Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/AS834.roa
File: AS834.roa (raw, json)
Hash identifier: dxNb6Pbdc+PmHK7arztg8GBHunYW9hwACiJfMZNr7+w=
Subject key identifier: FF:56:13:8C:38:F7:77:9F:BA:8F:02:B9:10:E4:18:79:22:6E:CF:B1
Certificate issuer: /CN=3feccb17be51ee59ec74d64eed917e221ee28a1b
Certificate serial: 02AD1C5A63808C982F0DFB1D7AC07086403980A8
Authority key identifier: 3F:EC:CB:17:BE:51:EE:59:EC:74:D6:4E:ED:91:7E:22:1E:E2:8A:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P-zLF75R7lnsdNZO7ZF-Ih7iihs.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/AS834.roa
Signing time: Mon 02 Mar 2026 01:53:49 +0000
ROA not before: Mon 02 Mar 2026 01:48:49 +0000
ROA not after: Mon 01 Mar 2027 01:53:49 +0000
asID: 834
IP address blocks: 46.236.209.0/24 maxlen: 24
46.236.210.0/24 maxlen: 24
46.236.212.0/23 maxlen: 24
46.236.214.0/24 maxlen: 24
46.236.216.0/23 maxlen: 24
46.236.223.0/24 maxlen: 24
46.236.241.0/24 maxlen: 24
46.236.252.0/24 maxlen: 24
46.236.254.0/23 maxlen: 24
82.139.192.0/24 maxlen: 24
82.139.194.0/24 maxlen: 24
82.139.204.0/24 maxlen: 24
82.139.206.0/24 maxlen: 24
82.139.208.0/22 maxlen: 24
82.139.212.0/23 maxlen: 24
82.139.218.0/23 maxlen: 24
82.139.220.0/23 maxlen: 24
82.139.224.0/23 maxlen: 24
82.139.227.0/24 maxlen: 24
82.139.228.0/23 maxlen: 24
82.139.231.0/24 maxlen: 24
82.139.232.0/22 maxlen: 24
82.139.236.0/24 maxlen: 24
82.139.240.0/23 maxlen: 24
82.139.245.0/24 maxlen: 24
82.139.247.0/24 maxlen: 24
82.139.248.0/23 maxlen: 24
212.60.144.0/22 maxlen: 24
212.60.148.0/23 maxlen: 24
212.60.150.0/24 maxlen: 24
212.60.154.0/24 maxlen: 24
212.60.157.0/24 maxlen: 24
212.60.159.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/3FECCB17BE51EE59EC74D64EED917E221EE28A1B.crl
rsync://rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/3FECCB17BE51EE59EC74D64EED917E221EE28A1B.mft
rsync://rpki.ripe.net/repository/DEFAULT/P-zLF75R7lnsdNZO7ZF-Ih7iihs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
02:ad:1c:5a:63:80:8c:98:2f:0d:fb:1d:7a:c0:70:86:40:39:80:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3feccb17be51ee59ec74d64eed917e221ee28a1b
Validity
Not Before: Mar 2 01:48:49 2026 GMT
Not After : Mar 1 01:53:49 2027 GMT
Subject: CN=FF56138C38F7779FBA8F02B910E41879226ECFB1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:57:81:3b:39:1b:68:bd:f7:d7:af:f5:a2:9c:
f9:9e:bc:13:bf:44:ba:ec:d1:48:a7:43:df:ec:3e:
8e:59:9b:53:02:6c:8d:75:ec:91:a4:95:45:b7:1e:
bf:61:99:5c:03:0c:e8:cb:41:e1:d2:06:6a:24:55:
a9:43:9d:dd:f6:c6:2b:73:7b:77:64:4a:a9:66:24:
79:89:34:c5:ad:33:5d:a2:3b:f7:79:ce:56:fe:49:
72:a2:df:06:7c:62:10:01:5e:d6:71:d1:c7:c8:3a:
d7:9d:58:cf:4b:6e:35:82:4b:7f:5a:27:bb:df:55:
4f:23:d8:5f:0e:c4:f2:4a:38:58:6f:e2:e3:9c:d3:
4e:e9:2a:68:13:b7:03:db:37:61:80:1a:e3:7e:db:
55:e5:e6:77:1d:d3:14:3d:bc:c9:be:3a:45:cf:04:
49:ac:d3:08:91:25:64:ef:6d:1b:1b:9f:33:e8:49:
a9:ff:89:d4:4a:b0:2a:fe:3c:33:ba:ca:ad:35:6c:
70:4e:70:df:2b:45:e0:d4:06:2a:e6:70:8b:05:8d:
53:7a:b0:49:ef:e0:24:f2:94:fb:ce:e4:b9:cd:00:
a5:3f:c6:c4:2c:6b:4e:9d:1a:7e:9b:4b:1d:4f:d5:
b6:71:e6:e8:01:9f:12:8f:52:06:7b:97:7c:e3:08:
73:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:56:13:8C:38:F7:77:9F:BA:8F:02:B9:10:E4:18:79:22:6E:CF:B1
X509v3 Authority Key Identifier:
keyid:3F:EC:CB:17:BE:51:EE:59:EC:74:D6:4E:ED:91:7E:22:1E:E2:8A:1B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/3FECCB17BE51EE59EC74D64EED917E221EE28A1B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P-zLF75R7lnsdNZO7ZF-Ih7iihs.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/AS834.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.236.209.0-46.236.210.255
46.236.212.0-46.236.214.255
46.236.216.0/23
46.236.223.0/24
46.236.241.0/24
46.236.252.0/24
46.236.254.0/23
82.139.192.0/24
82.139.194.0/24
82.139.204.0/24
82.139.206.0/24
82.139.208.0-82.139.213.255
82.139.218.0-82.139.221.255
82.139.224.0/23
82.139.227.0-82.139.229.255
82.139.231.0-82.139.236.255
82.139.240.0/23
82.139.245.0/24
82.139.247.0-82.139.249.255
212.60.144.0-212.60.150.255
212.60.154.0/24
212.60.157.0/24
212.60.159.0/24
Signature Algorithm: sha256WithRSAEncryption
8d:21:ce:40:ac:48:52:15:03:27:c9:ae:c5:90:4e:a8:a4:16:
ab:38:cc:01:61:c7:99:d4:b7:ec:74:01:b8:b7:12:27:e0:80:
35:b9:1c:84:0e:86:9f:a4:64:03:35:86:0c:25:fd:22:66:92:
ea:7d:f6:e2:b1:e4:6c:2b:f7:f5:ce:8b:1e:3e:2d:4a:c0:19:
de:e4:31:b5:af:ef:07:42:cd:59:05:85:b9:a1:90:00:93:6b:
ad:e3:ac:84:c6:f3:a8:a3:42:f6:d8:47:96:18:45:c9:74:a1:
1b:3f:52:5d:cc:7d:73:3c:77:6e:18:ad:7d:c0:dc:e6:58:f7:
d4:c9:fe:9c:58:e1:84:b7:b1:65:ac:d2:fc:1d:ee:a7:fa:57:
83:d2:f0:41:18:6e:b1:b1:8d:77:1c:75:61:02:17:6e:67:5e:
df:db:88:88:28:7d:23:31:3c:9f:d3:19:12:d8:16:45:e1:ae:
17:62:5a:ca:c1:a1:b0:d9:a8:26:d2:ca:35:3a:71:99:9e:e5:
71:30:fe:22:f1:03:3e:19:09:7f:6a:12:32:32:7e:4a:01:d1:
20:6e:18:9b:78:4b:04:24:7a:7c:fc:0d:74:3c:c8:3b:e9:b3:
1b:aa:04:f0:e7:ea:54:d5:33:04:7a:8b:1b:50:5f:c9:22:9b:
b7:5d:4e:97
-----BEGIN CERTIFICATE-----
MIIFxjCCBK6gAwIBAgIUAq0cWmOAjJgvDfsdesBwhkA5gKgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoM2ZlY2NiMTdiZTUxZWU1OWVjNzRkNjRlZWQ5MTdlMjIx
ZWUyOGExYjAeFw0yNjAzMDIwMTQ4NDlaFw0yNzAzMDEwMTUzNDlaMDMxMTAvBgNV
BAMTKEZGNTYxMzhDMzhGNzc3OUZCQThGMDJCOTEwRTQxODc5MjI2RUNGQjEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDJV4E7ORtovffXr/WinPmevBO/
RLrs0UinQ9/sPo5Zm1MCbI117JGklUW3Hr9hmVwDDOjLQeHSBmokValDnd32xitz
e3dkSqlmJHmJNMWtM12iO/d5zlb+SXKi3wZ8YhABXtZx0cfIOtedWM9LbjWCS39a
J7vfVU8j2F8OxPJKOFhv4uOc007pKmgTtwPbN2GAGuN+21Xl5ncd0xQ9vMm+OkXP
BEms0wiRJWTvbRsbnzPoSan/idRKsCr+PDO6yq01bHBOcN8rReDUBirmcIsFjVN6
sEnv4CTylPvO5LnNAKU/xsQsa06dGn6bSx1P1bZx5ugBnxKPUgZ7l3zjCHOPAgMB
AAGjggLQMIICzDAdBgNVHQ4EFgQU/1YTjDj3d5+6jwK5EOQYeSJuz7EwHwYDVR0j
BBgwFoAUP+zLF75R7lnsdNZO7ZF+Ih7iihswDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMjJkYjc1NTUtOWFhNC00OTgzLTkzMTYtNzM4MDlkZDM1
NGJjLzAvM0ZFQ0NCMTdCRTUxRUU1OUVDNzRENjRFRUQ5MTdFMjIxRUUyOEExQi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1AtekxGNzVSN2xuc2ROWk83WkYtSWg3
aWlocy5jZXIweAYIKwYBBQUHAQsEbDBqMGgGCCsGAQUFBzALhlxyc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzIyZGI3NTU1LTlhYTQt
NDk4My05MzE2LTczODA5ZGQzNTRiYy8wL0FTODM0LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHnBggrBgEFBQcBBwEB/wSB1zCB1DCB0QQCAAEwgcowDAME
AC7s0QMEAC7s0jAMAwQCLuzUAwQALuzWAwQBLuzYAwQALuzfAwQALuzxAwQALuz8
AwQBLuz+AwQAUovAAwQAUovCAwQAUovMAwQAUovOMAwDBARSi9ADBAFSi9QwDAME
AVKL2gMEAVKL3AMEAVKL4DAMAwQAUovjAwQBUovkMAwDBABSi+cDBABSi+wDBAFS
i/ADBABSi/UwDAMEAFKL9wMEAVKL+DAMAwQE1DyQAwQA1DyWAwQA1DyaAwQA1Dyd
AwQA1DyfMA0GCSqGSIb3DQEBCwUAA4IBAQCNIc5ArEhSFQMnya7FkE6opBarOMwB
YceZ1LfsdAG4txIn4IA1uRyEDoafpGQDNYYMJf0iZpLqffbiseRsK/f1zosePi1K
wBne5DG1r+8HQs1ZBYW5oZAAk2ut46yExvOoo0L22EeWGEXJdKEbP1JdzH1zPHdu
GK19wNzmWPfUyf6cWOGEt7FlrNL8He6n+leD0vBBGG6xsY13HHVhAhduZ17f24iI
KH0jMTyf0xkS2BZF4a4XYlrKwaGw2agm0so1OnGZnuVxMP4i8QM+GQl/ahIyMn5K
AdEgbhibeEsEJHp8/A10PMg76bMbqgTw5+pU1TMEeosbUF/JIpu3XU6X
-----END CERTIFICATE-----
Generated at Mon Mar 2 06:13:09 2026 by rpki-client