Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS834.roa
File: AS834.roa (raw, json)
Hash identifier: uu0QGVcmGA/kZNsanQhHUQDnxLBuqhY8VEWvDywMIJQ=
Subject key identifier: BB:B0:27:04:75:A6:0D:A8:DA:00:9F:B3:69:9B:BC:DB:B4:6D:FE:5F
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 033C405E6AB13F2F97A8310E148AAA2E10B80156
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS834.roa
Signing time: Sat 28 Mar 2026 04:40:59 +0000
ROA not before: Sat 28 Mar 2026 04:35:59 +0000
ROA not after: Sat 27 Mar 2027 04:40:59 +0000
asID: 834
IP address blocks: 96.62.73.0/24 maxlen: 24
96.62.218.0/24 maxlen: 24
140.150.152.0/24 maxlen: 24
140.150.156.0/24 maxlen: 24
140.233.173.0/24 maxlen: 24
140.233.177.0/24 maxlen: 24
140.233.184.0/24 maxlen: 24
143.14.33.0/24 maxlen: 24
143.14.66.0/24 maxlen: 24
143.14.68.0/24 maxlen: 24
143.14.82.0/23 maxlen: 24
143.14.91.0/24 maxlen: 24
143.14.92.0/24 maxlen: 24
143.14.111.0/24 maxlen: 24
143.14.120.0/22 maxlen: 24
143.14.129.0/24 maxlen: 24
143.14.131.0/24 maxlen: 24
143.14.132.0/23 maxlen: 24
143.14.147.0/24 maxlen: 24
143.14.150.0/24 maxlen: 24
143.14.183.0/24 maxlen: 24
143.14.185.0/24 maxlen: 24
143.14.192.0/23 maxlen: 24
143.14.217.0/24 maxlen: 24
143.14.218.0/24 maxlen: 24
143.14.221.0/24 maxlen: 24
143.14.229.0/24 maxlen: 24
143.14.245.0/24 maxlen: 24
143.14.248.0/23 maxlen: 24
146.103.11.0/24 maxlen: 24
146.103.37.0/24 maxlen: 24
147.79.2.0/24 maxlen: 24
147.79.16.0/24 maxlen: 24
147.79.30.0/23 maxlen: 24
147.79.60.0/24 maxlen: 24
148.135.173.0/24 maxlen: 24
148.135.175.0/24 maxlen: 24
148.135.198.0/24 maxlen: 24
148.135.202.0/24 maxlen: 24
150.241.140.0/24 maxlen: 24
150.241.209.0/24 maxlen: 24
150.241.234.0/24 maxlen: 24
150.241.240.0/24 maxlen: 24
150.241.242.0/24 maxlen: 24
150.241.253.0/24 maxlen: 24
155.117.8.0/22 maxlen: 24
155.117.63.0/24 maxlen: 24
155.117.76.0/24 maxlen: 24
155.117.79.0/24 maxlen: 24
155.117.108.0/24 maxlen: 24
155.117.112.0/24 maxlen: 24
155.117.118.0/23 maxlen: 24
155.117.120.0/24 maxlen: 24
155.117.127.0/24 maxlen: 24
155.117.136.0/24 maxlen: 24
155.117.156.0/23 maxlen: 24
155.117.186.0/24 maxlen: 24
155.117.197.0/24 maxlen: 24
155.117.218.0/24 maxlen: 24
155.117.220.0/24 maxlen: 24
155.117.228.0/24 maxlen: 24
162.141.5.0/24 maxlen: 24
162.141.8.0/24 maxlen: 24
162.141.13.0/24 maxlen: 24
