Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS834.roa
File: AS834.roa (raw, json)
Hash identifier: IlO1gD+5ZK4AZABkDXUkooE8ljby6sdejZSrcsBhsgs=
Subject key identifier: 58:D9:14:F5:F1:BD:A1:4E:FA:EB:7D:57:1D:7E:C8:0E:97:52:76:F1
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 2F5C2C0B9A39AABE96E822F04AF944B1562B224E
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS834.roa
Signing time: Thu 16 Apr 2026 17:13:41 +0000
ROA not before: Thu 16 Apr 2026 17:08:41 +0000
ROA not after: Thu 15 Apr 2027 17:13:41 +0000
asID: 834
IP address blocks: 96.62.73.0/24 maxlen: 24
96.62.101.0/24 maxlen: 24
140.150.152.0/24 maxlen: 24
140.150.224.0/24 maxlen: 24
140.233.174.0/24 maxlen: 24
140.233.184.0/24 maxlen: 24
143.14.16.0/24 maxlen: 24
143.14.33.0/24 maxlen: 24
143.14.47.0/24 maxlen: 24
143.14.59.0/24 maxlen: 24
143.14.68.0/24 maxlen: 24
143.14.132.0/23 maxlen: 24
143.14.152.0/24 maxlen: 24
143.14.182.0/24 maxlen: 24
143.14.186.0/24 maxlen: 24
143.14.218.0/24 maxlen: 24
147.79.58.0/24 maxlen: 24
147.79.60.0/24 maxlen: 24
148.135.172.0/23 maxlen: 24
148.135.194.0/24 maxlen: 24
148.135.203.0/24 maxlen: 24
148.135.255.0/24 maxlen: 24
150.241.138.0/24 maxlen: 24
150.241.141.0/24 maxlen: 24
150.241.228.0/24 maxlen: 24
150.241.240.0/24 maxlen: 24
150.241.242.0/24 maxlen: 24
155.117.13.0/24 maxlen: 24
155.117.23.0/24 maxlen: 24
155.117.63.0/24 maxlen: 24
155.117.79.0/24 maxlen: 24
155.117.112.0/24 maxlen: 24
155.117.127.0/24 maxlen: 24
155.117.137.0/24 maxlen: 24
155.117.159.0/24 maxlen: 24
155.117.184.0/24 maxlen: 24
155.117.186.0/24 maxlen: 24
155.117.214.0/24 maxlen: 24
155.117.228.0/24 maxlen: 24
155.117.245.0/24 maxlen: 24
162.141.1.0/24 maxlen: 24
162.141.5.0/24 maxlen: 24
162.141.8.0/24 maxlen: 24
162.141.70.0/24 maxlen: 24
162.141.137.0/24 maxlen: 24
167.148.3.0/24 maxlen: 24
167.148.170.0/24 maxlen: 24
167.148.188.0/24 maxlen: 24
167.148.194.0/24 maxlen: 24
167.148.206.0/24 maxlen: 24
168.222.10.0/24 maxlen: 24
168.222.14.0/24 maxlen: 24
168.222.17.0/24 maxlen: 24
168.222.24.0/24 maxlen: 24
168.222.35.0/24 maxlen: 24
168.222.39.0/24 maxlen: 24
168.222.41.0/24 maxlen: 24
168.222.45.0/24 maxlen: 24
168.222.54.0/24 maxlen: 24
168.222.61.0/24 maxlen: 24
168.222.62.0/24 maxlen: 24
168.222.65.0/24 maxlen: 24
168.222.66.0/23 maxlen: 24
168.222.68.0/22 maxlen: 24
168.222.72.0/22 maxlen: 24
168.222.76.0/23 maxlen: 24
168.222.78.0/24 maxlen: 24
168.222.91.0/24 maxlen: 24
168.222.96.0/24 maxlen: 24
168.222.104.0/23 maxlen: 24
