Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS834.roa
File: AS834.roa (raw, json)
Hash identifier: KrgCSCH0USUjtaZWd7YXCn9aHdXjOqyjM+PjeWwuOpk=
Subject key identifier: D5:F4:16:FD:6E:FC:5F:30:08:63:2A:5D:9B:02:CE:52:2C:D9:90:1F
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 1D7767230CCB154C48E718CD1F6083B431C8BBBB
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS834.roa
Signing time: Sat 13 Jun 2026 08:04:50 +0000
ROA not before: Sat 13 Jun 2026 07:59:50 +0000
ROA not after: Sat 12 Jun 2027 08:04:50 +0000
asID: 834
IP address blocks: 96.62.96.0/23 maxlen: 24
143.14.68.0/24 maxlen: 24
143.14.140.0/24 maxlen: 24
143.14.185.0/24 maxlen: 24
143.14.187.0/24 maxlen: 24
143.14.193.0/24 maxlen: 24
143.14.198.0/23 maxlen: 24
143.14.218.0/24 maxlen: 24
143.14.229.0/24 maxlen: 24
143.14.248.0/24 maxlen: 24
148.135.172.0/24 maxlen: 24
148.135.196.0/23 maxlen: 24
148.135.204.0/23 maxlen: 24
148.135.208.0/22 maxlen: 24
150.241.200.0/23 maxlen: 24
155.117.145.0/24 maxlen: 24
155.117.167.0/24 maxlen: 24
155.117.168.0/23 maxlen: 24
155.117.182.0/24 maxlen: 24
155.117.200.0/23 maxlen: 24
155.117.202.0/24 maxlen: 24
155.117.212.0/23 maxlen: 24
155.117.228.0/24 maxlen: 24
155.117.242.0/24 maxlen: 24
162.141.82.0/23 maxlen: 24
162.141.153.0/24 maxlen: 24
167.148.87.0/24 maxlen: 24
168.222.78.0/24 maxlen: 24
168.222.105.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1d:77:67:23:0c:cb:15:4c:48:e7:18:cd:1f:60:83:b4:31:c8:bb:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Jun 13 07:59:50 2026 GMT
Not After : Jun 12 08:04:50 2027 GMT
Subject: CN=D5F416FD6EFC5F3008632A5D9B02CE522CD9901F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:e4:e6:30:ea:3f:9d:a0:7a:e2:62:4e:23:2c:
91:b3:4c:f3:11:26:41:3d:42:bc:5a:f1:e0:d5:a5:
70:44:f8:cf:9b:af:1c:d6:08:9a:8e:4c:38:9d:f1:
02:0d:26:2d:32:dd:7d:20:fa:47:40:31:08:6a:d7:
4c:72:3d:88:76:01:6c:17:63:ec:9b:6b:12:e7:7b:
c4:c7:c4:58:37:ac:4d:e5:de:34:a6:b3:8f:ab:42:
c7:b9:8f:1d:e8:1f:82:48:45:39:98:52:14:4a:d0:
0b:89:0e:42:99:0c:5f:0d:a5:29:ee:14:69:9c:64:
eb:fa:99:e3:df:28:f5:d9:3e:6c:a7:f5:65:3e:fd:
ca:e4:40:4d:eb:51:67:cd:79:c1:cf:2b:ad:22:ac:
62:5e:36:a3:d2:71:6f:a6:cb:a8:db:6f:d8:4d:0e:
5d:ef:9b:16:4a:07:ae:39:79:3d:b2:10:d5:1c:f0:
c4:a5:4e:54:5a:e4:1b:ec:c5:60:41:82:51:14:89:
ed:3d:97:36:6c:88:65:11:4d:da:ad:f8:07:7b:ed:
b8:32:9a:b6:52:b8:09:18:69:61:ab:60:b9:de:26:
68:e2:8c:cf:47:07:33:c4:76:7e:4b:4c:a6:97:b2:
7b:24:52:58:b2:a4:97:52:92:a3:b3:f9:87:a1:62:
7e:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:F4:16:FD:6E:FC:5F:30:08:63:2A:5D:9B:02:CE:52:2C:D9:90:1F
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS834.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
96.62.96.0/23
143.14.68.0/24
143.14.140.0/24
143.14.185.0/24
143.14.187.0/24
143.14.193.0/24
143.14.198.0/23
143.14.218.0/24
