Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS834.roa
File: AS834.roa (raw, json)
Hash identifier: rHO520ZRBdYgCHVChd/jND8v75YVRLDWUwS+igwKqmQ=
Subject key identifier: CB:11:B3:3D:8E:41:88:A5:EE:AC:6F:DF:AE:2F:F5:86:BD:B9:B8:2E
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 02E4A25EB6B06718FFCA9B046741D59FAC18E20D
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS834.roa
Signing time: Mon 02 Mar 2026 00:04:31 +0000
ROA not before: Sun 01 Mar 2026 23:59:31 +0000
ROA not after: Mon 01 Mar 2027 00:04:31 +0000
asID: 834
IP address blocks: 140.150.153.0/24 maxlen: 24
140.150.156.0/24 maxlen: 24
140.150.232.0/23 maxlen: 24
140.233.167.0/24 maxlen: 24
140.233.173.0/24 maxlen: 24
140.233.180.0/22 maxlen: 24
140.233.184.0/24 maxlen: 24
143.14.1.0/24 maxlen: 24
143.14.7.0/24 maxlen: 24
143.14.16.0/24 maxlen: 24
143.14.23.0/24 maxlen: 24
143.14.47.0/24 maxlen: 24
143.14.49.0/24 maxlen: 24
143.14.51.0/24 maxlen: 24
143.14.59.0/24 maxlen: 24
143.14.68.0/24 maxlen: 24
143.14.81.0/24 maxlen: 24
143.14.91.0/24 maxlen: 24
143.14.92.0/24 maxlen: 24
143.14.129.0/24 maxlen: 24
143.14.133.0/24 maxlen: 24
143.14.150.0/24 maxlen: 24
143.14.152.0/24 maxlen: 24
143.14.181.0/24 maxlen: 24
143.14.182.0/24 maxlen: 24
143.14.185.0/24 maxlen: 24
143.14.186.0/24 maxlen: 24
143.14.191.0/24 maxlen: 24
143.14.192.0/23 maxlen: 24
143.14.208.0/23 maxlen: 24
143.14.217.0/24 maxlen: 24
143.14.218.0/24 maxlen: 24
143.14.220.0/23 maxlen: 24
143.14.248.0/23 maxlen: 24
143.14.252.0/24 maxlen: 24
146.103.29.0/24 maxlen: 24
146.103.37.0/24 maxlen: 24
146.103.52.0/24 maxlen: 24
147.79.2.0/24 maxlen: 24
147.79.18.0/24 maxlen: 24
147.79.30.0/24 maxlen: 24
147.79.52.0/23 maxlen: 24
147.79.54.0/24 maxlen: 24
148.135.171.0/24 maxlen: 24
148.135.173.0/24 maxlen: 24
148.135.175.0/24 maxlen: 24
148.135.193.0/24 maxlen: 24
148.135.198.0/24 maxlen: 24
148.135.203.0/24 maxlen: 24
148.135.255.0/24 maxlen: 24
150.241.138.0/23 maxlen: 24
150.241.141.0/24 maxlen: 24
150.241.142.0/24 maxlen: 24
150.241.174.0/24 maxlen: 24
150.241.208.0/23 maxlen: 24
150.241.228.0/24 maxlen: 24
150.241.234.0/24 maxlen: 24
150.241.242.0/24 maxlen: 24
150.241.253.0/24 maxlen: 24
155.117.4.0/24 maxlen: 24
155.117.6.0/24 maxlen: 24
155.117.51.0/24 maxlen: 24
155.117.63.0/24 maxlen: 24
155.117.76.0/24 maxlen: 24
155.117.112.0/24 maxlen: 24
155.117.119.0/24 maxlen: 24
155.117.120.0/24 maxlen: 24
155.117.136.0/23 maxlen: 24
155.117.154.0/24 maxlen: 24
155.117.171.0/24 maxlen: 24
155.117.186.0/24 maxlen: 24
155.117.198.0/23 maxlen: 24
155.117.210.0/24 maxlen: 24
155.117.220.0/24 maxlen: 24
155.117.228.0/24 maxlen: 24
155.117.241.0/24 maxlen: 24
162.141.1.0/24 maxlen: 24
162.141.5.0/24 maxlen: 24
