Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS834.roa
File: AS834.roa (raw, json)
Hash identifier: 0PdrcDPfSd0pylzehRrauUs1DSKVr4aIhGmcM0yvtbM=
Subject key identifier: 6F:EA:DF:40:2E:4E:E4:5E:EA:1A:87:FF:F5:4A:89:55:13:05:C5:40
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 4B7F9ACF1EAAF2CAFEEEA5FE3D975E9B2FCAC503
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS834.roa
Signing time: Tue 04 Nov 2025 00:12:26 +0000
ROA not before: Tue 04 Nov 2025 00:07:26 +0000
ROA not after: Tue 03 Nov 2026 00:12:26 +0000
asID: 834
IP address blocks: 45.87.185.0/24 maxlen: 24
45.88.98.0/24 maxlen: 24
45.137.118.0/24 maxlen: 24
130.185.127.0/24 maxlen: 24
179.61.226.0/23 maxlen: 24
179.61.229.0/24 maxlen: 24
179.61.243.0/24 maxlen: 24
179.61.253.0/24 maxlen: 24
181.41.196.0/24 maxlen: 24
181.214.0.0/24 maxlen: 24
181.214.4.0/24 maxlen: 24
181.214.14.0/24 maxlen: 24
181.214.25.0/24 maxlen: 24
181.214.41.0/24 maxlen: 24
181.214.54.0/24 maxlen: 24
181.214.58.0/24 maxlen: 24
181.214.79.0/24 maxlen: 24
181.214.91.0/24 maxlen: 24
181.214.98.0/24 maxlen: 24
181.214.101.0/24 maxlen: 24
181.214.120.0/23 maxlen: 24
181.214.124.0/23 maxlen: 24
181.214.130.0/24 maxlen: 24
181.214.212.0/24 maxlen: 24
181.214.236.0/23 maxlen: 24
181.214.248.0/24 maxlen: 24
181.214.254.0/24 maxlen: 24
181.215.3.0/24 maxlen: 24
181.215.12.0/24 maxlen: 24
181.215.31.0/24 maxlen: 24
181.215.55.0/24 maxlen: 24
181.215.62.0/24 maxlen: 24
181.215.64.0/24 maxlen: 24
181.215.73.0/24 maxlen: 24
181.215.84.0/24 maxlen: 24
181.215.91.0/24 maxlen: 24
181.215.95.0/24 maxlen: 24
181.215.108.0/22 maxlen: 24
181.215.112.0/22 maxlen: 24
181.215.149.0/24 maxlen: 24
181.215.159.0/24 maxlen: 24
181.215.163.0/24 maxlen: 24
181.215.164.0/24 maxlen: 24
181.215.189.0/24 maxlen: 24
181.215.190.0/24 maxlen: 24
181.215.196.0/24 maxlen: 24
181.215.210.0/24 maxlen: 24
181.215.216.0/24 maxlen: 24
181.215.225.0/24 maxlen: 24
181.215.227.0/24 maxlen: 24
181.215.237.0/24 maxlen: 24
181.215.240.0/24 maxlen: 24
181.215.247.0/24 maxlen: 24
185.137.15.0/24 maxlen: 24
185.142.25.0/24 maxlen: 24
185.158.135.0/24 maxlen: 24
185.173.35.0/24 maxlen: 24
191.96.6.0/24 maxlen: 24
191.96.24.0/24 maxlen: 24
191.96.102.0/24 maxlen: 24
191.96.105.0/24 maxlen: 24
191.96.116.0/24 maxlen: 24
191.96.120.0/24 maxlen: 24
191.96.126.0/24 maxlen: 24
191.96.143.0/24 maxlen: 24
191.96.149.0/24 maxlen: 24
191.96.157.0/24 maxlen: 24
191.96.164.0/24 maxlen: 24
191.96.230.0/24 maxlen: 24
191.101.29.0/24 maxlen: 24
191.101.136.0/24 maxlen: 24
191.101.182.0/24 maxlen: 24
191.101.192.0/24 maxlen: 24
191.101.198.0/24 maxlen: 24
