Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS834.roa
File: AS834.roa (raw, json)
Hash identifier: 2RUz59C9Vq5Jci/w3YGXnZQd20qnF6vQUb4Y8ANqnH8=
Subject key identifier: 8A:3F:4A:4B:E1:D9:FE:B2:BA:EC:5D:59:E4:8D:E1:E5:D2:CC:09:5E
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 686D9A913658582912B9515844417B7AECD5C2F0
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS834.roa
Signing time: Fri 25 Apr 2025 14:19:38 +0000
ROA not before: Fri 25 Apr 2025 14:14:38 +0000
ROA not after: Fri 24 Apr 2026 14:19:38 +0000
asID: 834
IP address blocks: 96.62.140.0/24 maxlen: 24
96.62.190.0/23 maxlen: 24
96.62.208.0/22 maxlen: 24
96.62.216.0/21 maxlen: 24
96.62.228.0/24 maxlen: 24
96.62.243.0/24 maxlen: 24
140.150.232.0/22 maxlen: 24
146.103.46.0/24 maxlen: 24
147.79.4.0/24 maxlen: 24
147.79.16.0/22 maxlen: 24
147.79.24.0/22 maxlen: 24
147.79.60.0/23 maxlen: 24
148.135.145.0/24 maxlen: 24
148.135.152.0/24 maxlen: 24
148.135.154.0/24 maxlen: 24
148.135.156.0/24 maxlen: 24
148.135.174.0/24 maxlen: 24
148.135.185.0/24 maxlen: 24
148.135.186.0/24 maxlen: 24
148.135.193.0/24 maxlen: 24
150.241.228.0/24 maxlen: 24
150.241.230.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 08:18:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
68:6d:9a:91:36:58:58:29:12:b9:51:58:44:41:7b:7a:ec:d5:c2:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Apr 25 14:14:38 2025 GMT
Not After : Apr 24 14:19:38 2026 GMT
Subject: CN=8A3F4A4BE1D9FEB2BAEC5D59E48DE1E5D2CC095E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:76:90:27:45:b3:ff:01:dc:0c:36:54:05:3b:
8b:55:23:f2:1c:0b:81:c6:43:c2:3b:fd:2b:f2:f3:
e2:e9:6a:65:b2:4a:a6:93:43:0d:87:55:7f:c9:6a:
1a:79:55:eb:19:d4:53:73:fc:4f:85:c9:97:a1:55:
33:ae:97:1d:db:ea:b8:d7:c6:fd:81:ac:5d:c0:b0:
38:05:b8:33:de:0e:02:7c:67:e0:7e:49:f3:30:40:
65:fd:e6:11:3c:40:31:d5:02:21:04:a2:2c:43:05:
ec:d2:fc:0c:67:b5:92:f1:67:22:ff:d5:ba:cc:ef:
28:45:44:6b:ba:cd:b8:5e:31:dd:d5:39:cf:8e:72:
18:45:99:73:cf:89:26:80:3e:08:50:6c:dc:13:ad:
0b:48:b9:e0:5e:e3:5f:e7:da:1b:c5:08:c8:7c:1a:
33:31:29:57:3e:6b:f3:6e:52:8e:3b:59:ab:9d:9d:
2e:bd:d1:1d:6f:d5:72:af:e2:04:9d:10:ef:68:fb:
d6:1e:83:81:64:8f:4e:5d:f7:28:c5:da:05:9c:92:
1f:c7:f2:89:cb:81:bc:b8:d7:97:9c:e3:fb:3d:98:
52:60:55:b9:37:f1:71:c3:27:57:97:40:df:a6:5c:
5c:89:78:33:cf:f2:e7:d6:27:4a:96:3e:7c:70:f5:
a1:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:3F:4A:4B:E1:D9:FE:B2:BA:EC:5D:59:E4:8D:E1:E5:D2:CC:09:5E
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS834.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
96.62.140.0/24
96.62.190.0/23
96.62.208.0/22
96.62.216.0/21
96.62.228.0/24
96.62.243.0/24
140.150.232.0/22
146.103.46.0/24