162.141.48.0/24 maxlen: 24
162.141.66.0/24 maxlen: 24
162.141.69.0/24 maxlen: 24
162.141.78.0/24 maxlen: 24
162.141.82.0/24 maxlen: 24
162.141.113.0/24 maxlen: 24
162.141.115.0/24 maxlen: 24
162.141.120.0/24 maxlen: 24
162.141.137.0/24 maxlen: 24
162.141.160.0/24 maxlen: 24
162.141.163.0/24 maxlen: 24
162.141.166.0/24 maxlen: 24
167.148.3.0/24 maxlen: 24
167.148.123.0/24 maxlen: 24
167.148.170.0/24 maxlen: 24
167.148.189.0/24 maxlen: 24
167.148.194.0/24 maxlen: 24
167.148.206.0/24 maxlen: 24
167.148.214.0/24 maxlen: 24
168.222.5.0/24 maxlen: 24
168.222.12.0/24 maxlen: 24
168.222.15.0/24 maxlen: 24
168.222.18.0/24 maxlen: 24
168.222.24.0/23 maxlen: 24
168.222.31.0/24 maxlen: 24
168.222.50.0/23 maxlen: 24
168.222.54.0/24 maxlen: 24
168.222.61.0/24 maxlen: 24
168.222.62.0/24 maxlen: 24
168.222.82.0/24 maxlen: 24
168.222.91.0/24 maxlen: 24
168.222.95.0/24 maxlen: 24
168.222.97.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Mar 2026 00:55:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
03:3c:40:5e:6a:b1:3f:2f:97:a8:31:0e:14:8a:aa:2e:10:b8:01:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Mar 28 04:35:59 2026 GMT
Not After : Mar 27 04:40:59 2027 GMT
Subject: CN=BBB0270475A60DA8DA009FB3699BBCDBB46DFE5F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:25:6e:f1:8b:cf:ea:f1:bd:35:54:44:b5:c5:
8c:af:2a:22:71:b8:a2:c8:50:a8:9c:ca:2b:80:4b:
7d:98:ff:f6:74:a8:83:69:72:8a:3d:29:ae:b1:c5:
d4:1d:f3:42:11:50:a4:9e:09:28:98:6a:98:69:d6:
76:3f:a7:99:a6:f3:df:86:7f:9d:34:4e:35:38:80:
8b:a6:6c:65:bb:44:51:00:ab:41:f0:d8:da:03:db:
0b:ff:0e:79:95:94:01:e9:00:48:e9:a5:c8:67:f5:
32:fa:ac:a4:a6:81:36:16:4b:32:a0:66:fd:34:ac:
c9:08:2c:ab:8d:9f:83:7c:08:76:b8:01:8b:9e:a8:
49:d9:a5:63:bb:45:25:94:96:5e:28:e7:57:91:01:
ce:bc:58:14:6c:db:2a:38:88:62:c0:57:33:93:e6:
d5:47:5f:bb:4f:46:1b:55:b1:4f:06:89:91:2b:ef:
d4:06:1f:b8:2e:e0:ce:9f:44:7a:8f:c4:c5:7e:9d:
21:55:22:e2:ea:3f:b6:d3:04:50:d8:bc:a6:fc:ea:
62:bb:2e:ff:3a:e6:7a:2d:52:de:29:e8:b4:e0:db:
74:2e:49:34:04:f6:de:55:2e:64:3f:75:1b:41:05:
59:62:92:85:34:bd:1d:c3:73:50:9b:d9:4a:0c:99:
a0:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:B0:27:04:75:A6:0D:A8:DA:00:9F:B3:69:9B:BC:DB:B4:6D:FE:5F
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS834.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
