Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/AS834.roa
File: AS834.roa (raw, json)
Hash identifier: m+K+Xfhhv+XrktqCyswPqQGS82hLOBQ83vv+kDPZZiA=
Subject key identifier: 6D:2C:B8:99:A7:DD:EB:70:C6:71:D0:EA:9A:26:A2:C9:B0:CB:61:97
Certificate issuer: /CN=3feccb17be51ee59ec74d64eed917e221ee28a1b
Certificate serial: 4DB1218867F130310B1A0BAB0065BE8605AEB12F
Authority key identifier: 3F:EC:CB:17:BE:51:EE:59:EC:74:D6:4E:ED:91:7E:22:1E:E2:8A:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P-zLF75R7lnsdNZO7ZF-Ih7iihs.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/AS834.roa
Signing time: Mon 11 May 2026 01:55:53 +0000
ROA not before: Mon 11 May 2026 01:50:53 +0000
ROA not after: Mon 10 May 2027 01:55:53 +0000
asID: 834
IP address blocks: 46.236.192.0/22 maxlen: 24
46.236.197.0/24 maxlen: 24
46.236.202.0/24 maxlen: 24
46.236.209.0/24 maxlen: 24
46.236.210.0/24 maxlen: 24
46.236.212.0/23 maxlen: 24
46.236.214.0/24 maxlen: 24
46.236.223.0/24 maxlen: 24
46.236.241.0/24 maxlen: 24
46.236.243.0/24 maxlen: 24
46.236.252.0/24 maxlen: 24
46.236.254.0/23 maxlen: 24
82.139.194.0/24 maxlen: 24
82.139.204.0/24 maxlen: 24
82.139.206.0/24 maxlen: 24
82.139.218.0/23 maxlen: 24
82.139.220.0/23 maxlen: 24
82.139.225.0/24 maxlen: 24
82.139.227.0/24 maxlen: 24
82.139.228.0/23 maxlen: 24
82.139.231.0/24 maxlen: 24
82.139.232.0/22 maxlen: 24
82.139.236.0/24 maxlen: 24
82.139.239.0/24 maxlen: 24
82.139.241.0/24 maxlen: 24
82.139.242.0/23 maxlen: 24
82.139.244.0/22 maxlen: 24
82.139.248.0/23 maxlen: 24
82.139.251.0/24 maxlen: 24
212.60.144.0/24 maxlen: 24
212.60.146.0/23 maxlen: 24
212.60.148.0/23 maxlen: 24
212.60.155.0/24 maxlen: 24
212.60.156.0/23 maxlen: 24
212.60.159.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/3FECCB17BE51EE59EC74D64EED917E221EE28A1B.crl
rsync://rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/3FECCB17BE51EE59EC74D64EED917E221EE28A1B.mft
rsync://rpki.ripe.net/repository/DEFAULT/P-zLF75R7lnsdNZO7ZF-Ih7iihs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 13:47:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4d:b1:21:88:67:f1:30:31:0b:1a:0b:ab:00:65:be:86:05:ae:b1:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3feccb17be51ee59ec74d64eed917e221ee28a1b
Validity
Not Before: May 11 01:50:53 2026 GMT
Not After : May 10 01:55:53 2027 GMT
Subject: CN=6D2CB899A7DDEB70C671D0EA9A26A2C9B0CB6197
