Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/AS834.roa
File: AS834.roa (raw, json)
Hash identifier: ZPo1p/p/6WbN86lC8eCFrhPqUBB2aGKfAL7ai3W8CCI=
Subject key identifier: A9:7E:99:91:E5:8C:7A:B9:8C:37:F4:04:0F:6C:B5:69:14:0E:12:A4
Certificate issuer: /CN=3feccb17be51ee59ec74d64eed917e221ee28a1b
Certificate serial: 7709864FB917BD0A8AB7A8E89725FDD97FAE9170
Authority key identifier: 3F:EC:CB:17:BE:51:EE:59:EC:74:D6:4E:ED:91:7E:22:1E:E2:8A:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P-zLF75R7lnsdNZO7ZF-Ih7iihs.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/AS834.roa
Signing time: Sun 07 Jun 2026 21:54:50 +0000
ROA not before: Sun 07 Jun 2026 21:49:50 +0000
ROA not after: Sun 06 Jun 2027 21:54:50 +0000
asID: 834
IP address blocks: 46.236.192.0/22 maxlen: 24
46.236.197.0/24 maxlen: 24
46.236.202.0/24 maxlen: 24
46.236.207.0/24 maxlen: 24
46.236.209.0/24 maxlen: 24
46.236.210.0/24 maxlen: 24
46.236.212.0/23 maxlen: 24
46.236.214.0/24 maxlen: 24
46.236.223.0/24 maxlen: 24
46.236.241.0/24 maxlen: 24
46.236.243.0/24 maxlen: 24
46.236.252.0/22 maxlen: 24
82.139.206.0/24 maxlen: 24
82.139.218.0/24 maxlen: 24
82.139.224.0/23 maxlen: 24
82.139.227.0/24 maxlen: 24
82.139.228.0/23 maxlen: 24
82.139.231.0/24 maxlen: 24
82.139.232.0/22 maxlen: 24
82.139.236.0/24 maxlen: 24
82.139.238.0/23 maxlen: 24
82.139.248.0/23 maxlen: 24
82.139.251.0/24 maxlen: 24
212.60.144.0/22 maxlen: 24
212.60.148.0/24 maxlen: 24
212.60.152.0/24 maxlen: 24
212.60.154.0/23 maxlen: 24
212.60.156.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/3FECCB17BE51EE59EC74D64EED917E221EE28A1B.crl
rsync://rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/3FECCB17BE51EE59EC74D64EED917E221EE28A1B.mft
rsync://rpki.ripe.net/repository/DEFAULT/P-zLF75R7lnsdNZO7ZF-Ih7iihs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
77:09:86:4f:b9:17:bd:0a:8a:b7:a8:e8:97:25:fd:d9:7f:ae:91:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3feccb17be51ee59ec74d64eed917e221ee28a1b
Validity
Not Before: Jun 7 21:49:50 2026 GMT
Not After : Jun 6 21:54:50 2027 GMT
Subject: CN=A97E9991E58C7AB98C37F4040F6CB569140E12A4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:66:38:82:d1:eb:52:74:18:d4:e7:ac:ef:05:
b5:f0:5f:3f:9c:ef:bb:05:82:de:3f:16:f0:64:78:
49:47:6f:55:6a:db:4c:2c:57:98:48:ae:25:46:63:
2d:19:c2:51:b8:21:a6:e7:8f:ce:cb:a6:1f:2e:66:
42:d3:77:18:13:0a:9d:34:25:3a:7d:15:62:e0:2f:
b0:05:fe:19:b7:fe:f2:ac:46:e3:7c:08:b5:aa:5d:
5c:ec:89:8f:96:ba:d3:d0:eb:0d:64:e8:a0:22:cf:
72:e7:d6:a6:aa:4a:41:28:a8:f3:18:f6:47:7b:c8:
b6:63:56:34:16:7a:4e:da:42:fe:50:7b:67:a6:ff:
3c:05:42:92:5f:d9:0a:07:db:5c:2b:40:f8:4d:39:
b2:4a:86:90:8b:56:7c:b2:17:7e:5d:73:57:87:22:
c4:ca:9f:3b:ad:72:16:fc:73:b6:6c:c8:e7:c6:3d:
72:11:56:6a:ce:fe:95:d7:1a:90:58:77:1b:80:5d:
77:c2:bb:5a:7b:42:92:83:86:4f:a8:11:c5:32:6d:
21:05:0d:9f:b9:d9:be:c1:6b:8b:a6:51:f1:fd:ba:
87:16:33:6f:d5:de:81:f0:16:5c:77:fd:3b:3d:52:
1b:01:59:a9:d1:8d:cf:bb:59:e1:1e:23:8f:2b:34:
03:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:7E:99:91:E5:8C:7A:B9:8C:37:F4:04:0F:6C:B5:69:14:0E:12:A4
X509v3 Authority Key Identifier:
keyid:3F:EC:CB:17:BE:51:EE:59:EC:74:D6:4E:ED:91:7E:22:1E:E2:8A:1B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/3FECCB17BE51EE59EC74D64EED917E221EE28A1B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P-zLF75R7lnsdNZO7ZF-Ih7iihs.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/AS834.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.236.192.0/22