168.222.106.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 22:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2f:5c:2c:0b:9a:39:aa:be:96:e8:22:f0:4a:f9:44:b1:56:2b:22:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Apr 16 17:08:41 2026 GMT
Not After : Apr 15 17:13:41 2027 GMT
Subject: CN=58D914F5F1BDA14EFAEB7D571D7EC80E975276F1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:10:8f:2b:79:8e:37:56:12:ed:72:d6:82:65:
7a:c8:66:aa:d5:9d:1d:53:d1:57:b7:f2:2a:f5:0b:
6d:41:b3:db:de:07:61:ad:61:16:9c:05:0f:6a:8e:
86:92:94:4c:77:1b:ed:11:13:ec:7d:ec:4f:24:e7:
35:9a:7f:4b:50:e5:ef:dd:d8:76:97:f7:75:75:da:
fa:e9:d0:95:71:22:62:b3:71:7a:6c:57:4f:82:e6:
5c:54:12:0d:4a:62:d8:a5:b4:b3:fd:69:a0:b8:81:
17:16:13:2e:64:a6:76:5c:b9:f7:8f:52:3b:67:a3:
91:2a:82:63:55:0f:91:5b:7e:56:f2:48:9b:95:e3:
48:0c:d4:64:cb:bc:5e:2d:37:38:8f:a2:d4:af:ae:
4a:f2:cb:17:de:42:46:c4:60:f4:8d:41:8d:61:37:
1b:f3:f8:8f:f1:17:9a:5a:bb:35:e3:65:0e:42:06:
02:19:cf:16:18:0c:06:2d:9b:d0:32:b0:ac:e3:79:
55:51:a0:b5:43:2a:f8:be:9c:92:62:61:5f:6a:59:
79:68:57:e6:e4:4b:51:d9:18:48:82:d3:db:59:2a:
80:f9:7a:f9:38:b5:3c:a1:c5:8e:ae:0f:35:10:ed:
70:ae:69:de:a4:8b:e1:b2:15:e8:63:e8:b6:f8:08:
96:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:D9:14:F5:F1:BD:A1:4E:FA:EB:7D:57:1D:7E:C8:0E:97:52:76:F1
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS834.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
96.62.73.0/24
96.62.101.0/24
140.150.152.0/24
140.150.224.0/24
140.233.174.0/24
140.233.184.0/24
143.14.16.0/24
143.14.33.0/24
143.14.47.0/24
143.14.59.0/24
143.14.68.0/24
143.14.132.0/23
143.14.152.0/24
143.14.182.0/24
143.14.186.0/24
143.14.218.0/24
147.79.58.0/24
147.79.60.0/24
148.135.172.0/23
148.135.194.0/24
148.135.203.0/24
148.135.255.0/24
150.241.138.0/24
150.241.141.0/24
150.241.228.0/24
150.241.240.0/24
150.241.242.0/24
155.117.13.0/24
155.117.23.0/24
155.117.63.0/24
155.117.79.0/24
155.117.112.0/24
155.117.127.0/24
155.117.137.0/24
155.117.159.0/24
155.117.184.0/24
155.117.186.0/24
155.117.214.0/24
155.117.228.0/24
155.117.245.0/24
162.141.1.0/24
162.141.5.0/24
162.141.8.0/24
162.141.70.0/24
162.141.137.0/24
167.148.3.0/24
167.148.170.0/24
167.148.188.0/24
167.148.194.0/24
167.148.206.0/24
168.222.10.0/24
168.222.14.0/24
168.222.17.0/24
168.222.24.0/24
168.222.35.0/24
168.222.39.0/24
168.222.41.0/24
168.222.45.0/24
168.222.54.0/24
168.222.61.0-168.222.62.255
168.222.65.0-168.222.78.255
168.222.91.0/24
168.222.96.0/24
168.222.104.0-168.222.106.255
Signature Algorithm: sha256WithRSAEncryption
6f:ee:ca:45:6e:28:4b:51:f1:a6:bf:4e:eb:83:b1:f9:10:66:
7e:c3:95:85:bc:74:c0:60:d0:8f:e1:ba:4f:09:85:5f:55:29:
16:63:cf:cf:4f:46:6e:fc:ed:fa:7e:e7:2e:70:69:90:04:e5:
a5:4e:0a:94:e1:67:9a:64:2c:ea:27:2f:6c:7d:84:90:45:46:
b0:8f:6d:5b:42:38:66:65:e0:6e:74:a5:d8:22:f6:57:51:f3:
de:86:79:9c:c8:12:35:b5:99:ee:12:8f:70:af:e9:28:d7:4b:
4a:03:a1:7b:53:17:0a:3c:d6:f4:1a:ec:fc:b1:84:aa:b0:96:
7f:55:d6:61:59:c8:be:e6:0f:67:54:0c:18:66:5f:80:f3:63:
02:f7:b0:2c:5c:84:36:32:f0:be:6b:9a:49:46:83:10:ce:80:
fa:57:c3:fa:b6:71:ed:31:6c:ee:d6:63:97:a6:7f:dd:d7:62:
35:97:a9:cb:83:8f:e4:e3:92:5b:3d:45:46:e6:54:8c:bd:c8:
43:7c:6e:3a:cc:da:c4:83:10:e2:b4:c9:88:39:c2:95:6a:68:
95:20:bb:f8:f3:ed:65:ce:7f:fa:8a:72:12:cd:2f:25:e2:6d:
ed:f5:85:56:7a:12:3a:97:61:73:c9:11:e4:cf:46:7b:57:81:
a4:ce:33:6d
-----BEGIN CERTIFICATE-----
MIIGmTCCBYGgAwIBAgIUL1wsC5o5qr6W6CLwSvlEsVYrIk4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNjA0MTYxNzA4NDFaFw0yNzA0MTUxNzEzNDFaMDMxMTAvBgNV
BAMTKDU4RDkxNEY1RjFCREExNEVGQUVCN0Q1NzFEN0VDODBFOTc1Mjc2RjEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCpEI8reY43VhLtctaCZXrIZqrV
nR1T0Ve38ir1C21Bs9veB2GtYRacBQ9qjoaSlEx3G+0RE+x97E8k5zWaf0tQ5e/d
2HaX93V12vrp0JVxImKzcXpsV0+C5lxUEg1KYtiltLP9aaC4gRcWEy5kpnZcufeP
Ujtno5EqgmNVD5FbflbySJuV40gM1GTLvF4tNziPotSvrkryyxfeQkbEYPSNQY1h
Nxvz+I/xF5pauzXjZQ5CBgIZzxYYDAYtm9AysKzjeVVRoLVDKvi+nJJiYV9qWXlo
V+bkS1HZGEiC09tZKoD5evk4tTyhxY6uDzUQ7XCuad6ki+GyFehj6Lb4CJY5AgMB
AAGjggOjMIIDnzAdBgNVHQ4EFgQUWNkU9fG9oU76631XHX7IDpdSdvEwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIweAYIKwYBBQUHAQsEbDBqMGgGCCsGAQUFBzALhlxyc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTODM0LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBuQYIKwYBBQUHAQcBAf8EggGoMIIBpDCCAaAEAgABMIIB
mAMEAGA+SQMEAGA+ZQMEAIyWmAMEAIyW4AMEAIzprgMEAIzpuAMEAI8OEAMEAI8O
IQMEAI8OLwMEAI8OOwMEAI8ORAMEAY8OhAMEAI8OmAMEAI8OtgMEAI8OugMEAI8O
2gMEAJNPOgMEAJNPPAMEAZSHrAMEAJSHwgMEAJSHywMEAJSH/wMEAJbxigMEAJbx
jQMEAJbx5AMEAJbx8AMEAJbx8gMEAJt1DQMEAJt1FwMEAJt1PwMEAJt1TwMEAJt1
cAMEAJt1fwMEAJt1iQMEAJt1nwMEAJt1uAMEAJt1ugMEAJt11gMEAJt15AMEAJt1
9QMEAKKNAQMEAKKNBQMEAKKNCAMEAKKNRgMEAKKNiQMEAKeUAwMEAKeUqgMEAKeU
vAMEAKeUwgMEAKeUzgMEAKjeCgMEAKjeDgMEAKjeEQMEAKjeGAMEAKjeIwMEAKje
JwMEAKjeKQMEAKjeLQMEAKjeNjAMAwQAqN49AwQAqN4+MAwDBACo3kEDBACo3k4D
BACo3lsDBACo3mAwDAMEA6jeaAMEAKjeajANBgkqhkiG9w0BAQsFAAOCAQEAb+7K
RW4oS1Hxpr9O64Ox+RBmfsOVhbx0wGDQj+G6TwmFX1UpFmPPz09Gbvzt+n7nLnBp
kATlpU4KlOFnmmQs6icvbH2EkEVGsI9tW0I4ZmXgbnSl2CL2V1Hz3oZ5nMgSNbWZ
7hKPcK/pKNdLSgOhe1MXCjzW9Brs/LGEqrCWf1XWYVnIvuYPZ1QMGGZfgPNjAvew
LFyENjLwvmuaSUaDEM6A+lfD+rZx7TFs7tZjl6Z/3ddiNZepy4OP5OOSWz1FRuZU
jL3IQ3xuOszaxIMQ4rTJiDnClWpolSC7+PPtZc5/+opyEs0vJeJt7fWFVnoSOpdh
c8kR5M9Ge1eBpM4zbQ==
-----END CERTIFICATE-----
Generated at Fri Apr 17 05:48:52 2026 by rpki-client