162.141.8.0/24 maxlen: 24
162.141.44.0/24 maxlen: 24
162.141.46.0/23 maxlen: 24
162.141.48.0/24 maxlen: 24
162.141.50.0/24 maxlen: 24
162.141.66.0/23 maxlen: 24
162.141.68.0/23 maxlen: 24
162.141.78.0/24 maxlen: 24
162.141.82.0/23 maxlen: 24
162.141.100.0/24 maxlen: 24
162.141.105.0/24 maxlen: 24
162.141.107.0/24 maxlen: 24
162.141.108.0/23 maxlen: 24
162.141.115.0/24 maxlen: 24
162.141.116.0/24 maxlen: 24
162.141.120.0/24 maxlen: 24
162.141.123.0/24 maxlen: 24
162.141.136.0/23 maxlen: 24
162.141.139.0/24 maxlen: 24
162.141.153.0/24 maxlen: 24
162.141.160.0/24 maxlen: 24
162.141.163.0/24 maxlen: 24
162.141.166.0/24 maxlen: 24
167.148.2.0/23 maxlen: 24
167.148.15.0/24 maxlen: 24
167.148.42.0/24 maxlen: 24
167.148.46.0/24 maxlen: 24
167.148.68.0/24 maxlen: 24
167.148.122.0/23 maxlen: 24
167.148.136.0/24 maxlen: 24
167.148.149.0/24 maxlen: 24
167.148.161.0/24 maxlen: 24
167.148.171.0/24 maxlen: 24
167.148.175.0/24 maxlen: 24
167.148.181.0/24 maxlen: 24
167.148.194.0/24 maxlen: 24
167.148.197.0/24 maxlen: 24
167.148.200.0/24 maxlen: 24
167.148.206.0/24 maxlen: 24
167.148.209.0/24 maxlen: 24
167.148.214.0/24 maxlen: 24
168.222.3.0/24 maxlen: 24
168.222.10.0/24 maxlen: 24
168.222.12.0/24 maxlen: 24
168.222.14.0/24 maxlen: 24
168.222.17.0/24 maxlen: 24
168.222.22.0/23 maxlen: 24
168.222.26.0/24 maxlen: 24
168.222.50.0/23 maxlen: 24
168.222.61.0/24 maxlen: 24
168.222.62.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
02:e4:a2:5e:b6:b0:67:18:ff:ca:9b:04:67:41:d5:9f:ac:18:e2:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Mar 1 23:59:31 2026 GMT
Not After : Mar 1 00:04:31 2027 GMT
Subject: CN=CB11B33D8E4188A5EEAC6FDFAE2FF586BDB9B82E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:23:ff:a6:10:a7:f8:9b:ed:d1:97:c2:b9:bb:
ba:b3:7a:c4:ac:b2:62:f0:2b:3f:1b:ed:12:23:f1:
1f:8a:5d:b8:08:f6:6a:cc:80:da:74:26:6b:67:d1:
62:90:7c:fd:bf:78:5a:16:0a:11:15:ae:a6:60:80:
74:7d:3b:47:7f:77:04:5e:3b:93:cb:73:a8:f0:50:
32:c9:13:7e:56:af:ff:49:6c:83:73:f6:4d:77:df:
52:83:39:1f:58:77:fe:86:a7:05:4d:10:55:e3:66:
f6:06:6f:67:1a:e2:e3:03:a9:2c:72:3b:59:e9:c4:
9b:65:44:73:63:84:45:4d:b2:59:c8:6c:10:21:b6:
1d:5c:9e:03:1e:96:de:cd:82:5c:8f:7f:6e:f2:4d:
1f:13:a5:eb:60:15:b3:b9:6f:2a:18:57:40:d3:be:
11:4b:94:9d:1d:48:9f:25:c2:ba:8a:2b:6b:8d:20:
77:b5:f2:61:69:dd:6b:e8:1c:49:79:c6:61:1d:ab:
2c:df:7c:4f:fe:3b:98:da:de:11:87:3a:c1:61:2c:
3b:12:1a:aa:2f:2c:e2:07:ec:6d:85:b7:1e:68:d9:
ff:bd:11:86:02:b4:09:25:ba:02:86:b1:07:31:c0:
4f:5c:04:99:0e:1d:b2:e0:f7:1b:bf:c2:c4:92:43:
51:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:11:B3:3D:8E:41:88:A5:EE:AC:6F:DF:AE:2F:F5:86:BD:B9:B8:2E
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS834.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
