Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS834.roa
File: AS834.roa (raw, json)
Hash identifier: qN0QL0B4Wh7srsGJCT7PHmCD4At3k38NsL+eTRvpZrw=
Subject key identifier: 96:A2:FB:97:14:09:BC:DC:EC:D7:8D:A9:B4:37:FB:9E:ED:D9:3A:16
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 16EE27F1BAAA091D80EE96E56F6205AFAE701A82
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS834.roa
Signing time: Fri 22 Aug 2025 12:23:03 +0000
ROA not before: Fri 22 Aug 2025 12:18:03 +0000
ROA not after: Fri 21 Aug 2026 12:23:03 +0000
asID: 834
IP address blocks: 5.182.110.0/24 maxlen: 24
45.87.185.0/24 maxlen: 24
45.88.98.0/24 maxlen: 24
45.137.118.0/24 maxlen: 24
45.139.180.0/24 maxlen: 24
85.208.72.0/24 maxlen: 24
92.242.184.0/24 maxlen: 24
92.242.186.0/24 maxlen: 24
130.185.127.0/24 maxlen: 24
179.61.140.0/24 maxlen: 24
181.214.25.0/24 maxlen: 24
181.214.130.0/24 maxlen: 24
181.214.254.0/24 maxlen: 24
181.215.31.0/24 maxlen: 24
181.215.73.0/24 maxlen: 24
181.215.84.0/24 maxlen: 24
181.215.91.0/24 maxlen: 24
181.215.110.0/24 maxlen: 24
181.215.112.0/24 maxlen: 24
181.215.250.0/24 maxlen: 24
185.151.58.0/24 maxlen: 24
191.96.24.0/24 maxlen: 24
191.96.102.0/24 maxlen: 24
191.101.182.0/24 maxlen: 24
191.101.192.0/24 maxlen: 24
191.101.198.0/24 maxlen: 24
191.101.252.0/24 maxlen: 24
193.58.106.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Aug 2025 13:51:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
16:ee:27:f1:ba:aa:09:1d:80:ee:96:e5:6f:62:05:af:ae:70:1a:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Aug 22 12:18:03 2025 GMT
Not After : Aug 21 12:23:03 2026 GMT
Subject: CN=96A2FB971409BCDCECD78DA9B437FB9EEDD93A16
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:c0:b8:10:bc:8e:cc:a2:0d:ca:b7:81:ce:ef:
22:a4:71:af:0c:ba:4e:56:7d:db:9c:28:8f:bf:7b:
02:64:3b:9f:f5:60:31:05:98:c6:fc:8c:83:fa:e2:
0f:1a:2e:f6:bd:07:25:17:8c:a4:aa:8e:ef:a8:62:
9e:13:44:ad:b5:b5:b2:64:11:3c:71:2a:0e:79:bb:
c4:2f:21:5b:38:a5:74:67:ed:a7:6e:63:65:52:dc:
09:d1:71:8a:f8:69:78:71:8b:26:20:79:ff:04:00:
85:03:57:af:64:fb:98:c0:d4:8a:19:da:ae:8c:4f:
cf:b8:59:1e:25:f8:02:62:df:45:16:47:79:cd:26:
5e:3d:55:ef:2f:f6:db:d4:4d:66:88:86:09:f7:bf:
4f:f8:ec:33:70:28:00:63:c9:40:f8:58:fd:81:1f:
f2:c1:93:41:f8:f0:fe:80:88:25:88:f2:79:f0:2c:
4d:9f:68:a9:dd:bf:3b:30:fe:34:d9:5f:d4:da:15:
fb:c5:b2:9f:c8:88:e0:5c:b0:e9:1a:01:e7:69:ac:
16:6b:4d:45:1a:09:ae:f1:9e:8a:9e:36:04:eb:7d:
3c:fb:5a:b6:b3:ae:ab:9a:b2:a7:74:4f:7b:67:96:
6b:e4:43:52:fe:46:2e:cb:8e:63:c3:d1:7d:33:bb:
1f:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:A2:FB:97:14:09:BC:DC:EC:D7:8D:A9:B4:37:FB:9E:ED:D9:3A:16
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS834.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.110.0/24
45.87.185.0/24
45.88.98.0/24
45.137.118.0/24
45.139.180.0/24
85.208.72.0/24
92.242.184.0/24
