
Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS834.roa
File: AS834.roa (raw, json)
Hash identifier: fJmRHLT5bx5cwmdZ7GVAQYn1kuqlN3OD547jw8QWaU0=
Subject key identifier: 25:20:D4:11:DE:AA:FF:62:BF:CC:2A:5F:10:05:90:3A:86:2B:E6:67
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 324313C14F416D0213D6EC0868639EAE11541E5B
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS834.roa
Signing time: Sun 19 Oct 2025 12:52:22 +0000
ROA not before: Sun 19 Oct 2025 12:47:22 +0000
ROA not after: Sun 18 Oct 2026 12:52:22 +0000
asID: 834
IP address blocks: 45.87.185.0/24 maxlen: 24
45.88.98.0/24 maxlen: 24
45.137.118.0/24 maxlen: 24
179.61.253.0/24 maxlen: 24
181.214.0.0/24 maxlen: 24
181.214.4.0/24 maxlen: 24
181.214.14.0/24 maxlen: 24
181.214.25.0/24 maxlen: 24
181.214.41.0/24 maxlen: 24
181.214.54.0/24 maxlen: 24
181.214.58.0/24 maxlen: 24
181.214.79.0/24 maxlen: 24
181.214.91.0/24 maxlen: 24
181.214.98.0/24 maxlen: 24
181.214.101.0/24 maxlen: 24
181.214.130.0/24 maxlen: 24
181.214.254.0/24 maxlen: 24
181.215.3.0/24 maxlen: 24
181.215.12.0/24 maxlen: 24
181.215.31.0/24 maxlen: 24
181.215.55.0/24 maxlen: 24
181.215.62.0/24 maxlen: 24
181.215.64.0/24 maxlen: 24
181.215.73.0/24 maxlen: 24
181.215.84.0/24 maxlen: 24
181.215.91.0/24 maxlen: 24
181.215.95.0/24 maxlen: 24
181.215.108.0/22 maxlen: 24
181.215.112.0/22 maxlen: 24
181.215.149.0/24 maxlen: 24
181.215.159.0/24 maxlen: 24
181.215.164.0/24 maxlen: 24
181.215.189.0/24 maxlen: 24
181.215.190.0/24 maxlen: 24
181.215.196.0/24 maxlen: 24
181.215.210.0/24 maxlen: 24
181.215.216.0/24 maxlen: 24
181.215.225.0/24 maxlen: 24
181.215.227.0/24 maxlen: 24
181.215.237.0/24 maxlen: 24
181.215.240.0/24 maxlen: 24
181.215.247.0/24 maxlen: 24
185.173.35.0/24 maxlen: 24
191.96.24.0/24 maxlen: 24
191.96.102.0/24 maxlen: 24
191.101.136.0/24 maxlen: 24
191.101.182.0/24 maxlen: 24
191.101.192.0/24 maxlen: 24
191.101.198.0/24 maxlen: 24
191.101.252.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 06:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
32:43:13:c1:4f:41:6d:02:13:d6:ec:08:68:63:9e:ae:11:54:1e:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Oct 19 12:47:22 2025 GMT
Not After : Oct 18 12:52:22 2026 GMT
Subject: CN=2520D411DEAAFF62BFCC2A5F1005903A862BE667
