Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS834.roa
File: AS834.roa (raw, json)
Hash identifier: /ymGIfu6c2Ypj5S+rVL5LfoP5YI+2kHTgZcNn9F90tE=
Subject key identifier: 08:A0:D5:76:CE:08:87:EC:39:C5:C7:13:EA:7A:37:30:57:6D:6A:13
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 61C70B3A37D82E39152073285E73E7723082494B
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS834.roa
Signing time: Sun 03 Aug 2025 00:04:55 +0000
ROA not before: Sat 02 Aug 2025 23:59:55 +0000
ROA not after: Sun 02 Aug 2026 00:04:55 +0000
asID: 834
IP address blocks: 5.252.74.0/24 maxlen: 24
45.87.185.0/24 maxlen: 24
45.88.98.0/24 maxlen: 24
45.137.118.0/23 maxlen: 24
45.139.180.0/24 maxlen: 24
85.208.72.0/24 maxlen: 24
89.19.50.0/24 maxlen: 24
92.118.160.0/24 maxlen: 24
92.242.184.0/24 maxlen: 24
92.242.186.0/24 maxlen: 24
109.106.3.0/24 maxlen: 24
130.185.127.0/24 maxlen: 24
179.61.134.0/24 maxlen: 24
179.61.226.0/23 maxlen: 24
179.61.229.0/24 maxlen: 24
179.61.239.0/24 maxlen: 24
179.61.243.0/24 maxlen: 24
181.41.196.0/24 maxlen: 24
181.41.211.0/24 maxlen: 24
181.214.0.0/24 maxlen: 24
181.214.4.0/24 maxlen: 24
181.214.14.0/24 maxlen: 24
181.214.41.0/24 maxlen: 24
181.214.54.0/24 maxlen: 24
181.214.58.0/24 maxlen: 24
181.214.79.0/24 maxlen: 24
181.214.91.0/24 maxlen: 24
181.214.94.0/24 maxlen: 24
181.214.97.0/24 maxlen: 24
181.214.98.0/24 maxlen: 24
181.214.101.0/24 maxlen: 24
181.214.108.0/24 maxlen: 24
181.214.111.0/24 maxlen: 24
181.214.113.0/24 maxlen: 24
181.214.119.0/24 maxlen: 24
181.214.120.0/23 maxlen: 24
181.214.124.0/23 maxlen: 24
181.214.167.0/24 maxlen: 24
181.214.216.0/24 maxlen: 24
181.214.240.0/24 maxlen: 24
181.214.254.0/24 maxlen: 24
181.215.3.0/24 maxlen: 24
181.215.22.0/23 maxlen: 24
181.215.58.0/24 maxlen: 24
181.215.64.0/24 maxlen: 24
181.215.73.0/24 maxlen: 24
181.215.91.0/24 maxlen: 24
181.215.95.0/24 maxlen: 24
181.215.108.0/23 maxlen: 24
181.215.111.0/24 maxlen: 24
181.215.112.0/22 maxlen: 24
181.215.159.0/24 maxlen: 24
181.215.186.0/23 maxlen: 24
181.215.189.0/24 maxlen: 24
181.215.216.0/24 maxlen: 24
181.215.225.0/24 maxlen: 24
181.215.227.0/24 maxlen: 24
181.215.237.0/24 maxlen: 24
181.215.240.0/24 maxlen: 24
181.215.250.0/24 maxlen: 24
185.137.15.0/24 maxlen: 24
185.142.25.0/24 maxlen: 24
185.151.58.0/24 maxlen: 24
185.158.135.0/24 maxlen: 24
191.96.3.0/24 maxlen: 24
191.96.24.0/24 maxlen: 24
191.96.58.0/24 maxlen: 24
191.96.64.0/24 maxlen: 24
191.96.102.0/24 maxlen: 24
191.96.111.0/24 maxlen: 24
