Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/AS834.roa
File: AS834.roa (raw, json)
Hash identifier: 5JGPPG5wcUClvVs9AFw4ey24SSiha4Ld3SysO/tnnrA=
Subject key identifier: 3C:AB:5A:31:1D:6C:9F:1A:EE:71:B9:37:B8:35:01:9F:AD:31:1E:81
Certificate issuer: /CN=88c14ec02adbf083138eddd47871176ddeb93d9d
Certificate serial: 1CA6B47A1D471932AF2D95AF2ADA5CF3E6F67B30
Authority key identifier: 88:C1:4E:C0:2A:DB:F0:83:13:8E:DD:D4:78:71:17:6D:DE:B9:3D:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/AS834.roa
Signing time: Fri 13 Jun 2025 00:00:41 +0000
ROA not before: Thu 12 Jun 2025 23:55:41 +0000
ROA not after: Fri 12 Jun 2026 00:00:41 +0000
asID: 834
IP address blocks: 143.20.1.0/24 maxlen: 24
143.20.4.0/23 maxlen: 24
143.20.8.0/21 maxlen: 24
143.20.16.0/22 maxlen: 24
143.20.21.0/24 maxlen: 24
143.20.22.0/23 maxlen: 24
143.20.24.0/22 maxlen: 24
143.20.28.0/23 maxlen: 24
143.20.31.0/24 maxlen: 24
143.20.32.0/21 maxlen: 24
143.20.40.0/23 maxlen: 24
143.20.42.0/24 maxlen: 24
143.20.44.0/22 maxlen: 24
143.20.48.0/23 maxlen: 24
143.20.51.0/24 maxlen: 24
143.20.52.0/22 maxlen: 24
143.20.56.0/21 maxlen: 24
143.20.64.0/22 maxlen: 24
143.20.70.0/23 maxlen: 24
143.20.72.0/22 maxlen: 24
143.20.77.0/24 maxlen: 24
143.20.78.0/23 maxlen: 24
143.20.80.0/23 maxlen: 24
143.20.82.0/24 maxlen: 24
143.20.99.0/24 maxlen: 24
143.20.102.0/23 maxlen: 24
143.20.106.0/24 maxlen: 24
143.20.108.0/22 maxlen: 24
143.20.112.0/24 maxlen: 24
143.20.126.0/23 maxlen: 24
143.20.128.0/21 maxlen: 24
143.20.136.0/22 maxlen: 24
143.20.140.0/23 maxlen: 24
143.20.142.0/24 maxlen: 24
143.20.144.0/20 maxlen: 24
143.20.160.0/20 maxlen: 24
143.20.176.0/23 maxlen: 24
143.20.179.0/24 maxlen: 24
143.20.180.0/22 maxlen: 24
143.20.184.0/21 maxlen: 24
143.20.192.0/21 maxlen: 24
143.20.200.0/22 maxlen: 24
143.20.204.0/23 maxlen: 24
143.20.207.0/24 maxlen: 24
143.20.208.0/20 maxlen: 24
143.20.224.0/21 maxlen: 24
143.20.232.0/22 maxlen: 24
143.20.236.0/24 maxlen: 24
143.20.238.0/24 maxlen: 24
143.20.247.0/24 maxlen: 24
143.20.255.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.crl
rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.mft
rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 22:19:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1c:a6:b4:7a:1d:47:19:32:af:2d:95:af:2a:da:5c:f3:e6:f6:7b:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88c14ec02adbf083138eddd47871176ddeb93d9d