147.79.4.0/24
147.79.16.0/22
147.79.24.0/22
147.79.60.0/23
148.135.145.0/24
148.135.152.0/24
148.135.154.0/24
148.135.156.0/24
148.135.174.0/24
148.135.185.0-148.135.186.255
148.135.193.0/24
150.241.228.0/24
150.241.230.0/24
Signature Algorithm: sha256WithRSAEncryption
6d:95:ef:90:b7:a9:f2:e2:5c:3f:88:67:7b:0f:ec:c1:49:7e:
10:43:03:b8:ff:ab:77:11:68:04:64:37:30:1d:1c:30:d1:c5:
f1:59:97:a3:ce:10:47:a6:cd:19:e6:94:f2:27:1f:7b:24:63:
a2:a2:9f:af:0c:e5:3c:68:e3:ac:32:24:c2:4d:27:e3:df:de:
23:ea:ea:88:40:1f:bb:7c:0a:2e:84:3a:35:7a:2f:cb:f7:c4:
12:9a:6a:ba:eb:ff:a6:1c:e2:53:3b:c2:c8:d8:fa:4a:ed:11:
9e:9e:c2:37:64:87:46:fe:b7:72:29:65:65:18:fa:b0:d9:dc:
d3:b0:63:24:e5:29:3f:44:b8:82:47:33:a8:78:fb:07:85:45:
d4:12:4b:e8:d5:29:fa:b3:50:6d:47:1a:72:c5:29:1c:73:0b:
e8:18:0c:49:e1:e9:e0:3f:5e:6c:bb:91:28:7e:6b:8d:7d:52:
1f:db:77:3c:fc:ea:92:a0:ee:52:23:3b:d4:76:44:1f:f3:20:
c2:41:25:6c:57:56:0b:99:6f:5e:98:8a:8c:2b:e9:92:7c:ac:
8b:3c:e9:8b:ce:53:a2:a1:50:60:9c:a1:d5:b0:42:57:35:aa:
ae:c3:46:9b:29:7c:c7:1c:4b:fc:ed:e0:8a:1a:c8:5b:95:cc:
69:2f:8a:ce
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIUaG2akTZYWCkSuVFYREF7euzVwvAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTA0MjUxNDE0MzhaFw0yNjA0MjQxNDE5MzhaMDMxMTAvBgNV
BAMTKDhBM0Y0QTRCRTFEOUZFQjJCQUVDNUQ1OUU0OERFMUU1RDJDQzA5NUUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDFdpAnRbP/AdwMNlQFO4tVI/Ic
C4HGQ8I7/Svy8+LpamWySqaTQw2HVX/Jahp5VesZ1FNz/E+FyZehVTOulx3b6rjX
xv2BrF3AsDgFuDPeDgJ8Z+B+SfMwQGX95hE8QDHVAiEEoixDBezS/AxntZLxZyL/
1brM7yhFRGu6zbheMd3VOc+OchhFmXPPiSaAPghQbNwTrQtIueBe41/n2hvFCMh8
GjMxKVc+a/NuUo47WaudnS690R1v1XKv4gSdEO9o+9Yeg4Fkj05d9yjF2gWckh/H
8onLgby415ec4/s9mFJgVbk38XHDJ1eXQN+mXFyJeDPP8ufWJ0qWPnxw9aE5AgMB
AAGjggKMMIICiDAdBgNVHQ4EFgQUij9KS+HZ/rK67F1Z5I3h5dLMCV4wHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIweAYIKwYBBQUHAQsEbDBqMGgGCCsGAQUFBzALhlxyc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTODM0LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGjBggrBgEFBQcBBwEB/wSBkzCBkDCBjQQCAAEwgYYDBABg
PowDBAFgPr4DBAJgPtADBANgPtgDBABgPuQDBABgPvMDBAKMlugDBACSZy4DBACT
TwQDBAKTTxADBAKTTxgDBAGTTzwDBACUh5EDBACUh5gDBACUh5oDBACUh5wDBACU
h64wDAMEAJSHuQMEAJSHugMEAJSHwQMEAJbx5AMEAJbx5jANBgkqhkiG9w0BAQsF
AAOCAQEAbZXvkLep8uJcP4hnew/swUl+EEMDuP+rdxFoBGQ3MB0cMNHF8VmXo84Q
R6bNGeaU8icfeyRjoqKfrwzlPGjjrDIkwk0n49/eI+rqiEAfu3wKLoQ6NXovy/fE
Eppquuv/phziUzvCyNj6Su0Rnp7CN2SHRv63cillZRj6sNnc07BjJOUpP0S4gkcz
qHj7B4VF1BJL6NUp+rNQbUcacsUpHHML6BgMSeHp4D9ebLuRKH5rjX1SH9t3PPzq
kqDuUiM71HZEH/MgwkElbFdWC5lvXpiKjCvpknysizzpi85ToqFQYJyh1bBCVzWq
rsNGmyl8xxxL/O3gihrIW5XMaS+Kzg==
-----END CERTIFICATE-----
Generated at Sat Apr 26 19:51:24 2025 by rpki-client