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:ed:84:e8:32:11:3c:c3:a7:1f:33:fe:c8:db:
e9:fb:34:62:d9:23:1c:0b:1c:90:a2:18:98:2e:28:
78:85:98:fa:04:18:99:fb:2e:e9:dc:74:53:1b:a0:
97:53:d0:6d:2a:45:89:d9:f8:27:20:bc:77:b3:9d:
14:84:ad:11:d7:64:c1:df:4c:d0:55:2a:41:6c:da:
d0:f7:eb:fb:2f:96:29:d3:d5:5e:c0:f4:8c:3a:cf:
ff:9f:da:d1:a6:27:bf:9c:ae:09:41:b2:4d:a7:6c:
87:e0:61:bc:7d:eb:39:6c:ba:85:0f:49:73:ad:7b:
42:f1:70:9b:54:6d:31:c3:a4:0c:9f:c0:b2:aa:9d:
c3:38:af:b2:09:18:d9:25:2f:fa:5a:28:1f:66:4b:
49:98:b8:d0:bb:0d:26:47:b4:7a:53:6c:69:db:b7:
c6:6a:54:6f:1c:86:2e:cb:de:23:f1:b0:35:b2:6c:
f7:6f:01:e4:b4:88:c0:be:03:f5:76:c8:1b:93:9c:
6b:a4:25:74:d2:05:9d:c0:18:89:de:ab:88:cd:58:
8e:b3:30:97:ec:9c:5a:91:81:f1:38:ad:7a:72:6f:
31:c3:1f:da:25:de:68:db:22:96:d9:23:b9:09:ed:
67:52:91:f1:8d:c9:d5:5f:ec:00:84:0a:50:2c:39:
58:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:20:D4:11:DE:AA:FF:62:BF:CC:2A:5F:10:05:90:3A:86:2B:E6:67
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS834.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.87.185.0/24
45.88.98.0/24
45.137.118.0/24
179.61.253.0/24
181.214.0.0/24
181.214.4.0/24
181.214.14.0/24
181.214.25.0/24
181.214.41.0/24
181.214.54.0/24
181.214.58.0/24
181.214.79.0/24
181.214.91.0/24
181.214.98.0/24
181.214.101.0/24
181.214.130.0/24
181.214.254.0/24
181.215.3.0/24
181.215.12.0/24
181.215.31.0/24
181.215.55.0/24
181.215.62.0/24
181.215.64.0/24
181.215.73.0/24
181.215.84.0/24
181.215.91.0/24
181.215.95.0/24
181.215.108.0-181.215.115.255
181.215.149.0/24
181.215.159.0/24
181.215.164.0/24
181.215.189.0-181.215.190.255
181.215.196.0/24
181.215.210.0/24
181.215.216.0/24
181.215.225.0/24
181.215.227.0/24
181.215.237.0/24
181.215.240.0/24
181.215.247.0/24
185.173.35.0/24
191.96.24.0/24
191.96.102.0/24
191.101.136.0/24
191.101.182.0/24
191.101.192.0/24
191.101.198.0/24
191.101.252.0/24
Signature Algorithm: sha256WithRSAEncryption
42:76:89:a1:4e:4a:07:42:b2:6c:5d:c4:28:a2:ca:ca:fd:f1:
21:6a:fe:a2:79:b5:45:1e:47:9b:43:ba:2e:67:9f:9e:c3:5c:
13:c9:f9:87:b9:65:50:84:25:36:46:c0:70:23:43:e9:f1:61:
f6:7a:5b:d9:44:f6:bc:b2:41:40:29:23:5b:1f:fb:2b:b2:2a:
fc:81:ad:32:fb:22:95:27:be:fb:39:4d:59:c1:cd:62:b1:93:
06:ac:a6:2a:47:1b:85:fa:f8:2a:5c:80:65:45:fd:60:96:94:
7e:4b:95:8e:41:e6:89:dd:5b:f5:80:4b:74:29:8a:3b:f3:78:
bc:81:a3:f4:b2:04:74:57:53:ac:63:67:67:02:f1:92:49:ea:
9d:57:e6:53:30:03:6d:0c:38:06:13:7f:2e:81:34:8e:21:64:
52:bd:fe:21:d0:6c:b9:18:84:78:a6:60:d6:e8:cf:e8:cf:86:
35:79:80:f0:eb:b5:d5:f7:5c:46:73:cf:8a:cd:09:bc:d3:de:
63:0b:35:b5:90:a7:5f:fa:19:51:46:c9:ef:68:8d:86:33:ec:
50:42:d8:80:64:0a:1a:3f:c8:83:45:02:8c:7e:65:8a:10:49:
4d:b6:59:d5:af:b3:0a:30:b8:32:2c:9b:1d:6b:a4:3d:c6:ed:
06:6f:d4:11
-----BEGIN CERTIFICATE-----
MIIGMTCCBRmgAwIBAgIUMkMTwU9BbQIT1uwIaGOerhFUHlswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNTEwMTkxMjQ3MjJaFw0yNjEwMTgxMjUyMjJaMDMxMTAvBgNV
BAMTKDI1MjBENDExREVBQUZGNjJCRkNDMkE1RjEwMDU5MDNBODYyQkU2NjcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC67YToMhE8w6cfM/7I2+n7NGLZ
IxwLHJCiGJguKHiFmPoEGJn7LuncdFMboJdT0G0qRYnZ+CcgvHeznRSErRHXZMHf
TNBVKkFs2tD36/svlinT1V7A9Iw6z/+f2tGmJ7+crglBsk2nbIfgYbx96zlsuoUP
SXOte0LxcJtUbTHDpAyfwLKqncM4r7IJGNklL/paKB9mS0mYuNC7DSZHtHpTbGnb
t8ZqVG8chi7L3iPxsDWybPdvAeS0iMC+A/V2yBuTnGukJXTSBZ3AGIneq4jNWI6z
MJfsnFqRgfE4rXpybzHDH9ol3mjbIpbZI7kJ7WdSkfGNydVf7ACEClAsOVgfAgMB
AAGjggM7MIIDNzAdBgNVHQ4EFgQUJSDUEd6q/2K/zCpfEAWQOoYr5mcwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIweAYIKwYBBQUHAQsEbDBqMGgGCCsGAQUFBzALhlxyc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTODM0LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBUQYIKwYBBQUHAQcBAf8EggFAMIIBPDCCATgEAgABMIIB
MAMEAC1XuQMEAC1YYgMEAC2JdgMEALM9/QMEALXWAAMEALXWBAMEALXWDgMEALXW
GQMEALXWKQMEALXWNgMEALXWOgMEALXWTwMEALXWWwMEALXWYgMEALXWZQMEALXW
ggMEALXW/gMEALXXAwMEALXXDAMEALXXHwMEALXXNwMEALXXPgMEALXXQAMEALXX
SQMEALXXVAMEALXXWwMEALXXXzAMAwQCtddsAwQCtddwAwQAtdeVAwQAtdefAwQA
tdekMAwDBAC1170DBAC1174DBAC118QDBAC119IDBAC119gDBAC11+EDBAC11+MD
BAC11+0DBAC11/ADBAC11/cDBAC5rSMDBAC/YBgDBAC/YGYDBAC/ZYgDBAC/ZbYD
BAC/ZcADBAC/ZcYDBAC/ZfwwDQYJKoZIhvcNAQELBQADggEBAEJ2iaFOSgdCsmxd
xCiiysr98SFq/qJ5tUUeR5tDui5nn57DXBPJ+Ye5ZVCEJTZGwHAjQ+nxYfZ6W9lE
9ryyQUApI1sf+yuyKvyBrTL7IpUnvvs5TVnBzWKxkwaspipHG4X6+CpcgGVF/WCW
lH5LlY5B5ondW/WAS3QpijvzeLyBo/SyBHRXU6xjZ2cC8ZJJ6p1X5lMwA20MOAYT
fy6BNI4hZFK9/iHQbLkYhHimYNboz+jPhjV5gPDrtdX3XEZzz4rNCbzT3mMLNbWQ
p1/6GVFGye9ojYYz7FBC2IBkCho/yINFAox+ZYoQSU22WdWvswowuDIsmx1rpD3G
7QZv1BE=
-----END CERTIFICATE-----
Generated at Sun Oct 19 14:43:33 2025 by rpki-client