Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS834.roa
File: AS834.roa (raw, json)
Hash identifier: bTHRx8Wz1rco1mTzWoEkaKu4NJ8wLNJ8PxthBL0bv10=
Subject key identifier: 40:78:B6:0C:9F:C6:2A:8A:10:EC:C2:1C:4E:02:E7:35:5F:49:B9:5D
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 7C92D18F3728FB42A358CF5351A5BA6EFAD62CA6
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS834.roa
Signing time: Sat 23 Aug 2025 05:13:02 +0000
ROA not before: Sat 23 Aug 2025 05:08:02 +0000
ROA not after: Sat 22 Aug 2026 05:13:02 +0000
asID: 834
IP address blocks: 96.62.217.0/24 maxlen: 24
140.150.237.0/24 maxlen: 24
140.233.167.0/24 maxlen: 24
140.233.176.0/24 maxlen: 24
143.14.2.0/24 maxlen: 24
143.14.8.0/24 maxlen: 24
143.14.11.0/24 maxlen: 24
143.14.15.0/24 maxlen: 24
143.14.24.0/21 maxlen: 24
143.14.38.0/23 maxlen: 24
143.14.45.0/24 maxlen: 24
143.14.48.0/23 maxlen: 24
143.14.52.0/23 maxlen: 24
143.14.54.0/24 maxlen: 24
143.14.56.0/23 maxlen: 24
143.14.58.0/24 maxlen: 24
143.14.62.0/24 maxlen: 24
143.14.64.0/24 maxlen: 24
143.14.69.0/24 maxlen: 24
143.14.70.0/24 maxlen: 24
143.14.86.0/23 maxlen: 24
143.14.89.0/24 maxlen: 24
143.14.90.0/24 maxlen: 24
143.14.96.0/21 maxlen: 24
143.14.112.0/21 maxlen: 24
143.14.126.0/24 maxlen: 24
143.14.136.0/24 maxlen: 24
143.14.156.0/24 maxlen: 24
143.14.160.0/23 maxlen: 24
143.14.163.0/24 maxlen: 24
143.14.165.0/24 maxlen: 24
143.14.167.0/24 maxlen: 24
143.14.168.0/24 maxlen: 24
143.14.171.0/24 maxlen: 24
143.14.190.0/24 maxlen: 24
143.14.201.0/24 maxlen: 24
143.14.202.0/23 maxlen: 24
143.14.216.0/24 maxlen: 24
143.14.218.0/24 maxlen: 24
143.14.230.0/24 maxlen: 24
143.14.248.0/23 maxlen: 24
143.14.250.0/24 maxlen: 24
147.79.2.0/23 maxlen: 24
147.79.25.0/24 maxlen: 24
148.135.145.0/24 maxlen: 24
148.135.156.0/24 maxlen: 24
148.135.198.0/23 maxlen: 24
148.135.202.0/23 maxlen: 24
148.135.206.0/23 maxlen: 24
150.241.229.0/24 maxlen: 24
150.241.232.0/24 maxlen: 24
150.241.237.0/24 maxlen: 24
155.117.0.0/24 maxlen: 24
155.117.8.0/22 maxlen: 24
155.117.13.0/24 maxlen: 24
155.117.14.0/24 maxlen: 24
155.117.21.0/24 maxlen: 24
155.117.22.0/23 maxlen: 24
155.117.24.0/21 maxlen: 24
155.117.32.0/24 maxlen: 24
155.117.34.0/24 maxlen: 24
155.117.52.0/24 maxlen: 24
155.117.54.0/24 maxlen: 24
155.117.56.0/22 maxlen: 24
155.117.61.0/24 maxlen: 24
155.117.63.0/24 maxlen: 24
155.117.64.0/21 maxlen: 24
155.117.72.0/22 maxlen: 24
155.117.76.0/24 maxlen: 24
155.117.78.0/24 maxlen: 24