Validity
Not Before: Jun 12 23:55:41 2025 GMT
Not After : Jun 12 00:00:41 2026 GMT
Subject: CN=3CAB5A311D6C9F1AEE71B937B835019FAD311E81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:fb:2e:52:6f:5e:eb:28:9b:0a:9f:b0:41:8d:
81:f0:81:91:75:6c:f7:ee:3c:83:7b:99:a4:52:32:
ab:a6:e9:79:c2:f4:82:5f:63:37:a3:55:aa:da:91:
66:c2:05:30:bb:09:b0:d8:65:94:fd:bd:31:0c:e9:
c7:4c:22:4f:ab:8d:f9:06:d6:1a:b3:18:a9:c4:8e:
74:0d:d9:15:94:da:e3:56:9c:e0:b1:dd:36:c5:29:
ba:2a:e9:11:bd:77:95:25:18:5f:55:67:61:49:11:
46:f4:c1:e0:38:44:9c:7d:0d:9e:5f:ae:fb:d9:5a:
9c:68:b3:23:97:ea:1c:0a:59:8b:9f:b4:51:f3:80:
ce:59:3b:55:93:fb:ed:fc:52:7d:a8:cf:0e:99:90:
aa:39:ba:23:4b:c0:3e:07:e4:8a:47:8f:81:82:2c:
7b:d6:37:44:0c:2f:39:f2:24:aa:e4:84:f1:fb:0d:
53:64:ac:ad:d2:bb:2c:69:50:5e:3f:af:ce:20:e9:
aa:b8:63:25:42:62:6c:34:e1:fd:88:3a:20:d1:70:
ef:3f:9e:d5:23:7e:9e:a8:a3:93:28:74:81:18:c0:
73:f2:b9:c6:97:4b:ad:8b:5e:38:83:f9:80:f7:3f:
f7:e4:ea:ba:a4:0b:e5:14:96:84:a5:d9:b8:5c:a0:
9c:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:AB:5A:31:1D:6C:9F:1A:EE:71:B9:37:B8:35:01:9F:AD:31:1E:81
X509v3 Authority Key Identifier:
keyid:88:C1:4E:C0:2A:DB:F0:83:13:8E:DD:D4:78:71:17:6D:DE:B9:3D:9D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/AS834.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.20.1.0/24
143.20.4.0/23
143.20.8.0-143.20.19.255
143.20.21.0-143.20.29.255
143.20.31.0-143.20.42.255
143.20.44.0-143.20.49.255
143.20.51.0-143.20.67.255
143.20.70.0-143.20.75.255
143.20.77.0-143.20.82.255
143.20.99.0/24
143.20.102.0/23
143.20.106.0/24
143.20.108.0-143.20.112.255
143.20.126.0-143.20.142.255
143.20.144.0-143.20.177.255
143.20.179.0-143.20.205.255
143.20.207.0-143.20.236.255
143.20.238.0/24
143.20.247.0/24
143.20.255.0/24
Signature Algorithm: sha256WithRSAEncryption
b2:0e:33:a1:39:3b:fe:66:e6:80:97:49:05:32:32:1f:ea:c6:
46:1d:27:49:82:c2:91:c7:44:fa:53:24:ca:b4:4f:9e:1e:cc:
f8:0b:93:53:4f:64:74:07:dc:62:0c:af:74:65:bf:16:23:5e:
6d:04:ea:8f:ca:15:41:38:a1:0d:25:86:a7:04:db:b0:48:14:
ca:75:c4:06:36:10:33:b5:e1:a9:44:61:3b:99:00:7a:78:43:
28:24:10:d0:4a:ca:55:d7:d8:1f:5c:b0:da:66:49:15:1d:28:
bd:25:38:64:08:f2:91:3e:2f:32:a6:07:01:bd:d3:c4:67:34:
69:e3:38:4f:5b:fa:8c:55:e3:f9:0b:e2:5a:15:d5:cb:13:f7:
3e:cd:d1:3c:c6:ca:58:31:d3:33:95:c7:87:f1:94:4a:cc:f0:
43:c1:dd:d5:c3:34:fd:eb:24:64:6f:48:79:c7:2b:e0:48:2e:
cf:b6:47:0e:b4:07:9a:99:cc:26:e6:61:16:1b:d9:9b:e7:3f:
ac:cd:61:73:cf:94:ff:cf:30:26:90:c5:9c:a8:e0:5b:f5:51:
9b:ed:27:af:12:5c:a4:55:c6:8e:e2:7e:ad:ba:ed:34:dd:11:
5c:ee:3e:fc:48:43:6a:83:3b:5a:25:b2:4c:4e:5b:b5:f9:2b:
50:6c:8a:33
-----BEGIN CERTIFICATE-----
MIIF1DCCBLygAwIBAgIUHKa0eh1HGTKvLZWvKtpc8+b2ezAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODhjMTRlYzAyYWRiZjA4MzEzOGVkZGQ0Nzg3MTE3NmRk
ZWI5M2Q5ZDAeFw0yNTA2MTIyMzU1NDFaFw0yNjA2MTIwMDAwNDFaMDMxMTAvBgNV
BAMTKDNDQUI1QTMxMUQ2QzlGMUFFRTcxQjkzN0I4MzUwMTlGQUQzMTFFODEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC7+y5Sb17rKJsKn7BBjYHwgZF1
bPfuPIN7maRSMqum6XnC9IJfYzejVarakWbCBTC7CbDYZZT9vTEM6cdMIk+rjfkG
1hqzGKnEjnQN2RWU2uNWnOCx3TbFKboq6RG9d5UlGF9VZ2FJEUb0weA4RJx9DZ5f
rvvZWpxosyOX6hwKWYuftFHzgM5ZO1WT++38Un2ozw6ZkKo5uiNLwD4H5IpHj4GC
LHvWN0QMLznyJKrkhPH7DVNkrK3SuyxpUF4/r84g6aq4YyVCYmw04f2IOiDRcO8/
ntUjfp6oo5ModIEYwHPyucaXS62LXjiD+YD3P/fk6rqkC+UUloSl2bhcoJyZAgMB
AAGjggLeMIIC2jAdBgNVHQ4EFgQUPKtaMR1snxrucbk3uDUBn60xHoEwHwYDVR0j
BBgwFoAUiMFOwCrb8IMTjt3UeHEXbd65PZ0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQwOWQ3YjItZWU2NC00OWYxLWFkODEtOGU0YTEwN2Q2
MmUwLzAvODhDMTRFQzAyQURCRjA4MzEzOEVEREQ0Nzg3MTE3NkRERUI5M0Q5RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2lNRk93Q3JiOElNVGp0M1VlSEVYYmQ2
NVBaMC5jZXIweAYIKwYBBQUHAQsEbDBqMGgGCCsGAQUFBzALhlxyc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0MDlkN2IyLWVlNjQt
NDlmMS1hZDgxLThlNGExMDdkNjJlMC8wL0FTODM0LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH1BggrBgEFBQcBBwEB/wSB5TCB4jCB3wQCAAEwgdgDBACP
FAEDBAGPFAQwDAMEA48UCAMEAo8UEDAMAwQAjxQVAwQBjxQcMAwDBACPFB8DBACP
FCowDAMEAo8ULAMEAY8UMDAMAwQAjxQzAwQCjxRAMAwDBAGPFEYDBAKPFEgwDAME
AI8UTQMEAI8UUgMEAI8UYwMEAY8UZgMEAI8UajAMAwQCjxRsAwQAjxRwMAwDBAGP
FH4DBACPFI4wDAMEBI8UkAMEAY8UsDAMAwQAjxSzAwQBjxTMMAwDBACPFM8DBACP
FOwDBACPFO4DBACPFPcDBACPFP8wDQYJKoZIhvcNAQELBQADggEBALIOM6E5O/5m
5oCXSQUyMh/qxkYdJ0mCwpHHRPpTJMq0T54ezPgLk1NPZHQH3GIMr3RlvxYjXm0E
6o/KFUE4oQ0lhqcE27BIFMp1xAY2EDO14alEYTuZAHp4QygkENBKylXX2B9csNpm
SRUdKL0lOGQI8pE+LzKmBwG908RnNGnjOE9b+oxV4/kL4loV1csT9z7N0TzGylgx
0zOVx4fxlErM8EPB3dXDNP3rJGRvSHnHK+BILs+2Rw60B5qZzCbmYRYb2ZvnP6zN
YXPPlP/PMCaQxZyo4Fv1UZvtJ68SXKRVxo7ifq267TTdEVzuPvxIQ2qDO1olskxO
W7X5K1BsijM=
-----END CERTIFICATE-----
Generated at Sun Jun 15 06:10:32 2025 by rpki-client