
Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS834.roa
File: AS834.roa (raw, json)
Hash identifier: ImCffmjmIVfL+0XNZp/PgiVbM7D+k+vUkjDDjmVb54Y=
Subject key identifier: 66:3F:90:F6:70:EE:06:AC:4D:FA:BA:F0:73:D7:79:13:ED:C9:55:09
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 0CD0401CAC7BD2811FDC551E7A517EDE23E432BA
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS834.roa
Signing time: Sun 19 Oct 2025 12:54:05 +0000
ROA not before: Sun 19 Oct 2025 12:49:05 +0000
ROA not after: Sun 18 Oct 2026 12:54:05 +0000
asID: 834
IP address blocks: 96.62.101.0/24 maxlen: 24
143.14.71.0/24 maxlen: 24
143.14.125.0/24 maxlen: 24
143.14.141.0/24 maxlen: 24
143.14.147.0/24 maxlen: 24
143.14.150.0/24 maxlen: 24
143.14.166.0/24 maxlen: 24
143.14.173.0/24 maxlen: 24
143.14.224.0/24 maxlen: 24
143.14.250.0/24 maxlen: 24
146.103.30.0/24 maxlen: 24
148.135.145.0/24 maxlen: 24
148.135.156.0/24 maxlen: 24
148.135.199.0/24 maxlen: 24
150.241.128.0/24 maxlen: 24
155.117.201.0/24 maxlen: 24
167.148.193.0/24 maxlen: 24
167.148.205.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 06:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0c:d0:40:1c:ac:7b:d2:81:1f:dc:55:1e:7a:51:7e:de:23:e4:32:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Oct 19 12:49:05 2025 GMT
Not After : Oct 18 12:54:05 2026 GMT
Subject: CN=663F90F670EE06AC4DFABAF073D77913EDC95509
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:1d:28:61:cd:7f:5e:7c:7c:13:7b:af:be:c6:
d5:50:cf:b9:6e:b8:a5:1e:41:8a:a9:e9:f6:f3:e2:
47:c1:15:57:7e:27:3c:ec:e7:03:3d:1c:bf:26:78:
80:a5:a1:cc:e3:47:20:07:47:ac:fe:43:1b:2f:cb:
fc:41:d5:95:7a:07:de:c6:89:af:b0:db:b1:14:dc:
e8:06:31:ac:44:9f:2a:a4:0b:c0:93:41:38:bc:5a:
10:69:70:59:91:33:fb:df:1c:d2:f3:3c:f8:1d:ac:
c4:e7:56:cd:db:ff:d6:1a:33:9e:48:4f:ff:15:59:
2f:a1:4b:9c:62:c8:7c:d4:86:f4:65:7a:ab:3f:14:
82:20:35:7b:3e:f1:00:4c:09:1a:0c:4e:65:f4:c6:
c7:43:54:5d:26:df:86:5d:93:e9:4e:79:33:35:42:
01:3c:86:8a:6c:18:b2:6b:7a:9e:2a:ef:0d:30:2b:
ce:5e:4e:c0:98:ca:fd:10:1a:f5:99:90:59:36:27:
28:3e:89:a1:d6:b5:bb:f2:f8:ba:58:9e:f4:00:b5:
de:02:e9:d8:5b:e0:27:f8:15:97:dc:61:22:53:1a:
af:5b:4e:18:40:c4:4f:bc:69:b4:68:58:0a:bb:fd:
cd:97:c2:8b:13:bd:65:a7:fa:ac:f1:9b:0c:72:01:
e2:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:3F:90:F6:70:EE:06:AC:4D:FA:BA:F0:73:D7:79:13:ED:C9:55:09
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS834.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
96.62.101.0/24
143.14.71.0/24
143.14.125.0/24
143.14.141.0/24
143.14.147.0/24
143.14.150.0/24
143.14.166.0/24