191.101.252.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 06:14:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4b:7f:9a:cf:1e:aa:f2:ca:fe:ee:a5:fe:3d:97:5e:9b:2f:ca:c5:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Nov 4 00:07:26 2025 GMT
Not After : Nov 3 00:12:26 2026 GMT
Subject: CN=6FEADF402E4EE45EEA1A87FFF54A89551305C540
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:4c:8d:f6:00:c5:61:cc:5c:a9:28:c7:cd:8d:
53:c7:db:4f:e7:12:17:a5:ec:81:22:12:81:d7:e8:
5a:bf:fa:ac:18:09:b4:10:d3:d8:a0:af:5a:33:9c:
c6:a6:d7:ea:38:25:2c:4c:40:3d:83:84:ce:80:dd:
8f:2e:80:dc:5c:21:99:7a:70:72:69:78:fd:fb:5d:
17:59:7f:ca:cb:24:52:72:a8:2e:70:3f:12:09:cc:
cd:ff:0d:e2:54:d3:a4:85:2c:9e:cf:ea:0d:d8:fb:
8f:96:9f:da:c1:7d:fb:1f:ce:54:7c:ee:c0:6a:39:
fb:2f:02:c2:1c:d4:5e:bf:38:85:6c:58:0b:fb:79:
e4:86:f6:e2:7c:92:e5:cf:48:37:a9:e8:39:d7:94:
4a:a0:1e:18:a6:d6:4c:88:1e:db:0b:19:89:b0:ab:
9e:8b:69:28:ce:3e:5b:83:1e:5d:cd:3b:61:1e:22:
de:a3:97:c5:66:6b:16:ad:f3:5e:1a:ce:66:27:ae:
01:c2:d7:f4:c4:f6:a2:a7:14:7b:72:bf:f1:aa:30:
09:5c:56:da:1d:e5:72:69:b6:14:01:d2:57:a7:d3:
18:ec:a1:07:f4:30:7f:95:1b:01:db:b0:de:d1:f0:
81:61:3a:39:6b:76:06:81:6b:4f:cb:e2:8b:04:bf:
f7:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:EA:DF:40:2E:4E:E4:5E:EA:1A:87:FF:F5:4A:89:55:13:05:C5:40
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS834.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.87.185.0/24
45.88.98.0/24
45.137.118.0/24
130.185.127.0/24
179.61.226.0/23
179.61.229.0/24
179.61.243.0/24
179.61.253.0/24
181.41.196.0/24
181.214.0.0/24
181.214.4.0/24
181.214.14.0/24
181.214.25.0/24
181.214.41.0/24
181.214.54.0/24
181.214.58.0/24
181.214.79.0/24
181.214.91.0/24
181.214.98.0/24
181.214.101.0/24
181.214.120.0/23
181.214.124.0/23
181.214.130.0/24
181.214.212.0/24
181.214.236.0/23
181.214.248.0/24
181.214.254.0/24
181.215.3.0/24
181.215.12.0/24
181.215.31.0/24
181.215.55.0/24
181.215.62.0/24
181.215.64.0/24
181.215.73.0/24
181.215.84.0/24
181.215.91.0/24
181.215.95.0/24
181.215.108.0-181.215.115.255
181.215.149.0/24
181.215.159.0/24
181.215.163.0-181.215.164.255
181.215.189.0-181.215.190.255
181.215.196.0/24
181.215.210.0/24
181.215.216.0/24
181.215.225.0/24
181.215.227.0/24
181.215.237.0/24
181.215.240.0/24
181.215.247.0/24
185.137.15.0/24
185.142.25.0/24
185.158.135.0/24
185.173.35.0/24
191.96.6.0/24
191.96.24.0/24
191.96.102.0/24
191.96.105.0/24
191.96.116.0/24
191.96.120.0/24
191.96.126.0/24
191.96.143.0/24
191.96.149.0/24
191.96.157.0/24
191.96.164.0/24
191.96.230.0/24
191.101.29.0/24
191.101.136.0/24
191.101.182.0/24
191.101.192.0/24
191.101.198.0/24
191.101.252.0/24
Signature Algorithm: sha256WithRSAEncryption
01:4f:36:f7:7e:e0:a7:5b:3c:5a:8e:2a:f8:5d:f1:ee:f8:0b:
27:2a:1c:a8:1c:95:d3:12:54:10:f5:d8:e0:51:0d:3e:34:ad:
3a:a5:d7:75:9e:d1:da:c2:77:4f:b5:72:17:50:5b:cf:2e:14:
c2:9a:b5:9e:86:f5:12:e9:94:d2:ef:fb:7a:4c:fe:a4:90:95:
7c:c4:0e:ab:89:6b:b3:ca:0e:6e:44:b3:ad:ff:2f:84:08:71:
d3:c3:0b:a8:9d:bc:51:89:5c:20:7a:5b:df:a3:9a:71:85:35:
5d:91:19:a7:a7:d1:93:a3:23:77:60:00:6c:df:b0:82:0b:b6:
99:b4:ef:30:2d:38:08:28:95:a9:8b:85:51:6a:b1:6c:ec:26:
de:51:29:45:27:a6:8a:7c:fd:88:32:43:f4:e7:f1:45:de:53:
28:5d:e0:50:3a:2c:70:31:cb:20:44:17:09:b5:26:ab:69:c4:
c6:45:7f:b7:62:85:79:56:54:42:1c:52:67:6d:a5:2d:5d:7e:
b5:77:77:f9:60:00:1e:95:1f:37:36:34:1f:28:2a:34:48:7e:
ac:f1:24:ee:ed:1e:7c:8e:3f:6f:ed:c3:3f:fa:cf:78:5a:b0:
14:a8:65:97:69:1c:87:ed:20:60:ee:09:b4:f1:fc:90:6c:78:
0d:c3:09:73
-----BEGIN CERTIFICATE-----
MIIGyTCCBbGgAwIBAgIUS3+azx6q8sr+7qX+PZdemy/KxQMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNTExMDQwMDA3MjZaFw0yNjExMDMwMDEyMjZaMDMxMTAvBgNV
BAMTKDZGRUFERjQwMkU0RUU0NUVFQTFBODdGRkY1NEE4OTU1MTMwNUM1NDAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDrTI32AMVhzFypKMfNjVPH20/n
Ehel7IEiEoHX6Fq/+qwYCbQQ09igr1oznMam1+o4JSxMQD2DhM6A3Y8ugNxcIZl6
cHJpeP37XRdZf8rLJFJyqC5wPxIJzM3/DeJU06SFLJ7P6g3Y+4+Wn9rBffsfzlR8
7sBqOfsvAsIc1F6/OIVsWAv7eeSG9uJ8kuXPSDep6DnXlEqgHhim1kyIHtsLGYmw
q56LaSjOPluDHl3NO2EeIt6jl8Vmaxat814azmYnrgHC1/TE9qKnFHtyv/GqMAlc
Vtod5XJpthQB0len0xjsoQf0MH+VGwHbsN7R8IFhOjlrdgaBa0/L4osEv/e3AgMB
AAGjggPTMIIDzzAdBgNVHQ4EFgQUb+rfQC5O5F7qGof/9UqJVRMFxUAwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIweAYIKwYBBQUHAQsEbDBqMGgGCCsGAQUFBzALhlxyc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTODM0LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIB6QYIKwYBBQUHAQcBAf8EggHYMIIB1DCCAdAEAgABMIIB
yAMEAC1XuQMEAC1YYgMEAC2JdgMEAIK5fwMEAbM94gMEALM95QMEALM98wMEALM9
/QMEALUpxAMEALXWAAMEALXWBAMEALXWDgMEALXWGQMEALXWKQMEALXWNgMEALXW
OgMEALXWTwMEALXWWwMEALXWYgMEALXWZQMEAbXWeAMEAbXWfAMEALXWggMEALXW
1AMEAbXW7AMEALXW+AMEALXW/gMEALXXAwMEALXXDAMEALXXHwMEALXXNwMEALXX
PgMEALXXQAMEALXXSQMEALXXVAMEALXXWwMEALXXXzAMAwQCtddsAwQCtddwAwQA
tdeVAwQAtdefMAwDBAC116MDBAC116QwDAMEALXXvQMEALXXvgMEALXXxAMEALXX
0gMEALXX2AMEALXX4QMEALXX4wMEALXX7QMEALXX8AMEALXX9wMEALmJDwMEALmO
GQMEALmehwMEALmtIwMEAL9gBgMEAL9gGAMEAL9gZgMEAL9gaQMEAL9gdAMEAL9g
eAMEAL9gfgMEAL9gjwMEAL9glQMEAL9gnQMEAL9gpAMEAL9g5gMEAL9lHQMEAL9l
iAMEAL9ltgMEAL9lwAMEAL9lxgMEAL9l/DANBgkqhkiG9w0BAQsFAAOCAQEAAU82
937gp1s8Wo4q+F3x7vgLJyocqByV0xJUEPXY4FENPjStOqXXdZ7R2sJ3T7VyF1Bb
zy4Uwpq1nob1EumU0u/7ekz+pJCVfMQOq4lrs8oObkSzrf8vhAhx08MLqJ28UYlc
IHpb36OacYU1XZEZp6fRk6Mjd2AAbN+wggu2mbTvMC04CCiVqYuFUWqxbOwm3lEp
RSeminz9iDJD9OfxRd5TKF3gUDoscDHLIEQXCbUmq2nExkV/t2KFeVZUQhxSZ22l
LV1+tXd3+WAAHpUfNzY0HygqNEh+rPEk7u0efI4/b+3DP/rPeFqwFKhll2kch+0g
YO4JtPH8kGx4DcMJcw==
-----END CERTIFICATE-----
Generated at Tue Nov 4 22:37:02 2025 by rpki-client