Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS834.roa
File: AS834.roa (raw, json)
Hash identifier: 9uPUicR++B/0Bq7ACd9ZOfWoCIFsp30UG2lb8Hvjsl4=
Subject key identifier: 42:CF:1A:30:8B:CB:9E:3F:21:07:8E:37:34:DD:B7:4A:22:63:7D:9B
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 24A0D672B498BD4A4FCDCA6CD818DE68226E6EA6
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS834.roa
Signing time: Sat 28 Jun 2025 00:02:30 +0000
ROA not before: Fri 27 Jun 2025 23:57:30 +0000
ROA not after: Sat 27 Jun 2026 00:02:30 +0000
asID: 834
IP address blocks: 45.87.185.0/24 maxlen: 24
45.87.187.0/24 maxlen: 24
45.95.36.0/24 maxlen: 24
92.118.162.0/24 maxlen: 24
92.119.33.0/24 maxlen: 24
92.242.186.0/24 maxlen: 24
103.141.69.0/24 maxlen: 24
109.106.3.0/24 maxlen: 24
130.185.127.0/24 maxlen: 24
179.61.134.0/24 maxlen: 24
179.61.226.0/23 maxlen: 24
179.61.229.0/24 maxlen: 24
179.61.243.0/24 maxlen: 24
181.41.196.0/24 maxlen: 24
181.214.0.0/24 maxlen: 24
181.214.4.0/24 maxlen: 24
181.214.14.0/24 maxlen: 24
181.214.41.0/24 maxlen: 24
181.214.54.0/24 maxlen: 24
181.214.58.0/24 maxlen: 24
181.214.79.0/24 maxlen: 24
181.214.91.0/24 maxlen: 24
181.214.94.0/24 maxlen: 24
181.214.97.0/24 maxlen: 24
181.214.108.0/24 maxlen: 24
181.214.111.0/24 maxlen: 24
181.214.113.0/24 maxlen: 24
181.214.119.0/24 maxlen: 24
181.214.120.0/24 maxlen: 24
181.214.124.0/23 maxlen: 24
181.214.148.0/24 maxlen: 24
181.214.154.0/24 maxlen: 24
181.214.161.0/24 maxlen: 24
181.214.201.0/24 maxlen: 24
181.214.212.0/24 maxlen: 24
181.214.248.0/24 maxlen: 24
181.214.254.0/24 maxlen: 24
181.215.3.0/24 maxlen: 24
181.215.22.0/23 maxlen: 24
181.215.58.0/24 maxlen: 24
181.215.64.0/24 maxlen: 24
181.215.73.0/24 maxlen: 24
181.215.91.0/24 maxlen: 24
181.215.95.0/24 maxlen: 24
181.215.108.0/23 maxlen: 24
181.215.111.0/24 maxlen: 24
181.215.112.0/22 maxlen: 24
181.215.159.0/24 maxlen: 24
181.215.186.0/23 maxlen: 24
181.215.189.0/24 maxlen: 24
181.215.216.0/24 maxlen: 24
181.215.225.0/24 maxlen: 24
181.215.227.0/24 maxlen: 24
181.215.237.0/24 maxlen: 24
181.215.240.0/24 maxlen: 24
181.215.250.0/24 maxlen: 24
185.137.15.0/24 maxlen: 24
185.142.25.0/24 maxlen: 24
185.151.58.0/24 maxlen: 24
191.96.3.0/24 maxlen: 24
191.96.24.0/24 maxlen: 24
191.96.58.0/24 maxlen: 24
191.96.64.0/24 maxlen: 24
191.96.88.0/23 maxlen: 24
191.96.91.0/24 maxlen: 24
191.96.99.0/24 maxlen: 24
191.96.102.0/24 maxlen: 24
191.96.105.0/24 maxlen: 24
191.96.116.0/24 maxlen: 24
191.96.120.0/24 maxlen: 24
191.96.126.0/24 maxlen: 24