191.96.140.0/23 maxlen: 24
191.96.143.0/24 maxlen: 24
191.96.149.0/24 maxlen: 24
191.96.157.0/24 maxlen: 24
191.96.164.0/24 maxlen: 24
191.96.180.0/23 maxlen: 24
191.96.182.0/24 maxlen: 24
191.96.222.0/24 maxlen: 24
191.101.9.0/24 maxlen: 24
191.101.20.0/24 maxlen: 24
191.101.22.0/24 maxlen: 24
191.101.39.0/24 maxlen: 24
191.101.56.0/24 maxlen: 24
191.101.58.0/24 maxlen: 24
191.101.63.0/24 maxlen: 24
191.101.82.0/24 maxlen: 24
191.101.85.0/24 maxlen: 24
191.101.87.0/24 maxlen: 24
191.101.88.0/24 maxlen: 24
191.101.95.0/24 maxlen: 24
191.101.97.0/24 maxlen: 24
191.101.123.0/24 maxlen: 24
191.101.135.0/24 maxlen: 24
191.101.144.0/23 maxlen: 24
191.101.148.0/24 maxlen: 24
191.101.177.0/24 maxlen: 24
191.101.180.0/24 maxlen: 24
191.101.182.0/24 maxlen: 24
191.101.187.0/24 maxlen: 24
191.101.192.0/24 maxlen: 24
191.101.198.0/24 maxlen: 24
191.101.206.0/24 maxlen: 24
191.101.212.0/22 maxlen: 24
191.101.236.0/24 maxlen: 24
191.101.238.0/23 maxlen: 24
191.101.240.0/24 maxlen: 24
191.101.247.0/24 maxlen: 24
191.101.252.0/24 maxlen: 24
193.7.202.0/24 maxlen: 24
193.31.41.0/24 maxlen: 24
193.58.106.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 03:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
61:c7:0b:3a:37:d8:2e:39:15:20:73:28:5e:73:e7:72:30:82:49:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Aug 2 23:59:55 2025 GMT
Not After : Aug 2 00:04:55 2026 GMT
Subject: CN=08A0D576CE0887EC39C5C713EA7A3730576D6A13
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:f0:16:c4:1d:3b:d2:15:4e:12:77:52:18:af:
dc:e6:ea:13:e0:82:47:d1:84:69:d9:48:20:ea:00:
5e:ed:53:99:7f:70:f5:2f:44:a6:22:03:fc:85:c7:
af:f5:b5:81:ec:4a:0a:ef:c5:84:60:5f:ac:be:a0:
bd:21:73:f9:0f:d7:5e:77:0e:13:0b:14:f4:e6:2d:
cf:35:e2:06:06:3f:bb:b7:98:80:7e:82:af:df:8a:
15:a8:c0:8a:fa:42:d2:4b:95:3c:13:4f:fa:b8:d0:
36:cb:25:86:e4:49:51:a2:40:e3:b6:05:37:71:d2:
76:4d:bf:09:ee:d8:72:74:91:d4:41:e3:6d:90:2a:
f4:f4:46:34:35:3b:c1:7c:b6:8f:ff:db:0d:5a:a4:
3f:14:8f:4d:ea:7f:78:d1:e3:9d:26:e0:70:98:be:
44:cb:b7:31:11:6b:06:f8:46:51:19:95:58:5c:10:
16:32:0d:18:23:c8:09:83:2d:36:59:36:f8:29:97:
32:5f:90:0c:97:43:ce:7c:ea:96:d5:4b:d2:4a:68:
db:d6:ac:d8:f8:b5:af:a6:e4:99:99:48:39:72:2c:
87:86:1e:73:de:c4:22:2f:ff:c0:4e:6d:28:80:b9:
3b:03:a3:3d:b0:81:c0:0c:40:8b:db:e6:eb:fe:36:
4f:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:A0:D5:76:CE:08:87:EC:39:C5:C7:13:EA:7A:37:30:57:6D:6A:13
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS834.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.252.74.0/24
