Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS834.roa
File: AS834.roa (raw, json)
Hash identifier: Xe2M414ogfrtqf2o/hVUwInzgzRTfjYJxdDt2P882PA=
Subject key identifier: 9D:AB:96:DE:0C:8C:10:52:15:A9:F9:88:01:21:AF:BF:3D:67:A2:B5
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 6D228E5DACCA4679E8CD3FC189FC862B6D773842
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS834.roa
Signing time: Fri 12 Jun 2026 13:05:36 +0000
ROA not before: Fri 12 Jun 2026 13:00:36 +0000
ROA not after: Fri 11 Jun 2027 13:05:36 +0000
asID: 834
IP address blocks: 82.21.57.0/24 maxlen: 24
82.22.28.0/24 maxlen: 24
82.22.37.0/24 maxlen: 24
82.23.165.0/24 maxlen: 24
82.23.184.0/24 maxlen: 24
82.23.197.0/24 maxlen: 24
82.24.48.0/24 maxlen: 24
82.24.52.0/24 maxlen: 24
82.25.4.0/24 maxlen: 24
82.25.6.0/23 maxlen: 24
82.25.10.0/23 maxlen: 24
82.25.14.0/24 maxlen: 24
82.25.16.0/24 maxlen: 24
82.25.20.0/24 maxlen: 24
82.25.53.0/24 maxlen: 24
82.25.138.0/24 maxlen: 24
82.25.140.0/24 maxlen: 24
82.25.145.0/24 maxlen: 24
82.26.65.0/24 maxlen: 24
82.26.124.0/24 maxlen: 24
82.26.197.0/24 maxlen: 24
82.27.119.0/24 maxlen: 24
82.27.122.0/24 maxlen: 24
82.27.134.0/24 maxlen: 24
82.38.92.0/24 maxlen: 24
82.38.103.0/24 maxlen: 24
82.38.104.0/24 maxlen: 24
82.38.107.0/24 maxlen: 24
82.38.108.0/23 maxlen: 24
82.38.112.0/24 maxlen: 24
82.38.114.0/23 maxlen: 24
82.38.122.0/24 maxlen: 24
82.38.132.0/24 maxlen: 24
82.38.168.0/24 maxlen: 24
82.38.201.0/24 maxlen: 24
82.38.212.0/24 maxlen: 24
82.39.64.0/24 maxlen: 24
82.39.119.0/24 maxlen: 24
82.39.228.0/23 maxlen: 24
82.39.240.0/22 maxlen: 24
82.41.3.0/24 maxlen: 24
82.41.26.0/24 maxlen: 24
82.47.126.0/23 maxlen: 24
82.47.193.0/24 maxlen: 24
82.47.202.0/24 maxlen: 24
82.47.207.0/24 maxlen: 24
84.75.80.0/23 maxlen: 24
84.75.82.0/24 maxlen: 24
84.75.84.0/24 maxlen: 24
84.75.140.0/23 maxlen: 24
84.75.164.0/24 maxlen: 24
84.75.171.0/24 maxlen: 24
84.75.176.0/22 maxlen: 24
84.75.222.0/23 maxlen: 24
84.75.252.0/23 maxlen: 24
178.83.122.0/24 maxlen: 24
178.83.144.0/24 maxlen: 24
178.83.152.0/24 maxlen: 24
178.83.161.0/24 maxlen: 24
178.83.191.0/24 maxlen: 24
178.83.215.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 13 Jun 2026 15:07:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6d:22:8e:5d:ac:ca:46:79:e8:cd:3f:c1:89:fc:86:2b:6d:77:38:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Jun 12 13:00:36 2026 GMT