191.96.140.0/23 maxlen: 24
191.96.143.0/24 maxlen: 24
191.96.149.0/24 maxlen: 24
191.96.157.0/24 maxlen: 24
191.96.164.0/24 maxlen: 24
191.96.180.0/23 maxlen: 24
191.96.182.0/24 maxlen: 24
191.101.9.0/24 maxlen: 24
191.101.20.0/24 maxlen: 24
191.101.22.0/24 maxlen: 24
191.101.39.0/24 maxlen: 24
191.101.56.0/24 maxlen: 24
191.101.58.0/24 maxlen: 24
191.101.63.0/24 maxlen: 24
191.101.76.0/24 maxlen: 24
191.101.82.0/24 maxlen: 24
191.101.85.0/24 maxlen: 24
191.101.87.0/24 maxlen: 24
191.101.88.0/24 maxlen: 24
191.101.95.0/24 maxlen: 24
191.101.97.0/24 maxlen: 24
191.101.102.0/24 maxlen: 24
191.101.116.0/24 maxlen: 24
191.101.120.0/24 maxlen: 24
191.101.124.0/24 maxlen: 24
191.101.135.0/24 maxlen: 24
191.101.145.0/24 maxlen: 24
191.101.148.0/24 maxlen: 24
191.101.180.0/24 maxlen: 24
191.101.182.0/24 maxlen: 24
191.101.187.0/24 maxlen: 24
191.101.192.0/24 maxlen: 24
191.101.198.0/24 maxlen: 24
191.101.223.0/24 maxlen: 24
191.101.239.0/24 maxlen: 24
191.101.240.0/24 maxlen: 24
191.101.247.0/24 maxlen: 24
191.101.252.0/24 maxlen: 24
193.7.202.0/24 maxlen: 24
193.31.41.0/24 maxlen: 24
213.109.169.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 01:56:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
24:a0:d6:72:b4:98:bd:4a:4f:cd:ca:6c:d8:18:de:68:22:6e:6e:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Jun 27 23:57:30 2025 GMT
Not After : Jun 27 00:02:30 2026 GMT
Subject: CN=42CF1A308BCB9E3F21078E3734DDB74A22637D9B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:fc:97:ee:59:7f:eb:4d:06:77:92:74:cc:df:
d1:d7:85:99:9c:c7:45:84:f5:a2:62:46:47:a4:49:
38:4e:40:07:13:2c:bc:91:8f:c6:00:a8:91:27:fd:
6a:07:5a:fa:3a:92:4e:81:a8:f4:c1:aa:e7:cd:06:
b2:45:67:b7:79:8d:07:b6:fb:e5:f6:26:ed:1c:04:
fb:a7:dc:07:83:fd:20:f0:3a:4c:4a:fe:f0:67:6c:
2a:10:ed:33:c3:fd:bd:d2:bd:1a:a6:b4:14:be:b5:
27:91:ec:c6:78:50:a5:fb:b7:a0:68:da:3b:f2:1f:
75:b4:d1:2a:dc:98:32:01:e3:22:6a:c0:ab:cd:2b:
3a:7b:c7:2a:8a:0a:ad:b2:88:43:00:f1:f4:73:eb:
c3:e8:7f:5f:49:a8:44:dd:38:b8:a6:e5:ba:69:9b:
55:6a:12:50:8f:74:b7:74:0f:41:34:f4:1f:c8:07:
cb:e6:90:6a:e4:3e:a5:df:ff:f7:55:fb:34:c2:19:
fd:99:80:e4:54:ec:ca:b7:fc:76:8a:41:77:82:c8:
19:fe:41:db:bd:29:ff:49:0c:bf:af:38:2d:62:1e:
31:ad:68:ba:80:52:73:ee:67:45:cb:fa:bf:63:6d:
3b:6b:eb:d9:de:fd:0b:3a:13:5b:e5:18:4a:8a:02:
48:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:CF:1A:30:8B:CB:9E:3F:21:07:8E:37:34:DD:B7:4A:22:63:7D:9B
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS834.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.87.185.0/24
