Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS834.roa
File: AS834.roa (raw, json)
Hash identifier: lDWeV8o2TgntGWbFE+uTV++uBEEH1JErHv6hRPMAUaQ=
Subject key identifier: DF:70:57:17:EB:CE:5B:FD:57:6A:56:0F:71:21:50:A0:AE:1C:8A:8D
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 518AB97A6CCC167D047917EEEB98187380F73545
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS834.roa
Signing time: Mon 04 Aug 2025 08:49:04 +0000
ROA not before: Mon 04 Aug 2025 08:44:04 +0000
ROA not after: Mon 03 Aug 2026 08:49:04 +0000
asID: 834
IP address blocks: 82.21.153.0/24 maxlen: 24
82.21.187.0/24 maxlen: 24
82.22.126.0/24 maxlen: 24
82.22.196.0/24 maxlen: 24
82.24.19.0/24 maxlen: 24
82.24.33.0/24 maxlen: 24
82.24.83.0/24 maxlen: 24
82.24.112.0/23 maxlen: 24
82.24.123.0/24 maxlen: 24
82.25.42.0/23 maxlen: 24
82.25.44.0/24 maxlen: 24
82.25.46.0/23 maxlen: 24
82.25.56.0/23 maxlen: 24
82.25.59.0/24 maxlen: 24
82.25.61.0/24 maxlen: 24
82.25.62.0/23 maxlen: 24
82.25.135.0/24 maxlen: 24
82.25.142.0/23 maxlen: 24
82.25.190.0/24 maxlen: 24
82.26.65.0/24 maxlen: 24
82.26.150.0/23 maxlen: 24
82.26.193.0/24 maxlen: 24
82.26.202.0/24 maxlen: 24
82.27.11.0/24 maxlen: 24
82.27.118.0/24 maxlen: 24
82.29.107.0/24 maxlen: 24
82.29.125.0/24 maxlen: 24
82.29.126.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 08:52:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
51:8a:b9:7a:6c:cc:16:7d:04:79:17:ee:eb:98:18:73:80:f7:35:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Aug 4 08:44:04 2025 GMT
Not After : Aug 3 08:49:04 2026 GMT
Subject: CN=DF705717EBCE5BFD576A560F712150A0AE1C8A8D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f4:58:c2:a9:fd:22:20:7e:f9:d8:b3:c5:ea:49:
5f:e6:79:2f:f9:8c:f0:e6:b4:55:4f:81:d7:c6:d7:
e9:3c:1a:36:38:b8:31:24:40:f7:d0:12:ed:28:e4:
5a:05:a7:22:47:d2:20:10:0e:b9:4f:0a:40:9d:c9:
a4:d5:13:c3:8c:04:13:0b:d7:e8:f9:e3:7e:d9:a0:
88:96:2b:14:ba:28:6f:99:48:96:3a:76:a3:e0:e6:
be:de:7f:e6:53:f0:48:0a:bc:15:3c:94:ad:8b:0d:
69:1c:8c:8d:cf:0a:96:02:f0:83:20:bb:c3:8e:94:
c7:fa:0c:69:8b:97:84:66:64:3b:04:c9:8f:00:ab:
a5:33:25:89:7e:e3:b7:83:24:bb:7e:31:8d:63:31:
3c:e2:3f:b5:6e:db:d5:ca:5e:7b:09:e6:8f:84:25:
f7:87:2d:17:c2:19:11:76:53:f5:08:49:3f:d5:7c:
76:00:a4:fc:04:31:8a:f7:2c:95:d7:4c:c9:6f:42:
f7:4e:64:34:3b:ba:97:df:8e:a6:21:e3:b6:82:60:
e2:04:79:8f:d9:ad:47:02:89:4c:68:d6:d5:32:f1:
a3:98:ea:b9:d4:dc:4e:d5:b2:09:4b:e2:47:5f:f7:
d5:a1:c0:c4:b2:1e:19:98:38:f2:e7:29:d2:7b:e3:
62:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:70:57:17:EB:CE:5B:FD:57:6A:56:0F:71:21:50:A0:AE:1C:8A:8D
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS834.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.153.0/24
82.21.187.0/24
82.22.126.0/24
82.22.196.0/24
82.24.19.0/24
82.24.33.0/24
82.24.83.0/24
