This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS834.roa File: AS834.roa (raw, json) Hash identifier: HDwRV+96Et5LDuyHLk4rvVSLw9uA352cbm8Tjbp08kU= Subject key identifier: E9:D9:EE:62:E3:5F:51:91:70:4E:4B:46:8C:42:E3:E1:34:50:82:DF Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc Certificate serial: 3B07249D863D3E98CD19DBE4A3C2535C3088D7C2 Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS834.roa Signing time: Wed 17 Dec 2025 06:48:25 +0000 ROA not before: Wed 17 Dec 2025 06:43:25 +0000 ROA not after: Wed 16 Dec 2026 06:48:25 +0000 asID: 834 IP address blocks: 96.62.71.0/24 maxlen: 24 96.62.73.0/24 maxlen: 24 96.62.74.0/24 maxlen: 24 96.62.100.0/24 maxlen: 24 96.62.114.0/24 maxlen: 24 96.62.152.0/24 maxlen: 24 96.62.218.0/24 maxlen: 24 96.62.220.0/24 maxlen: 24 96.62.223.0/24 maxlen: 24 96.62.228.0/24 maxlen: 24 140.150.152.0/22 maxlen: 24 140.150.224.0/23 maxlen: 24 140.150.238.0/23 maxlen: 24 140.233.165.0/24 maxlen: 24 140.233.173.0/24 maxlen: 24 140.233.174.0/23 maxlen: 24 143.14.1.0/24 maxlen: 24 143.14.6.0/23 maxlen: 24 143.14.16.0/24 maxlen: 24 143.14.46.0/23 maxlen: 24 143.14.77.0/24 maxlen: 24 143.14.79.0/24 maxlen: 24 143.14.80.0/24 maxlen: 24 143.14.91.0/24 maxlen: 24 143.14.92.0/24 maxlen: 24 143.14.124.0/24 maxlen: 24 143.14.142.0/24 maxlen: 24 143.14.152.0/24 maxlen: 24 143.14.166.0/24 maxlen: 24 143.14.181.0/24 maxlen: 24 143.14.182.0/24 maxlen: 24 143.14.184.0/22 maxlen: 24 143.14.191.0/24 maxlen: 24 143.14.192.0/24 maxlen: 24 143.14.194.0/24 maxlen: 24 143.14.250.0/24 maxlen: 24 143.14.254.0/24 maxlen: 24 146.103.22.0/24 maxlen: 24 147.79.4.0/24 maxlen: 24 147.79.7.0/24 maxlen: 24 147.79.17.0/24 maxlen: 24 147.79.18.0/24 maxlen: 24 147.79.30.0/24 maxlen: 24 147.79.60.0/24 maxlen: 24 148.135.161.0/24 maxlen: 24 148.135.173.0/24 maxlen: 24 148.135.193.0/24 maxlen: 24 148.135.202.0/24 maxlen: 24 150.241.138.0/24 maxlen: 24 150.241.140.0/24 maxlen: 24 150.241.142.0/24 maxlen: 24 150.241.174.0/24 maxlen: 24 150.241.228.0/24 maxlen: 24 150.241.238.0/23 maxlen: 24 155.117.13.0/24 maxlen: 24 155.117.76.0/24 maxlen: 24 155.117.109.0/24 maxlen: 24 155.117.110.0/24 maxlen: 24 155.117.112.0/24 maxlen: 24 155.117.115.0/24 maxlen: 24 155.117.119.0/24 maxlen: 24 155.117.127.0/24 maxlen: 24 155.117.136.0/23 maxlen: 24 155.117.141.0/24 maxlen: 24 155.117.145.0/24 maxlen: 24 155.117.147.0/24 maxlen: 24 155.117.157.0/24 maxlen: 24 155.117.166.0/24 maxlen: 24 155.117.171.0/24 maxlen: 24 155.117.196.0/24 maxlen: 24 155.117.198.0/23 maxlen: 24 155.117.202.0/24 maxlen: 24 155.117.205.0/24 maxlen: 