Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS834.roa
File: AS834.roa (raw, json)
Hash identifier: rKsUyWJRbQoY4lZH3peYPonq4PmwYj4OMy39SfZzskk=
Subject key identifier: D0:74:84:39:AA:7F:79:E0:8E:BD:BF:6B:69:03:91:12:5C:C6:5E:23
Certificate issuer: /CN=c2302af143c15daad50042d8455e689d0828eca9
Certificate serial: 44F7F0C69324375AFB41DA20AA426EBAFE09780B
Authority key identifier: C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS834.roa
Signing time: Mon 02 Mar 2026 00:04:27 +0000
ROA not before: Sun 01 Mar 2026 23:59:27 +0000
ROA not after: Mon 01 Mar 2027 00:04:27 +0000
asID: 834
IP address blocks: 141.11.106.0/24 maxlen: 24
141.11.161.0/24 maxlen: 24
141.11.216.0/24 maxlen: 24
141.11.218.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.crl
rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.mft
rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
44:f7:f0:c6:93:24:37:5a:fb:41:da:20:aa:42:6e:ba:fe:09:78:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2302af143c15daad50042d8455e689d0828eca9
Validity
Not Before: Mar 1 23:59:27 2026 GMT
Not After : Mar 1 00:04:27 2027 GMT
Subject: CN=D0748439AA7F79E08EBDBF6B690391125CC65E23
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:e4:c3:c7:57:eb:5a:4c:99:33:55:0c:a7:d6:
dc:ff:64:80:07:7e:7b:e8:4a:c0:94:aa:89:a7:f5:
96:de:8e:aa:45:d9:40:0f:6d:c4:6a:e6:45:2e:40:
62:ca:23:77:e4:5c:bc:aa:f3:29:20:97:54:b0:41:
38:fd:cb:e5:87:a3:77:6e:1b:c1:3d:8d:a6:85:dd:
d0:cc:c7:f1:7a:64:f3:29:bc:b2:18:11:2c:ff:ba:
04:04:59:fc:27:0f:75:9b:d1:56:59:00:14:d4:40:
c4:e7:4b:74:90:d5:5d:26:a8:3e:63:71:ac:9f:63:
54:3a:2f:b5:42:93:a9:38:7d:6d:67:2b:4c:09:62:
3e:05:94:d8:46:fc:38:6e:3d:93:5c:65:3a:e0:ee:
06:cd:70:b2:f3:59:1c:ac:00:16:aa:ce:5e:87:88:
7f:f4:a8:67:3e:f4:85:00:7d:28:93:42:b1:c2:da:
48:c2:9d:e5:5e:58:1e:de:ce:b6:22:eb:47:46:5d:
49:d0:51:b8:48:01:81:22:6d:cd:aa:cc:a7:2b:6f:
8b:1f:7b:f1:f8:b1:0a:7f:e4:3d:06:f5:0b:e1:a7:
35:f3:7d:30:7c:5f:7e:a3:aa:ba:a8:88:39:11:ce:
00:cb:e8:41:64:38:b8:13:82:bc:22:7c:13:17:de:
78:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:74:84:39:AA:7F:79:E0:8E:BD:BF:6B:69:03:91:12:5C:C6:5E:23
X509v3 Authority Key Identifier:
keyid:C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS834.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.11.106.0/24
141.11.161.0/24
141.11.216.0/24
141.11.218.0/24
Signature Algorithm: sha256WithRSAEncryption
9c:6a:9a:4b:33:05:23:45:ff:52:72:34:59:00:f2:b4:21:28:
7b:ef:d1:bb:26:7f:20:52:cc:e1:63:63:6c:b2:0c:4e:e3:72:
1b:76:de:3b:cf:08:8e:e9:ab:60:94:f4:91:f7:1e:e3:a7:35:
a4:dd:35:4c:96:dc:92:13:95:d2:a9:14:d7:7a:4c:f4:ce:25:
69:e5:8e:ff:22:3f:76:05:9b:25:59:53:47:f0:d9:b8:42:69:
50:88:89:d0:bc:ca:25:12:ac:14:48:dd:1a:af:21:8d:03:bf:
26:71:15:2b:e6:cd:09:dc:40:be:71:b5:f1:82:fa:09:a6:78:
8f:3e:82:23:a8:f7:f6:09:fe:1a:b8:60:88:0a:d7:0f:d1:93:
18:0f:9f:48:14:75:52:90:27:03:0d:dd:4f:fc:0c:6a:ae:7f:
0a:98:42:77:47:9d:a2:9b:48:39:2f:7b:4e:f8:a5:93:fe:0c:
02:da:84:e9:a8:f8:5b:ba:bf:dc:79:f8:9a:e9:1e:b7:0b:a6:
01:3f:c3:71:f5:f5:59:44:c1:e6:65:d1:a7:5e:d2:63:9d:23:
fd:fb:55:ee:a5:29:be:81:14:98:ac:4b:db:e2:41:78:0f:eb:
f9:ba:1f:6b:94:ec:cb:d0:c7:97:49:bc:b4:e1:d0:67:80:e8:
ba:78:d2:f3
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgIURPfwxpMkN1r7QdogqkJuuv4JeAswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYzIzMDJhZjE0M2MxNWRhYWQ1MDA0MmQ4NDU1ZTY4OWQw
ODI4ZWNhOTAeFw0yNjAzMDEyMzU5MjdaFw0yNzAzMDEwMDA0MjdaMDMxMTAvBgNV
BAMTKEQwNzQ4NDM5QUE3Rjc5RTA4RUJEQkY2QjY5MDM5MTEyNUNDNjVFMjMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCx5MPHV+taTJkzVQyn1tz/ZIAH
fnvoSsCUqomn9ZbejqpF2UAPbcRq5kUuQGLKI3fkXLyq8ykgl1SwQTj9y+WHo3du
G8E9jaaF3dDMx/F6ZPMpvLIYESz/ugQEWfwnD3Wb0VZZABTUQMTnS3SQ1V0mqD5j
cayfY1Q6L7VCk6k4fW1nK0wJYj4FlNhG/DhuPZNcZTrg7gbNcLLzWRysABaqzl6H
iH/0qGc+9IUAfSiTQrHC2kjCneVeWB7ezrYi60dGXUnQUbhIAYEibc2qzKcrb4sf
e/H4sQp/5D0G9QvhpzXzfTB8X36jqrqoiDkRzgDL6EFkOLgTgrwifBMX3niLAgMB
AAGjggIZMIICFTAdBgNVHQ4EFgQU0HSEOap/eeCOvb9raQORElzGXiMwHwYDVR0j
BBgwFoAUwjAq8UPBXarVAELYRV5onQgo7KkwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYTkzY2I1NWMtOTU3MS00NGM4LTkwZTEtOTY1YjkyNzY5
ZTRlLzAvQzIzMDJBRjE0M0MxNURBQUQ1MDA0MkQ4NDU1RTY4OUQwODI4RUNBOS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3dqQXE4VVBCWGFyVkFFTFlSVjVvblFn
bzdLay5jZXIweAYIKwYBBQUHAQsEbDBqMGgGCCsGAQUFBzALhlxyc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2E5M2NiNTVjLTk1NzEt
NDRjOC05MGUxLTk2NWI5Mjc2OWU0ZS8wL0FTODM0LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAjQtqAwQA
jQuhAwQAjQvYAwQAjQvaMA0GCSqGSIb3DQEBCwUAA4IBAQCcappLMwUjRf9ScjRZ
APK0ISh779G7Jn8gUszhY2NssgxO43Ibdt47zwiO6atglPSR9x7jpzWk3TVMltyS
E5XSqRTXekz0ziVp5Y7/Ij92BZslWVNH8Nm4QmlQiInQvMolEqwUSN0aryGNA78m
cRUr5s0J3EC+cbXxgvoJpniPPoIjqPf2Cf4auGCICtcP0ZMYD59IFHVSkCcDDd1P
/Axqrn8KmEJ3R52im0g5L3tO+KWT/gwC2oTpqPhbur/cefia6R63C6YBP8Nx9fVZ
RMHmZdGnXtJjnSP9+1XupSm+gRSYrEvb4kF4D+v5uh9rlOzL0MeXSby04dBngOi6
eNLz
-----END CERTIFICATE-----
Generated at Mon Mar 2 03:02:19 2026 by rpki-client