Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/AS834.roa
File: AS834.roa (raw, json)
Hash identifier: bHSQyuZAD4cXXYVaKOwiN+e3Jqw+O1e3vNFnXFjmjDY=
Subject key identifier: FE:04:4C:8F:39:44:38:09:EE:88:14:0C:CD:46:66:FF:4E:79:EE:A4
Certificate issuer: /CN=3feccb17be51ee59ec74d64eed917e221ee28a1b
Certificate serial: 653C0C88EF21E84AF3C2D21B8EBBD697F7C9A151
Authority key identifier: 3F:EC:CB:17:BE:51:EE:59:EC:74:D6:4E:ED:91:7E:22:1E:E2:8A:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P-zLF75R7lnsdNZO7ZF-Ih7iihs.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/AS834.roa
Signing time: Thu 19 Mar 2026 12:15:03 +0000
ROA not before: Thu 19 Mar 2026 12:10:03 +0000
ROA not after: Thu 18 Mar 2027 12:15:03 +0000
asID: 834
IP address blocks: 46.236.192.0/24 maxlen: 24
46.236.209.0/24 maxlen: 24
46.236.212.0/23 maxlen: 24
46.236.214.0/24 maxlen: 24
46.236.223.0/24 maxlen: 24
46.236.241.0/24 maxlen: 24
46.236.243.0/24 maxlen: 24
46.236.252.0/24 maxlen: 24
46.236.254.0/23 maxlen: 24
82.139.192.0/24 maxlen: 24
82.139.194.0/24 maxlen: 24
82.139.204.0/24 maxlen: 24
82.139.206.0/24 maxlen: 24
82.139.218.0/23 maxlen: 24
82.139.220.0/24 maxlen: 24
82.139.224.0/23 maxlen: 24
82.139.227.0/24 maxlen: 24
82.139.228.0/23 maxlen: 24
82.139.231.0/24 maxlen: 24
82.139.232.0/22 maxlen: 24
82.139.236.0/24 maxlen: 24
82.139.241.0/24 maxlen: 24
82.139.245.0/24 maxlen: 24
82.139.247.0/24 maxlen: 24
82.139.248.0/23 maxlen: 24
82.139.251.0/24 maxlen: 24
212.60.144.0/24 maxlen: 24
212.60.146.0/23 maxlen: 24
212.60.148.0/23 maxlen: 24
212.60.150.0/24 maxlen: 24
212.60.152.0/24 maxlen: 24
212.60.154.0/23 maxlen: 24
212.60.156.0/23 maxlen: 24
212.60.159.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/3FECCB17BE51EE59EC74D64EED917E221EE28A1B.crl
rsync://rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/3FECCB17BE51EE59EC74D64EED917E221EE28A1B.mft
rsync://rpki.ripe.net/repository/DEFAULT/P-zLF75R7lnsdNZO7ZF-Ih7iihs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 13:20:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
65:3c:0c:88:ef:21:e8:4a:f3:c2:d2:1b:8e:bb:d6:97:f7:c9:a1:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3feccb17be51ee59ec74d64eed917e221ee28a1b
Validity
Not Before: Mar 19 12:10:03 2026 GMT
Not After : Mar 18 12:15:03 2027 GMT