24 155.117.206.0/24 maxlen: 24 155.117.255.0/24 maxlen: 24 162.141.17.0/24 maxlen: 24 162.141.36.0/24 maxlen: 24 162.141.46.0/23 maxlen: 24 162.141.69.0/24 maxlen: 24 162.141.70.0/24 maxlen: 24 162.141.83.0/24 maxlen: 24 162.141.104.0/23 maxlen: 24 162.141.107.0/24 maxlen: 24 162.141.109.0/24 maxlen: 24 162.141.123.0/24 maxlen: 24 162.141.136.0/24 maxlen: 24 162.141.139.0/24 maxlen: 24 162.141.142.0/24 maxlen: 24 162.141.161.0/24 maxlen: 24 162.141.167.0/24 maxlen: 24 162.141.178.0/24 maxlen: 24 167.148.0.0/24 maxlen: 24 167.148.2.0/24 maxlen: 24 167.148.8.0/24 maxlen: 24 167.148.41.0/24 maxlen: 24 167.148.68.0/24 maxlen: 24 167.148.119.0/24 maxlen: 24 167.148.120.0/22 maxlen: 24 167.148.141.0/24 maxlen: 24 167.148.154.0/24 maxlen: 24 167.148.156.0/23 maxlen: 24 167.148.161.0/24 maxlen: 24 167.148.162.0/24 maxlen: 24 167.148.177.0/24 maxlen: 24 167.148.180.0/23 maxlen: 24 167.148.183.0/24 maxlen: 24 167.148.184.0/24 maxlen: 24 167.148.188.0/24 maxlen: 24 167.148.192.0/24 maxlen: 24 167.148.197.0/24 maxlen: 24 167.148.200.0/24 maxlen: 24 167.148.205.0/24 maxlen: 24 167.148.211.0/24 maxlen: 24 168.222.64.0/18 maxlen: 24 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 18 Dec 2025 09:00:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3b:07:24:9d:86:3d:3e:98:cd:19:db:e4:a3:c2:53:5c:30:88:d7:c2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc Validity Not Before: Dec 17 06:43:25 2025 GMT Not After : Dec 16 06:48:25 2026 GMT Subject: CN=E9D9EE62E35F5191704E4B468C42E3E1345082DF Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:8f:c2:1b:7b:53:d3:16:cf:6b:33:a5:4d:eb: 83:94:88:00:06:06:2d:f4:e2:be:09:fb:be:fa:89: 53:97:7d:c0:bd:0f:79:5e:7f:33:fd:44:79:ba:0b: f3:ec:37:4b:76:87:f5:d7:fe:67:c7:e6:e4:3c:e1: 3d:a1:c0:43:c0:d8:60:5b:2f:8c:95:ab:ed:a5:32: b9:fd:18:1a:18:b7:67:54:bf:7a:7f:44:ca:d8:72: c5:68:36:d5:ef:cb:80:e9:9e:1d:27:29:82:a1:e1: c7:01:83:19:d7:04:da:89:70:86:b7:4b:78:40:6d: bd:e7:79:97:f5:5e:90:bf:71:b4:f8:d7:c5:a4:04: f8:b1:93:79:c0:5d:79:36:20:98:9f:47:02:07:1a: a5:48:2c:de:b7:fd:44:62:46:21:b5:c1:e4:7b:a8: be:1e:c6:69:84:0d:a7:0f:dc:9d:61:02:d7:6b:f1: 55:1e:72:6a:a3:0a:38:a2:8d:e7:79:67:c3:27:b3: 32:f5:62:71:4f:d1:c7:08:a9:c5:ed:0d:6d:c0:2b: 2c:aa:53:a8:3d:6a:85:8f:a4:83:42:6c:e5:73:bf: fa:19:58:46:b4:ef:2c:04:1b:70:10:04:08:6c:25: 05:94:0a:71:03:80:ea:73:bf:24:43:6f:09:89:25: 82:ab Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E9:D9:EE:62:E3:5F:51:91:70:4E:4B:46:8C:42:E3:E1:34:50:82:DF X509v3 Authority Key Identifier: keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS834.