Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS834.roa
File: AS834.roa (raw, json)
Hash identifier: jqDcd7qqkBVi56I8llr9RHVU/jSmLimi07+A6Aes6A0=
Subject key identifier: C1:52:48:C0:E1:85:A5:28:7C:61:6F:1B:AC:06:A7:B0:3E:CA:E3:A0
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 3383D52E137DB68065698C4E3AF4A7AAE29B2ED8
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS834.roa
Signing time: Fri 09 May 2025 14:49:03 +0000
ROA not before: Fri 09 May 2025 14:44:03 +0000
ROA not after: Fri 08 May 2026 14:49:03 +0000
asID: 834
IP address blocks: 96.62.103.0/24 maxlen: 24
96.62.140.0/24 maxlen: 24
96.62.190.0/23 maxlen: 24
96.62.216.0/21 maxlen: 24
96.62.228.0/24 maxlen: 24
96.62.231.0/24 maxlen: 24
96.62.243.0/24 maxlen: 24
140.233.167.0/24 maxlen: 24
140.233.171.0/24 maxlen: 24
143.14.34.0/24 maxlen: 24
143.14.48.0/20 maxlen: 24
143.14.68.0/24 maxlen: 24
143.14.72.0/21 maxlen: 24
143.14.80.0/20 maxlen: 24
143.14.96.0/20 maxlen: 24
143.14.136.0/24 maxlen: 24
143.14.145.0/24 maxlen: 24
143.14.147.0/24 maxlen: 24
143.14.149.0/24 maxlen: 24
143.14.152.0/24 maxlen: 24
143.14.154.0/24 maxlen: 24
143.14.160.0/19 maxlen: 24
143.14.193.0/24 maxlen: 24
143.14.196.0/24 maxlen: 24
143.14.199.0/24 maxlen: 24
143.14.200.0/22 maxlen: 24
143.14.252.0/24 maxlen: 24
143.14.254.0/24 maxlen: 24
146.103.46.0/24 maxlen: 24
147.79.1.0/24 maxlen: 24
147.79.4.0/24 maxlen: 24
147.79.24.0/23 maxlen: 24
147.79.26.0/24 maxlen: 24
148.135.145.0/24 maxlen: 24
148.135.152.0/24 maxlen: 24
148.135.156.0/24 maxlen: 24
148.135.185.0/24 maxlen: 24
150.241.230.0/24 maxlen: 24
155.117.19.0/24 maxlen: 24
155.117.48.0/20 maxlen: 24
155.117.72.0/21 maxlen: 24
155.117.90.0/23 maxlen: 24
155.117.92.0/22 maxlen: 24
155.117.96.0/20 maxlen: 24
155.117.128.0/20 maxlen: 24
155.117.144.0/21 maxlen: 24
155.117.160.0/21 maxlen: 24
155.117.168.0/22 maxlen: 24
155.117.178.0/23 maxlen: 24
155.117.180.0/22 maxlen: 24
155.117.184.0/21 maxlen: 24
155.117.192.0/20 maxlen: 24
155.117.232.0/22 maxlen: 24
155.117.236.0/23 maxlen: 24
155.117.238.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 10 May 2025 16:09:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
33:83:d5:2e:13:7d:b6:80:65:69:8c:4e:3a:f4:a7:aa:e2:9b:2e:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: May 9 14:44:03 2025 GMT
