Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/AS834.roa
File: AS834.roa (raw, json)
Hash identifier: lHQlJZUJgRKS9L6XjGYGGwzMLvCmeXkBwuhQq37N3l0=
Subject key identifier: 47:11:94:9C:F6:7F:C4:5A:C8:FD:A7:37:C0:76:D7:16:B5:99:D3:18
Certificate issuer: /CN=88c14ec02adbf083138eddd47871176ddeb93d9d
Certificate serial: 7360599108A4AB0B6326CCE2B25A4F77A07DF70D
Authority key identifier: 88:C1:4E:C0:2A:DB:F0:83:13:8E:DD:D4:78:71:17:6D:DE:B9:3D:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/AS834.roa
Signing time: Tue 04 Nov 2025 15:16:13 +0000
ROA not before: Tue 04 Nov 2025 15:11:13 +0000
ROA not after: Tue 03 Nov 2026 15:16:13 +0000
asID: 834
IP address blocks: 143.20.43.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.crl
rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.mft
rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 18:48:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
73:60:59:91:08:a4:ab:0b:63:26:cc:e2:b2:5a:4f:77:a0:7d:f7:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88c14ec02adbf083138eddd47871176ddeb93d9d
Validity
Not Before: Nov 4 15:11:13 2025 GMT
Not After : Nov 3 15:16:13 2026 GMT
Subject: CN=4711949CF67FC45AC8FDA737C076D716B599D318
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:25:45:04:d1:4a:7d:5e:9b:a9:bf:a3:7d:18:
33:a4:c9:29:72:48:1c:29:b8:01:20:e9:61:ea:33:
2f:45:9d:c3:b1:4c:d0:68:c5:4f:d9:8e:2e:84:fb:
61:17:1c:d8:ac:72:d5:a7:de:4b:48:b4:48:1f:6b:
01:b3:75:c2:ad:97:60:39:bd:65:02:91:3c:79:c7:
8f:34:13:45:0d:b1:ae:0f:17:ac:45:38:f9:14:b5:
9a:1c:84:24:70:ad:6a:23:70:c2:83:80:c5:5e:e5:
71:06:18:d0:85:e8:9f:b5:1f:08:07:3a:a0:47:06:
40:7e:e9:19:53:30:34:5b:ab:f0:14:50:bb:b3:21:
0a:7c:c4:70:56:7c:49:a4:35:a3:60:d9:76:3b:a4:
fd:a6:55:2a:78:c3:0e:40:85:71:12:7b:b3:3c:7f:
21:54:36:59:f2:6b:20:2a:bb:a4:c9:3d:66:e7:4b:
9d:12:32:fd:98:d1:4d:55:4b:cf:14:89:9d:59:85:
ca:88:67:27:99:5a:76:3e:f9:30:57:af:75:a6:e7:
c6:e5:d5:f2:1b:33:43:62:92:e4:08:5c:4f:97:be:
39:50:db:fe:0c:ef:66:47:21:59:11:56:14:bf:3e:
17:f3:6a:c3:5b:e0:a1:a6:9c:6d:b3:d2:a8:5a:62:
1e:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:11:94:9C:F6:7F:C4:5A:C8:FD:A7:37:C0:76:D7:16:B5:99:D3:18
X509v3 Authority Key Identifier:
keyid:88:C1:4E:C0:2A:DB:F0:83:13:8E:DD:D4:78:71:17:6D:DE:B9:3D:9D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/AS834.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.20.43.0/24
Signature Algorithm: sha256WithRSAEncryption
08:f0:31:42:69:11:a3:85:a7:10:77:39:1c:2c:ed:46:d5:73:
92:85:59:46:67:e8:19:d8:09:e7:51:a3:cf:d1:21:d9:34:57:
61:de:91:d4:c8:97:63:5f:b0:1e:c0:74:04:4f:4c:b7:0f:6e:
8d:16:1c:2f:1b:70:93:9a:50:bd:b8:22:39:dd:d5:4e:e5:c8:
09:4b:b4:06:10:a1:89:2e:e5:a0:3c:eb:b5:f0:b3:c1:61:e4:
39:e5:75:00:eb:e9:1e:cc:73:ac:36:37:33:e3:68:0d:b4:08:
3f:69:51:b2:81:7e:a2:30:e1:04:8a:65:b9:80:01:94:ff:b0:
76:39:36:d7:1c:99:b4:81:2b:ce:05:10:50:97:af:29:d0:f8:
2c:ca:ab:6d:4a:11:97:36:f5:fb:d7:43:1a:bb:5f:ec:75:f7:
f3:77:ca:c6:da:3f:3b:cf:8d:21:36:54:ff:20:87:20:9e:39:
36:01:96:36:0a:5c:1f:d9:c0:79:13:c4:c1:bf:77:7f:57:10:
c2:98:3a:27:42:6d:59:01:f8:e3:fb:98:f3:48:ee:dd:e3:5d:
0a:ed:99:a5:7f:41:97:ef:86:58:62:3d:6d:2f:1c:97:0f:40:
52:ef:55:7d:77:95:f5:d0:5b:d6:e7:70:de:b0:92:f3:8f:63:
8e:65:93:b5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgIUc2BZkQikqwtjJszislpPd6B99w0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODhjMTRlYzAyYWRiZjA4MzEzOGVkZGQ0Nzg3MTE3NmRk
ZWI5M2Q5ZDAeFw0yNTExMDQxNTExMTNaFw0yNjExMDMxNTE2MTNaMDMxMTAvBgNV
BAMTKDQ3MTE5NDlDRjY3RkM0NUFDOEZEQTczN0MwNzZENzE2QjU5OUQzMTgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDjJUUE0Up9Xpupv6N9GDOkySly
SBwpuAEg6WHqMy9FncOxTNBoxU/Zji6E+2EXHNisctWn3ktItEgfawGzdcKtl2A5
vWUCkTx5x480E0UNsa4PF6xFOPkUtZochCRwrWojcMKDgMVe5XEGGNCF6J+1HwgH
OqBHBkB+6RlTMDRbq/AUULuzIQp8xHBWfEmkNaNg2XY7pP2mVSp4ww5AhXESe7M8
fyFUNlnyayAqu6TJPWbnS50SMv2Y0U1VS88UiZ1ZhcqIZyeZWnY++TBXr3Wm58bl
1fIbM0NikuQIXE+XvjlQ2/4M72ZHIVkRVhS/PhfzasNb4KGmnG2z0qhaYh7zAgMB
AAGjggIHMIICAzAdBgNVHQ4EFgQURxGUnPZ/xFrI/ac3wHbXFrWZ0xgwHwYDVR0j
BBgwFoAUiMFOwCrb8IMTjt3UeHEXbd65PZ0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQwOWQ3YjItZWU2NC00OWYxLWFkODEtOGU0YTEwN2Q2
MmUwLzAvODhDMTRFQzAyQURCRjA4MzEzOEVEREQ0Nzg3MTE3NkRERUI5M0Q5RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2lNRk93Q3JiOElNVGp0M1VlSEVYYmQ2
NVBaMC5jZXIweAYIKwYBBQUHAQsEbDBqMGgGCCsGAQUFBzALhlxyc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0MDlkN2IyLWVlNjQt
NDlmMS1hZDgxLThlNGExMDdkNjJlMC8wL0FTODM0LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAjxQrMA0G
CSqGSIb3DQEBCwUAA4IBAQAI8DFCaRGjhacQdzkcLO1G1XOShVlGZ+gZ2AnnUaPP
0SHZNFdh3pHUyJdjX7AewHQET0y3D26NFhwvG3CTmlC9uCI53dVO5cgJS7QGEKGJ
LuWgPOu18LPBYeQ55XUA6+kezHOsNjcz42gNtAg/aVGygX6iMOEEimW5gAGU/7B2
OTbXHJm0gSvOBRBQl68p0PgsyqttShGXNvX710Mau1/sdffzd8rG2j87z40hNlT/
IIcgnjk2AZY2Clwf2cB5E8TBv3d/VxDCmDonQm1ZAfjj+5jzSO7d410K7Zmlf0GX
74ZYYj1tLxyXD0BS71V9d5X10FvW53DesJLzj2OOZZO1
-----END CERTIFICATE-----
Generated at Wed Nov 5 06:51:28 2025 by rpki-client