Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/AS834.roa
File: AS834.roa (raw, json)
Hash identifier: 2mcI0qkzp8V/LGgi952jogtfghDvdysjT9Mot8wmRlI=
Subject key identifier: E8:34:61:57:B4:05:13:29:0C:76:FB:66:3B:22:57:89:DE:88:68:98
Certificate issuer: /CN=3feccb17be51ee59ec74d64eed917e221ee28a1b
Certificate serial: 5CAD28FF06D45478F89EC8A54A36EF74F16F1765
Authority key identifier: 3F:EC:CB:17:BE:51:EE:59:EC:74:D6:4E:ED:91:7E:22:1E:E2:8A:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P-zLF75R7lnsdNZO7ZF-Ih7iihs.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/AS834.roa
Signing time: Tue 04 Nov 2025 05:32:05 +0000
ROA not before: Tue 04 Nov 2025 05:27:05 +0000
ROA not after: Tue 03 Nov 2026 05:32:05 +0000
asID: 834
IP address blocks: 46.236.212.0/23 maxlen: 24
46.236.216.0/23 maxlen: 24
82.139.194.0/24 maxlen: 24
82.139.204.0/23 maxlen: 24
82.139.207.0/24 maxlen: 24
82.139.209.0/24 maxlen: 24
82.139.210.0/23 maxlen: 24
82.139.212.0/23 maxlen: 24
82.139.236.0/24 maxlen: 24
82.139.240.0/23 maxlen: 24
82.139.245.0/24 maxlen: 24
82.139.249.0/24 maxlen: 24
82.139.250.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/3FECCB17BE51EE59EC74D64EED917E221EE28A1B.crl
rsync://rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/3FECCB17BE51EE59EC74D64EED917E221EE28A1B.mft
rsync://rpki.ripe.net/repository/DEFAULT/P-zLF75R7lnsdNZO7ZF-Ih7iihs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 07:50:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5c:ad:28:ff:06:d4:54:78:f8:9e:c8:a5:4a:36:ef:74:f1:6f:17:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3feccb17be51ee59ec74d64eed917e221ee28a1b
Validity
Not Before: Nov 4 05:27:05 2025 GMT
Not After : Nov 3 05:32:05 2026 GMT
Subject: CN=E8346157B40513290C76FB663B225789DE886898
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:7e:3f:79:50:be:31:6a:79:b9:a7:f4:5c:92:
b1:ca:03:87:50:d9:fa:88:7a:a0:57:98:0b:42:ed:
fb:c4:02:60:e8:4a:5f:4a:87:d1:f7:a1:74:7a:b9:
af:e2:6c:70:ae:1b:d2:5e:7e:1b:5f:1f:10:83:23:
2f:8f:12:f6:5e:da:bf:ba:c6:9a:ed:e7:8e:eb:d7:
10:cb:03:eb:7a:ec:a7:a8:05:48:eb:b5:e7:00:93:
13:c2:94:60:fa:e0:d0:d0:2d:e1:11:9b:ca:16:24:
40:b7:9b:41:28:29:7c:a2:8a:dd:c1:3e:69:e4:11:
12:ea:35:a7:b6:7d:9e:50:5d:e1:71:15:65:d4:d0:
cf:10:03:05:df:a5:1e:dd:4d:fa:1e:db:53:3f:9f:
42:a2:24:49:d3:ea:56:75:09:92:24:20:2c:be:cc:
65:c0:0b:7e:40:4c:e7:c6:ff:63:3b:57:67:e0:40:
4f:ba:e6:70:32:8c:16:49:3c:ac:c8:ac:c9:93:e9:
8d:4e:d1:85:ff:cd:f8:50:24:19:bc:9a:7c:22:81:
87:3d:93:0a:3f:2d:36:90:69:f5:b5:dd:20:ec:a7:
5b:fe:78:58:5b:aa:00:19:32:1d:5d:ec:fd:1d:c7:
3e:25:31:c6:77:f2:be:c0:72:5e:b9:0b:c7:40:fd:
ba:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:34:61:57:B4:05:13:29:0C:76:FB:66:3B:22:57:89:DE:88:68:98
X509v3 Authority Key Identifier:
keyid:3F:EC:CB:17:BE:51:EE:59:EC:74:D6:4E:ED:91:7E:22:1E:E2:8A:1B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/3FECCB17BE51EE59EC74D64EED917E221EE28A1B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P-zLF75R7lnsdNZO7ZF-Ih7iihs.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/AS834.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.236.212.0/23
