Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/55b4d9e8-4111-4394-a3a6-bd8251e7fbbd/0/AS834.roa
File: AS834.roa (raw, json)
Hash identifier: Se0iEZ4GVX3hbQRAefY2ZUfUe5pE8huLklVf8UBkiHM=
Subject key identifier: C4:0C:ED:AF:78:8E:15:1A:83:02:0F:B8:37:60:58:2E:A8:BC:15:34
Certificate issuer: /CN=9dfbff217105df8877d463f6e9bac28a4084d20c
Certificate serial: 61152D883D1598041E80F84447211C379561AE52
Authority key identifier: 9D:FB:FF:21:71:05:DF:88:77:D4:63:F6:E9:BA:C2:8A:40:84:D2:0C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nfv_IXEF34h31GP26brCikCE0gw.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/55b4d9e8-4111-4394-a3a6-bd8251e7fbbd/0/AS834.roa
Signing time: Wed 25 Feb 2026 03:21:38 +0000
ROA not before: Wed 25 Feb 2026 03:16:38 +0000
ROA not after: Wed 24 Feb 2027 03:21:38 +0000
asID: 834
IP address blocks: 83.171.244.0/23 maxlen: 24
83.171.246.0/24 maxlen: 24
188.119.69.0/24 maxlen: 24
193.32.204.0/24 maxlen: 24
193.32.207.0/24 maxlen: 24
193.187.110.0/23 maxlen: 24
193.187.134.0/24 maxlen: 24
194.93.50.0/23 maxlen: 24
212.115.102.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/55b4d9e8-4111-4394-a3a6-bd8251e7fbbd/0/9DFBFF217105DF8877D463F6E9BAC28A4084D20C.crl
rsync://rsync.paas.rpki.ripe.net/repository/55b4d9e8-4111-4394-a3a6-bd8251e7fbbd/0/9DFBFF217105DF8877D463F6E9BAC28A4084D20C.mft
rsync://rpki.ripe.net/repository/DEFAULT/nfv_IXEF34h31GP26brCikCE0gw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
61:15:2d:88:3d:15:98:04:1e:80:f8:44:47:21:1c:37:95:61:ae:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9dfbff217105df8877d463f6e9bac28a4084d20c
Validity
Not Before: Feb 25 03:16:38 2026 GMT
Not After : Feb 24 03:21:38 2027 GMT
Subject: CN=C40CEDAF788E151A83020FB83760582EA8BC1534
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:cb:0a:e1:2c:dd:72:68:94:ba:89:8c:0a:ea:
ce:6e:1f:02:56:18:66:c8:1f:49:fd:cc:19:f4:89:
68:96:90:2f:f5:a2:27:90:8d:bb:1d:c7:53:fc:90:
bd:77:d4:22:81:fd:26:d4:ce:d5:e4:4e:e0:ac:a7:
25:7a:41:03:76:11:58:4e:24:90:40:4a:1d:6e:ea:
0f:2b:39:80:01:8b:d4:b4:6d:fc:05:f4:16:21:84:
ad:0b:c2:62:ca:b3:d4:3f:29:09:be:e5:c1:2f:22:
68:a1:2d:cf:1a:f4:6c:cf:5e:81:ce:71:dd:99:cd:
24:a2:80:60:38:6a:72:d4:51:c0:0a:5f:54:76:4e:
6b:a4:f5:ca:91:88:03:2c:e3:43:8e:0a:8f:c8:e6:
77:b7:6c:9f:5e:9e:a8:49:0d:3e:84:b5:c8:40:44:
59:2e:28:a0:64:6c:b5:65:e4:fb:06:8b:74:9d:6a:
67:22:33:dc:b6:61:3e:74:1a:f6:12:af:fb:6a:b0:
3c:b7:e2:7b:ce:91:d5:8c:7e:c1:a8:e5:b6:ad:2f:
4f:af:5a:30:d5:05:28:12:3a:a2:aa:be:7c:0d:f2:
b6:5e:69:9f:59:60:96:50:7e:1b:eb:ab:dd:c0:c3:
39:53:ea:49:ef:24:87:d7:bb:c1:01:95:ed:ec:8d:
80:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:0C:ED:AF:78:8E:15:1A:83:02:0F:B8:37:60:58:2E:A8:BC:15:34
X509v3 Authority Key Identifier:
keyid:9D:FB:FF:21:71:05:DF:88:77:D4:63:F6:E9:BA:C2:8A:40:84:D2:0C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/55b4d9e8-4111-4394-a3a6-bd8251e7fbbd/0/9DFBFF217105DF8877D463F6E9BAC28A4084D20C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nfv_IXEF34h31GP26brCikCE0gw.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/55b4d9e8-4111-4394-a3a6-bd8251e7fbbd/0/AS834.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.171.244.0-83.171.246.255