92.242.186.0/24
130.185.127.0/24
179.61.140.0/24
181.214.25.0/24
181.214.130.0/24
181.214.254.0/24
181.215.31.0/24
181.215.73.0/24
181.215.84.0/24
181.215.91.0/24
181.215.110.0/24
181.215.112.0/24
181.215.250.0/24
185.151.58.0/24
191.96.24.0/24
191.96.102.0/24
191.101.182.0/24
191.101.192.0/24
191.101.198.0/24
191.101.252.0/24
193.58.106.0/24
Signature Algorithm: sha256WithRSAEncryption
58:48:6c:b8:a2:07:e2:8c:88:28:a6:80:cb:9a:69:89:f8:77:
3c:81:53:f4:fe:60:35:2f:99:3e:5c:40:0a:56:a5:fd:be:c5:
0c:cb:2d:b1:c8:d1:c8:17:b8:2c:05:f0:40:f6:48:76:b5:5d:
88:a4:f7:b1:97:c6:4a:d6:9f:82:65:d6:60:d6:23:07:14:66:
e7:14:91:83:07:dd:ff:0f:5e:e5:5f:1f:a3:c9:ba:77:e1:92:
6c:e5:fb:87:15:3f:65:14:d1:09:a7:ca:a8:8f:77:06:da:e4:
46:11:e1:be:37:df:3f:8e:a4:0b:16:38:97:05:be:49:a3:d9:
9c:bd:db:d8:6d:19:98:cd:95:f1:f4:ec:27:eb:e1:12:ad:8d:
7b:70:6f:3e:ff:26:1b:d9:f3:0f:7e:20:77:82:19:b2:a3:3e:
33:9e:5d:52:74:5e:c8:09:28:a3:b5:4d:03:ac:be:70:25:5d:
b8:10:94:bb:1a:f9:ef:de:16:a0:d3:86:01:23:8a:05:7f:b8:
0d:bf:77:f0:73:8d:1d:80:8f:e5:0e:be:63:f0:76:2d:f7:9d:
b7:60:71:34:8a:ea:7c:8b:51:ed:85:88:c7:cb:ac:5c:52:40:
18:72:96:e7:c5:0a:dc:51:2e:83:6d:20:46:42:be:40:0e:5a:
ea:74:08:9e
-----BEGIN CERTIFICATE-----
MIIFpDCCBIygAwIBAgIUFu4n8bqqCR2A7pblb2IFr65wGoIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNTA4MjIxMjE4MDNaFw0yNjA4MjExMjIzMDNaMDMxMTAvBgNV
BAMTKDk2QTJGQjk3MTQwOUJDRENFQ0Q3OERBOUI0MzdGQjlFRUREOTNBMTYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC2wLgQvI7Mog3Kt4HO7yKkca8M
uk5WfducKI+/ewJkO5/1YDEFmMb8jIP64g8aLva9ByUXjKSqju+oYp4TRK21tbJk
ETxxKg55u8QvIVs4pXRn7aduY2VS3AnRcYr4aXhxiyYgef8EAIUDV69k+5jA1IoZ
2q6MT8+4WR4l+AJi30UWR3nNJl49Ve8v9tvUTWaIhgn3v0/47DNwKABjyUD4WP2B
H/LBk0H48P6AiCWI8nnwLE2faKndvzsw/jTZX9TaFfvFsp/IiOBcsOkaAedprBZr
TUUaCa7xnoqeNgTrfTz7Wrazrquasqd0T3tnlmvkQ1L+Ri7LjmPD0X0zux+JAgMB
AAGjggKuMIICqjAdBgNVHQ4EFgQUlqL7lxQJvNzs142ptDf7nu3ZOhYwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIweAYIKwYBBQUHAQsEbDBqMGgGCCsGAQUFBzALhlxyc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTODM0LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHFBggrBgEFBQcBBwEB/wSBtTCBsjCBrwQCAAEwgagDBAAF
tm4DBAAtV7kDBAAtWGIDBAAtiXYDBAAti7QDBABV0EgDBABc8rgDBABc8roDBACC
uX8DBACzPYwDBAC11hkDBAC11oIDBAC11v4DBAC11x8DBAC110kDBAC111QDBAC1
11sDBAC1124DBAC113ADBAC11/oDBAC5lzoDBAC/YBgDBAC/YGYDBAC/ZbYDBAC/
ZcADBAC/ZcYDBAC/ZfwDBADBOmowDQYJKoZIhvcNAQELBQADggEBAFhIbLiiB+KM
iCimgMuaaYn4dzyBU/T+YDUvmT5cQApWpf2+xQzLLbHI0cgXuCwF8ED2SHa1XYik
97GXxkrWn4Jl1mDWIwcUZucUkYMH3f8PXuVfH6PJunfhkmzl+4cVP2UU0QmnyqiP
dwba5EYR4b433z+OpAsWOJcFvkmj2Zy929htGZjNlfH07Cfr4RKtjXtwbz7/JhvZ
8w9+IHeCGbKjPjOeXVJ0XsgJKKO1TQOsvnAlXbgQlLsa+e/eFqDThgEjigV/uA2/
d/BzjR2Aj+UOvmPwdi33nbdgcTSK6nyLUe2FiMfLrFxSQBhylufFCtxRLoNtIEZC
vkAOWup0CJ4=
-----END CERTIFICATE-----
Generated at Sat Aug 23 06:44:52 2025 by rpki-client