155.117.80.0/23 maxlen: 24
155.117.83.0/24 maxlen: 24
155.117.84.0/22 maxlen: 24
155.117.88.0/21 maxlen: 24
155.117.97.0/24 maxlen: 24
155.117.100.0/24 maxlen: 24
155.117.102.0/23 maxlen: 24
155.117.105.0/24 maxlen: 24
155.117.106.0/23 maxlen: 24
155.117.114.0/24 maxlen: 24
155.117.118.0/24 maxlen: 24
155.117.128.0/21 maxlen: 24
155.117.142.0/24 maxlen: 24
155.117.158.0/23 maxlen: 24
155.117.165.0/24 maxlen: 24
155.117.178.0/23 maxlen: 24
155.117.185.0/24 maxlen: 24
155.117.187.0/24 maxlen: 24
155.117.188.0/24 maxlen: 24
155.117.195.0/24 maxlen: 24
155.117.196.0/24 maxlen: 24
155.117.245.0/24 maxlen: 24
162.141.11.0/24 maxlen: 24
162.141.79.0/24 maxlen: 24
162.141.112.0/24 maxlen: 24
162.141.133.0/24 maxlen: 24
162.141.138.0/23 maxlen: 24
162.141.159.0/24 maxlen: 24
162.141.160.0/24 maxlen: 24
162.141.166.0/24 maxlen: 24
162.141.178.0/24 maxlen: 24
162.141.180.0/24 maxlen: 24
167.148.41.0/24 maxlen: 24
167.148.42.0/24 maxlen: 24
167.148.46.0/24 maxlen: 24
167.148.68.0/24 maxlen: 24
167.148.136.0/24 maxlen: 24
167.148.152.0/24 maxlen: 24
167.148.177.0/24 maxlen: 24
167.148.187.0/24 maxlen: 24
167.148.193.0/24 maxlen: 24
167.148.200.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7c:92:d1:8f:37:28:fb:42:a3:58:cf:53:51:a5:ba:6e:fa:d6:2c:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Aug 23 05:08:02 2025 GMT
Not After : Aug 22 05:13:02 2026 GMT
Subject: CN=4078B60C9FC62A8A10ECC21C4E02E7355F49B95D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:99:12:5d:9a:c1:a4:b0:96:89:f0:8a:3b:60:
01:da:cd:7e:4f:34:e4:a6:9f:97:f6:e6:ba:ce:9d:
0a:78:9f:53:fc:38:6c:8e:38:84:59:dd:17:d9:f8:
dc:44:b6:95:75:e7:0f:de:d4:42:6e:d9:28:35:42:
55:49:0f:78:91:3c:48:26:1d:23:fa:b7:c0:60:6d:
87:5d:30:67:e6:9c:49:5b:b1:68:15:70:7e:ae:70:
7c:b2:4f:05:99:07:21:10:77:55:8a:cd:df:5d:a4:
23:78:b5:80:fa:e6:59:18:dd:fe:42:ba:c9:0b:22:
84:fb:5d:d4:b9:24:a2:57:60:61:58:44:a9:68:0f:
1c:9d:8f:98:01:31:43:4d:93:b8:27:58:30:db:f4:
2f:cb:70:a7:8d:39:78:3f:22:f1:b5:18:8c:ee:07:
8d:e2:66:5f:76:06:02:92:05:ff:ef:33:27:32:23:
b3:5c:df:23:08:96:f3:2c:0e:87:cd:bd:02:e5:50:
9d:36:18:86:28:88:16:3b:01:e6:54:a0:a5:c6:23:
52:71:fb:b0:ce:26:37:2e:9f:22:1a:e1:ff:6b:0a:
ea:03:25:bb:56:09:71:32:cd:a0:f3:19:e2:82:0a:
f8:e6:0a:f7:ad:7c:49:24:4a:0c:5a:28:84:f4:6b:
c9:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:78:B6:0C:9F:C6:2A:8A:10:EC:C2:1C:4E:02:E7:35:5F:49:B9:5D
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS834.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