188.119.69.0/24
193.32.204.0/24
193.32.207.0/24
193.187.110.0/23
193.187.134.0/24
194.93.50.0/23
212.115.102.0/24
Signature Algorithm: sha256WithRSAEncryption
10:e0:97:e3:b7:9d:3e:13:de:8d:6e:2e:74:24:05:51:c8:c7:
2e:92:99:9b:93:e6:50:b3:85:5d:84:11:59:08:88:da:71:17:
d5:5c:37:42:6d:c0:f0:b5:10:11:70:69:2e:0b:94:32:37:93:
fe:d8:c3:dd:8c:49:dc:9e:f3:b7:1f:a8:eb:17:36:11:0b:39:
2c:03:16:52:f9:95:0c:c0:80:9a:45:79:00:fc:2f:04:9e:e6:
a1:6a:8f:4d:83:d7:44:96:0c:ad:55:27:81:83:40:e6:7b:fc:
06:26:ed:02:9d:84:01:b2:c4:47:0a:6c:95:25:6e:56:62:b0:
98:17:ee:80:fa:a6:e6:73:f4:9e:89:a5:0b:1f:1c:01:6d:42:
41:97:f2:db:26:eb:87:fb:bb:63:11:89:53:84:e6:26:a3:a7:
d0:d3:79:ab:d2:1a:e0:59:10:78:3f:c0:3c:7c:47:ef:a1:a8:
0f:73:7c:c5:9b:5c:89:66:69:37:ae:96:49:1d:3e:1c:a0:ff:
9c:b7:a2:52:dc:68:6e:3b:1d:84:bd:af:8f:e8:1c:c9:6e:b2:
fc:4d:fa:38:63:ad:eb:28:ac:49:e6:1a:64:58:ff:89:5c:d6:
75:fa:51:32:fe:2f:60:e3:27:02:67:ba:f4:2f:61:31:26:f6:
cb:84:af:26
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIUYRUtiD0VmAQegPhERyEcN5VhrlIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWRmYmZmMjE3MTA1ZGY4ODc3ZDQ2M2Y2ZTliYWMyOGE0
MDg0ZDIwYzAeFw0yNjAyMjUwMzE2MzhaFw0yNzAyMjQwMzIxMzhaMDMxMTAvBgNV
BAMTKEM0MENFREFGNzg4RTE1MUE4MzAyMEZCODM3NjA1ODJFQThCQzE1MzQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCwywrhLN1yaJS6iYwK6s5uHwJW
GGbIH0n9zBn0iWiWkC/1oieQjbsdx1P8kL131CKB/SbUztXkTuCspyV6QQN2EVhO
JJBASh1u6g8rOYABi9S0bfwF9BYhhK0LwmLKs9Q/KQm+5cEvImihLc8a9GzPXoHO
cd2ZzSSigGA4anLUUcAKX1R2Tmuk9cqRiAMs40OOCo/I5ne3bJ9enqhJDT6EtchA
RFkuKKBkbLVl5PsGi3SdamciM9y2YT50GvYSr/tqsDy34nvOkdWMfsGo5batL0+v
WjDVBSgSOqKqvnwN8rZeaZ9ZYJZQfhvrq93AwzlT6knvJIfXu8EBle3sjYAzAgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQUxAztr3iOFRqDAg+4N2BYLqi8FTQwHwYDVR0j
BBgwFoAUnfv/IXEF34h31GP26brCikCE0gwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTViNGQ5ZTgtNDExMS00Mzk0LWEzYTYtYmQ4MjUxZTdm
YmJkLzAvOURGQkZGMjE3MTA1REY4ODc3RDQ2M0Y2RTlCQUMyOEE0MDg0RDIwQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL25mdl9JWEVGMzRoMzFHUDI2YnJDaWtD
RTBndy5jZXIweAYIKwYBBQUHAQsEbDBqMGgGCCsGAQUFBzALhlxyc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzU1YjRkOWU4LTQxMTEt
NDM5NC1hM2E2LWJkODI1MWU3ZmJiZC8wL0FTODM0LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAATA4MAwDBAJTq/QD
BABTq/YDBAC8d0UDBADBIMwDBADBIM8DBAHBu24DBADBu4YDBAHCXTIDBADUc2Yw
DQYJKoZIhvcNAQELBQADggEBABDgl+O3nT4T3o1uLnQkBVHIxy6SmZuT5lCzhV2E
EVkIiNpxF9VcN0JtwPC1EBFwaS4LlDI3k/7Yw92MSdye87cfqOsXNhELOSwDFlL5
lQzAgJpFeQD8LwSe5qFqj02D10SWDK1VJ4GDQOZ7/AYm7QKdhAGyxEcKbJUlblZi
sJgX7oD6puZz9J6JpQsfHAFtQkGX8tsm64f7u2MRiVOE5iajp9DTeavSGuBZEHg/
wDx8R++hqA9zfMWbXIlmaTeulkkdPhyg/5y3olLcaG47HYS9r4/oHMlusvxN+jhj
resorEnmGmRY/4lc1nX6UTL+L2DjJwJnuvQvYTEm9suEryY=
-----END CERTIFICATE-----
Generated at Mon Mar 2 09:35:17 2026 by rpki-client