45.87.187.0/24
45.95.36.0/24
92.118.162.0/24
92.119.33.0/24
92.242.186.0/24
103.141.69.0/24
109.106.3.0/24
130.185.127.0/24
179.61.134.0/24
179.61.226.0/23
179.61.229.0/24
179.61.243.0/24
181.41.196.0/24
181.214.0.0/24
181.214.4.0/24
181.214.14.0/24
181.214.41.0/24
181.214.54.0/24
181.214.58.0/24
181.214.79.0/24
181.214.91.0/24
181.214.94.0/24
181.214.97.0/24
181.214.108.0/24
181.214.111.0/24
181.214.113.0/24
181.214.119.0-181.214.120.255
181.214.124.0/23
181.214.148.0/24
181.214.154.0/24
181.214.161.0/24
181.214.201.0/24
181.214.212.0/24
181.214.248.0/24
181.214.254.0/24
181.215.3.0/24
181.215.22.0/23
181.215.58.0/24
181.215.64.0/24
181.215.73.0/24
181.215.91.0/24
181.215.95.0/24
181.215.108.0/23
181.215.111.0-181.215.115.255
181.215.159.0/24
181.215.186.0/23
181.215.189.0/24
181.215.216.0/24
181.215.225.0/24
181.215.227.0/24
181.215.237.0/24
181.215.240.0/24
181.215.250.0/24
185.137.15.0/24
185.142.25.0/24
185.151.58.0/24
191.96.3.0/24
191.96.24.0/24
191.96.58.0/24
191.96.64.0/24
191.96.88.0/23
191.96.91.0/24
191.96.99.0/24
191.96.102.0/24
191.96.105.0/24
191.96.116.0/24
191.96.120.0/24
191.96.126.0/24
191.96.140.0/23
191.96.143.0/24
191.96.149.0/24
191.96.157.0/24
191.96.164.0/24
191.96.180.0-191.96.182.255
191.101.9.0/24
191.101.20.0/24
191.101.22.0/24
191.101.39.0/24
191.101.56.0/24
191.101.58.0/24
191.101.63.0/24
191.101.76.0/24
191.101.82.0/24
191.101.85.0/24
191.101.87.0-191.101.88.255
191.101.95.0/24
191.101.97.0/24
191.101.102.0/24
191.101.116.0/24
191.101.120.0/24
191.101.124.0/24
191.101.135.0/24
191.101.145.0/24
191.101.148.0/24
191.101.180.0/24
191.101.182.0/24
191.101.187.0/24
191.101.192.0/24
191.101.198.0/24
191.101.223.0/24
191.101.239.0-191.101.240.255
191.101.247.0/24
191.101.252.0/24
193.7.202.0/24
193.31.41.0/24
213.109.169.0/24
Signature Algorithm: sha256WithRSAEncryption
2d:b1:ba:ae:b9:db:9b:a8:e7:66:e6:e4:82:3d:9c:8a:9b:5a:
34:ed:98:30:6c:c7:01:5f:55:07:33:65:b7:9e:c3:04:2f:a9:
14:26:cb:c0:15:4e:94:80:ac:45:bb:66:96:9f:ba:8c:8f:c3:
10:e3:3e:74:2a:9c:d6:68:b1:cb:8d:3f:06:fa:62:1c:17:72:
7c:17:c9:65:d8:07:6b:f1:0f:c9:ff:47:11:fb:74:36:3d:89:
5e:48:d6:c6:d9:a6:fc:7d:8c:84:1f:e6:37:cd:1e:27:7b:a2:
03:59:b7:b8:e0:12:a5:64:a9:be:cd:fc:f1:bf:e3:32:ab:a0:
84:ec:e4:50:6e:17:61:18:e7:cd:22:7b:97:0b:0b:ab:91:39:
6c:f9:48:6b:e8:87:a7:32:29:c1:95:a6:4a:27:32:4b:3b:69:
56:19:cf:7f:28:81:db:fd:56:4e:0f:76:d9:e9:21:5c:d2:aa:
55:e6:7b:90:bf:5b:ac:9a:0f:2b:3c:d5:0f:5b:d3:92:7c:f9:
51:85:b0:93:df:ac:fc:15:7d:08:39:79:19:90:f9:10:55:9e:
68:97:b4:95:5a:fb:1c:c9:3e:d6:bc:7a:a3:cf:cf:cf:b0:20:
76:c9:4a:2e:9d:7e:34:a5:b5:22:95:f2:b1:db:fe:d0:f4:4a:
ac:11:d0:1f
-----BEGIN CERTIFICATE-----
MIIHqzCCBpOgAwIBAgIUJKDWcrSYvUpPzcps2BjeaCJubqYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNTA2MjcyMzU3MzBaFw0yNjA2MjcwMDAyMzBaMDMxMTAvBgNV
BAMTKDQyQ0YxQTMwOEJDQjlFM0YyMTA3OEUzNzM0RERCNzRBMjI2MzdEOUIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCk/JfuWX/rTQZ3knTM39HXhZmc
x0WE9aJiRkekSThOQAcTLLyRj8YAqJEn/WoHWvo6kk6BqPTBqufNBrJFZ7d5jQe2
++X2Ju0cBPun3AeD/SDwOkxK/vBnbCoQ7TPD/b3SvRqmtBS+tSeR7MZ4UKX7t6Bo
2jvyH3W00SrcmDIB4yJqwKvNKzp7xyqKCq2yiEMA8fRz68Pof19JqETdOLim5bpp
m1VqElCPdLd0D0E09B/IB8vmkGrkPqXf//dV+zTCGf2ZgORU7Mq3/HaKQXeCyBn+
Qdu9Kf9JDL+vOC1iHjGtaLqAUnPuZ0XL+r9jbTtr69ne/Qs6E1vlGEqKAkj5AgMB
AAGjggS1MIIEsTAdBgNVHQ4EFgQUQs8aMIvLnj8hB443NN23SiJjfZswHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIweAYIKwYBBQUHAQsEbDBqMGgGCCsGAQUFBzALhlxyc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTODM0LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIICywYIKwYBBQUHAQcBAf8EggK6MIICtjCCArIEAgABMIIC
qgMEAC1XuQMEAC1XuwMEAC1fJAMEAFx2ogMEAFx3IQMEAFzyugMEAGeNRQMEAG1q
AwMEAIK5fwMEALM9hgMEAbM94gMEALM95QMEALM98wMEALUpxAMEALXWAAMEALXW
BAMEALXWDgMEALXWKQMEALXWNgMEALXWOgMEALXWTwMEALXWWwMEALXWXgMEALXW
YQMEALXWbAMEALXWbwMEALXWcTAMAwQAtdZ3AwQAtdZ4AwQBtdZ8AwQAtdaUAwQA
tdaaAwQAtdahAwQAtdbJAwQAtdbUAwQAtdb4AwQAtdb+AwQAtdcDAwQBtdcWAwQA
tdc6AwQAtddAAwQAtddJAwQAtddbAwQAtddfAwQBtddsMAwDBAC1128DBAK113AD
BAC1158DBAG117oDBAC1170DBAC119gDBAC11+EDBAC11+MDBAC11+0DBAC11/AD
BAC11/oDBAC5iQ8DBAC5jhkDBAC5lzoDBAC/YAMDBAC/YBgDBAC/YDoDBAC/YEAD
BAG/YFgDBAC/YFsDBAC/YGMDBAC/YGYDBAC/YGkDBAC/YHQDBAC/YHgDBAC/YH4D
BAG/YIwDBAC/YI8DBAC/YJUDBAC/YJ0DBAC/YKQwDAMEAr9gtAMEAL9gtgMEAL9l
CQMEAL9lFAMEAL9lFgMEAL9lJwMEAL9lOAMEAL9lOgMEAL9lPwMEAL9lTAMEAL9l
UgMEAL9lVTAMAwQAv2VXAwQAv2VYAwQAv2VfAwQAv2VhAwQAv2VmAwQAv2V0AwQA
v2V4AwQAv2V8AwQAv2WHAwQAv2WRAwQAv2WUAwQAv2W0AwQAv2W2AwQAv2W7AwQA
v2XAAwQAv2XGAwQAv2XfMAwDBAC/Ze8DBAC/ZfADBAC/ZfcDBAC/ZfwDBADBB8oD
BADBHykDBADVbakwDQYJKoZIhvcNAQELBQADggEBAC2xuq6525uo52bm5II9nIqb
WjTtmDBsxwFfVQczZbeewwQvqRQmy8AVTpSArEW7ZpafuoyPwxDjPnQqnNZoscuN
Pwb6YhwXcnwXyWXYB2vxD8n/RxH7dDY9iV5I1sbZpvx9jIQf5jfNHid7ogNZt7jg
EqVkqb7N/PG/4zKroITs5FBuF2EY580ie5cLC6uROWz5SGvoh6cyKcGVpkonMks7
aVYZz38ogdv9Vk4PdtnpIVzSqlXme5C/W6yaDys81Q9b05J8+VGFsJPfrPwVfQg5
eRmQ+RBVnmiXtJVa+xzJPta8eqPPz8+wIHbJSi6dfjSltSKV8rHb/tD0SqwR0B8=
-----END CERTIFICATE-----
Generated at Sat Jun 28 16:32:22 2025 by rpki-client