Not After : May 8 14:49:03 2026 GMT
Subject: CN=C15248C0E185A5287C616F1BAC06A7B03ECAE3A0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:fb:d1:dd:02:fb:a4:9d:32:e5:a3:6b:3d:76:
94:b9:51:34:8d:3d:ec:94:72:52:fb:a1:14:58:94:
6d:b3:3d:83:ca:10:40:23:d8:54:03:2f:74:fa:af:
9b:d4:26:59:62:ba:d6:78:65:cf:f2:6d:6e:79:97:
e5:d6:ee:a8:16:7b:ac:8a:a3:39:57:8e:c7:49:81:
02:fb:55:cc:e3:0e:b9:14:71:61:3b:75:90:ef:aa:
7f:b5:1d:f9:33:d6:de:34:56:78:dc:47:65:16:80:
f0:f4:3f:a7:70:2a:68:6d:42:c3:ec:57:1f:42:a7:
b4:1b:d2:23:d4:05:36:11:d9:61:d1:d7:82:4a:3d:
d0:a7:ff:ed:bf:c5:1a:f2:1a:69:43:0d:3e:98:2d:
cc:7a:1a:7b:d1:b2:f5:ea:9b:36:b2:3f:72:a3:99:
f4:3b:dc:51:11:2a:cf:88:8d:99:d2:63:db:ac:89:
d7:28:7f:d6:06:33:3b:fb:df:33:06:fe:89:c3:49:
cd:84:d1:7e:f1:bc:08:6f:66:7d:8e:16:4e:90:6f:
95:50:27:f2:a0:93:76:f2:03:a0:36:fa:d5:8a:86:
51:26:2a:4d:7c:dd:f4:e2:29:56:46:2a:6f:a7:3f:
52:e0:9c:47:65:c9:73:0f:8b:79:d8:72:a0:82:a6:
f4:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:52:48:C0:E1:85:A5:28:7C:61:6F:1B:AC:06:A7:B0:3E:CA:E3:A0
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS834.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
96.62.103.0/24
96.62.140.0/24
96.62.190.0/23
96.62.216.0/21
96.62.228.0/24
96.62.231.0/24
96.62.243.0/24
140.233.167.0/24
140.233.171.0/24
143.14.34.0/24
143.14.48.0/20
143.14.68.0/24
143.14.72.0-143.14.111.255
143.14.136.0/24
143.14.145.0/24
143.14.147.0/24
143.14.149.0/24
143.14.152.0/24
143.14.154.0/24
143.14.160.0/19
143.14.193.0/24
143.14.196.0/24
143.14.199.0-143.14.203.255
143.14.252.0/24
143.14.254.0/24
146.103.46.0/24
147.79.1.0/24
147.79.4.0/24
147.79.24.0-147.79.26.255
148.135.145.0/24
148.135.152.0/24
148.135.156.0/24
148.135.185.0/24
150.241.230.0/24
155.117.19.0/24
155.117.48.0/20
155.117.72.0/21
155.117.90.0-155.117.111.255
155.117.128.0-155.117.151.255
155.117.160.0-155.117.171.255
155.117.178.0-155.117.207.255
155.117.232.0-155.117.238.255
Signature Algorithm: sha256WithRSAEncryption
79:ee:6b:f1:0e:90:c7:35:13:7b:30:9d:7b:73:32:21:c9:02:
fd:30:0e:55:44:7f:84:43:5f:93:11:8e:b3:93:46:26:39:e3:
09:17:d5:c9:79:40:da:3b:d2:30:f6:9e:57:ad:a7:86:c5:27:
1f:82:d4:f2:f3:be:26:e7:b4:df:ea:a7:0b:f0:94:be:2f:7c:
04:9a:60:c6:d7:4f:7d:a6:da:d8:66:82:30:b7:37:1c:75:26:
80:d8:d7:bd:d9:c8:fe:a0:78:c9:a1:d4:d9:3a:db:94:a6:b3:
b2:10:d9:b0:85:16:8b:2c:ad:cb:aa:5a:ac:28:0c:10:85:75:
be:03:ab:98:80:39:0f:2b:15:bb:79:55:7e:19:eb:72:80:be:
68:e3:cc:28:c7:d9:4c:d3:9d:a3:9a:85:3c:70:0d:bf:17:9f:
b4:0c:89:5c:b6:23:e7:10:bb:fe:8d:3e:3a:5f:81:fb:f2:64:
c3:db:8d:51:b3:4c:08:07:8f:e6:ed:d6:79:ea:a2:71:10:7a:
1c:e7:ea:2e:ff:60:ae:66:65:2c:ef:69:86:f5:1f:ce:9f:58:
8a:78:bc:65:c7:96:5b:47:1c:dc:90:06:bc:c3:bb:e4:39:67:
cd:77:58:f8:eb:a5:b1:df:03:30:7a:2f:88:ba:87:9a:46:a5:
5a:9b:fe:43
-----BEGIN CERTIFICATE-----
MIIGPTCCBSWgAwIBAgIUM4PVLhN9toBlaYxOOvSnquKbLtgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTA1MDkxNDQ0MDNaFw0yNjA1MDgxNDQ5MDNaMDMxMTAvBgNV
BAMTKEMxNTI0OEMwRTE4NUE1Mjg3QzYxNkYxQkFDMDZBN0IwM0VDQUUzQTAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC/+9HdAvuknTLlo2s9dpS5UTSN
PeyUclL7oRRYlG2zPYPKEEAj2FQDL3T6r5vUJlliutZ4Zc/ybW55l+XW7qgWe6yK
ozlXjsdJgQL7VczjDrkUcWE7dZDvqn+1Hfkz1t40VnjcR2UWgPD0P6dwKmhtQsPs
Vx9Cp7Qb0iPUBTYR2WHR14JKPdCn/+2/xRryGmlDDT6YLcx6GnvRsvXqmzayP3Kj
mfQ73FERKs+IjZnSY9usidcof9YGMzv73zMG/onDSc2E0X7xvAhvZn2OFk6Qb5VQ
J/Kgk3byA6A2+tWKhlEmKk183fTiKVZGKm+nP1LgnEdlyXMPi3nYcqCCpvT9AgMB
AAGjggNHMIIDQzAdBgNVHQ4EFgQUwVJIwOGFpSh8YW8brAansD7K46AwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIweAYIKwYBBQUHAQsEbDBqMGgGCCsGAQUFBzALhlxyc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTODM0LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBXQYIKwYBBQUHAQcBAf8EggFMMIIBSDCCAUQEAgABMIIB
PAMEAGA+ZwMEAGA+jAMEAWA+vgMEA2A+2AMEAGA+5AMEAGA+5wMEAGA+8wMEAIzp
pwMEAIzpqwMEAI8OIgMEBI8OMAMEAI8ORDAMAwQDjw5IAwQEjw5gAwQAjw6IAwQA
jw6RAwQAjw6TAwQAjw6VAwQAjw6YAwQAjw6aAwQFjw6gAwQAjw7BAwQAjw7EMAwD
BACPDscDBAKPDsgDBACPDvwDBACPDv4DBACSZy4DBACTTwEDBACTTwQwDAMEA5NP
GAMEAJNPGgMEAJSHkQMEAJSHmAMEAJSHnAMEAJSHuQMEAJbx5gMEAJt1EwMEBJt1
MAMEA5t1SDAMAwQBm3VaAwQEm3VgMAwDBAebdYADBAObdZAwDAMEBZt1oAMEApt1
qDAMAwQBm3WyAwQEm3XAMAwDBAObdegDBACbde4wDQYJKoZIhvcNAQELBQADggEB
AHnua/EOkMc1E3swnXtzMiHJAv0wDlVEf4RDX5MRjrOTRiY54wkX1cl5QNo70jD2
nletp4bFJx+C1PLzvibntN/qpwvwlL4vfASaYMbXT32m2thmgjC3Nxx1JoDY173Z
yP6geMmh1Nk625Sms7IQ2bCFFossrcuqWqwoDBCFdb4Dq5iAOQ8rFbt5VX4Z63KA
vmjjzCjH2UzTnaOahTxwDb8Xn7QMiVy2I+cQu/6NPjpfgfvyZMPbjVGzTAgHj+bt
1nnqonEQehzn6i7/YK5mZSzvaYb1H86fWIp4vGXHlltHHNyQBrzDu+Q5Z813WPjr
pbHfAzB6L4i6h5pGpVqb/kM=
-----END CERTIFICATE-----
Generated at Sat May 10 08:13:07 2025 by rpki-client