Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS834.roa
File: AS834.roa (raw, json)
Hash identifier: RdTlNwjcPvuKxtFI33LqwkoLZwP1WAV/4NFpKkpEpag=
Subject key identifier: A7:02:DC:DB:DD:02:20:8E:23:40:75:2F:CB:A1:C4:0B:19:2F:3E:CE
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 44FE7F19DA8DD8530563828AC56A5EC4AED1C1F0
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS834.roa
Signing time: Thu 16 Apr 2026 08:37:36 +0000
ROA not before: Thu 16 Apr 2026 08:32:36 +0000
ROA not after: Thu 15 Apr 2027 08:37:36 +0000
asID: 834
IP address blocks: 2.57.17.0/24 maxlen: 24
5.181.126.0/24 maxlen: 24
5.181.135.0/24 maxlen: 24
5.252.83.0/24 maxlen: 24
45.87.185.0/24 maxlen: 24
45.88.98.0/24 maxlen: 24
45.89.253.0/24 maxlen: 24
45.93.44.0/24 maxlen: 24
45.95.22.0/24 maxlen: 24
45.133.172.0/23 maxlen: 24
45.137.116.0/23 maxlen: 24
45.137.118.0/24 maxlen: 24
89.19.49.0/24 maxlen: 24
89.19.50.0/24 maxlen: 24
92.118.162.0/24 maxlen: 24
92.119.33.0/24 maxlen: 24
92.119.34.0/24 maxlen: 24
92.242.184.0/24 maxlen: 24
109.106.3.0/24 maxlen: 24
130.185.124.0/24 maxlen: 24
179.61.130.0/24 maxlen: 24
179.61.140.0/24 maxlen: 24
179.61.150.0/24 maxlen: 24
179.61.226.0/24 maxlen: 24
179.61.253.0/24 maxlen: 24
181.214.4.0/24 maxlen: 24
181.215.73.0/24 maxlen: 24
181.215.91.0/24 maxlen: 24
181.215.95.0/24 maxlen: 24
181.215.112.0/24 maxlen: 24
181.215.176.0/24 maxlen: 24
185.139.0.0/24 maxlen: 24
185.141.166.0/24 maxlen: 24
185.173.35.0/24 maxlen: 24
191.96.24.0/24 maxlen: 24
191.96.80.0/24 maxlen: 24
191.96.89.0/24 maxlen: 24
191.96.102.0/23 maxlen: 24
191.96.111.0/24 maxlen: 24
191.96.116.0/24 maxlen: 24
191.96.120.0/24 maxlen: 24
191.96.126.0/24 maxlen: 24
191.96.149.0/24 maxlen: 24
191.96.153.0/24 maxlen: 24
191.96.180.0/24 maxlen: 24
191.96.190.0/24 maxlen: 24
191.96.207.0/24 maxlen: 24
191.96.222.0/24 maxlen: 24
191.101.66.0/23 maxlen: 24
191.101.88.0/24 maxlen: 24
191.101.97.0/24 maxlen: 24
191.101.102.0/24 maxlen: 24
191.101.116.0/24 maxlen: 24
191.101.120.0/24 maxlen: 24
191.101.124.0/23 maxlen: 24
191.101.144.0/24 maxlen: 24
191.101.177.0/24 maxlen: 24
191.101.182.0/24 maxlen: 24
191.101.189.0/24 maxlen: 24
191.101.192.0/24 maxlen: 24
191.101.198.0/24 maxlen: 24
191.101.204.0/24 maxlen: 24
191.101.209.0/24 maxlen: 24
191.101.236.0/24 maxlen: 24
191.101.240.0/24 maxlen: 24
191.101.252.0/24 maxlen: 24
193.107.211.0/24 maxlen: 24
194.53.141.0/24 maxlen: 24
194.110.13.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 15:58:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