96.62.217.0/24
140.150.237.0/24
140.233.167.0/24
140.233.176.0/24
143.14.2.0/24
143.14.8.0/24
143.14.11.0/24
143.14.15.0/24
143.14.24.0/21
143.14.38.0/23
143.14.45.0/24
143.14.48.0/23
143.14.52.0-143.14.54.255
143.14.56.0-143.14.58.255
143.14.62.0/24
143.14.64.0/24
143.14.69.0-143.14.70.255
143.14.86.0/23
143.14.89.0-143.14.90.255
143.14.96.0/21
143.14.112.0/21
143.14.126.0/24
143.14.136.0/24
143.14.156.0/24
143.14.160.0/23
143.14.163.0/24
143.14.165.0/24
143.14.167.0-143.14.168.255
143.14.171.0/24
143.14.190.0/24
143.14.201.0-143.14.203.255
143.14.216.0/24
143.14.218.0/24
143.14.230.0/24
143.14.248.0-143.14.250.255
147.79.2.0/23
147.79.25.0/24
148.135.145.0/24
148.135.156.0/24
148.135.198.0/23
148.135.202.0/23
148.135.206.0/23
150.241.229.0/24
150.241.232.0/24
150.241.237.0/24
155.117.0.0/24
155.117.8.0/22
155.117.13.0-155.117.14.255
155.117.21.0-155.117.32.255
155.117.34.0/24
155.117.52.0/24
155.117.54.0/24
155.117.56.0/22
155.117.61.0/24
155.117.63.0-155.117.76.255
155.117.78.0/24
155.117.80.0/23
155.117.83.0-155.117.95.255
155.117.97.0/24
155.117.100.0/24
155.117.102.0/23
155.117.105.0-155.117.107.255
155.117.114.0/24
155.117.118.0/24
155.117.128.0/21
155.117.142.0/24
155.117.158.0/23
155.117.165.0/24
155.117.178.0/23
155.117.185.0/24
155.117.187.0-155.117.188.255
155.117.195.0-155.117.196.255
155.117.245.0/24
162.141.11.0/24
162.141.79.0/24
162.141.112.0/24
162.141.133.0/24
162.141.138.0/23
162.141.159.0-162.141.160.255
162.141.166.0/24
162.141.178.0/24
162.141.180.0/24
167.148.41.0-167.148.42.255
167.148.46.0/24
167.148.68.0/24
167.148.136.0/24
167.148.152.0/24
167.148.177.0/24
167.148.187.0/24
167.148.193.0/24
167.148.200.0/23
Signature Algorithm: sha256WithRSAEncryption
90:c7:50:4b:32:13:07:5e:2f:d2:a5:5b:34:39:1f:35:2c:22:
b4:4b:eb:c5:c7:41:ea:d0:9c:dd:7d:3a:b4:19:8b:fc:5d:1e:
3a:24:ce:42:ce:bb:13:f3:47:e8:29:50:52:55:a0:7d:cc:94:
02:65:2b:d8:9d:81:e8:a8:88:63:1f:1d:d3:05:31:a1:be:cc:
9d:ca:86:83:08:d8:50:48:fc:7e:e8:6b:3a:a6:dc:f6:e3:3c:
e2:da:09:9b:fd:c3:0f:c9:41:56:1a:93:70:27:00:b6:75:65:
0c:a3:0b:dd:c1:f0:ac:56:3b:22:49:f9:8b:8d:a8:a2:9f:74:
bf:b2:d4:ad:08:65:79:f8:4c:c9:89:22:10:fe:95:04:52:16:
96:6c:8c:d9:a1:a8:2b:7c:8b:5b:b3:6c:66:3e:69:fd:ca:e8:
12:ee:1b:74:af:c5:ba:a0:ff:2f:49:17:a4:34:16:29:31:93:
c3:18:71:14:be:19:ac:bf:12:25:67:4f:a5:69:d1:b9:fb:3d:
ec:55:bb:5f:a9:3b:46:23:05:60:8e:cd:aa:fe:ba:34:be:29:
59:43:b0:76:20:9c:42:c3:d7:df:79:bb:f1:25:1a:86:06:b0:
12:3c:a3:72:aa:8b:1d:17:24:66:cb:b2:35:df:fd:2f:6a:66:
0a:eb:17:55
-----BEGIN CERTIFICATE-----
MIIHozCCBougAwIBAgIUfJLRjzco+0KjWM9TUaW6bvrWLKYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTA4MjMwNTA4MDJaFw0yNjA4MjIwNTEzMDJaMDMxMTAvBgNV
BAMTKDQwNzhCNjBDOUZDNjJBOEExMEVDQzIxQzRFMDJFNzM1NUY0OUI5NUQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCVmRJdmsGksJaJ8Io7YAHazX5P
NOSmn5f25rrOnQp4n1P8OGyOOIRZ3RfZ+NxEtpV15w/e1EJu2Sg1QlVJD3iRPEgm
HSP6t8BgbYddMGfmnElbsWgVcH6ucHyyTwWZByEQd1WKzd9dpCN4tYD65lkY3f5C
uskLIoT7XdS5JKJXYGFYRKloDxydj5gBMUNNk7gnWDDb9C/LcKeNOXg/IvG1GIzu
B43iZl92BgKSBf/vMycyI7Nc3yMIlvMsDofNvQLlUJ02GIYoiBY7AeZUoKXGI1Jx
+7DOJjcunyIa4f9rCuoDJbtWCXEyzaDzGeKCCvjmCvetfEkkSgxaKIT0a8mZAgMB
AAGjggStMIIEqTAdBgNVHQ4EFgQUQHi2DJ/GKooQ7MIcTgLnNV9JuV0wHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIweAYIKwYBBQUHAQsEbDBqMGgGCCsGAQUFBzALhlxyc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTODM0LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIICwwYIKwYBBQUHAQcBAf8EggKyMIICrjCCAqoEAgABMIIC
ogMEAGA+2QMEAIyW7QMEAIzppwMEAIzpsAMEAI8OAgMEAI8OCAMEAI8OCwMEAI8O
DwMEA48OGAMEAY8OJgMEAI8OLQMEAY8OMDAMAwQCjw40AwQAjw42MAwDBAOPDjgD
BACPDjoDBACPDj4DBACPDkAwDAMEAI8ORQMEAI8ORgMEAY8OVjAMAwQAjw5ZAwQA
jw5aAwQDjw5gAwQDjw5wAwQAjw5+AwQAjw6IAwQAjw6cAwQBjw6gAwQAjw6jAwQA
jw6lMAwDBACPDqcDBACPDqgDBACPDqsDBACPDr4wDAMEAI8OyQMEAo8OyAMEAI8O
2AMEAI8O2gMEAI8O5jAMAwQDjw74AwQAjw76AwQBk08CAwQAk08ZAwQAlIeRAwQA
lIecAwQBlIfGAwQBlIfKAwQBlIfOAwQAlvHlAwQAlvHoAwQAlvHtAwQAm3UAAwQC
m3UIMAwDBACbdQ0DBACbdQ4wDAMEAJt1FQMEAJt1IAMEAJt1IgMEAJt1NAMEAJt1
NgMEApt1OAMEAJt1PTAMAwQAm3U/AwQAm3VMAwQAm3VOAwQBm3VQMAwDBACbdVMD
BAWbdUADBACbdWEDBACbdWQDBAGbdWYwDAMEAJt1aQMEApt1aAMEAJt1cgMEAJt1
dgMEA5t1gAMEAJt1jgMEAZt1ngMEAJt1pQMEAZt1sgMEAJt1uTAMAwQAm3W7AwQA
m3W8MAwDBACbdcMDBACbdcQDBACbdfUDBACijQsDBACijU8DBACijXADBACijYUD
BAGijYowDAMEAKKNnwMEAKKNoAMEAKKNpgMEAKKNsgMEAKKNtDAMAwQAp5QpAwQA
p5QqAwQAp5QuAwQAp5REAwQAp5SIAwQAp5SYAwQAp5SxAwQAp5S7AwQAp5TBAwQB
p5TIMA0GCSqGSIb3DQEBCwUAA4IBAQCQx1BLMhMHXi/SpVs0OR81LCK0S+vFx0Hq
0JzdfTq0GYv8XR46JM5CzrsT80foKVBSVaB9zJQCZSvYnYHoqIhjHx3TBTGhvsyd
yoaDCNhQSPx+6Gs6ptz24zzi2gmb/cMPyUFWGpNwJwC2dWUMowvdwfCsVjsiSfmL
jaiin3S/stStCGV5+EzJiSIQ/pUEUhaWbIzZoagrfItbs2xmPmn9yugS7ht0r8W6
oP8vSRekNBYpMZPDGHEUvhmsvxIlZ0+ladG5+z3sVbtfqTtGIwVgjs2q/ro0vilZ
Q7B2IJxCw9ffebvxJRqGBrASPKNyqosdFyRmy7I13/0vamYK6xdV
-----END CERTIFICATE-----
Generated at Sat Aug 23 06:45:03 2025 by rpki-client