Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/AS834.roa
File: AS834.roa (raw, json)
Hash identifier: /BBsDPS86Ap5Xm5oVDpS+IHV7b9fzLu7M7xiiA/e7dg=
Subject key identifier: 54:CF:F9:28:CA:EE:74:29:BF:FD:6E:40:05:23:C3:B0:9D:79:05:ED
Certificate issuer: /CN=88c14ec02adbf083138eddd47871176ddeb93d9d
Certificate serial: 6705B81B5DA8872F813DC6B0008D7105AB6C84EC
Authority key identifier: 88:C1:4E:C0:2A:DB:F0:83:13:8E:DD:D4:78:71:17:6D:DE:B9:3D:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/AS834.roa
Signing time: Fri 12 Jun 2026 22:13:40 +0000
ROA not before: Fri 12 Jun 2026 22:08:40 +0000
ROA not after: Fri 11 Jun 2027 22:13:40 +0000
asID: 834
IP address blocks: 143.20.8.0/23 maxlen: 24
143.20.11.0/24 maxlen: 24
143.20.13.0/24 maxlen: 24
143.20.14.0/24 maxlen: 24
143.20.16.0/24 maxlen: 24
143.20.18.0/24 maxlen: 24
143.20.21.0/24 maxlen: 24
143.20.22.0/24 maxlen: 24
143.20.24.0/22 maxlen: 24
143.20.28.0/24 maxlen: 24
143.20.34.0/24 maxlen: 24
143.20.36.0/24 maxlen: 24
143.20.42.0/23 maxlen: 24
143.20.45.0/24 maxlen: 24
143.20.47.0/24 maxlen: 24
143.20.48.0/24 maxlen: 24
143.20.53.0/24 maxlen: 24
143.20.56.0/23 maxlen: 24
143.20.59.0/24 maxlen: 24
143.20.63.0/24 maxlen: 24
143.20.65.0/24 maxlen: 24
143.20.70.0/23 maxlen: 24
143.20.72.0/23 maxlen: 24
143.20.74.0/24 maxlen: 24
143.20.77.0/24 maxlen: 24
143.20.80.0/24 maxlen: 24
143.20.86.0/23 maxlen: 24
143.20.103.0/24 maxlen: 24
143.20.105.0/24 maxlen: 24
143.20.106.0/23 maxlen: 24
143.20.108.0/22 maxlen: 24
143.20.116.0/24 maxlen: 24
143.20.118.0/24 maxlen: 24
143.20.120.0/24 maxlen: 24
143.20.128.0/24 maxlen: 24
143.20.131.0/24 maxlen: 24
143.20.132.0/24 maxlen: 24
143.20.139.0/24 maxlen: 24
143.20.140.0/24 maxlen: 24
143.20.147.0/24 maxlen: 24
143.20.151.0/24 maxlen: 24
143.20.152.0/24 maxlen: 24
143.20.157.0/24 maxlen: 24
143.20.162.0/24 maxlen: 24
143.20.167.0/24 maxlen: 24
143.20.168.0/24 maxlen: 24
143.20.173.0/24 maxlen: 24
143.20.176.0/24 maxlen: 24
143.20.178.0/23 maxlen: 24
143.20.180.0/24 maxlen: 24
143.20.182.0/24 maxlen: 24
143.20.194.0/24 maxlen: 24
143.20.201.0/24 maxlen: 24
143.20.206.0/23 maxlen: 24
143.20.213.0/24 maxlen: 24
143.20.214.0/24 maxlen: 24
143.20.216.0/23 maxlen: 24
143.20.218.0/24 maxlen: 24
143.20.221.0/24 maxlen: 24
143.20.222.0/23 maxlen: 24
143.20.224.0/23 maxlen: 24
143.20.228.0/23 maxlen: 24
143.20.231.0/24 maxlen: 24
143.20.232.0/22 maxlen: 24
143.20.236.0/23 maxlen: 24
143.20.239.0/24 maxlen: 24
143.20.240.0/22 maxlen: 24
143.20.247.0/24 maxlen: 24
143.20.248.0/22 maxlen: 24
143.20.254.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.crl
rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.mft
rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 00:39:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
