Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS834.roa
File: AS834.roa (raw, json)
Hash identifier: coLpPyAwmdsCIAXhU1LW4OoK5KOH5OYMGU/BP0DXQJU=
Subject key identifier: A5:D1:3F:D2:F2:47:6A:27:8B:C8:AD:A8:A5:D0:9F:89:B5:B9:A4:8C
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 6AC1FBD7A271B16F088FC8086D1B6B0B19D7E17F
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS834.roa
Signing time: Wed 05 Nov 2025 16:08:09 +0000
ROA not before: Wed 05 Nov 2025 16:03:09 +0000
ROA not after: Wed 04 Nov 2026 16:08:09 +0000
asID: 834
IP address blocks: 82.22.10.0/23 maxlen: 24
82.22.15.0/24 maxlen: 24
82.22.16.0/23 maxlen: 24
82.22.18.0/24 maxlen: 24
82.22.23.0/24 maxlen: 24
82.22.25.0/24 maxlen: 24
82.22.27.0/24 maxlen: 24
82.22.28.0/22 maxlen: 24
82.22.34.0/23 maxlen: 24
82.22.36.0/24 maxlen: 24
82.22.38.0/24 maxlen: 24
82.22.47.0/24 maxlen: 24
82.22.50.0/24 maxlen: 24
82.22.53.0/24 maxlen: 24
82.22.61.0/24 maxlen: 24
82.22.124.0/24 maxlen: 24
82.22.196.0/24 maxlen: 24
82.23.249.0/24 maxlen: 24
82.24.24.0/23 maxlen: 24
82.24.31.0/24 maxlen: 24
82.25.36.0/24 maxlen: 24
82.25.41.0/24 maxlen: 24
82.25.59.0/24 maxlen: 24
82.25.61.0/24 maxlen: 24
82.25.62.0/24 maxlen: 24
82.25.161.0/24 maxlen: 24
82.26.65.0/24 maxlen: 24
82.26.81.0/24 maxlen: 24
82.26.150.0/23 maxlen: 24
82.26.171.0/24 maxlen: 24
82.26.193.0/24 maxlen: 24
82.27.116.0/24 maxlen: 24
82.27.118.0/24 maxlen: 24
82.27.131.0/24 maxlen: 24
82.27.197.0/24 maxlen: 24
82.29.6.0/24 maxlen: 24
82.29.41.0/24 maxlen: 24
82.29.48.0/24 maxlen: 24
82.29.74.0/24 maxlen: 24
82.29.88.0/24 maxlen: 24
82.29.103.0/24 maxlen: 24
82.29.109.0/24 maxlen: 24
82.29.112.0/24 maxlen: 24
82.29.125.0/24 maxlen: 24
82.38.1.0/24 maxlen: 24
82.38.2.0/23 maxlen: 24
82.38.8.0/23 maxlen: 24
82.38.16.0/24 maxlen: 24
82.38.18.0/23 maxlen: 24
82.38.20.0/22 maxlen: 24
82.38.24.0/21 maxlen: 24
82.38.32.0/23 maxlen: 24
82.38.34.0/24 maxlen: 24
82.38.36.0/22 maxlen: 24
82.38.40.0/22 maxlen: 24
82.38.45.0/24 maxlen: 24
82.38.46.0/23 maxlen: 24
82.38.48.0/21 maxlen: 24
82.38.60.0/22 maxlen: 24
82.38.64.0/19 maxlen: 24
82.38.96.0/20 maxlen: 24
82.38.112.0/21 maxlen: 24
82.38.120.0/22 maxlen: 24
82.38.128.0/21 maxlen: 24
82.38.136.0/22 maxlen: 24
82.38.144.0/20 maxlen: 24
82.38.160.0/19 maxlen: 24