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 96.62.71.0/24 96.62.73.0-96.62.74.255 96.62.100.0/24 96.62.114.0/24 96.62.152.0/24 96.62.218.0/24 96.62.220.0/24 96.62.223.0/24 96.62.228.0/24 140.150.152.0/22 140.150.224.0/23 140.150.238.0/23 140.233.165.0/24 140.233.173.0-140.233.175.255 143.14.1.0/24 143.14.6.0/23 143.14.16.0/24 143.14.46.0/23 143.14.77.0/24 143.14.79.0-143.14.80.255 143.14.91.0-143.14.92.255 143.14.124.0/24 143.14.142.0/24 143.14.152.0/24 143.14.166.0/24 143.14.181.0-143.14.182.255 143.14.184.0/22 143.14.191.0-143.14.192.255 143.14.194.0/24 143.14.250.0/24 143.14.254.0/24 146.103.22.0/24 147.79.4.0/24 147.79.7.0/24 147.79.17.0-147.79.18.255 147.79.30.0/24 147.79.60.0/24 148.135.161.0/24 148.135.173.0/24 148.135.193.0/24 148.135.202.0/24 150.241.138.0/24 150.241.140.0/24 150.241.142.0/24 150.241.174.0/24 150.241.228.0/24 150.241.238.0/23 155.117.13.0/24 155.117.76.0/24 155.117.109.0-155.117.110.255 155.117.112.0/24 155.117.115.0/24 155.117.119.0/24 155.117.127.0/24 155.117.136.0/23 155.117.141.0/24 155.117.145.0/24 155.117.147.0/24 155.117.157.0/24 155.117.166.0/24 155.117.171.0/24 155.117.196.0/24 155.117.198.0/23 155.117.202.0/24 155.117.205.0-155.117.206.255 155.117.255.0/24 162.141.17.0/24 162.141.36.0/24 162.141.46.0/23 162.141.69.0-162.141.70.255 162.141.83.0/24 162.141.104.0/23 162.141.107.0/24 162.141.109.0/24 162.141.123.0/24 162.141.136.0/24 162.141.139.0/24 162.141.142.0/24 162.141.161.0/24 162.141.167.0/24 162.141.178.0/24 167.148.0.0/24 167.148.2.0/24 167.148.8.0/24 167.148.41.0/24 167.148.68.0/24 167.148.119.0-167.148.123.255 167.148.141.0/24 167.148.154.0/24 167.148.156.0/23 167.148.161.0-167.148.162.255 167.148.177.0/24 167.148.180.0/23 167.148.183.0-167.148.184.255 167.148.188.0/24 167.148.192.0/24 167.148.197.0/24 167.148.200.0/24 167.148.205.0/24 167.148.211.0/24 168.222.64.0/18 Signature Algorithm: sha256WithRSAEncryption 09:cd:df:e6:61:51:ea:10:39:87:cb:2f:02:9b:95:19:55:ef: 03:0c:1e:97:6e:ef:ad:82:c3:5c:80:a1:8d:8c:a6:04:8e:78: e8:5e:12:5f:52:26:84:91:aa:04:55:94:60:5c:7e:66:f6:7b: 41:27:59:47:5c:2b:c8:b6:40:88:97:ed:e4:44:80:04:30:c5: df:8f:a7:af:2d:d8:c9:d1:39:7c:e7:5a:20:30:79:55:5d:75: d2:c4:d8:a3:01:07:37:3d:72:ae:c9:d7:ae:b8:61:8c:8e:ce: 32:57:27:3b:2a:92:c2:5a:88:23:0d:8f:db:e5:60:99:78:ae: c7:d5:78:b9:ae:42:1a:a4:cc:af:9c:3b:67:cd:2f:74:f7:c9: d3:80:34:a6:7d:c7:1c:a6:97:97:2e:2e:69:37:21:3d:cd:ef: 07:c0:3f:db:e8:ee:27:1f:de:90:7b:80:3d:4a:a3:af:0c:3e: 69:57:e5:c0:00:dc:ad:29:9f:8d:d5:a5:64:1d:ef:1b:33:36: ec:fa:d3:31:4a:2f:1e:dd:1f:f3:7c:e1:63:b8:6e:b9:38:2e: 