140.150.153.0/24
140.150.156.0/24
140.150.232.0/23
140.233.167.0/24
140.233.173.0/24
140.233.180.0-140.233.184.255
143.14.1.0/24
143.14.7.0/24
143.14.16.0/24
143.14.23.0/24
143.14.47.0/24
143.14.49.0/24
143.14.51.0/24
143.14.59.0/24
143.14.68.0/24
143.14.81.0/24
143.14.91.0-143.14.92.255
143.14.129.0/24
143.14.133.0/24
143.14.150.0/24
143.14.152.0/24
143.14.181.0-143.14.182.255
143.14.185.0-143.14.186.255
143.14.191.0-143.14.193.255
143.14.208.0/23
143.14.217.0-143.14.218.255
143.14.220.0/23
143.14.248.0/23
143.14.252.0/24
146.103.29.0/24
146.103.37.0/24
146.103.52.0/24
147.79.2.0/24
147.79.18.0/24
147.79.30.0/24
147.79.52.0-147.79.54.255
148.135.171.0/24
148.135.173.0/24
148.135.175.0/24
148.135.193.0/24
148.135.198.0/24
148.135.203.0/24
148.135.255.0/24
150.241.138.0/23
150.241.141.0-150.241.142.255
150.241.174.0/24
150.241.208.0/23
150.241.228.0/24
150.241.234.0/24
150.241.242.0/24
150.241.253.0/24
155.117.4.0/24
155.117.6.0/24
155.117.51.0/24
155.117.63.0/24
155.117.76.0/24
155.117.112.0/24
155.117.119.0-155.117.120.255
155.117.136.0/23
155.117.154.0/24
155.117.171.0/24
155.117.186.0/24
155.117.198.0/23
155.117.210.0/24
155.117.220.0/24
155.117.228.0/24
155.117.241.0/24
162.141.1.0/24
162.141.5.0/24
162.141.8.0/24
162.141.44.0/24
162.141.46.0-162.141.48.255
162.141.50.0/24
162.141.66.0-162.141.69.255
162.141.78.0/24
162.141.82.0/23
162.141.100.0/24
162.141.105.0/24
162.141.107.0-162.141.109.255
162.141.115.0-162.141.116.255
162.141.120.0/24
162.141.123.0/24
162.141.136.0/23
162.141.139.0/24
162.141.153.0/24
162.141.160.0/24
162.141.163.0/24
162.141.166.0/24
167.148.2.0/23
167.148.15.0/24
167.148.42.0/24
167.148.46.0/24
167.148.68.0/24
167.148.122.0/23
167.148.136.0/24
167.148.149.0/24
167.148.161.0/24
167.148.171.0/24
167.148.175.0/24
167.148.181.0/24
167.148.194.0/24
167.148.197.0/24
167.148.200.0/24
167.148.206.0/24
167.148.209.0/24
167.148.214.0/24
168.222.3.0/24
168.222.10.0/24
168.222.12.0/24
168.222.14.0/24
168.222.17.0/24
168.222.22.0/23
168.222.26.0/24
168.222.50.0/23
168.222.61.0-168.222.62.255
Signature Algorithm: sha256WithRSAEncryption
98:f7:fe:4f:96:58:f1:91:b9:d9:9d:63:8c:41:45:4d:50:10:
a5:9f:7a:1c:f8:e1:5c:c6:ed:e6:c4:b8:87:e4:59:e3:c4:2b:
f7:7d:e4:35:ca:ca:fc:5c:42:a0:11:66:dc:07:a2:75:a6:87:
e1:d5:42:86:ab:8f:e9:75:a1:e1:07:1b:a0:75:f1:ad:81:82:
3f:e7:0b:8d:f2:26:2b:ab:1a:c9:ca:b7:f9:9b:0a:9a:2a:aa:
be:9f:54:e3:2d:cb:b7:df:63:9b:34:88:4f:48:cc:5a:d3:c4:
be:27:b9:ce:91:95:3e:de:4a:21:25:47:79:17:fb:c5:44:4c:
a0:af:f1:80:e8:7d:79:46:ee:67:5d:43:b8:84:54:cb:5d:6c:
09:47:2c:d3:a6:2a:d9:6e:ce:71:4f:e4:a9:4f:63:e0:38:b7:
7e:8d:97:6e:8e:1b:8c:b7:59:83:46:f5:ba:ff:a4:c9:d0:aa:
11:da:60:92:62:d7:55:45:9a:f8:37:66:1f:84:bb:30:76:be:
5a:a5:f5:00:29:64:57:29:b5:3b:1d:f2:9f:7e:38:70:b1:6c:
4b:18:49:40:e5:61:aa:cb:f2:8e:cd:85:bf:51:a6:75:9c:dd:
c2:2e:2a:7b:78:5f:74:e9:39:db:d5:e7:ba:1b:43:b1:a0:91:
5b:e8:da:27
-----BEGIN CERTIFICATE-----
MIIIIzCCBwugAwIBAgIUAuSiXrawZxj/ypsEZ0HVn6wY4g0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNjAzMDEyMzU5MzFaFw0yNzAzMDEwMDA0MzFaMDMxMTAvBgNV
BAMTKENCMTFCMzNEOEU0MTg4QTVFRUFDNkZERkFFMkZGNTg2QkRCOUI4MkUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC2I/+mEKf4m+3Rl8K5u7qzesSs
smLwKz8b7RIj8R+KXbgI9mrMgNp0Jmtn0WKQfP2/eFoWChEVrqZggHR9O0d/dwRe
O5PLc6jwUDLJE35Wr/9JbINz9k1331KDOR9Yd/6GpwVNEFXjZvYGb2ca4uMDqSxy
O1npxJtlRHNjhEVNslnIbBAhth1cngMelt7NglyPf27yTR8TpetgFbO5byoYV0DT
vhFLlJ0dSJ8lwrqKK2uNIHe18mFp3WvoHEl5xmEdqyzffE/+O5ja3hGHOsFhLDsS
GqovLOIH7G2Ftx5o2f+9EYYCtAklugKGsQcxwE9cBJkOHbLg9xu/wsSSQ1FfAgMB
AAGjggUtMIIFKTAdBgNVHQ4EFgQUyxGzPY5BiKXurG/fri/1hr25uC4wHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIweAYIKwYBBQUHAQsEbDBqMGgGCCsGAQUFBzALhlxyc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTODM0LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIDQwYIKwYBBQUHAQcBAf8EggMyMIIDLjCCAyoEAgABMIID
IgMEAIyWmQMEAIyWnAMEAYyW6AMEAIzppwMEAIzprTAMAwQCjOm0AwQAjOm4AwQA
jw4BAwQAjw4HAwQAjw4QAwQAjw4XAwQAjw4vAwQAjw4xAwQAjw4zAwQAjw47AwQA
jw5EAwQAjw5RMAwDBACPDlsDBACPDlwDBACPDoEDBACPDoUDBACPDpYDBACPDpgw
DAMEAI8OtQMEAI8OtjAMAwQAjw65AwQAjw66MAwDBACPDr8DBAGPDsADBAGPDtAw
DAMEAI8O2QMEAI8O2gMEAY8O3AMEAY8O+AMEAI8O/AMEAJJnHQMEAJJnJQMEAJJn
NAMEAJNPAgMEAJNPEgMEAJNPHjAMAwQCk080AwQAk082AwQAlIerAwQAlIetAwQA
lIevAwQAlIfBAwQAlIfGAwQAlIfLAwQAlIf/AwQBlvGKMAwDBACW8Y0DBACW8Y4D
BACW8a4DBAGW8dADBACW8eQDBACW8eoDBACW8fIDBACW8f0DBACbdQQDBACbdQYD
BACbdTMDBACbdT8DBACbdUwDBACbdXAwDAMEAJt1dwMEAJt1eAMEAZt1iAMEAJt1
mgMEAJt1qwMEAJt1ugMEAZt1xgMEAJt10gMEAJt13AMEAJt15AMEAJt18QMEAKKN
AQMEAKKNBQMEAKKNCAMEAKKNLDAMAwQBoo0uAwQAoo0wAwQAoo0yMAwDBAGijUID
BAGijUQDBACijU4DBAGijVIDBACijWQDBACijWkwDAMEAKKNawMEAaKNbDAMAwQA
oo1zAwQAoo10AwQAoo14AwQAoo17AwQBoo2IAwQAoo2LAwQAoo2ZAwQAoo2gAwQA
oo2jAwQAoo2mAwQBp5QCAwQAp5QPAwQAp5QqAwQAp5QuAwQAp5REAwQBp5R6AwQA
p5SIAwQAp5SVAwQAp5ShAwQAp5SrAwQAp5SvAwQAp5S1AwQAp5TCAwQAp5TFAwQA
p5TIAwQAp5TOAwQAp5TRAwQAp5TWAwQAqN4DAwQAqN4KAwQAqN4MAwQAqN4OAwQA
qN4RAwQBqN4WAwQAqN4aAwQBqN4yMAwDBACo3j0DBACo3j4wDQYJKoZIhvcNAQEL
BQADggEBAJj3/k+WWPGRudmdY4xBRU1QEKWfehz44VzG7ebEuIfkWePEK/d95DXK
yvxcQqARZtwHonWmh+HVQoarj+l1oeEHG6B18a2Bgj/nC43yJiurGsnKt/mbCpoq
qr6fVOMty7ffY5s0iE9IzFrTxL4nuc6RlT7eSiElR3kX+8VETKCv8YDofXlG7mdd
Q7iEVMtdbAlHLNOmKtluznFP5KlPY+A4t36Nl26OG4y3WYNG9br/pMnQqhHaYJJi
11VFmvg3Zh+EuzB2vlql9QApZFcptTsd8p9+OHCxbEsYSUDlYarL8o7Nhb9RpnWc
3cIuKnt4X3TpOdvV57obQ7GgkVvo2ic=
-----END CERTIFICATE-----
Generated at Mon Mar 2 04:50:48 2026 by rpki-client