67:05:b8:1b:5d:a8:87:2f:81:3d:c6:b0:00:8d:71:05:ab:6c:84:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88c14ec02adbf083138eddd47871176ddeb93d9d
Validity
Not Before: Jun 12 22:08:40 2026 GMT
Not After : Jun 11 22:13:40 2027 GMT
Subject: CN=54CFF928CAEE7429BFFD6E400523C3B09D7905ED
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:08:ab:e3:78:88:28:51:4e:90:c2:87:96:56:
ff:67:14:ed:8b:d8:94:d2:f9:8f:12:d9:cb:1d:40:
be:6e:bc:d7:9f:0f:15:d0:48:70:8a:51:bb:3e:4e:
14:2b:86:a6:45:62:a2:de:31:83:2f:c2:75:bd:4f:
41:01:e2:a1:27:cf:03:12:2a:01:c9:fd:23:25:f3:
45:60:f3:77:23:f2:63:90:51:61:08:ac:d4:44:b1:
45:e1:4a:60:48:a8:9f:45:fc:05:c3:16:20:f7:f0:
99:61:7e:93:f0:75:32:44:2b:ed:ff:99:5f:0e:61:
34:89:f1:6d:cb:ac:62:3b:f9:8c:c9:f1:0b:92:d7:
d6:eb:4c:a1:fe:86:3e:32:e1:ba:be:e0:7c:07:1e:
ac:95:63:b3:65:61:a1:01:2d:b8:f6:7d:d8:97:08:
e3:79:dd:2c:df:17:8f:55:2a:f7:35:42:de:0f:43:
99:d0:cb:0e:fe:b8:96:5b:ba:fc:e8:9b:3b:14:04:
4f:c6:3f:1d:05:20:5c:ce:90:af:af:73:45:35:cc:
5a:1d:58:35:8b:5d:60:ea:06:48:d3:e5:17:19:1e:
4c:78:7a:a6:e4:3e:07:ed:d7:de:26:27:c1:5d:cd:
aa:eb:31:4a:b1:46:9c:3c:77:9d:22:e6:de:dc:43:
08:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:CF:F9:28:CA:EE:74:29:BF:FD:6E:40:05:23:C3:B0:9D:79:05:ED
X509v3 Authority Key Identifier:
keyid:88:C1:4E:C0:2A:DB:F0:83:13:8E:DD:D4:78:71:17:6D:DE:B9:3D:9D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/AS834.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.20.8.0/23
143.20.11.0/24
143.20.13.0-143.20.14.255
143.20.16.0/24
143.20.18.0/24
143.20.21.0-143.20.22.255
143.20.24.0-143.20.28.255
143.20.34.0/24
143.20.36.0/24
143.20.42.0/23
143.20.45.0/24
143.20.47.0-143.20.48.255
143.20.53.0/24
143.20.56.0/23
143.20.59.0/24
143.20.63.0/24
143.20.65.0/24
143.20.70.0-143.20.74.255
143.20.77.0/24
143.20.80.0/24
143.20.86.0/23
143.20.103.0/24
143.20.105.0-143.20.111.255
143.20.116.0/24
143.20.118.0/24
143.20.120.0/24
143.20.128.0/24
143.20.131.0-143.20.132.255
143.20.139.0-143.20.140.255
143.20.147.0/24
143.20.151.0-143.20.152.255
143.20.157.0/24
143.20.162.0/24
143.20.167.0-143.20.168.255
143.20.173.0/24
143.20.176.0/24
143.20.178.0-143.20.180.255
143.20.182.0/24
143.20.194.0/24
143.20.201.0/24
143.20.206.0/23
143.20.213.0-143.20.214.255
143.20.216.0-143.20.218.255
143.20.221.0-143.20.225.255
143.20.228.0/23
143.20.231.0-143.20.237.255
143.20.239.0-143.20.243.255
143.20.247.0-143.20.251.255
143.20.254.0/23
Signature Algorithm: sha256WithRSAEncryption
13:7b:61:f6:c0:1f:29:5f:db:bc:c9:90:d5:c5:4e:b7:ef:5b:
a0:0f:81:8d:3c:b3:04:d4:0f:87:23:ef:d3:16:60:8d:a5:c5:
c1:36:f0:3c:24:1d:5d:4b:c9:b2:3a:1a:52:92:e4:48:35:1b:
36:a4:38:4c:96:30:a1:3f:eb:1f:b8:5c:7c:30:fa:a5:5f:fc:
83:12:c8:69:74:5b:c4:8b:89:88:a8:e6:63:f8:e2:55:7c:df:
4b:15:74:17:90:5f:e3:83:d7:df:71:5c:30:9e:4b:c4:ce:2b:
54:77:88:34:ac:f1:f0:57:b3:40:8b:42:4b:b6:33:b0:5a:8e:
df:f3:77:35:a5:89:a0:00:4f:da:99:6a:6a:78:f6:fa:5f:5a:
96:c6:49:9d:08:22:20:c4:cc:75:ca:bb:ce:a2:34:b2:5c:e3:
df:91:91:b5:7e:44:44:9f:f3:4b:68:63:c8:05:5d:2c:c4:23:
88:34:88:55:82:3d:18:ed:74:f5:97:4f:9a:db:e0:b1:d8:cb:
e8:f7:1b:85:7b:15:4e:b8:0a:9e:06:fb:cd:6a:ee:fc:bb:98:
50:1f:37:9b:9e:90:c7:f2:51:e3:db:fc:c7:18:bc:41:81:b0:
79:23:de:c3:c2:90:b7:78:29:aa:7d:59:9e:65:f2:5a:cf:69:
32:67:c3:9f
-----BEGIN CERTIFICATE-----
MIIGrzCCBZegAwIBAgIUZwW4G12ohy+BPcawAI1xBatshOwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODhjMTRlYzAyYWRiZjA4MzEzOGVkZGQ0Nzg3MTE3NmRk
ZWI5M2Q5ZDAeFw0yNjA2MTIyMjA4NDBaFw0yNzA2MTEyMjEzNDBaMDMxMTAvBgNV
BAMTKDU0Q0ZGOTI4Q0FFRTc0MjlCRkZENkU0MDA1MjNDM0IwOUQ3OTA1RUQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDECKvjeIgoUU6QwoeWVv9nFO2L
2JTS+Y8S2csdQL5uvNefDxXQSHCKUbs+ThQrhqZFYqLeMYMvwnW9T0EB4qEnzwMS
KgHJ/SMl80Vg83cj8mOQUWEIrNREsUXhSmBIqJ9F/AXDFiD38JlhfpPwdTJEK+3/
mV8OYTSJ8W3LrGI7+YzJ8QuS19brTKH+hj4y4bq+4HwHHqyVY7NlYaEBLbj2fdiX
CON53SzfF49VKvc1Qt4PQ5nQyw7+uJZbuvzomzsUBE/GPx0FIFzOkK+vc0U1zFod
WDWLXWDqBkjT5RcZHkx4eqbkPgft194mJ8FdzarrMUqxRpw8d50i5t7cQwhzAgMB
AAGjggO5MIIDtTAdBgNVHQ4EFgQUVM/5KMrudCm//W5ABSPDsJ15Be0wHwYDVR0j
BBgwFoAUiMFOwCrb8IMTjt3UeHEXbd65PZ0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQwOWQ3YjItZWU2NC00OWYxLWFkODEtOGU0YTEwN2Q2
MmUwLzAvODhDMTRFQzAyQURCRjA4MzEzOEVEREQ0Nzg3MTE3NkRERUI5M0Q5RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2lNRk93Q3JiOElNVGp0M1VlSEVYYmQ2
NVBaMC5jZXIweAYIKwYBBQUHAQsEbDBqMGgGCCsGAQUFBzALhlxyc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0MDlkN2IyLWVlNjQt
NDlmMS1hZDgxLThlNGExMDdkNjJlMC8wL0FTODM0LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBzwYIKwYBBQUHAQcBAf8EggG+MIIBujCCAbYEAgABMIIB
rgMEAY8UCAMEAI8UCzAMAwQAjxQNAwQAjxQOAwQAjxQQAwQAjxQSMAwDBACPFBUD
BACPFBYwDAMEA48UGAMEAI8UHAMEAI8UIgMEAI8UJAMEAY8UKgMEAI8ULTAMAwQA
jxQvAwQAjxQwAwQAjxQ1AwQBjxQ4AwQAjxQ7AwQAjxQ/AwQAjxRBMAwDBAGPFEYD
BACPFEoDBACPFE0DBACPFFADBAGPFFYDBACPFGcwDAMEAI8UaQMEBI8UYAMEAI8U
dAMEAI8UdgMEAI8UeAMEAI8UgDAMAwQAjxSDAwQAjxSEMAwDBACPFIsDBACPFIwD
BACPFJMwDAMEAI8UlwMEAI8UmAMEAI8UnQMEAI8UojAMAwQAjxSnAwQAjxSoAwQA
jxStAwQAjxSwMAwDBAGPFLIDBACPFLQDBACPFLYDBACPFMIDBACPFMkDBAGPFM4w
DAMEAI8U1QMEAI8U1jAMAwQDjxTYAwQAjxTaMAwDBACPFN0DBAGPFOADBAGPFOQw
DAMEAI8U5wMEAY8U7DAMAwQAjxTvAwQCjxTwMAwDBACPFPcDBAKPFPgDBAGPFP4w
DQYJKoZIhvcNAQELBQADggEBABN7YfbAHylf27zJkNXFTrfvW6APgY08swTUD4cj
79MWYI2lxcE28DwkHV1LybI6GlKS5Eg1GzakOEyWMKE/6x+4XHww+qVf/IMSyGl0
W8SLiYio5mP44lV830sVdBeQX+OD199xXDCeS8TOK1R3iDSs8fBXs0CLQku2M7Ba
jt/zdzWliaAAT9qZamp49vpfWpbGSZ0IIiDEzHXKu86iNLJc49+RkbV+RESf80to
Y8gFXSzEI4g0iFWCPRjtdPWXT5rb4LHYy+j3G4V7FU64Cp4G+81q7vy7mFAfN5ue
kMfyUePb/McYvEGBsHkj3sPCkLd4Kap9WZ5l8lrPaTJnw58=
-----END CERTIFICATE-----
Generated at Sat Jun 13 06:44:50 2026 by rpki-client