRSAEncryption
07:7f:19:68:4a:de:5f:69:97:95:9a:55:1d:c7:fb:e0:e3:71:
88:3b:b3:9d:bc:ee:d7:2e:76:f2:3f:b3:87:80:0a:51:f3:1c:
42:64:3b:a4:6d:40:73:3d:42:07:ea:2d:58:33:6d:32:d9:2b:
d4:ab:e0:ef:5e:7a:c8:b4:0e:71:09:59:57:ee:38:8f:71:a6:
b4:11:7d:e9:ad:81:6f:ca:dc:17:a0:b6:c4:ed:24:33:d0:f0:
09:7d:af:8e:25:9c:08:dc:a1:85:c1:16:bc:f2:19:93:95:9e:
9b:ff:f8:e2:c2:69:f8:f4:c6:b0:b3:ee:76:66:0b:40:55:30:
32:1e:2b:7f:f4:ce:b1:18:af:36:2a:de:e9:4a:f7:81:ce:e8:
b8:a2:b6:de:8f:61:db:09:68:ae:1a:c1:09:f7:8f:8d:90:4c:
c4:9b:10:b1:56:5a:51:83:30:77:2a:99:6b:01:5f:d2:d2:8a:
2f:87:b5:f4:fc:73:00:84:69:0d:41:a5:ca:a6:7a:d8:8a:3e:
1a:c3:03:cd:f3:05:d3:15:23:9f:12:10:ff:39:86:15:c1:75:
b1:22:7e:03:3f:1b:12:66:1f:52:c9:bc:ec:e7:aa:2a:82:8c:
2d:5a:df:96:7b:b4:9d:1c:70:5e:f0:98:23:f5:ec:4e:0b:88:
89:00:f9:14
-----BEGIN CERTIFICATE-----
MIIGIzCCBQugAwIBAgIUC2HuGMwbmJdSpnop2HGgXcPI14owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTExMDQxODEwNDZaFw0yNjExMDMxODE1NDZaMDMxMTAvBgNV
BAMTKDJFMTVFOThBRDFEM0QwRjZBNEQ3MUNFQTUwOEYwQjMwOUE5ODA1MDgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCF3RuyCw/1xXlp3iUKsRUBX5SQ
F8vfdrb7DB818962rcbxxw33vqAeJeTM6S4Jn9pio0QB/lpryGtlD/f34/5nIrA2
MAQWVbILC0cydUx/1S/F8ew1coS7yeIuutIdN/PoYO9uyQYFqmBKTmpPwjUYbmDf
zUxYyfgXU6hGEMxhZ3/KLx10oaj/RrIRLNvPTfRfLg8ZTeXsG1Y/uHYPv31QexsC
yQFp/ozBYy4jvYayc793m4elli7p1jRtkQFMQ076kVAoSije413KVLz24XDs+Rlk
2J69gyS7p01YruuPnG9QJIPk5J5FLnnW/GITOdNUXFlA1pQkbd1RatsNu0WxAgMB
AAGjggMtMIIDKTAdBgNVHQ4EFgQULhXpitHT0Pak1xzqUI8LMJqYBQgwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIweAYIKwYBBQUHAQsEbDBqMGgGCCsGAQUFBzALhlxyc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTODM0LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBQwYIKwYBBQUHAQcBAf8EggEyMIIBLjCCASoEAgABMIIB
IgMEAGA+SgMEAGA+ZAMEAGA+3wMEAGA+5AMEAGA+5wMEAGA+8wMEAGA++gMEAYyW
6DAMAwQAjOmtAwQEjOmgAwQAjw5CMAwDBACPDlEDBAKPDlADBACPDpgDBACPDqYw
DAMEAI8OwQMEAI8OwjAMAwQBjw7GAwQAjw7IAwQBjw7QAwQAjw7aAwQAjw7lAwQA
jw71AwQAjw74AwQAjw76AwQAkmcbAwQAk08CAwQAk08QAwQBk088AwQAlIeRAwQA
lIecAwQAlIerAwQAlIfJAwQAlvGAAwQBlvGuAwQAlvHkAwQAm3UiAwQAm3VPAwQA
m3VjAwQAm3V3AwQAm3XJAwQAm3XLAwQAm3XSAwQAm3XaAwQAm3X/AwQAoo1gAwQA
p5TNMA0GCSqGSIb3DQEBCwUAA4IBAQAHfxloSt5faZeVmlUdx/vg43GIO7OdvO7X
LnbyP7OHgApR8xxCZDukbUBzPUIH6i1YM20y2SvUq+DvXnrItA5xCVlX7jiPcaa0
EX3prYFvytwXoLbE7SQz0PAJfa+OJZwI3KGFwRa88hmTlZ6b//jiwmn49Maws+52
ZgtAVTAyHit/9M6xGK82Kt7pSveBzui4orbej2HbCWiuGsEJ94+NkEzEmxCxVlpR
gzB3KplrAV/S0oovh7X0/HMAhGkNQaXKpnrYij4awwPN8wXTFSOfEhD/OYYVwXWx
In4DPxsSZh9Sybzs56oqgowtWt+We7SdHHBe8Jgj9exOC4iJAPkU
-----END CERTIFICATE-----
Generated at Tue Nov 4 22:36:54 2025 by rpki-client