46.236.216.0/23
82.139.194.0/24
82.139.204.0/23
82.139.207.0/24
82.139.209.0-82.139.213.255
82.139.236.0/24
82.139.240.0/23
82.139.245.0/24
82.139.249.0-82.139.250.255
Signature Algorithm: sha256WithRSAEncryption
23:24:58:e5:dd:66:54:fc:c9:1f:8f:74:17:88:5a:4c:33:3e:
58:9c:09:68:b3:a1:1e:fb:71:7d:2c:e9:8d:7b:3e:50:a6:54:
f4:2a:ec:c5:d8:11:db:08:a0:46:a0:ea:40:af:c1:38:0d:ce:
c7:a2:7b:7a:2a:82:d3:63:9e:a0:e2:e1:fc:86:b3:20:ff:8c:
db:a7:69:f1:8f:d7:c3:03:d5:c0:47:6d:1d:d4:3c:77:e7:af:
7f:85:33:2f:0e:6c:e1:51:9e:94:31:53:d4:21:9b:e9:02:7d:
f4:60:37:d7:03:54:09:b6:54:63:33:49:dc:07:3a:be:97:7b:
7c:f3:72:e5:10:c6:93:66:0e:2e:19:39:87:b0:9f:c6:0b:f6:
20:e0:8e:5c:0d:a7:ca:a0:ab:72:6a:a7:10:15:01:0f:7e:c5:
3a:2b:a4:ca:8d:f6:1a:d4:ad:b6:02:20:fe:e2:05:ff:c1:82:
29:0c:92:f7:28:05:7d:b3:93:93:5d:47:65:5f:8c:38:89:19:
83:c1:3c:68:73:4e:e1:95:e7:75:d9:a3:d5:7a:b0:5d:60:23:
dc:88:ae:c3:4a:b6:8b:00:cf:bd:c8:4c:4f:37:9c:56:df:99:
48:23:18:0e:5b:2a:0f:97:e6:e4:1e:e8:c8:75:26:9c:68:59:
28:56:a5:92
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgIUXK0o/wbUVHj4nsilSjbvdPFvF2UwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoM2ZlY2NiMTdiZTUxZWU1OWVjNzRkNjRlZWQ5MTdlMjIx
ZWUyOGExYjAeFw0yNTExMDQwNTI3MDVaFw0yNjExMDMwNTMyMDVaMDMxMTAvBgNV
BAMTKEU4MzQ2MTU3QjQwNTEzMjkwQzc2RkI2NjNCMjI1Nzg5REU4ODY4OTgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCjfj95UL4xanm5p/RckrHKA4dQ
2fqIeqBXmAtC7fvEAmDoSl9Kh9H3oXR6ua/ibHCuG9JefhtfHxCDIy+PEvZe2r+6
xprt547r1xDLA+t67KeoBUjrtecAkxPClGD64NDQLeERm8oWJEC3m0EoKXyiit3B
PmnkERLqNae2fZ5QXeFxFWXU0M8QAwXfpR7dTfoe21M/n0KiJEnT6lZ1CZIkICy+
zGXAC35ATOfG/2M7V2fgQE+65nAyjBZJPKzIrMmT6Y1O0YX/zfhQJBm8mnwigYc9
kwo/LTaQafW13SDsp1v+eFhbqgAZMh1d7P0dxz4lMcZ38r7Acl65C8dA/bp3AgMB
AAGjggJNMIICSTAdBgNVHQ4EFgQU6DRhV7QFEykMdvtmOyJXid6IaJgwHwYDVR0j
BBgwFoAUP+zLF75R7lnsdNZO7ZF+Ih7iihswDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMjJkYjc1NTUtOWFhNC00OTgzLTkzMTYtNzM4MDlkZDM1
NGJjLzAvM0ZFQ0NCMTdCRTUxRUU1OUVDNzRENjRFRUQ5MTdFMjIxRUUyOEExQi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1AtekxGNzVSN2xuc2ROWk83WkYtSWg3
aWlocy5jZXIweAYIKwYBBQUHAQsEbDBqMGgGCCsGAQUFBzALhlxyc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzIyZGI3NTU1LTlhYTQt
NDk4My05MzE2LTczODA5ZGQzNTRiYy8wL0FTODM0LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGUGCCsGAQUFBwEHAQH/BFYwVDBSBAIAATBMAwQBLuzUAwQB
LuzYAwQAUovCAwQBUovMAwQAUovPMAwDBABSi9EDBAFSi9QDBABSi+wDBAFSi/AD
BABSi/UwDAMEAFKL+QMEAFKL+jANBgkqhkiG9w0BAQsFAAOCAQEAIyRY5d1mVPzJ
H490F4haTDM+WJwJaLOhHvtxfSzpjXs+UKZU9CrsxdgR2wigRqDqQK/BOA3Ox6J7
eiqC02OeoOLh/IazIP+M26dp8Y/XwwPVwEdtHdQ8d+evf4UzLw5s4VGelDFT1CGb
6QJ99GA31wNUCbZUYzNJ3Ac6vpd7fPNy5RDGk2YOLhk5h7Cfxgv2IOCOXA2nyqCr
cmqnEBUBD37FOiukyo32GtSttgIg/uIF/8GCKQyS9ygFfbOTk11HZV+MOIkZg8E8
aHNO4ZXnddmj1XqwXWAj3Iiuw0q2iwDPvchMTzecVt+ZSCMYDlsqD5fm5B7oyHUm
nGhZKFalkg==
-----END CERTIFICATE-----
Generated at Tue Nov 4 22:54:07 2025 by rpki-client