44:fe:7f:19:da:8d:d8:53:05:63:82:8a:c5:6a:5e:c4:ae:d1:c1:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Apr 16 08:32:36 2026 GMT
Not After : Apr 15 08:37:36 2027 GMT
Subject: CN=A702DCDBDD02208E2340752FCBA1C40B192F3ECE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:e0:71:8d:db:c9:7c:3e:c6:c0:e1:9a:5d:ea:
1b:02:17:05:83:ec:da:3b:a9:81:06:82:c6:4a:00:
f5:ce:56:b5:70:a1:db:01:6e:7a:2b:ba:31:43:a9:
e3:5a:61:d2:6e:59:04:14:7b:2f:89:c3:71:dd:0e:
2c:45:6e:85:f2:95:f7:f0:10:75:5b:8e:de:47:b1:
03:7c:1d:c2:6f:55:ac:7a:22:26:d3:20:2a:7d:b2:
12:52:6f:fd:96:c9:fc:f8:f5:61:65:3c:0a:30:d3:
8f:23:f0:75:a3:21:b0:31:b6:9b:e1:b6:aa:94:e3:
98:5c:a4:4f:cb:cf:93:92:52:97:0d:f7:e5:87:82:
11:2f:ae:64:05:16:bb:c8:4a:3b:a6:25:ae:52:cd:
e9:0b:a1:42:e0:eb:1c:59:34:b8:cf:3b:2f:41:44:
bf:b7:92:6d:1e:50:59:23:33:6d:74:ba:d0:18:05:
8d:90:9f:08:f6:3c:06:9e:fb:ab:5c:55:2f:cc:56:
0e:a9:28:7e:81:f7:bb:b9:80:27:96:64:4c:d5:a4:
45:2b:a8:67:76:81:67:37:7f:19:0a:ab:a4:63:ff:
c3:de:ba:92:ea:e4:00:2e:ec:9a:5c:15:67:3e:9f:
a1:86:e4:fc:1c:10:f6:2a:13:f8:e2:fc:ef:24:b1:
fa:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:02:DC:DB:DD:02:20:8E:23:40:75:2F:CB:A1:C4:0B:19:2F:3E:CE
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS834.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.57.17.0/24
5.181.126.0/24
5.181.135.0/24
5.252.83.0/24
45.87.185.0/24
45.88.98.0/24
45.89.253.0/24
45.93.44.0/24
45.95.22.0/24
45.133.172.0/23
45.137.116.0-45.137.118.255
89.19.49.0-89.19.50.255
92.118.162.0/24
92.119.33.0-92.119.34.255
92.242.184.0/24
109.106.3.0/24
130.185.124.0/24
179.61.130.0/24
179.61.140.0/24
179.61.150.0/24
179.61.226.0/24
179.61.253.0/24
181.214.4.0/24
181.215.73.0/24
181.215.91.0/24
181.215.95.0/24
181.215.112.0/24
181.215.176.0/24
185.139.0.0/24
185.141.166.0/24
185.173.35.0/24
191.96.24.0/24
191.96.80.0/24
191.96.89.0/24
191.96.102.0/23
191.96.111.0/24
191.96.116.0/24
191.96.120.0/24
191.96.126.0/24
191.96.149.0/24
191.96.153.0/24
191.96.180.0/24
191.96.190.0/24
191.96.207.0/24
191.96.222.0/24
191.101.66.0/23
191.101.88.0/24
191.101.97.0/24
191.101.102.0/24
191.101.116.0/24
191.101.120.0/24
191.101.124.0/23
191.101.144.0/24
191.101.177.0/24
191.101.182.0/24
191.101.189.0/24
191.101.192.0/24
191.101.198.0/24
191.101.204.0/24
191.101.209.0/24
191.101.236.0/24
191.101.240.0/24
191.101.252.0/24
193.107.211.0/24
194.53.141.0/24
194.110.13.0/24
Signature Algorithm: sha256WithRSAEncryption
84:c8:d3:f8:eb:17:9d:e2:d0:7e:d2:c5:37:7c:fb:5e:90:96:
ab:a6:12:db:ff:ad:6f:64:5e:a3:f7:df:33:28:f0:88:95:3f:
70:03:e9:82:2d:92:53:1a:fd:0d:03:84:c7:d4:68:f4:a6:41:
e7:2a:31:c7:0c:e3:8d:60:5f:9a:8a:ed:77:e2:0b:d0:5d:88:
f7:44:29:4e:7f:86:bf:9e:a6:8c:2b:95:1e:fa:ab:b9:6e:6c:
5f:9c:08:0f:fa:6e:ca:28:9c:2f:ee:b3:65:ba:4b:b2:b8:d6:
8a:83:07:ad:be:f9:c7:ec:f5:a0:b5:56:4b:ad:52:5c:bc:ef:
46:05:e8:29:a3:7f:0a:d5:88:d4:ad:ca:52:57:28:9e:9d:5c:
5a:fa:f6:c7:25:58:ad:89:51:d5:7b:4d:08:a2:29:bc:f0:35:
12:c7:5d:35:ca:f4:78:12:69:a5:4b:8a:ec:9b:4d:2b:15:0b:
5a:3c:38:68:d8:8b:a5:db:72:cd:30:d8:b1:ed:ec:aa:04:b8:
b4:d7:0d:f2:84:09:45:63:74:a6:09:00:23:6c:7b:02:12:aa:
9f:d5:0e:f8:ea:dc:60:bc:66:e9:b3:cc:bb:5b:6e:1c:ec:d5:
7a:fc:fc:7f:2e:95:05:74:05:d6:8d:3c:25:54:63:8f:ae:bf:
ef:03:b7:75
-----BEGIN CERTIFICATE-----
MIIGpTCCBY2gAwIBAgIURP5/GdqN2FMFY4KKxWpexK7RwfAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNjA0MTYwODMyMzZaFw0yNzA0MTUwODM3MzZaMDMxMTAvBgNV
BAMTKEE3MDJEQ0RCREQwMjIwOEUyMzQwNzUyRkNCQTFDNDBCMTkyRjNFQ0UwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCp4HGN28l8PsbA4Zpd6hsCFwWD
7No7qYEGgsZKAPXOVrVwodsBbnorujFDqeNaYdJuWQQUey+Jw3HdDixFboXylffw
EHVbjt5HsQN8HcJvVax6IibTICp9shJSb/2Wyfz49WFlPAow048j8HWjIbAxtpvh
tqqU45hcpE/Lz5OSUpcN9+WHghEvrmQFFrvISjumJa5SzekLoULg6xxZNLjPOy9B
RL+3km0eUFkjM210utAYBY2Qnwj2PAae+6tcVS/MVg6pKH6B97u5gCeWZEzVpEUr
qGd2gWc3fxkKq6Rj/8PeupLq5AAu7JpcFWc+n6GG5PwcEPYqE/ji/O8ksfrBAgMB
AAGjggOvMIIDqzAdBgNVHQ4EFgQUpwLc290CII4jQHUvy6HECxkvPs4wHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIweAYIKwYBBQUHAQsEbDBqMGgGCCsGAQUFBzALhlxyc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTODM0LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBxQYIKwYBBQUHAQcBAf8EggG0MIIBsDCCAawEAgABMIIB
pAMEAAI5EQMEAAW1fgMEAAW1hwMEAAX8UwMEAC1XuQMEAC1YYgMEAC1Z/QMEAC1d
LAMEAC1fFgMEAS2FrDAMAwQCLYl0AwQALYl2MAwDBABZEzEDBABZEzIDBABcdqIw
DAMEAFx3IQMEAFx3IgMEAFzyuAMEAG1qAwMEAIK5fAMEALM9ggMEALM9jAMEALM9
lgMEALM94gMEALM9/QMEALXWBAMEALXXSQMEALXXWwMEALXXXwMEALXXcAMEALXX
sAMEALmLAAMEALmNpgMEALmtIwMEAL9gGAMEAL9gUAMEAL9gWQMEAb9gZgMEAL9g
bwMEAL9gdAMEAL9geAMEAL9gfgMEAL9glQMEAL9gmQMEAL9gtAMEAL9gvgMEAL9g
zwMEAL9g3gMEAb9lQgMEAL9lWAMEAL9lYQMEAL9lZgMEAL9ldAMEAL9leAMEAb9l
fAMEAL9lkAMEAL9lsQMEAL9ltgMEAL9lvQMEAL9lwAMEAL9lxgMEAL9lzAMEAL9l
0QMEAL9l7AMEAL9l8AMEAL9l/AMEAMFr0wMEAMI1jQMEAMJuDTANBgkqhkiG9w0B
AQsFAAOCAQEAhMjT+OsXneLQftLFN3z7XpCWq6YS2/+tb2Reo/ffMyjwiJU/cAPp
gi2SUxr9DQOEx9Ro9KZB5yoxxwzjjWBfmortd+IL0F2I90QpTn+Gv56mjCuVHvqr
uW5sX5wID/puyiicL+6zZbpLsrjWioMHrb75x+z1oLVWS61SXLzvRgXoKaN/CtWI
1K3KUlconp1cWvr2xyVYrYlR1XtNCKIpvPA1EsddNcr0eBJppUuK7JtNKxULWjw4
aNiLpdtyzTDYse3sqgS4tNcN8oQJRWN0pgkAI2x7AhKqn9UO+OrcYLxm6bPMu1tu
HOzVevz8fy6VBXQF1o08JVRjj66/7wO3dQ==
-----END CERTIFICATE-----
Generated at Fri Apr 17 06:57:20 2026 by rpki-client