143.14.173.0/24
143.14.224.0/24
143.14.250.0/24
146.103.30.0/24
148.135.145.0/24
148.135.156.0/24
148.135.199.0/24
150.241.128.0/24
155.117.201.0/24
167.148.193.0/24
167.148.205.0/24
Signature Algorithm: sha256WithRSAEncryption
3e:71:29:0a:a8:9e:3b:d5:fe:81:c0:23:d2:91:86:d2:49:42:
80:67:6d:81:47:e8:dc:2d:ca:4e:a9:d8:15:b9:d0:81:bc:5c:
ce:39:cd:f2:39:ab:f9:99:3e:50:b7:de:87:94:ca:59:e0:84:
04:26:6f:43:e8:d4:2a:9a:5c:40:85:5a:8e:25:fe:c1:86:60:
67:cc:56:cc:ae:ac:bf:84:71:b5:9c:31:b2:52:8d:f8:0f:a2:
54:8a:02:12:08:df:f7:e9:2a:00:44:0d:48:34:3a:d0:97:e3:
8f:56:d9:42:ed:b5:38:71:90:5b:47:31:b6:67:61:26:ac:0e:
70:17:be:f7:7b:30:2f:f7:aa:8f:43:79:e6:eb:23:e4:16:e8:
29:1c:c7:a7:61:22:d9:32:5c:e9:63:b8:7f:69:46:9d:e9:0a:
3d:e9:ea:0d:18:c4:a3:d6:3f:71:b2:fe:fc:d4:63:df:52:ec:
eb:ac:25:93:18:97:e5:58:bf:a8:5e:c4:da:2c:97:d4:f5:23:
cf:38:d4:d0:45:d1:61:1e:36:70:37:0b:ba:dc:98:13:2f:a7:
8b:52:7b:d9:1f:30:9d:86:a1:33:4c:36:f3:e3:0b:91:cd:5f:
af:18:05:42:9f:dd:b6:d4:e2:2b:cf:f8:ef:75:bf:19:cf:0b:
4a:f0:b7:6d
-----BEGIN CERTIFICATE-----
MIIFZDCCBEygAwIBAgIUDNBAHKx70oEf3FUeelF+3iPkMrowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTEwMTkxMjQ5MDVaFw0yNjEwMTgxMjU0MDVaMDMxMTAvBgNV
BAMTKDY2M0Y5MEY2NzBFRTA2QUM0REZBQkFGMDczRDc3OTEzRURDOTU1MDkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCzHShhzX9efHwTe6++xtVQz7lu
uKUeQYqp6fbz4kfBFVd+Jzzs5wM9HL8meICloczjRyAHR6z+Qxsvy/xB1ZV6B97G
ia+w27EU3OgGMaxEnyqkC8CTQTi8WhBpcFmRM/vfHNLzPPgdrMTnVs3b/9YaM55I
T/8VWS+hS5xiyHzUhvRleqs/FIIgNXs+8QBMCRoMTmX0xsdDVF0m34Zdk+lOeTM1
QgE8hopsGLJrep4q7w0wK85eTsCYyv0QGvWZkFk2Jyg+iaHWtbvy+LpYnvQAtd4C
6dhb4Cf4FZfcYSJTGq9bThhAxE+8abRoWAq7/c2XwosTvWWn+qzxmwxyAeK/AgMB
AAGjggJuMIICajAdBgNVHQ4EFgQUZj+Q9nDuBqxN+rrwc9d5E+3JVQkwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIweAYIKwYBBQUHAQsEbDBqMGgGCCsGAQUFBzALhlxyc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTODM0LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGFBggrBgEFBQcBBwEB/wR2MHQwcgQCAAEwbAMEAGA+ZQME
AI8ORwMEAI8OfQMEAI8OjQMEAI8OkwMEAI8OlgMEAI8OpgMEAI8OrQMEAI8O4AME
AI8O+gMEAJJnHgMEAJSHkQMEAJSHnAMEAJSHxwMEAJbxgAMEAJt1yQMEAKeUwQME
AKeUzTANBgkqhkiG9w0BAQsFAAOCAQEAPnEpCqieO9X+gcAj0pGG0klCgGdtgUfo
3C3KTqnYFbnQgbxczjnN8jmr+Zk+ULfeh5TKWeCEBCZvQ+jUKppcQIVajiX+wYZg
Z8xWzK6sv4RxtZwxslKN+A+iVIoCEgjf9+kqAEQNSDQ60Jfjj1bZQu21OHGQW0cx
tmdhJqwOcBe+93swL/eqj0N55usj5BboKRzHp2Ei2TJc6WO4f2lGnekKPenqDRjE
o9Y/cbL+/NRj31Ls66wlkxiX5Vi/qF7E2iyX1PUjzzjU0EXRYR42cDcLutyYEy+n
i1J72R8wnYahM0w28+MLkc1frxgFQp/dttTiK8/473W/Gc8LSvC3bQ==
-----END CERTIFICATE-----
Generated at Sun Oct 19 14:43:33 2025 by rpki-client