Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/AS834.roa
File: AS834.roa (raw, json)
Hash identifier: m0ghvy3FuomSCL2Y4WiQgG98Uck4OM970Ok8x3VQhVE=
Subject key identifier: 28:8D:40:A3:9A:60:2F:C4:C3:FD:E3:65:2D:5F:BC:C9:93:1A:D8:4C
Certificate issuer: /CN=88c14ec02adbf083138eddd47871176ddeb93d9d
Certificate serial: 5A8CA3FFBAB60E4B003C9B9598D5E7592298AE7B
Authority key identifier: 88:C1:4E:C0:2A:DB:F0:83:13:8E:DD:D4:78:71:17:6D:DE:B9:3D:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/AS834.roa
Signing time: Mon 02 Mar 2026 06:08:48 +0000
ROA not before: Mon 02 Mar 2026 06:03:48 +0000
ROA not after: Mon 01 Mar 2027 06:08:48 +0000
asID: 834
IP address blocks: 143.20.1.0/24 maxlen: 24
143.20.9.0/24 maxlen: 24
143.20.11.0/24 maxlen: 24
143.20.13.0/24 maxlen: 24
143.20.14.0/24 maxlen: 24
143.20.16.0/23 maxlen: 24
143.20.18.0/24 maxlen: 24
143.20.21.0/24 maxlen: 24
143.20.22.0/24 maxlen: 24
143.20.25.0/24 maxlen: 24
143.20.26.0/24 maxlen: 24
143.20.28.0/24 maxlen: 24
143.20.32.0/24 maxlen: 24
143.20.34.0/23 maxlen: 24
143.20.43.0/24 maxlen: 24
143.20.45.0/24 maxlen: 24
143.20.47.0/24 maxlen: 24
143.20.48.0/24 maxlen: 24
143.20.53.0/24 maxlen: 24
143.20.56.0/23 maxlen: 24
143.20.59.0/24 maxlen: 24
143.20.63.0/24 maxlen: 24
143.20.65.0/24 maxlen: 24
143.20.72.0/23 maxlen: 24
143.20.77.0/24 maxlen: 24
143.20.80.0/24 maxlen: 24
143.20.103.0/24 maxlen: 24
143.20.105.0/24 maxlen: 24
143.20.106.0/24 maxlen: 24
143.20.116.0/24 maxlen: 24
143.20.120.0/23 maxlen: 24
143.20.128.0/24 maxlen: 24
143.20.131.0/24 maxlen: 24
143.20.132.0/24 maxlen: 24
143.20.151.0/24 maxlen: 24
143.20.152.0/24 maxlen: 24
143.20.157.0/24 maxlen: 24
143.20.162.0/24 maxlen: 24
143.20.168.0/24 maxlen: 24
143.20.173.0/24 maxlen: 24
143.20.178.0/23 maxlen: 24
143.20.182.0/24 maxlen: 24
143.20.196.0/24 maxlen: 24
143.20.198.0/24 maxlen: 24
143.20.200.0/22 maxlen: 24
143.20.206.0/24 maxlen: 24
143.20.212.0/24 maxlen: 24
143.20.214.0/24 maxlen: 24
143.20.216.0/23 maxlen: 24
143.20.218.0/24 maxlen: 24
143.20.220.0/22 maxlen: 24
143.20.224.0/22 maxlen: 24
143.20.231.0/24 maxlen: 24
143.20.232.0/22 maxlen: 24
143.20.237.0/24 maxlen: 24
143.20.239.0/24 maxlen: 24
143.20.244.0/23 maxlen: 24
143.20.247.0/24 maxlen: 24
143.20.248.0/23 maxlen: 24
143.20.252.0/24 maxlen: 24
143.20.254.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.crl
rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.mft
rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5a:8c:a3:ff:ba:b6:0e:4b:00:3c:9b:95:98:d5:e7:59:22:98:ae:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88c14ec02adbf083138eddd47871176ddeb93d9d
Validity
Not Before: Mar 2 06:03:48 2026 GMT