Subject: CN=FE044C8F39443809EE88140CCD4666FF4E79EEA4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:d7:20:1e:2b:4d:be:d6:9e:56:32:20:b3:26:
54:76:75:97:c7:09:e0:ee:30:9e:e8:d3:50:04:06:
55:8e:aa:59:39:ad:d3:30:c7:80:b0:ce:e2:f6:98:
63:58:36:df:a4:3b:37:7c:30:44:16:b4:3c:93:e3:
a4:45:81:26:95:5c:5c:ee:77:81:d3:2e:c1:62:43:
5e:2a:b4:e3:5b:ef:6f:6f:cf:8e:23:1c:3a:04:4e:
81:58:8d:14:ba:4b:f6:6f:1c:7f:14:9b:c4:d7:d8:
09:25:da:fe:c7:c1:d3:9d:cf:e3:15:93:3a:ce:7c:
11:b1:16:ca:bb:a6:7b:17:b0:fc:a5:d5:a9:0f:14:
c8:57:c0:6f:14:9a:36:a7:2f:66:11:85:e6:33:a0:
00:e5:7e:03:6b:56:81:2a:74:9e:6f:e6:c6:c8:ae:
47:ed:e0:28:d4:92:68:fd:18:6c:ed:e7:64:b9:73:
06:d4:e1:e6:5d:a9:ce:20:3b:3f:59:b1:f0:ce:60:
0b:67:ff:1c:c9:81:86:1e:ed:19:56:9b:0c:00:0f:
38:29:60:a1:e2:33:ca:26:af:dc:23:ec:ea:38:68:
d3:f2:9d:1e:4c:2d:b5:0d:72:65:8c:ab:01:74:aa:
87:bd:29:39:03:cc:69:48:00:92:a0:2e:c5:bc:6a:
1d:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:04:4C:8F:39:44:38:09:EE:88:14:0C:CD:46:66:FF:4E:79:EE:A4
X509v3 Authority Key Identifier:
keyid:3F:EC:CB:17:BE:51:EE:59:EC:74:D6:4E:ED:91:7E:22:1E:E2:8A:1B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/3FECCB17BE51EE59EC74D64EED917E221EE28A1B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P-zLF75R7lnsdNZO7ZF-Ih7iihs.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/AS834.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.236.192.0/24
46.236.209.0/24
46.236.212.0-46.236.214.255
46.236.223.0/24
46.236.241.0/24
46.236.243.0/24
46.236.252.0/24
46.236.254.0/23
82.139.192.0/24
82.139.194.0/24
82.139.204.0/24
82.139.206.0/24
82.139.218.0-82.139.220.255
82.139.224.0/23
82.139.227.0-82.139.229.255
82.139.231.0-82.139.236.255
82.139.241.0/24
82.139.245.0/24
82.139.247.0-82.139.249.255
82.139.251.0/24
212.60.144.0/24
212.60.146.0-212.60.150.255
212.60.152.0/24
212.60.154.0-212.60.157.255
212.60.159.0/24
Signature Algorithm: sha256WithRSAEncryption
a5:35:cb:7a:91:cb:53:a6:96:48:f8:35:0c:43:f4:98:64:b1:
6f:17:ea:22:1c:17:b0:e6:30:df:e8:fe:d7:38:11:2e:73:05:
74:bb:40:50:a3:cf:70:8a:00:dd:c5:bd:ce:08:12:d6:79:27:
6a:13:37:08:4a:68:3e:a2:fa:78:19:f9:0c:c3:92:09:df:43:
0d:7c:cf:1b:b7:02:bd:69:9c:a1:84:d1:c5:04:76:20:29:34:
99:da:68:19:95:78:2d:00:85:9a:81:cf:62:ce:31:da:1f:49:
02:cc:f3:1e:de:73:f2:d3:85:94:7c:2f:e2:46:30:6f:b1:6d:
71:a8:a9:22:7f:06:8b:ef:4f:e3:8d:8e:21:a2:83:08:f6:f3:
2b:43:fe:c2:07:e2:17:fc:fc:55:6f:ce:7f:87:16:1b:83:34:
94:34:98:9d:6c:d3:7a:c0:ec:3e:13:a2:a9:c0:6a:72:d5:3f:
99:ac:2a:cd:1d:28:53:ee:41:a2:96:1c:49:0f:b4:cb:18:85:
3c:a0:71:0c:50:ba:50:5d:1e:61:64:7d:f4:83:cd:3f:61:6f:
9d:b2:3b:f3:26:d1:78:fa:b2:c8:53:7d:bf:09:f4:ca:5a:3a:
43:cd:6d:dc:0f:bf:0a:eb:90:35:7c:e0:57:6e:0f:6c:4d:f5:
f6:7d:e5:da
-----BEGIN CERTIFICATE-----
MIIFyjCCBLKgAwIBAgIUZTwMiO8h6ErzwtIbjrvWl/fJoVEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoM2ZlY2NiMTdiZTUxZWU1OWVjNzRkNjRlZWQ5MTdlMjIx
ZWUyOGExYjAeFw0yNjAzMTkxMjEwMDNaFw0yNzAzMTgxMjE1MDNaMDMxMTAvBgNV
BAMTKEZFMDQ0QzhGMzk0NDM4MDlFRTg4MTQwQ0NENDY2NkZGNEU3OUVFQTQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDR1yAeK02+1p5WMiCzJlR2dZfH
CeDuMJ7o01AEBlWOqlk5rdMwx4CwzuL2mGNYNt+kOzd8MEQWtDyT46RFgSaVXFzu
d4HTLsFiQ14qtONb729vz44jHDoEToFYjRS6S/ZvHH8Um8TX2Akl2v7HwdOdz+MV
kzrOfBGxFsq7pnsXsPyl1akPFMhXwG8UmjanL2YRheYzoADlfgNrVoEqdJ5v5sbI
rkft4CjUkmj9GGzt52S5cwbU4eZdqc4gOz9ZsfDOYAtn/xzJgYYe7RlWmwwADzgp
YKHiM8omr9wj7Oo4aNPynR5MLbUNcmWMqwF0qoe9KTkDzGlIAJKgLsW8ah3jAgMB
AAGjggLUMIIC0DAdBgNVHQ4EFgQU/gRMjzlEOAnuiBQMzUZm/0557qQwHwYDVR0j
BBgwFoAUP+zLF75R7lnsdNZO7ZF+Ih7iihswDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMjJkYjc1NTUtOWFhNC00OTgzLTkzMTYtNzM4MDlkZDM1
NGJjLzAvM0ZFQ0NCMTdCRTUxRUU1OUVDNzRENjRFRUQ5MTdFMjIxRUUyOEExQi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1AtekxGNzVSN2xuc2ROWk83WkYtSWg3
aWlocy5jZXIweAYIKwYBBQUHAQsEbDBqMGgGCCsGAQUFBzALhlxyc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzIyZGI3NTU1LTlhYTQt
NDk4My05MzE2LTczODA5ZGQzNTRiYy8wL0FTODM0LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHrBggrBgEFBQcBBwEB/wSB2zCB2DCB1QQCAAEwgc4DBAAu
7MADBAAu7NEwDAMEAi7s1AMEAC7s1gMEAC7s3wMEAC7s8QMEAC7s8wMEAC7s/AME
AS7s/gMEAFKLwAMEAFKLwgMEAFKLzAMEAFKLzjAMAwQBUovaAwQAUovcAwQBUovg
MAwDBABSi+MDBAFSi+QwDAMEAFKL5wMEAFKL7AMEAFKL8QMEAFKL9TAMAwQAUov3
AwQBUov4AwQAUov7AwQA1DyQMAwDBAHUPJIDBADUPJYDBADUPJgwDAMEAdQ8mgME
AdQ8nAMEANQ8nzANBgkqhkiG9w0BAQsFAAOCAQEApTXLepHLU6aWSPg1DEP0mGSx
bxfqIhwXsOYw3+j+1zgRLnMFdLtAUKPPcIoA3cW9zggS1nknahM3CEpoPqL6eBn5
DMOSCd9DDXzPG7cCvWmcoYTRxQR2ICk0mdpoGZV4LQCFmoHPYs4x2h9JAszzHt5z
8tOFlHwv4kYwb7FtcaipIn8Gi+9P442OIaKDCPbzK0P+wgfiF/z8VW/Of4cWG4M0
lDSYnWzTesDsPhOiqcBqctU/mawqzR0oU+5BopYcSQ+0yxiFPKBxDFC6UF0eYWR9
9IPNP2FvnbI78ybRePqyyFN9vwn0ylo6Q81t3A+/CuuQNXzgV24PbE319n3l2g==
-----END CERTIFICATE-----
Generated at Thu Mar 26 00:48:52 2026 by rpki-client