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:87:91:46:ff:a0:68:16:8d:88:4e:be:fa:3b:
6f:03:26:86:5e:12:d0:4f:30:f8:11:9b:75:89:27:
bf:74:ef:34:56:4d:0f:ad:1d:16:ea:58:6a:7b:80:
0d:4d:ee:4f:5e:fd:21:ba:9a:74:50:c1:ed:fb:97:
48:d9:46:63:f8:a4:36:3d:58:14:c5:8e:d5:90:cd:
36:1f:e5:ee:db:fc:b5:3c:5a:e3:65:41:54:4f:f8:
ca:b2:2e:35:63:78:35:e1:4f:fe:58:78:9d:b6:a0:
b9:68:48:4a:bf:e6:3f:82:b4:a8:c8:50:b2:7e:59:
16:6b:37:11:8c:41:f8:18:65:99:66:0c:22:db:43:
85:55:6d:83:9d:ed:46:ee:fc:3d:d8:d2:d0:d9:76:
b9:84:e4:74:01:ab:2f:4b:c8:0c:8c:3b:bd:f4:4b:
bc:70:58:21:6f:2a:e6:48:14:0e:bf:93:7f:70:5e:
7d:1c:c0:c7:69:00:f3:ff:4b:c6:78:00:31:ed:08:
98:2f:a8:9f:89:d5:e4:a9:29:f5:c4:df:f0:22:2b:
be:06:ea:bf:a8:eb:65:14:cf:86:fd:05:c1:c9:54:
e6:fe:d8:21:5e:67:8d:ab:73:bb:b0:34:f1:04:c0:
16:15:0f:26:42:e5:23:cd:33:ed:1d:67:f9:f4:21:
2e:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:2C:B8:99:A7:DD:EB:70:C6:71:D0:EA:9A:26:A2:C9:B0:CB:61:97
X509v3 Authority Key Identifier:
keyid:3F:EC:CB:17:BE:51:EE:59:EC:74:D6:4E:ED:91:7E:22:1E:E2:8A:1B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/3FECCB17BE51EE59EC74D64EED917E221EE28A1B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P-zLF75R7lnsdNZO7ZF-Ih7iihs.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/AS834.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.236.192.0/22
46.236.197.0/24
46.236.202.0/24
46.236.209.0-46.236.210.255
46.236.212.0-46.236.214.255
46.236.223.0/24
46.236.241.0/24
46.236.243.0/24
46.236.252.0/24
46.236.254.0/23
82.139.194.0/24
82.139.204.0/24
82.139.206.0/24
82.139.218.0-82.139.221.255
82.139.225.0/24
82.139.227.0-82.139.229.255
82.139.231.0-82.139.236.255
82.139.239.0/24
82.139.241.0-82.139.249.255
82.139.251.0/24
212.60.144.0/24
212.60.146.0-212.60.149.255
212.60.155.0-212.60.157.255
212.60.159.0/24
Signature Algorithm: sha256WithRSAEncryption
4b:eb:6b:a9:4b:8c:45:6f:4e:28:16:d7:08:ae:70:19:d5:4f:
bd:e2:b0:b6:e4:b3:ef:48:25:c6:fa:d6:3a:2f:56:a0:e1:92:
e5:01:c9:78:66:d4:cf:20:4e:c0:20:13:3a:6c:49:26:f5:4e:
d8:4e:d1:c2:97:9f:64:d2:26:bc:c7:5a:b4:aa:4c:52:6f:6d:
22:e6:25:15:65:9d:ba:7e:2a:a3:e4:80:41:8e:27:61:7d:ed:
2b:a1:c3:db:9d:d8:53:74:5f:a7:36:0e:b7:d8:03:97:56:6b:
14:a4:f5:13:19:d6:f2:8d:d3:30:16:74:51:c1:c3:fb:85:a1:
c0:2d:c5:2c:e3:b5:9b:66:1b:cd:ec:40:cb:2c:18:66:6f:8f:
89:fe:73:b2:cf:cf:be:f1:39:49:18:c6:b1:a8:1a:eb:83:30:
ba:37:d4:49:da:37:d7:b5:85:33:c9:4d:87:6c:27:e1:fc:ab:
81:e9:5c:bd:8a:03:3b:b7:c5:f2:6c:e4:22:e4:4b:ee:e6:bd:
83:49:58:b8:fc:fe:93:0f:28:ed:4a:b7:bc:e1:a7:ca:52:04:
02:80:a8:79:5b:bd:93:f8:7a:58:18:a7:4b:35:38:ea:57:06:
e1:ef:cb:89:09:48:da:2d:77:8a:7f:a5:ad:8b:ff:50:ab:4c:
92:64:23:df
-----BEGIN CERTIFICATE-----
MIIFzDCCBLSgAwIBAgIUTbEhiGfxMDELGgurAGW+hgWusS8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoM2ZlY2NiMTdiZTUxZWU1OWVjNzRkNjRlZWQ5MTdlMjIx
ZWUyOGExYjAeFw0yNjA1MTEwMTUwNTNaFw0yNzA1MTAwMTU1NTNaMDMxMTAvBgNV
BAMTKDZEMkNCODk5QTdEREVCNzBDNjcxRDBFQTlBMjZBMkM5QjBDQjYxOTcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDqh5FG/6BoFo2ITr76O28DJoZe
EtBPMPgRm3WJJ7907zRWTQ+tHRbqWGp7gA1N7k9e/SG6mnRQwe37l0jZRmP4pDY9
WBTFjtWQzTYf5e7b/LU8WuNlQVRP+MqyLjVjeDXhT/5YeJ22oLloSEq/5j+CtKjI
ULJ+WRZrNxGMQfgYZZlmDCLbQ4VVbYOd7Ubu/D3Y0tDZdrmE5HQBqy9LyAyMO730
S7xwWCFvKuZIFA6/k39wXn0cwMdpAPP/S8Z4ADHtCJgvqJ+J1eSpKfXE3/AiK74G
6r+o62UUz4b9BcHJVOb+2CFeZ42rc7uwNPEEwBYVDyZC5SPNM+0dZ/n0IS5zAgMB
AAGjggLWMIIC0jAdBgNVHQ4EFgQUbSy4mafd63DGcdDqmiaiybDLYZcwHwYDVR0j
BBgwFoAUP+zLF75R7lnsdNZO7ZF+Ih7iihswDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMjJkYjc1NTUtOWFhNC00OTgzLTkzMTYtNzM4MDlkZDM1
NGJjLzAvM0ZFQ0NCMTdCRTUxRUU1OUVDNzRENjRFRUQ5MTdFMjIxRUUyOEExQi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1AtekxGNzVSN2xuc2ROWk83WkYtSWg3
aWlocy5jZXIweAYIKwYBBQUHAQsEbDBqMGgGCCsGAQUFBzALhlxyc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzIyZGI3NTU1LTlhYTQt
NDk4My05MzE2LTczODA5ZGQzNTRiYy8wL0FTODM0LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHtBggrBgEFBQcBBwEB/wSB3TCB2jCB1wQCAAEwgdADBAIu
7MADBAAu7MUDBAAu7MowDAMEAC7s0QMEAC7s0jAMAwQCLuzUAwQALuzWAwQALuzf
AwQALuzxAwQALuzzAwQALuz8AwQBLuz+AwQAUovCAwQAUovMAwQAUovOMAwDBAFS
i9oDBAFSi9wDBABSi+EwDAMEAFKL4wMEAVKL5DAMAwQAUovnAwQAUovsAwQAUovv
MAwDBABSi/EDBAFSi/gDBABSi/sDBADUPJAwDAMEAdQ8kgMEAdQ8lDAMAwQA1Dyb
AwQB1DycAwQA1DyfMA0GCSqGSIb3DQEBCwUAA4IBAQBL62upS4xFb04oFtcIrnAZ
1U+94rC25LPvSCXG+tY6L1ag4ZLlAcl4ZtTPIE7AIBM6bEkm9U7YTtHCl59k0ia8
x1q0qkxSb20i5iUVZZ26fiqj5IBBjidhfe0rocPbndhTdF+nNg632AOXVmsUpPUT
GdbyjdMwFnRRwcP7haHALcUs47WbZhvN7EDLLBhmb4+J/nOyz8++8TlJGMaxqBrr
gzC6N9RJ2jfXtYUzyU2HbCfh/KuB6Vy9igM7t8XybOQi5Evu5r2DSVi4/P6TDyjt
Sre84afKUgQCgKh5W72T+HpYGKdLNTjqVwbh78uJCUjaLXeKf6Wti/9Qq0ySZCPf
-----END CERTIFICATE-----
Generated at Tue May 12 22:37:33 2026 by rpki-client