Not After : Mar 1 06:08:48 2027 GMT
Subject: CN=288D40A39A602FC4C3FDE3652D5FBCC9931AD84C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:91:87:1f:17:15:ab:01:f9:76:f7:6b:a1:d2:
4d:3e:9e:2d:89:a7:9e:31:0d:bc:21:d2:2e:eb:93:
e1:9b:bf:c3:9d:4e:f4:34:fe:97:65:2b:e0:d6:f0:
2e:8f:c6:58:c2:20:5b:d1:fe:84:31:32:a8:42:92:
3e:8d:8d:94:50:b4:3b:e9:8d:91:8a:88:72:b4:e4:
9e:89:64:64:f4:db:3b:30:40:df:0f:67:33:c3:29:
ad:09:7e:d4:a3:67:89:7d:3a:a7:50:2f:93:dd:5a:
85:26:e5:74:e1:92:3f:47:a4:cf:7d:ae:39:5e:f7:
c5:70:6c:52:f5:29:94:1d:72:7e:c7:12:da:fd:fc:
60:80:fd:35:01:f5:b3:c5:bb:fd:89:89:b1:e7:38:
90:68:06:45:3e:04:52:35:49:e6:07:11:66:e9:9d:
0c:cf:01:f4:e7:03:74:cd:10:10:e7:b6:f6:9e:9e:
20:bd:2f:87:ab:fa:24:d7:6c:18:2d:7a:0c:51:58:
47:4b:e2:96:7b:3d:43:65:bd:9e:28:2d:30:62:03:
51:d5:11:23:d5:16:61:70:04:35:27:2b:bc:6f:c0:
1f:18:7a:f7:bf:f8:f8:0f:57:4c:83:e9:2f:29:57:
6d:33:39:52:02:58:c9:ac:a5:a8:46:df:f1:9f:d5:
2b:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:8D:40:A3:9A:60:2F:C4:C3:FD:E3:65:2D:5F:BC:C9:93:1A:D8:4C
X509v3 Authority Key Identifier:
keyid:88:C1:4E:C0:2A:DB:F0:83:13:8E:DD:D4:78:71:17:6D:DE:B9:3D:9D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/AS834.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.20.1.0/24
143.20.9.0/24
143.20.11.0/24
143.20.13.0-143.20.14.255
143.20.16.0-143.20.18.255
143.20.21.0-143.20.22.255
143.20.25.0-143.20.26.255
143.20.28.0/24
143.20.32.0/24
143.20.34.0/23
143.20.43.0/24
143.20.45.0/24
143.20.47.0-143.20.48.255
143.20.53.0/24
143.20.56.0/23
143.20.59.0/24
143.20.63.0/24
143.20.65.0/24
143.20.72.0/23
143.20.77.0/24
143.20.80.0/24
143.20.103.0/24
143.20.105.0-143.20.106.255
143.20.116.0/24
143.20.120.0/23
143.20.128.0/24
143.20.131.0-143.20.132.255
143.20.151.0-143.20.152.255
143.20.157.0/24
143.20.162.0/24
143.20.168.0/24
143.20.173.0/24
143.20.178.0/23
143.20.182.0/24
143.20.196.0/24
143.20.198.0/24
143.20.200.0/22
143.20.206.0/24
143.20.212.0/24
143.20.214.0/24
143.20.216.0-143.20.218.255
143.20.220.0-143.20.227.255
143.20.231.0-143.20.235.255
143.20.237.0/24
143.20.239.0/24
143.20.244.0/23
143.20.247.0-143.20.249.255
143.20.252.0/24
143.20.254.0/24
Signature Algorithm: sha256WithRSAEncryption
35:6e:39:61:d6:56:d3:6c:63:a1:b8:4e:98:3e:40:c6:74:fc:
c1:3a:9c:39:a0:52:20:16:4f:6a:ef:3c:fa:95:e1:be:5f:1e:
8f:a1:c2:02:80:6b:b3:22:f8:37:d3:7b:65:f7:13:32:1b:e6:
a3:69:c1:57:11:86:2c:06:37:26:85:30:61:18:4d:cf:d4:b3:
81:8b:62:ef:a5:95:f6:33:41:95:e0:d6:47:7f:7a:1b:8b:f6:
6b:f8:b0:5a:0d:99:27:3f:fe:d5:1e:24:e6:92:53:0f:76:9d:
3a:b4:7a:cb:b6:67:54:a6:13:5e:dc:41:00:05:01:5a:0b:e8:
d0:c1:75:c6:d6:d4:27:1a:67:84:8c:df:d1:8d:15:95:b6:51:
e9:04:a3:fc:a8:d0:22:47:f5:c5:5f:f7:e4:f6:c2:d3:99:fe:
29:2b:af:69:de:df:10:28:c4:f2:ae:fa:ce:0d:29:14:94:6b:
7a:87:96:f6:7e:cc:7a:7b:6d:74:7b:41:c5:9b:9c:66:c6:2f:
b8:29:b6:89:00:0d:77:9c:c0:a5:1f:f6:5c:90:4b:b1:a0:b0:
f8:0b:c9:02:a7:9d:02:a7:16:31:a7:bf:ae:50:ee:4a:76:0a:
2e:b1:79:ef:4c:95:bf:a7:c4:16:18:74:59:18:70:21:9a:83:
7e:1a:39:26
-----BEGIN CERTIFICATE-----
MIIGhzCCBW+gAwIBAgIUWoyj/7q2DksAPJuVmNXnWSKYrnswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODhjMTRlYzAyYWRiZjA4MzEzOGVkZGQ0Nzg3MTE3NmRk
ZWI5M2Q5ZDAeFw0yNjAzMDIwNjAzNDhaFw0yNzAzMDEwNjA4NDhaMDMxMTAvBgNV
BAMTKDI4OEQ0MEEzOUE2MDJGQzRDM0ZERTM2NTJENUZCQ0M5OTMxQUQ4NEMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5kYcfFxWrAfl292uh0k0+ni2J
p54xDbwh0i7rk+Gbv8OdTvQ0/pdlK+DW8C6PxljCIFvR/oQxMqhCkj6NjZRQtDvp
jZGKiHK05J6JZGT02zswQN8PZzPDKa0JftSjZ4l9OqdQL5PdWoUm5XThkj9HpM99
rjle98VwbFL1KZQdcn7HEtr9/GCA/TUB9bPFu/2JibHnOJBoBkU+BFI1SeYHEWbp
nQzPAfTnA3TNEBDntvaeniC9L4er+iTXbBgtegxRWEdL4pZ7PUNlvZ4oLTBiA1HV
ESPVFmFwBDUnK7xvwB8Yeve/+PgPV0yD6S8pV20zOVICWMmspahG3/Gf1SsVAgMB
AAGjggORMIIDjTAdBgNVHQ4EFgQUKI1Ao5pgL8TD/eNlLV+8yZMa2EwwHwYDVR0j
BBgwFoAUiMFOwCrb8IMTjt3UeHEXbd65PZ0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQwOWQ3YjItZWU2NC00OWYxLWFkODEtOGU0YTEwN2Q2
MmUwLzAvODhDMTRFQzAyQURCRjA4MzEzOEVEREQ0Nzg3MTE3NkRERUI5M0Q5RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2lNRk93Q3JiOElNVGp0M1VlSEVYYmQ2
NVBaMC5jZXIweAYIKwYBBQUHAQsEbDBqMGgGCCsGAQUFBzALhlxyc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0MDlkN2IyLWVlNjQt
NDlmMS1hZDgxLThlNGExMDdkNjJlMC8wL0FTODM0LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBpwYIKwYBBQUHAQcBAf8EggGWMIIBkjCCAY4EAgABMIIB
hgMEAI8UAQMEAI8UCQMEAI8UCzAMAwQAjxQNAwQAjxQOMAwDBASPFBADBACPFBIw
DAMEAI8UFQMEAI8UFjAMAwQAjxQZAwQAjxQaAwQAjxQcAwQAjxQgAwQBjxQiAwQA
jxQrAwQAjxQtMAwDBACPFC8DBACPFDADBACPFDUDBAGPFDgDBACPFDsDBACPFD8D
BACPFEEDBAGPFEgDBACPFE0DBACPFFADBACPFGcwDAMEAI8UaQMEAI8UagMEAI8U
dAMEAY8UeAMEAI8UgDAMAwQAjxSDAwQAjxSEMAwDBACPFJcDBACPFJgDBACPFJ0D
BACPFKIDBACPFKgDBACPFK0DBAGPFLIDBACPFLYDBACPFMQDBACPFMYDBAKPFMgD
BACPFM4DBACPFNQDBACPFNYwDAMEA48U2AMEAI8U2jAMAwQCjxTcAwQCjxTgMAwD
BACPFOcDBAKPFOgDBACPFO0DBACPFO8DBAGPFPQwDAMEAI8U9wMEAY8U+AMEAI8U
/AMEAI8U/jANBgkqhkiG9w0BAQsFAAOCAQEANW45YdZW02xjobhOmD5AxnT8wTqc
OaBSIBZPau88+pXhvl8ej6HCAoBrsyL4N9N7ZfcTMhvmo2nBVxGGLAY3JoUwYRhN
z9SzgYti76WV9jNBleDWR396G4v2a/iwWg2ZJz/+1R4k5pJTD3adOrR6y7ZnVKYT
XtxBAAUBWgvo0MF1xtbUJxpnhIzf0Y0VlbZR6QSj/KjQIkf1xV/35PbC05n+KSuv
ad7fECjE8q76zg0pFJRreoeW9n7MenttdHtBxZucZsYvuCm2iQANd5zApR/2XJBL
saCw+AvJAqedAqcWMae/rlDuSnYKLrF570yVv6fEFhh0WRhwIZqDfho5Jg==
-----END CERTIFICATE-----
Generated at Mon Mar 2 09:37:32 2026 by rpki-client