143.14.229.0/24
143.14.248.0/24
148.135.172.0/24
148.135.196.0/23
148.135.204.0/23
148.135.208.0/22
150.241.200.0/23
155.117.145.0/24
155.117.167.0-155.117.169.255
155.117.182.0/24
155.117.200.0-155.117.202.255
155.117.212.0/23
155.117.228.0/24
155.117.242.0/24
162.141.82.0/23
162.141.153.0/24
167.148.87.0/24
168.222.78.0/24
168.222.105.0/24
Signature Algorithm: sha256WithRSAEncryption
b0:fc:52:61:51:8a:2e:de:be:ff:21:dc:21:9f:bc:6c:d5:a5:
ac:2c:0a:60:85:10:a8:56:f4:7e:cd:e8:f5:51:8e:c6:b4:e9:
2c:f4:08:dc:70:1f:80:6a:90:36:16:0a:04:21:5a:75:94:1e:
2e:e5:2e:5a:46:6e:a5:e7:16:cf:7e:24:33:34:ed:80:89:1b:
9f:32:00:bf:e3:03:de:e0:e2:8b:cd:2b:cc:cc:28:9e:ce:55:
73:f4:b8:0d:a5:b2:c4:cf:79:50:1d:a2:92:c5:6e:b1:67:95:
d1:c5:6b:e3:2a:54:b7:37:b2:3e:14:dd:f6:1a:12:4a:9e:cb:
7a:15:1c:c8:ad:83:dd:4c:ca:5b:d5:34:22:87:67:cf:48:ce:
2c:54:5c:20:c1:03:fb:91:90:38:7b:82:8f:05:fc:bb:9f:49:
76:67:34:02:f0:a6:fd:14:ba:62:88:62:e7:32:63:0b:45:a2:
f1:67:3d:ed:9b:1a:78:d4:05:4b:cc:75:7b:3c:4c:7b:ac:9c:
3e:8d:5e:5e:21:af:06:4c:8e:35:5d:3a:2f:e7:6a:c9:21:47:
ba:e0:38:e3:9f:f7:33:bc:b4:88:65:4d:8f:bb:d8:04:bd:1c:
66:ec:2a:7b:0a:90:72:cd:b9:4a:34:d1:30:8a:d0:64:14:99:
64:52:8e:e1
-----BEGIN CERTIFICATE-----
MIIFrjCCBJagAwIBAgIUHXdnIwzLFUxI5xjNH2CDtDHIu7swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNjA2MTMwNzU5NTBaFw0yNzA2MTIwODA0NTBaMDMxMTAvBgNV
BAMTKEQ1RjQxNkZENkVGQzVGMzAwODYzMkE1RDlCMDJDRTUyMkNEOTkwMUYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC05OYw6j+doHriYk4jLJGzTPMR
JkE9Qrxa8eDVpXBE+M+brxzWCJqOTDid8QINJi0y3X0g+kdAMQhq10xyPYh2AWwX
Y+ybaxLne8THxFg3rE3l3jSms4+rQse5jx3oH4JIRTmYUhRK0AuJDkKZDF8NpSnu
FGmcZOv6mePfKPXZPmyn9WU+/crkQE3rUWfNecHPK60irGJeNqPScW+my6jbb9hN
Dl3vmxZKB645eT2yENUc8MSlTlRa5BvsxWBBglEUie09lzZsiGURTdqt+Ad77bgy
mrZSuAkYaWGrYLneJmjijM9HBzPEdn5LTKaXsnskUliypJdSkqOz+YehYn7RAgMB
AAGjggK4MIICtDAdBgNVHQ4EFgQU1fQW/W78XzAIYypdmwLOUizZkB8wHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIweAYIKwYBBQUHAQsEbDBqMGgGCCsGAQUFBzALhlxyc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTODM0LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHPBggrBgEFBQcBBwEB/wSBvzCBvDCBuQQCAAEwgbIDBAFg
PmADBACPDkQDBACPDowDBACPDrkDBACPDrsDBACPDsEDBAGPDsYDBACPDtoDBACP
DuUDBACPDvgDBACUh6wDBAGUh8QDBAGUh8wDBAKUh9ADBAGW8cgDBACbdZEwDAME
AJt1pwMEAZt1qAMEAJt1tjAMAwQDm3XIAwQAm3XKAwQBm3XUAwQAm3XkAwQAm3Xy
AwQBoo1SAwQAoo2ZAwQAp5RXAwQAqN5OAwQAqN5pMA0GCSqGSIb3DQEBCwUAA4IB
AQCw/FJhUYou3r7/Idwhn7xs1aWsLApghRCoVvR+zej1UY7GtOks9AjccB+AapA2
FgoEIVp1lB4u5S5aRm6l5xbPfiQzNO2AiRufMgC/4wPe4OKLzSvMzCiezlVz9LgN
pbLEz3lQHaKSxW6xZ5XRxWvjKlS3N7I+FN32GhJKnst6FRzIrYPdTMpb1TQih2fP
SM4sVFwgwQP7kZA4e4KPBfy7n0l2ZzQC8Kb9FLpiiGLnMmMLRaLxZz3tmxp41AVL
zHV7PEx7rJw+jV5eIa8GTI41XTov52rJIUe64Djjn/czvLSIZU2Pu9gEvRxm7Cp7
CpByzblKNNEwitBkFJlkUo7h
-----END CERTIFICATE-----
Generated at Sat Jun 13 10:45:29 2026 by rpki-client