82.24.112.0/23
82.24.123.0/24
82.25.42.0-82.25.44.255
82.25.46.0/23
82.25.56.0/23
82.25.59.0/24
82.25.61.0-82.25.63.255
82.25.135.0/24
82.25.142.0/23
82.25.190.0/24
82.26.65.0/24
82.26.150.0/23
82.26.193.0/24
82.26.202.0/24
82.27.11.0/24
82.27.118.0/24
82.29.107.0/24
82.29.125.0-82.29.126.255
Signature Algorithm: sha256WithRSAEncryption
02:ee:4f:ed:4f:b8:aa:25:1a:00:00:00:96:ce:06:09:8c:cc:
f5:27:3f:af:90:6c:c4:87:c3:18:01:44:62:32:7c:39:ac:de:
9d:50:93:a0:76:07:7c:43:9e:1b:8a:c3:10:ca:30:07:07:72:
dd:61:48:3d:28:1f:94:d5:47:15:c3:29:39:23:57:08:30:03:
46:6e:16:dc:f1:44:30:d3:52:74:a9:f1:95:54:0e:bf:cc:84:
99:8e:92:a2:5f:1a:30:46:55:9f:06:6c:b2:3f:2c:08:d7:66:
6e:6c:5d:2d:72:91:ef:91:03:6b:03:4b:1e:44:41:c1:96:45:
ef:c4:16:ac:03:ab:41:ea:d5:15:24:e5:3c:3b:0f:08:24:99:
15:64:55:71:d0:fb:9f:d4:d2:f9:50:cf:57:4b:b2:d7:e7:d5:
3f:e1:5e:80:89:90:6c:fb:3f:2a:ae:16:25:3e:85:5e:52:64:
43:c8:2d:d5:35:c8:0a:45:38:c7:fa:d5:9c:c7:0a:00:83:62:
b7:22:ca:85:3e:46:27:4f:e5:0c:09:2f:46:bf:f8:53:ac:27:
3d:6c:32:00:7b:22:b4:a4:80:97:f7:58:7b:49:a7:16:68:3f:
ef:59:1a:11:e3:db:e0:32:6f:ad:8b:79:5f:d7:f9:a8:8b:a9:
cb:f8:e3:71
-----BEGIN CERTIFICATE-----
MIIFqjCCBJKgAwIBAgIUUYq5emzMFn0EeRfu65gYc4D3NUUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTA4MDQwODQ0MDRaFw0yNjA4MDMwODQ5MDRaMDMxMTAvBgNV
BAMTKERGNzA1NzE3RUJDRTVCRkQ1NzZBNTYwRjcxMjE1MEEwQUUxQzhBOEQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQD0WMKp/SIgfvnYs8XqSV/meS/5
jPDmtFVPgdfG1+k8GjY4uDEkQPfQEu0o5FoFpyJH0iAQDrlPCkCdyaTVE8OMBBML
1+j5437ZoIiWKxS6KG+ZSJY6dqPg5r7ef+ZT8EgKvBU8lK2LDWkcjI3PCpYC8IMg
u8OOlMf6DGmLl4RmZDsEyY8Aq6UzJYl+47eDJLt+MY1jMTziP7Vu29XKXnsJ5o+E
JfeHLRfCGRF2U/UIST/VfHYApPwEMYr3LJXXTMlvQvdOZDQ7upffjqYh47aCYOIE
eY/ZrUcCiUxo1tUy8aOY6rnU3E7VsglL4kdf99WhwMSyHhmYOPLnKdJ742KRAgMB
AAGjggK0MIICsDAdBgNVHQ4EFgQU33BXF+vOW/1XalYPcSFQoK4cio0wHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIweAYIKwYBBQUHAQsEbDBqMGgGCCsGAQUFBzALhlxyc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTODM0LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHLBggrBgEFBQcBBwEB/wSBuzCBuDCBtQQCAAEwga4DBABS
FZkDBABSFbsDBABSFn4DBABSFsQDBABSGBMDBABSGCEDBABSGFMDBAFSGHADBABS
GHswDAMEAVIZKgMEAFIZLAMEAVIZLgMEAVIZOAMEAFIZOzAMAwQAUhk9AwQGUhkA
AwQAUhmHAwQBUhmOAwQAUhm+AwQAUhpBAwQBUhqWAwQAUhrBAwQAUhrKAwQAUhsL
AwQAUht2AwQAUh1rMAwDBABSHX0DBABSHX4wDQYJKoZIhvcNAQELBQADggEBAALu
T+1PuKolGgAAAJbOBgmMzPUnP6+QbMSHwxgBRGIyfDms3p1Qk6B2B3xDnhuKwxDK
MAcHct1hSD0oH5TVRxXDKTkjVwgwA0ZuFtzxRDDTUnSp8ZVUDr/MhJmOkqJfGjBG
VZ8GbLI/LAjXZm5sXS1yke+RA2sDSx5EQcGWRe/EFqwDq0Hq1RUk5Tw7DwgkmRVk
VXHQ+5/U0vlQz1dLstfn1T/hXoCJkGz7PyquFiU+hV5SZEPILdU1yApFOMf61ZzH
CgCDYrciyoU+RidP5QwJL0a/+FOsJz1sMgB7IrSkgJf3WHtJpxZoP+9ZGhHj2+Ay
b62LeV/X+aiLqcv443E=
-----END CERTIFICATE-----
Generated at Mon Aug 4 13:56:01 2025 by rpki-client