5c:9a:91:f5:2e:5c:ea:0f:d3:bc:76:12:84:5a:f9:1d:f5:3a: 9b:e2:de:cf:cf:e6:b4:3b:82:76:cd:12:ba:19:97:39:ab:07: bb:70:df:2c -----BEGIN CERTIFICATE----- MIIHxzCCBq+gAwIBAgIUOwcknYY9PpjNGdvko8JTXDCI18IwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi MjQ2YmZjYzAeFw0yNTEyMTcwNjQzMjVaFw0yNjEyMTYwNjQ4MjVaMDMxMTAvBgNV BAMTKEU5RDlFRTYyRTM1RjUxOTE3MDRFNEI0NjhDNDJFM0UxMzQ1MDgyREYwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCuj8Ibe1PTFs9rM6VN64OUiAAG Bi304r4J+776iVOXfcC9D3lefzP9RHm6C/PsN0t2h/XX/mfH5uQ84T2hwEPA2GBb L4yVq+2lMrn9GBoYt2dUv3p/RMrYcsVoNtXvy4Dpnh0nKYKh4ccBgxnXBNqJcIa3 S3hAbb3neZf1XpC/cbT418WkBPixk3nAXXk2IJifRwIHGqVILN63/URiRiG1weR7 qL4exmmEDacP3J1hAtdr8VUecmqjCjiijed5Z8MnszL1YnFP0ccIqcXtDW3AKyyq U6g9aoWPpINCbOVzv/oZWEa07ywEG3AQBAhsJQWUCnEDgOpzvyRDbwmJJYKrAgMB AAGjggTRMIIEzTAdBgNVHQ4EFgQU6dnuYuNfUZFwTktGjELj4TRQgt8wHwYDVR0j BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK R3Y4dy5jZXIweAYIKwYBBQUHAQsEbDBqMGgGCCsGAQUFBzALhlxyc3luYzovL3Jz eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTODM0LnJvYTAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMIIC5wYIKwYBBQUHAQcBAf8EggLWMIIC0jCCAs4EAgABMIIC xgMEAGA+RzAMAwQAYD5JAwQAYD5KAwQAYD5kAwQAYD5yAwQAYD6YAwQAYD7aAwQA YD7cAwQAYD7fAwQAYD7kAwQCjJaYAwQBjJbgAwQBjJbuAwQAjOmlMAwDBACM6a0D BASM6aADBACPDgEDBAGPDgYDBACPDhADBAGPDi4DBACPDk0wDAMEAI8OTwMEAI8O UDAMAwQAjw5bAwQAjw5cAwQAjw58AwQAjw6OAwQAjw6YAwQAjw6mMAwDBACPDrUD BACPDrYDBAKPDrgwDAMEAI8OvwMEAI8OwAMEAI8OwgMEAI8O+gMEAI8O/gMEAJJn FgMEAJNPBAMEAJNPBzAMAwQAk08RAwQAk08SAwQAk08eAwQAk088AwQAlIehAwQA lIetAwQAlIfBAwQAlIfKAwQAlvGKAwQAlvGMAwQAlvGOAwQAlvGuAwQAlvHkAwQB lvHuAwQAm3UNAwQAm3VMMAwDBACbdW0DBACbdW4DBACbdXADBACbdXMDBACbdXcD BACbdX8DBAGbdYgDBACbdY0DBACbdZEDBACbdZMDBACbdZ0DBACbdaYDBACbdasD BACbdcQDBAGbdcYDBACbdcowDAMEAJt1zQMEAJt1zgMEAJt1/wMEAKKNEQMEAKKN JAMEAaKNLjAMAwQAoo1FAwQAoo1GAwQAoo1TAwQBoo1oAwQAoo1rAwQAoo1tAwQA oo17AwQAoo2IAwQAoo2LAwQAoo2OAwQAoo2hAwQAoo2nAwQAoo2yAwQAp5QAAwQA p5QCAwQAp5QIAwQAp5QpAwQAp5REMAwDBACnlHcDBAKnlHgDBACnlI0DBACnlJoD BAGnlJwwDAMEAKeUoQMEAKeUogMEAKeUsQMEAaeUtDAMAwQAp5S3AwQAp5S4AwQA p5S8AwQAp5TAAwQAp5TFAwQAp5TIAwQAp5TNAwQAp5TTAwQGqN5AMA0GCSqGSIb3 DQEBCwUAA4IBAQAJzd/mYVHqEDmHyy8Cm5UZVe8DDB6Xbu+tgsNcgKGNjKYEjnjo XhJfUiaEkaoEVZRgXH5m9ntBJ1lHXCvItkCIl+3kRIAEMMXfj6evLdjJ0Tl851og MHlVXXXSxNijAQc3PXKuydeuuGGMjs4yVyc7KpLCWogjDY/b5WCZeK7H1Xi5rkIa pMyvnDtnzS9098nTgDSmfcccppeXLi5pNyE9ze8HwD/b6O4nH96Qe4A9SqOvDD5p V+XAANytKZ+N1aVkHe8bMzbs+tMxSi8e3R/zfOFjuG65OC5cmpH1LlzqD9O8dhKE Wvkd9Tqb4t7Pz+a0O4J2zRK6GZc5qwe7cN8s -----END CERTIFICATE-----Generated at Wed Dec 17 13:28:19 2025 by rpki-client