45.87.185.0/24
45.88.98.0/24
45.137.118.0/23
45.139.180.0/24
85.208.72.0/24
89.19.50.0/24
92.118.160.0/24
92.242.184.0/24
92.242.186.0/24
109.106.3.0/24
130.185.127.0/24
179.61.134.0/24
179.61.226.0/23
179.61.229.0/24
179.61.239.0/24
179.61.243.0/24
181.41.196.0/24
181.41.211.0/24
181.214.0.0/24
181.214.4.0/24
181.214.14.0/24
181.214.41.0/24
181.214.54.0/24
181.214.58.0/24
181.214.79.0/24
181.214.91.0/24
181.214.94.0/24
181.214.97.0-181.214.98.255
181.214.101.0/24
181.214.108.0/24
181.214.111.0/24
181.214.113.0/24
181.214.119.0-181.214.121.255
181.214.124.0/23
181.214.167.0/24
181.214.216.0/24
181.214.240.0/24
181.214.254.0/24
181.215.3.0/24
181.215.22.0/23
181.215.58.0/24
181.215.64.0/24
181.215.73.0/24
181.215.91.0/24
181.215.95.0/24
181.215.108.0/23
181.215.111.0-181.215.115.255
181.215.159.0/24
181.215.186.0/23
181.215.189.0/24
181.215.216.0/24
181.215.225.0/24
181.215.227.0/24
181.215.237.0/24
181.215.240.0/24
181.215.250.0/24
185.137.15.0/24
185.142.25.0/24
185.151.58.0/24
185.158.135.0/24
191.96.3.0/24
191.96.24.0/24
191.96.58.0/24
191.96.64.0/24
191.96.102.0/24
191.96.111.0/24
191.96.140.0/23
191.96.143.0/24
191.96.149.0/24
191.96.157.0/24
191.96.164.0/24
191.96.180.0-191.96.182.255
191.96.222.0/24
191.101.9.0/24
191.101.20.0/24
191.101.22.0/24
191.101.39.0/24
191.101.56.0/24
191.101.58.0/24
191.101.63.0/24
191.101.82.0/24
191.101.85.0/24
191.101.87.0-191.101.88.255
191.101.95.0/24
191.101.97.0/24
191.101.123.0/24
191.101.135.0/24
191.101.144.0/23
191.101.148.0/24
191.101.177.0/24
191.101.180.0/24
191.101.182.0/24
191.101.187.0/24
191.101.192.0/24
191.101.198.0/24
191.101.206.0/24
191.101.212.0/22
191.101.236.0/24
191.101.238.0-191.101.240.255
191.101.247.0/24
191.101.252.0/24
193.7.202.0/24
193.31.41.0/24
193.58.106.0/24
Signature Algorithm: sha256WithRSAEncryption
77:67:a2:8c:8c:9c:bd:82:18:a8:ea:fa:37:9c:b7:17:24:60:
09:bd:eb:63:d0:ef:06:be:fe:56:0b:5f:dd:ea:e3:9e:6c:68:
b8:f3:e4:31:1e:a2:f1:93:44:53:40:7a:3a:fb:c3:de:4c:1f:
b5:f5:c6:99:24:8d:6d:28:78:96:d4:d3:b5:73:70:fb:fa:1d:
b9:98:60:ec:b8:47:ca:fd:7d:15:52:35:e0:73:5e:5a:23:ff:
77:cc:0c:25:8f:4d:65:3f:1f:6e:fe:81:f2:3a:e8:65:6e:4a:
47:4d:3b:78:b5:6b:d9:b7:ec:79:9e:79:fb:99:d3:6d:4d:8b:
a0:f3:f6:f1:f9:ea:92:1d:a2:92:8d:7f:a2:3a:fa:15:8e:dd:
9c:29:52:d6:d9:08:82:48:0e:bd:1b:33:8a:bc:6a:cc:d6:e6:
6e:2b:d9:4f:17:96:50:0b:24:a7:75:38:cc:ac:06:12:44:a7:
48:0a:d4:4c:eb:f8:ec:26:99:78:e9:b7:88:9a:4b:88:a0:a2:
06:5c:b8:18:b8:c3:bc:75:be:a2:f8:4a:6f:92:6d:11:8b:82:
9a:a1:5d:0d:99:8c:a3:e3:c0:b3:8d:6a:08:b1:94:dd:00:6d:
74:18:de:d6:f5:04:cc:7b:be:8b:39:76:37:23:0f:8d:51:1e:
e6:80:b2:df
-----BEGIN CERTIFICATE-----
MIIHpzCCBo+gAwIBAgIUYccLOjfYLjkVIHMoXnPncjCCSUswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNTA4MDIyMzU5NTVaFw0yNjA4MDIwMDA0NTVaMDMxMTAvBgNV
BAMTKDA4QTBENTc2Q0UwODg3RUMzOUM1QzcxM0VBN0EzNzMwNTc2RDZBMTMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCa8BbEHTvSFU4Sd1IYr9zm6hPg
gkfRhGnZSCDqAF7tU5l/cPUvRKYiA/yFx6/1tYHsSgrvxYRgX6y+oL0hc/kP1153
DhMLFPTmLc814gYGP7u3mIB+gq/fihWowIr6QtJLlTwTT/q40DbLJYbkSVGiQOO2
BTdx0nZNvwnu2HJ0kdRB422QKvT0RjQ1O8F8to//2w1apD8Uj03qf3jR450m4HCY
vkTLtzERawb4RlEZlVhcEBYyDRgjyAmDLTZZNvgplzJfkAyXQ8586pbVS9JKaNvW
rNj4ta+m5JmZSDlyLIeGHnPexCIv/8BObSiAuTsDoz2wgcAMQIvb5uv+Nk+7AgMB
AAGjggSxMIIErTAdBgNVHQ4EFgQUCKDVds4Ih+w5xccT6no3MFdtahMwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIweAYIKwYBBQUHAQsEbDBqMGgGCCsGAQUFBzALhlxyc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTODM0LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIICxwYIKwYBBQUHAQcBAf8EggK2MIICsjCCAq4EAgABMIIC
pgMEAAX8SgMEAC1XuQMEAC1YYgMEAS2JdgMEAC2LtAMEAFXQSAMEAFkTMgMEAFx2
oAMEAFzyuAMEAFzyugMEAG1qAwMEAIK5fwMEALM9hgMEAbM94gMEALM95QMEALM9
7wMEALM98wMEALUpxAMEALUp0wMEALXWAAMEALXWBAMEALXWDgMEALXWKQMEALXW
NgMEALXWOgMEALXWTwMEALXWWwMEALXWXjAMAwQAtdZhAwQAtdZiAwQAtdZlAwQA
tdZsAwQAtdZvAwQAtdZxMAwDBAC11ncDBAG11ngDBAG11nwDBAC11qcDBAC11tgD
BAC11vADBAC11v4DBAC11wMDBAG11xYDBAC11zoDBAC110ADBAC110kDBAC111sD
BAC1118DBAG112wwDAMEALXXbwMEArXXcAMEALXXnwMEAbXXugMEALXXvQMEALXX
2AMEALXX4QMEALXX4wMEALXX7QMEALXX8AMEALXX+gMEALmJDwMEALmOGQMEALmX
OgMEALmehwMEAL9gAwMEAL9gGAMEAL9gOgMEAL9gQAMEAL9gZgMEAL9gbwMEAb9g
jAMEAL9gjwMEAL9glQMEAL9gnQMEAL9gpDAMAwQCv2C0AwQAv2C2AwQAv2DeAwQA
v2UJAwQAv2UUAwQAv2UWAwQAv2UnAwQAv2U4AwQAv2U6AwQAv2U/AwQAv2VSAwQA
v2VVMAwDBAC/ZVcDBAC/ZVgDBAC/ZV8DBAC/ZWEDBAC/ZXsDBAC/ZYcDBAG/ZZAD
BAC/ZZQDBAC/ZbEDBAC/ZbQDBAC/ZbYDBAC/ZbsDBAC/ZcADBAC/ZcYDBAC/Zc4D
BAK/ZdQDBAC/ZewwDAMEAb9l7gMEAL9l8AMEAL9l9wMEAL9l/AMEAMEHygMEAMEf
KQMEAME6ajANBgkqhkiG9w0BAQsFAAOCAQEAd2eijIycvYIYqOr6N5y3FyRgCb3r
Y9DvBr7+Vgtf3erjnmxouPPkMR6i8ZNEU0B6OvvD3kwftfXGmSSNbSh4ltTTtXNw
+/oduZhg7LhHyv19FVI14HNeWiP/d8wMJY9NZT8fbv6B8jroZW5KR007eLVr2bfs
eZ55+5nTbU2LoPP28fnqkh2iko1/ojr6FY7dnClS1tkIgkgOvRszirxqzNbmbivZ
TxeWUAskp3U4zKwGEkSnSArUTOv47CaZeOm3iJpLiKCiBly4GLjDvHW+ovhKb5Jt
EYuCmqFdDZmMo+PAs41qCLGU3QBtdBje1vUEzHu+izl2NyMPjVEe5oCy3w==
-----END CERTIFICATE-----
Generated at Mon Aug 4 07:57:26 2025 by rpki-client