46.236.197.0/24
46.236.202.0/24
46.236.207.0/24
46.236.209.0-46.236.210.255
46.236.212.0-46.236.214.255
46.236.223.0/24
46.236.241.0/24
46.236.243.0/24
46.236.252.0/22
82.139.206.0/24
82.139.218.0/24
82.139.224.0/23
82.139.227.0-82.139.229.255
82.139.231.0-82.139.236.255
82.139.238.0/23
82.139.248.0/23
82.139.251.0/24
212.60.144.0-212.60.148.255
212.60.152.0/24
212.60.154.0-212.60.159.255
Signature Algorithm: sha256WithRSAEncryption
4d:b1:93:90:b5:b2:58:a2:cd:9d:80:8e:cb:f2:ce:9c:7a:17:
6d:e1:63:d5:6d:3b:2e:b4:1c:62:dd:48:2a:ad:5b:6b:70:ad:
3d:b2:4a:5f:48:44:90:f9:fa:10:b3:d9:39:72:d2:de:1a:14:
16:63:fa:a6:07:5e:f7:e6:27:83:35:e9:a7:31:ac:b2:e7:ff:
2c:7d:75:0c:2d:23:df:45:f6:4b:3a:1b:eb:34:33:ef:cc:ec:
ba:80:da:f3:e2:ed:72:85:9f:65:17:8c:5c:31:d8:b5:47:d8:
35:bb:56:06:b9:fd:68:2a:6e:81:70:36:83:04:4b:1b:37:4f:
d9:09:5d:d1:c1:4e:96:89:af:62:24:e5:14:c0:1e:e1:c7:ac:
12:71:4d:84:4d:ca:46:68:7f:75:bc:da:32:0d:55:ec:01:0a:
33:66:1e:1a:cf:2e:a1:c0:d0:a0:81:10:1c:3b:66:6b:02:aa:
1e:42:fa:1a:73:14:d9:bc:08:85:a8:48:0d:61:27:6a:b8:d8:
ab:e4:00:94:d2:bf:95:7d:a3:86:d2:55:b1:02:37:da:38:04:
78:ca:1d:53:0a:0a:30:65:a8:cd:16:ec:a4:b1:3d:e8:2f:1f:
4d:31:d7:d6:67:64:1e:7e:89:7f:9e:57:8f:d6:25:db:1f:47:
9f:3f:b5:52
-----BEGIN CERTIFICATE-----
MIIFqjCCBJKgAwIBAgIUdwmGT7kXvQqKt6jolyX92X+ukXAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoM2ZlY2NiMTdiZTUxZWU1OWVjNzRkNjRlZWQ5MTdlMjIx
ZWUyOGExYjAeFw0yNjA2MDcyMTQ5NTBaFw0yNzA2MDYyMTU0NTBaMDMxMTAvBgNV
BAMTKEE5N0U5OTkxRTU4QzdBQjk4QzM3RjQwNDBGNkNCNTY5MTQwRTEyQTQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC/ZjiC0etSdBjU56zvBbXwXz+c
77sFgt4/FvBkeElHb1Vq20wsV5hIriVGYy0ZwlG4Iabnj87Lph8uZkLTdxgTCp00
JTp9FWLgL7AF/hm3/vKsRuN8CLWqXVzsiY+WutPQ6w1k6KAiz3Ln1qaqSkEoqPMY
9kd7yLZjVjQWek7aQv5Qe2em/zwFQpJf2QoH21wrQPhNObJKhpCLVnyyF35dc1eH
IsTKnzutchb8c7ZsyOfGPXIRVmrO/pXXGpBYdxuAXXfCu1p7QpKDhk+oEcUybSEF
DZ+52b7Ba4umUfH9uocWM2/V3oHwFlx3/Ts9UhsBWanRjc+7WeEeI48rNAPHAgMB
AAGjggK0MIICsDAdBgNVHQ4EFgQUqX6ZkeWMermMN/QED2y1aRQOEqQwHwYDVR0j
BBgwFoAUP+zLF75R7lnsdNZO7ZF+Ih7iihswDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMjJkYjc1NTUtOWFhNC00OTgzLTkzMTYtNzM4MDlkZDM1
NGJjLzAvM0ZFQ0NCMTdCRTUxRUU1OUVDNzRENjRFRUQ5MTdFMjIxRUUyOEExQi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1AtekxGNzVSN2xuc2ROWk83WkYtSWg3
aWlocy5jZXIweAYIKwYBBQUHAQsEbDBqMGgGCCsGAQUFBzALhlxyc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzIyZGI3NTU1LTlhYTQt
NDk4My05MzE2LTczODA5ZGQzNTRiYy8wL0FTODM0LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHLBggrBgEFBQcBBwEB/wSBuzCBuDCBtQQCAAEwga4DBAIu
7MADBAAu7MUDBAAu7MoDBAAu7M8wDAMEAC7s0QMEAC7s0jAMAwQCLuzUAwQALuzW
AwQALuzfAwQALuzxAwQALuzzAwQCLuz8AwQAUovOAwQAUovaAwQBUovgMAwDBABS
i+MDBAFSi+QwDAMEAFKL5wMEAFKL7AMEAVKL7gMEAVKL+AMEAFKL+zAMAwQE1DyQ
AwQA1DyUAwQA1DyYMAwDBAHUPJoDBAXUPIAwDQYJKoZIhvcNAQELBQADggEBAE2x
k5C1sliizZ2Ajsvyzpx6F23hY9VtOy60HGLdSCqtW2twrT2ySl9IRJD5+hCz2Tly
0t4aFBZj+qYHXvfmJ4M16acxrLLn/yx9dQwtI99F9ks6G+s0M+/M7LqA2vPi7XKF
n2UXjFwx2LVH2DW7Vga5/WgqboFwNoMESxs3T9kJXdHBTpaJr2Ik5RTAHuHHrBJx
TYRNykZof3W82jINVewBCjNmHhrPLqHA0KCBEBw7ZmsCqh5C+hpzFNm8CIWoSA1h
J2q42KvkAJTSv5V9o4bSVbECN9o4BHjKHVMKCjBlqM0W7KSxPegvH00x19ZnZB5+
iX+eV4/WJdsfR58/tVI=
-----END CERTIFICATE-----
Generated at Sat Jun 13 06:46:02 2026 by rpki-client