96.62.73.0/24
96.62.218.0/24
140.150.152.0/24
140.150.156.0/24
140.233.173.0/24
140.233.177.0/24
140.233.184.0/24
143.14.33.0/24
143.14.66.0/24
143.14.68.0/24
143.14.82.0/23
143.14.91.0-143.14.92.255
143.14.111.0/24
143.14.120.0/22
143.14.129.0/24
143.14.131.0-143.14.133.255
143.14.147.0/24
143.14.150.0/24
143.14.183.0/24
143.14.185.0/24
143.14.192.0/23
143.14.217.0-143.14.218.255
143.14.221.0/24
143.14.229.0/24
143.14.245.0/24
143.14.248.0/23
146.103.11.0/24
146.103.37.0/24
147.79.2.0/24
147.79.16.0/24
147.79.30.0/23
147.79.60.0/24
148.135.173.0/24
148.135.175.0/24
148.135.198.0/24
148.135.202.0/24
150.241.140.0/24
150.241.209.0/24
150.241.234.0/24
150.241.240.0/24
150.241.242.0/24
150.241.253.0/24
155.117.8.0/22
155.117.63.0/24
155.117.76.0/24
155.117.79.0/24
155.117.108.0/24
155.117.112.0/24
155.117.118.0-155.117.120.255
155.117.127.0/24
155.117.136.0/24
155.117.156.0/23
155.117.186.0/24
155.117.197.0/24
155.117.218.0/24
155.117.220.0/24
155.117.228.0/24
162.141.5.0/24
162.141.8.0/24
162.141.13.0/24
162.141.48.0/24
162.141.66.0/24
162.141.69.0/24
162.141.78.0/24
162.141.82.0/24
162.141.113.0/24
162.141.115.0/24
162.141.120.0/24
162.141.137.0/24
162.141.160.0/24
162.141.163.0/24
162.141.166.0/24
167.148.3.0/24
167.148.123.0/24
167.148.170.0/24
167.148.189.0/24
167.148.194.0/24
167.148.206.0/24
167.148.214.0/24
168.222.5.0/24
168.222.12.0/24
168.222.15.0/24
168.222.18.0/24
168.222.24.0/23
168.222.31.0/24
168.222.50.0/23
168.222.54.0/24
168.222.61.0-168.222.62.255
168.222.82.0/24
168.222.91.0/24
168.222.95.0/24
168.222.97.0/24
Signature Algorithm: sha256WithRSAEncryption
90:c7:ec:31:d3:a8:21:48:8c:08:d8:a1:0b:50:64:b3:2a:62:
91:97:0f:1b:44:c0:d5:49:c8:27:af:ec:6a:0a:9a:af:41:54:
c3:2f:fd:3a:be:81:e2:ff:02:2e:af:d5:cc:ad:a5:65:f6:2d:
6e:3f:9d:b4:30:b9:98:cc:4f:c0:68:4f:34:6b:50:80:b5:49:
9f:6c:fe:dc:6a:31:3e:3a:96:c6:97:62:b9:9a:18:f6:ea:9f:
7b:8c:a6:2f:22:9e:9c:32:26:32:eb:ef:16:bf:32:06:23:f7:
55:55:65:30:b3:1b:30:32:0e:d7:51:4a:76:2e:6c:27:d0:19:
15:39:a6:4f:16:d2:8d:25:b5:25:35:f5:05:d3:dc:1e:f5:f6:
14:d0:f4:c8:a1:a1:5d:f8:cf:28:f9:24:a0:87:f2:37:dc:14:
33:94:1f:66:74:d3:fc:75:d1:ae:e0:35:49:cd:22:e6:03:00:
17:22:89:be:b7:95:66:1d:d1:29:45:6f:01:17:96:a5:46:7a:
c9:b6:7d:45:92:2a:eb:a3:73:b6:73:87:39:8b:5e:4e:d8:a0:
e3:8e:ef:36:79:40:9b:18:77:af:65:36:2e:7e:50:84:0e:ea:
c6:3a:5b:70:e0:92:43:09:08:fc:ec:56:b7:91:5a:20:aa:50:
02:35:a0:ad
-----BEGIN CERTIFICATE-----
MIIHUTCCBjmgAwIBAgIUAzxAXmqxPy+XqDEOFIqqLhC4AVYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNjAzMjgwNDM1NTlaFw0yNzAzMjcwNDQwNTlaMDMxMTAvBgNV
BAMTKEJCQjAyNzA0NzVBNjBEQThEQTAwOUZCMzY5OUJCQ0RCQjQ2REZFNUYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC3JW7xi8/q8b01VES1xYyvKiJx
uKLIUKicyiuAS32Y//Z0qINpcoo9Ka6xxdQd80IRUKSeCSiYaphp1nY/p5mm89+G
f500TjU4gIumbGW7RFEAq0Hw2NoD2wv/DnmVlAHpAEjppchn9TL6rKSmgTYWSzKg
Zv00rMkILKuNn4N8CHa4AYueqEnZpWO7RSWUll4o51eRAc68WBRs2yo4iGLAVzOT
5tVHX7tPRhtVsU8GiZEr79QGH7gu4M6fRHqPxMV+nSFVIuLqP7bTBFDYvKb86mK7
Lv865notUt4p6LTg23QuSTQE9t5VLmQ/dRtBBVlikoU0vR3Dc1Cb2UoMmaDbAgMB
AAGjggRbMIIEVzAdBgNVHQ4EFgQUu7AnBHWmDajaAJ+zaZu827Rt/l8wHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIweAYIKwYBBQUHAQsEbDBqMGgGCCsGAQUFBzALhlxyc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTODM0LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIICcQYIKwYBBQUHAQcBAf8EggJgMIICXDCCAlgEAgABMIIC
UAMEAGA+SQMEAGA+2gMEAIyWmAMEAIyWnAMEAIzprQMEAIzpsQMEAIzpuAMEAI8O
IQMEAI8OQgMEAI8ORAMEAY8OUjAMAwQAjw5bAwQAjw5cAwQAjw5vAwQCjw54AwQA
jw6BMAwDBACPDoMDBAGPDoQDBACPDpMDBACPDpYDBACPDrcDBACPDrkDBAGPDsAw
DAMEAI8O2QMEAI8O2gMEAI8O3QMEAI8O5QMEAI8O9QMEAY8O+AMEAJJnCwMEAJJn
JQMEAJNPAgMEAJNPEAMEAZNPHgMEAJNPPAMEAJSHrQMEAJSHrwMEAJSHxgMEAJSH
ygMEAJbxjAMEAJbx0QMEAJbx6gMEAJbx8AMEAJbx8gMEAJbx/QMEApt1CAMEAJt1
PwMEAJt1TAMEAJt1TwMEAJt1bAMEAJt1cDAMAwQBm3V2AwQAm3V4AwQAm3V/AwQA
m3WIAwQBm3WcAwQAm3W6AwQAm3XFAwQAm3XaAwQAm3XcAwQAm3XkAwQAoo0FAwQA
oo0IAwQAoo0NAwQAoo0wAwQAoo1CAwQAoo1FAwQAoo1OAwQAoo1SAwQAoo1xAwQA
oo1zAwQAoo14AwQAoo2JAwQAoo2gAwQAoo2jAwQAoo2mAwQAp5QDAwQAp5R7AwQA
p5SqAwQAp5S9AwQAp5TCAwQAp5TOAwQAp5TWAwQAqN4FAwQAqN4MAwQAqN4PAwQA
qN4SAwQBqN4YAwQAqN4fAwQBqN4yAwQAqN42MAwDBACo3j0DBACo3j4DBACo3lID
BACo3lsDBACo3l8DBACo3mEwDQYJKoZIhvcNAQELBQADggEBAJDH7DHTqCFIjAjY
oQtQZLMqYpGXDxtEwNVJyCev7GoKmq9BVMMv/Tq+geL/Ai6v1cytpWX2LW4/nbQw
uZjMT8BoTzRrUIC1SZ9s/txqMT46lsaXYrmaGPbqn3uMpi8inpwyJjLr7xa/MgYj
91VVZTCzGzAyDtdRSnYubCfQGRU5pk8W0o0ltSU19QXT3B719hTQ9MihoV34zyj5
JKCH8jfcFDOUH2Z00/x10a7gNUnNIuYDABciib63lWYd0SlFbwEXlqVGesm2fUWS
Kuujc7ZzhzmLXk7YoOOO7zZ5QJsYd69lNi5+UIQO6sY6W3DgkkMJCPzsVreRWiCq
UAI1oK0=
-----END CERTIFICATE-----
Generated at Sat Mar 28 10:14:55 2026 by rpki-client