Not After : Jun 11 13:05:36 2027 GMT
Subject: CN=9DAB96DE0C8C105215A9F9880121AFBF3D67A2B5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:4a:34:5d:99:db:cb:42:61:55:d8:34:dc:f4:
e2:c9:42:99:c3:3c:3a:f3:4f:98:b4:6a:39:c0:ac:
85:92:66:e1:cb:27:7e:53:b4:29:ac:38:29:57:dc:
c9:da:44:e9:91:6e:72:69:49:40:0e:80:ca:9a:ac:
47:cd:17:bc:91:35:c9:2e:70:d7:2d:da:e8:53:b6:
93:2a:8a:2f:a3:e7:d0:4c:81:e2:64:17:3d:c5:d4:
8e:2c:5c:01:f5:e1:10:c5:03:b8:57:d1:42:c1:ac:
f4:d2:f3:ca:17:9a:0a:4b:ba:c2:85:a8:65:b3:c1:
9e:86:0d:97:89:fc:ff:cb:88:d9:3d:e7:53:2b:bf:
4e:37:6a:6e:03:f3:69:1f:b5:ce:29:54:98:e4:95:
19:0e:b9:29:ae:8f:5f:c2:46:7b:1e:3b:d2:6d:9d:
92:dd:aa:1f:5a:84:aa:67:37:c4:52:80:88:55:02:
6e:0e:c2:88:14:e9:be:39:a3:1c:29:a4:a4:7f:3c:
1b:0a:66:15:6b:1a:80:0f:36:1e:2d:21:70:1f:ad:
b6:fc:f1:be:b2:de:f7:ce:4f:80:7e:22:e7:0a:f1:
7c:a2:5d:7d:85:20:6c:89:57:e7:b9:4f:b7:e3:05:
2f:4a:98:b7:35:56:d6:11:07:7c:1e:4b:73:16:6c:
4e:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:AB:96:DE:0C:8C:10:52:15:A9:F9:88:01:21:AF:BF:3D:67:A2:B5
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS834.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.57.0/24
82.22.28.0/24
82.22.37.0/24
82.23.165.0/24
82.23.184.0/24
82.23.197.0/24
82.24.48.0/24
82.24.52.0/24
82.25.4.0/24
82.25.6.0/23
82.25.10.0/23
82.25.14.0/24
82.25.16.0/24
82.25.20.0/24
82.25.53.0/24
82.25.138.0/24
82.25.140.0/24
82.25.145.0/24
82.26.65.0/24
82.26.124.0/24
82.26.197.0/24
82.27.119.0/24
82.27.122.0/24
82.27.134.0/24
82.38.92.0/24
82.38.103.0-82.38.104.255
82.38.107.0-82.38.109.255
82.38.112.0/24
82.38.114.0/23
82.38.122.0/24
82.38.132.0/24
82.38.168.0/24
82.38.201.0/24
82.38.212.0/24
82.39.64.0/24
82.39.119.0/24
82.39.228.0/23
82.39.240.0/22
82.41.3.0/24
82.41.26.0/24
82.47.126.0/23
82.47.193.0/24
82.47.202.0/24
82.47.207.0/24
84.75.80.0-84.75.82.255
84.75.84.0/24
84.75.140.0/23
84.75.164.0/24
84.75.171.0/24
84.75.176.0/22
84.75.222.0/23
84.75.252.0/23
178.83.122.0/24
178.83.144.0/24
178.83.152.0/24
178.83.161.0/24
178.83.191.0/24
178.83.215.0/24
Signature Algorithm: sha256WithRSAEncryption
71:b3:43:c6:05:c4:1c:c8:92:ee:5d:32:9f:08:bf:48:69:dd:
bf:d9:9d:cb:6d:6f:c5:aa:ac:ad:dd:1b:5d:ec:1e:01:bd:70:
b3:5f:7c:51:02:84:d0:f4:55:81:e7:45:15:5e:22:9b:dd:14:
e0:c4:b4:66:ec:fb:bc:d8:2e:ea:f0:b1:c2:22:74:52:56:93:
40:8c:d3:a4:21:64:97:06:1f:ac:1a:6f:5b:0f:ed:00:e0:4a:
3f:14:71:1b:0b:ed:8d:c6:89:bd:dd:1d:2b:c7:a6:b9:81:51:
88:e2:5d:06:c5:29:ee:18:60:d2:1a:2b:c4:34:4d:42:56:36:
09:b0:58:c8:27:dd:f1:2f:ca:19:4c:4e:1c:d6:e8:75:06:d0:
46:50:9f:57:43:36:ba:b6:28:39:38:4c:09:ce:e2:c4:04:21:
54:02:7c:f8:3d:cb:e3:c0:18:98:be:ac:13:10:a9:4b:30:b2:
9f:88:1b:7a:56:2f:ba:cb:d0:ba:41:d7:f0:d9:e0:af:ba:57:
e7:4d:89:43:8c:06:08:ad:4a:99:7e:59:19:63:9c:8e:4d:e0:
c3:3a:b9:74:42:0b:3d:dc:9f:50:50:fb:cd:9e:1d:d8:8d:16:
61:5f:8a:31:53:c3:96:80:cb:78:d3:b4:82:d1:95:61:e7:37:
73:fc:58:46
-----BEGIN CERTIFICATE-----
MIIGdTCCBV2gAwIBAgIUbSKOXazKRnnozT/BifyGK213OEIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjA2MTIxMzAwMzZaFw0yNzA2MTExMzA1MzZaMDMxMTAvBgNV
BAMTKDlEQUI5NkRFMEM4QzEwNTIxNUE5Rjk4ODAxMjFBRkJGM0Q2N0EyQjUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCmSjRdmdvLQmFV2DTc9OLJQpnD
PDrzT5i0ajnArIWSZuHLJ35TtCmsOClX3MnaROmRbnJpSUAOgMqarEfNF7yRNcku
cNct2uhTtpMqii+j59BMgeJkFz3F1I4sXAH14RDFA7hX0ULBrPTS88oXmgpLusKF
qGWzwZ6GDZeJ/P/LiNk951Mrv043am4D82kftc4pVJjklRkOuSmuj1/CRnseO9Jt
nZLdqh9ahKpnN8RSgIhVAm4OwogU6b45oxwppKR/PBsKZhVrGoAPNh4tIXAfrbb8
8b6y3vfOT4B+IucK8XyiXX2FIGyJV+e5T7fjBS9KmLc1VtYRB3weS3MWbE6lAgMB
AAGjggN/MIIDezAdBgNVHQ4EFgQUnauW3gyMEFIVqfmIASGvvz1norUwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIweAYIKwYBBQUHAQsEbDBqMGgGCCsGAQUFBzALhlxyc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTODM0LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBlQYIKwYBBQUHAQcBAf8EggGEMIIBgDCCAXwEAgABMIIB
dAMEAFIVOQMEAFIWHAMEAFIWJQMEAFIXpQMEAFIXuAMEAFIXxQMEAFIYMAMEAFIY
NAMEAFIZBAMEAVIZBgMEAVIZCgMEAFIZDgMEAFIZEAMEAFIZFAMEAFIZNQMEAFIZ
igMEAFIZjAMEAFIZkQMEAFIaQQMEAFIafAMEAFIaxQMEAFIbdwMEAFIbegMEAFIb
hgMEAFImXDAMAwQAUiZnAwQAUiZoMAwDBABSJmsDBAFSJmwDBABSJnADBAFSJnID
BABSJnoDBABSJoQDBABSJqgDBABSJskDBABSJtQDBABSJ0ADBABSJ3cDBAFSJ+QD
BAJSJ/ADBABSKQMDBABSKRoDBAFSL34DBABSL8EDBABSL8oDBABSL88wDAMEBFRL
UAMEAFRLUgMEAFRLVAMEAVRLjAMEAFRLpAMEAFRLqwMEAlRLsAMEAVRL3gMEAVRL
/AMEALJTegMEALJTkAMEALJTmAMEALJToQMEALJTvwMEALJT1zANBgkqhkiG9w0B
AQsFAAOCAQEAcbNDxgXEHMiS7l0ynwi/SGndv9mdy21vxaqsrd0bXeweAb1ws198
UQKE0PRVgedFFV4im90U4MS0Zuz7vNgu6vCxwiJ0UlaTQIzTpCFklwYfrBpvWw/t
AOBKPxRxGwvtjcaJvd0dK8emuYFRiOJdBsUp7hhg0horxDRNQlY2CbBYyCfd8S/K
GUxOHNbodQbQRlCfV0M2urYoOThMCc7ixAQhVAJ8+D3L48AYmL6sExCpSzCyn4gb
elYvusvQukHX8Nngr7pX502JQ4wGCK1KmX5ZGWOcjk3gwzq5dEILPdyfUFD7zZ4d
2I0WYV+KMVPDloDLeNO0gtGVYec3c/xYRg==
-----END CERTIFICATE-----
Generated at Sat Jun 13 09:13:12 2026 by rpki-client