82.38.192.0/22 maxlen: 24
82.38.196.0/23 maxlen: 24
82.38.199.0/24 maxlen: 24
82.38.200.0/24 maxlen: 24
82.38.204.0/22 maxlen: 24
82.38.224.0/19 maxlen: 24
82.39.0.0/18 maxlen: 24
82.39.64.0/19 maxlen: 24
82.39.96.0/20 maxlen: 24
82.39.114.0/23 maxlen: 24
82.39.116.0/22 maxlen: 24
82.39.120.0/21 maxlen: 24
82.39.128.0/19 maxlen: 24
82.39.160.0/20 maxlen: 24
82.39.176.0/21 maxlen: 24
82.39.184.0/22 maxlen: 24
82.39.188.0/23 maxlen: 24
82.39.190.0/24 maxlen: 24
82.39.193.0/24 maxlen: 24
82.39.194.0/23 maxlen: 24
82.39.196.0/22 maxlen: 24
82.39.200.0/21 maxlen: 24
82.39.208.0/20 maxlen: 24
82.39.224.0/21 maxlen: 24
82.39.232.0/23 maxlen: 24
82.39.240.0/22 maxlen: 24
82.39.246.0/23 maxlen: 24
82.39.248.0/23 maxlen: 24
82.39.250.0/24 maxlen: 24
82.41.0.0/21 maxlen: 24
82.41.10.0/23 maxlen: 24
82.41.12.0/22 maxlen: 24
82.41.16.0/20 maxlen: 24
82.41.32.0/21 maxlen: 24
82.41.40.0/22 maxlen: 24
82.41.48.0/22 maxlen: 24
82.41.56.0/21 maxlen: 24
82.41.64.0/22 maxlen: 24
82.41.72.0/21 maxlen: 24
82.41.80.0/20 maxlen: 24
82.41.96.0/20 maxlen: 24
82.41.116.0/22 maxlen: 24
82.41.120.0/21 maxlen: 24
82.41.128.0/18 maxlen: 24
82.41.194.0/23 maxlen: 24
82.41.196.0/22 maxlen: 24
82.41.200.0/21 maxlen: 24
82.41.208.0/20 maxlen: 24
82.41.224.0/21 maxlen: 24
82.41.232.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 12:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6a:c1:fb:d7:a2:71:b1:6f:08:8f:c8:08:6d:1b:6b:0b:19:d7:e1:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Nov 5 16:03:09 2025 GMT
Not After : Nov 4 16:08:09 2026 GMT
Subject: CN=A5D13FD2F2476A278BC8ADA8A5D09F89B5B9A48C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:5b:51:41:b8:9d:9b:c8:11:2d:22:08:15:12:
64:b1:fb:76:8d:bd:32:91:1f:a6:89:dc:93:8c:8d:
1c:df:61:a1:14:e7:e9:1e:6b:c4:de:12:b5:d6:e3:
3b:04:d2:a0:71:0f:c2:51:72:5e:4c:50:9b:4c:58:
d7:eb:bc:58:ca:14:2a:7f:00:18:63:99:5f:25:7b:
2e:09:c3:cc:12:19:75:ca:41:93:5b:71:50:95:a8:
39:de:87:28:f8:46:4b:06:30:a0:02:8c:ef:c9:b6:
8f:cd:70:56:ab:a0:2e:9e:a2:4f:89:78:d0:de:2a:
d2:9f:74:39:36:6d:ae:85:9b:d4:42:5d:32:39:8c:
c2:76:fd:80:52:e7:b7:23:c5:22:52:03:8a:bf:5a:
f1:ce:42:53:9b:46:ff:e6:49:87:56:f6:33:76:cb:
6f:e6:72:b3:e5:ce:0f:dd:8b:d5:68:88:fd:cd:34:
b6:b0:6b:23:39:eb:ce:89:07:6b:45:8b:50:90:a4:
d5:3e:bf:fa:09:69:ae:20:48:be:44:bf:25:69:b9:
13:1f:5b:62:10:f7:73:ca:c6:8b:d0:1b:bb:0a:bd:
00:80:66:75:dd:a9:1f:06:d2:41:d9:ea:5d:4e:12:
c2:76:f5:94:89:a2:9e:2f:01:97:c7:3f:fa:44:72:
ad:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:D1:3F:D2:F2:47:6A:27:8B:C8:AD:A8:A5:D0:9F:89:B5:B9:A4:8C
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS834.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.22.10.0/23
82.22.15.0-82.22.18.255
82.22.23.0/24
82.22.25.0/24
82.22.27.0-82.22.31.255
82.22.34.0-82.22.36.255
82.22.38.0/24
82.22.47.0/24
82.22.50.0/24
82.22.53.0/24
82.22.61.0/24
82.22.124.0/24
82.22.196.0/24
82.23.249.0/24
82.24.24.0/23
82.24.31.0/24
82.25.36.0/24
82.25.41.0/24
82.25.59.0/24
82.25.61.0-82.25.62.255
82.25.161.0/24
82.26.65.0/24
82.26.81.0/24
82.26.150.0/23
82.26.171.0/24
82.26.193.0/24
82.27.116.0/24
82.27.118.0/24
82.27.131.0/24
82.27.197.0/24
82.29.6.0/24
82.29.41.0/24
82.29.48.0/24
82.29.74.0/24
82.29.88.0/24
82.29.103.0/24
82.29.109.0/24
82.29.112.0/24
82.29.125.0/24
82.38.1.0-82.38.3.255
82.38.8.0/23
82.38.16.0/24
82.38.18.0-82.38.34.255
82.38.36.0-82.38.43.255
82.38.45.0-82.38.55.255
82.38.60.0-82.38.123.255
82.38.128.0-82.38.139.255
82.38.144.0-82.38.197.255
82.38.199.0-82.38.200.255
82.38.204.0/22
82.38.224.0-82.39.111.255
82.39.114.0-82.39.190.255
82.39.193.0-82.39.233.255
82.39.240.0/22
82.39.246.0-82.39.250.255
82.41.0.0/21
82.41.10.0-82.41.43.255
82.41.48.0/22
82.41.56.0-82.41.67.255
82.41.72.0-82.41.111.255
82.41.116.0-82.41.191.255
82.41.194.0-82.41.232.255
Signature Algorithm: sha256WithRSAEncryption
92:09:bc:a1:5f:65:8a:62:35:51:d1:40:96:39:a2:c0:a9:22:
4d:c7:f2:91:f6:64:f8:85:e6:e6:c9:9c:00:6f:5c:d2:02:a4:
7e:ca:ed:79:5d:db:93:1e:ca:b0:c4:90:a2:07:6a:a8:fd:a4:
77:a3:0c:eb:4f:21:cb:03:15:38:ef:f2:3f:d7:52:f1:c4:4b:
8b:0e:5e:26:b5:fd:ae:f2:0f:2c:25:71:d8:0b:80:61:2e:48:
c5:a4:80:da:6d:0b:37:de:f3:39:a4:58:57:bb:e9:de:97:18:
c9:d8:87:39:d6:8a:65:26:a0:e9:45:c7:a5:8d:8d:49:c1:a5:
f5:77:ad:a1:da:fa:f3:47:bf:4d:bf:1d:ac:b4:6c:9c:7c:43:
65:81:aa:22:c8:4a:3e:d6:c6:99:d0:6e:69:90:0a:1e:03:5a:
07:2c:3a:1e:5e:69:45:96:14:d1:17:8e:33:6f:b3:c8:28:14:
b1:ff:92:4e:4d:cf:ad:68:1e:72:c3:b8:5f:35:b5:9a:b3:1d:
fc:aa:81:80:ed:d2:d1:27:36:ef:2e:51:30:bc:a8:87:a5:73:
06:9b:51:6a:a4:31:6e:f3:d2:76:4c:3e:ec:60:df:96:eb:f0:
42:5f:3d:d6:1c:7a:92:1e:5c:b1:f1:8a:81:8c:9a:92:41:83:
ca:51:d0:c1
-----BEGIN CERTIFICATE-----
MIIHHTCCBgWgAwIBAgIUasH716JxsW8Ij8gIbRtrCxnX4X8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTExMDUxNjAzMDlaFw0yNjExMDQxNjA4MDlaMDMxMTAvBgNV
BAMTKEE1RDEzRkQyRjI0NzZBMjc4QkM4QURBOEE1RDA5Rjg5QjVCOUE0OEMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCzW1FBuJ2byBEtIggVEmSx+3aN
vTKRH6aJ3JOMjRzfYaEU5+kea8TeErXW4zsE0qBxD8JRcl5MUJtMWNfrvFjKFCp/
ABhjmV8ley4Jw8wSGXXKQZNbcVCVqDnehyj4RksGMKACjO/Jto/NcFaroC6eok+J
eNDeKtKfdDk2ba6Fm9RCXTI5jMJ2/YBS57cjxSJSA4q/WvHOQlObRv/mSYdW9jN2
y2/mcrPlzg/di9VoiP3NNLawayM5686JB2tFi1CQpNU+v/oJaa4gSL5EvyVpuRMf
W2IQ93PKxovQG7sKvQCAZnXdqR8G0kHZ6l1OEsJ29ZSJop4vAZfHP/pEcq1jAgMB
AAGjggQnMIIEIzAdBgNVHQ4EFgQUpdE/0vJHaieLyK2opdCfibW5pIwwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIweAYIKwYBBQUHAQsEbDBqMGgGCCsGAQUFBzALhlxyc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTODM0LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIICPQYIKwYBBQUHAQcBAf8EggIsMIICKDCCAiQEAgABMIIC
HAMEAVIWCjAMAwQAUhYPAwQAUhYSAwQAUhYXAwQAUhYZMAwDBABSFhsDBAVSFgAw
DAMEAVIWIgMEAFIWJAMEAFIWJgMEAFIWLwMEAFIWMgMEAFIWNQMEAFIWPQMEAFIW
fAMEAFIWxAMEAFIX+QMEAVIYGAMEAFIYHwMEAFIZJAMEAFIZKQMEAFIZOzAMAwQA
Uhk9AwQAUhk+AwQAUhmhAwQAUhpBAwQAUhpRAwQBUhqWAwQAUhqrAwQAUhrBAwQA
Uht0AwQAUht2AwQAUhuDAwQAUhvFAwQAUh0GAwQAUh0pAwQAUh0wAwQAUh1KAwQA
Uh1YAwQAUh1nAwQAUh1tAwQAUh1wAwQAUh19MAwDBABSJgEDBAJSJgADBAFSJggD
BABSJhAwDAMEAVImEgMEAFImIjAMAwQCUiYkAwQCUiYoMAwDBABSJi0DBANSJjAw
DAMEAlImPAMEAlImeDAMAwQHUiaAAwQCUiaIMAwDBARSJpADBAFSJsQwDAMEAFIm
xwMEAFImyAMEAlImzDAMAwQFUibgAwQEUidgMAwDBAFSJ3IDBABSJ74wDAMEAFIn
wQMEAVIn6AMEAlIn8DAMAwQBUif2AwQAUif6AwQDUikAMAwDBAFSKQoDBAJSKSgD
BAJSKTAwDAMEA1IpOAMEAlIpQDAMAwQDUilIAwQEUilgMAwDBAJSKXQDBAZSKYAw
DAMEAVIpwgMEAFIp6DANBgkqhkiG9w0BAQsFAAOCAQEAkgm8oV9limI1UdFAljmi
wKkiTcfykfZk+IXm5smcAG9c0gKkfsrteV3bkx7KsMSQogdqqP2kd6MM608hywMV
OO/yP9dS8cRLiw5eJrX9rvIPLCVx2AuAYS5IxaSA2m0LN97zOaRYV7vp3pcYydiH
OdaKZSag6UXHpY2NScGl9Xetodr680e/Tb8drLRsnHxDZYGqIshKPtbGmdBuaZAK
HgNaByw6Hl5pRZYU0ReOM2+zyCgUsf+STk3PrWgecsO4XzW1mrMd/KqBgO3S0Sc2
7y5RMLyoh6VzBptRaqQxbvPSdkw+7GDfluvwQl891hx6kh5csfGKgYyakkGDylHQ
wQ==
-----END CERTIFICATE-----
Generated at Wed Nov 5 20:29:56 2025 by rpki-client