Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS834.roa
File: AS834.roa (raw, json)
Hash identifier: 5HzusgP88t2yNTD4DwdegizQWc3va1vEYDy9nB5uV4o=
Subject key identifier: 2B:10:5F:D8:34:2B:8F:43:DC:6F:67:65:99:9E:CE:B9:FA:35:1F:23
Certificate issuer: /CN=c2302af143c15daad50042d8455e689d0828eca9
Certificate serial: 662BE4E3D10E3E1AFB49F46240EB9DE811D6C315
Authority key identifier: C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS834.roa
Signing time: Tue 04 Nov 2025 12:47:00 +0000
ROA not before: Tue 04 Nov 2025 12:42:00 +0000
ROA not after: Tue 03 Nov 2026 12:47:00 +0000
asID: 834
IP address blocks: 141.11.40.0/24 maxlen: 24
141.11.57.0/24 maxlen: 24
141.11.181.0/24 maxlen: 24
141.11.197.0/24 maxlen: 24
141.11.236.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.crl
rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.mft
rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 15:28:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
66:2b:e4:e3:d1:0e:3e:1a:fb:49:f4:62:40:eb:9d:e8:11:d6:c3:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2302af143c15daad50042d8455e689d0828eca9
Validity
Not Before: Nov 4 12:42:00 2025 GMT
Not After : Nov 3 12:47:00 2026 GMT
Subject: CN=2B105FD8342B8F43DC6F6765999ECEB9FA351F23
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:fc:65:9e:b5:31:59:f9:8d:0f:f3:7e:8f:10:
a1:c2:e2:79:52:17:6a:c0:f9:6a:9f:3e:fa:76:80:
f3:0a:e3:9f:b0:89:d0:52:36:26:44:63:15:91:6f:
f7:18:26:4d:b6:96:86:32:42:73:39:fd:fe:f7:09:
6d:6c:a2:82:e3:3e:06:b5:ae:99:29:f7:a3:49:de:
af:de:c5:43:ed:61:40:e0:de:57:2c:c1:a1:86:7d:
45:3b:f8:f6:5a:b1:b0:83:c5:c1:d6:b6:7a:cc:e1:
83:41:3f:8d:b5:ff:21:00:db:d3:42:31:d3:a0:78:
7f:93:11:3e:0f:19:24:0e:d9:29:01:4d:21:9e:2d:
cc:b2:79:c7:9d:cf:ff:45:b8:bd:7b:81:e3:fa:82:
9c:3e:03:99:99:4d:a1:92:41:34:7a:b5:40:dd:cc:
ee:0c:8f:ef:2c:55:d0:e3:6c:22:89:0a:f4:05:a1:
08:8d:2c:70:5a:94:65:ae:06:16:f2:62:63:91:d8:
e8:87:3c:8d:ff:eb:e9:d9:90:27:cb:a7:a1:03:cf:
86:89:d4:85:62:41:58:5d:ba:d1:54:be:fb:ed:f1:
97:40:58:1b:77:07:9a:5b:a7:1d:79:cd:e1:f9:71:
1a:4c:26:ff:af:36:23:c9:c3:96:86:66:26:d5:cc:
e1:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:10:5F:D8:34:2B:8F:43:DC:6F:67:65:99:9E:CE:B9:FA:35:1F:23
X509v3 Authority Key Identifier:
keyid:C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS834.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.11.40.0/24
141.11.57.0/24
141.11.181.0/24
141.11.197.0/24
141.11.236.0/24
Signature Algorithm: sha256WithRSAEncryption
99:3a:dd:d3:b0:86:8d:d5:b3:fc:a3:ab:40:41:8d:90:a4:b7:
19:d3:2f:cf:d9:5a:f5:54:51:ea:a2:f8:39:39:a0:b9:fa:79:
0e:07:fe:88:4d:1e:da:eb:1d:e4:30:ac:10:03:a1:ae:18:ad:
1d:a4:d3:d8:f2:4d:d6:ac:1e:ed:e2:ea:e9:e6:11:7d:23:c1:
64:3d:04:77:75:ae:65:40:64:37:bd:a1:62:ff:dc:9d:6d:69:
45:a3:cc:8b:3a:62:78:54:40:a5:c3:43:8b:79:2f:48:2d:3a:
04:ed:36:3c:66:e1:1a:00:48:15:36:92:3e:de:8c:00:3e:fe:
2b:b7:88:9d:6b:0e:40:cd:8a:9c:bb:26:6d:03:00:ed:cb:73:
3d:3d:f3:61:50:ee:0d:6c:e0:2b:d5:4c:20:ee:88:29:13:5c:
05:d5:99:80:29:d0:95:95:9c:fd:03:4b:d8:28:50:29:41:97:
4a:f8:10:42:b0:db:08:8d:b5:54:9d:f6:11:f2:79:66:91:d3:
46:69:71:77:e6:b6:e5:f1:4f:36:8c:24:f5:3e:69:75:c2:2c:
37:65:83:13:f4:51:82:07:0a:f5:67:4e:97:0f:c4:4a:12:e5:
8a:dc:a4:bd:02:1f:d4:fd:dc:32:9f:21:92:45:d0:67:93:39:
ba:9e:c0:f5
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgIUZivk49EOPhr7SfRiQOud6BHWwxUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYzIzMDJhZjE0M2MxNWRhYWQ1MDA0MmQ4NDU1ZTY4OWQw
ODI4ZWNhOTAeFw0yNTExMDQxMjQyMDBaFw0yNjExMDMxMjQ3MDBaMDMxMTAvBgNV
BAMTKDJCMTA1RkQ4MzQyQjhGNDNEQzZGNjc2NTk5OUVDRUI5RkEzNTFGMjMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDH/GWetTFZ+Y0P836PEKHC4nlS
F2rA+WqfPvp2gPMK45+widBSNiZEYxWRb/cYJk22loYyQnM5/f73CW1sooLjPga1
rpkp96NJ3q/exUPtYUDg3lcswaGGfUU7+PZasbCDxcHWtnrM4YNBP421/yEA29NC
MdOgeH+TET4PGSQO2SkBTSGeLcyyecedz/9FuL17geP6gpw+A5mZTaGSQTR6tUDd
zO4Mj+8sVdDjbCKJCvQFoQiNLHBalGWuBhbyYmOR2OiHPI3/6+nZkCfLp6EDz4aJ
1IViQVhdutFUvvvt8ZdAWBt3B5pbpx15zeH5cRpMJv+vNiPJw5aGZibVzOHvAgMB
AAGjggIfMIICGzAdBgNVHQ4EFgQUKxBf2DQrj0Pcb2dlmZ7Oufo1HyMwHwYDVR0j
BBgwFoAUwjAq8UPBXarVAELYRV5onQgo7KkwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYTkzY2I1NWMtOTU3MS00NGM4LTkwZTEtOTY1YjkyNzY5
ZTRlLzAvQzIzMDJBRjE0M0MxNURBQUQ1MDA0MkQ4NDU1RTY4OUQwODI4RUNBOS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3dqQXE4VVBCWGFyVkFFTFlSVjVvblFn
bzdLay5jZXIweAYIKwYBBQUHAQsEbDBqMGgGCCsGAQUFBzALhlxyc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2E5M2NiNTVjLTk1NzEt
NDRjOC05MGUxLTk2NWI5Mjc2OWU0ZS8wL0FTODM0LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAjQsoAwQA
jQs5AwQAjQu1AwQAjQvFAwQAjQvsMA0GCSqGSIb3DQEBCwUAA4IBAQCZOt3TsIaN
1bP8o6tAQY2QpLcZ0y/P2Vr1VFHqovg5OaC5+nkOB/6ITR7a6x3kMKwQA6GuGK0d
pNPY8k3WrB7t4urp5hF9I8FkPQR3da5lQGQ3vaFi/9ydbWlFo8yLOmJ4VEClw0OL
eS9ILToE7TY8ZuEaAEgVNpI+3owAPv4rt4idaw5AzYqcuyZtAwDty3M9PfNhUO4N
bOAr1Uwg7ogpE1wF1ZmAKdCVlZz9A0vYKFApQZdK+BBCsNsIjbVUnfYR8nlmkdNG
aXF35rbl8U82jCT1Pml1wiw3ZYMT9FGCBwr1Z06XD8RKEuWK3KS9Ah/U/dwynyGS
RdBnkzm6nsD1
-----END CERTIFICATE-----
Generated at Tue Nov 4 22:37:31 2025 by rpki-client