Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/55b4d9e8-4111-4394-a3a6-bd8251e7fbbd/0/AS834.roa
File: AS834.roa (raw, json)
Hash identifier: JvXAhyI1cPSYDsflHA8IYKci6wRLlno5ruGhhMnsmGU=
Subject key identifier: 65:CD:07:1A:DC:D8:72:22:E3:55:CC:FE:65:8A:BD:06:50:34:56:D2
Certificate issuer: /CN=9dfbff217105df8877d463f6e9bac28a4084d20c
Certificate serial: 02E3599C89784780B759A1BF8077C38EB1A04E0D
Authority key identifier: 9D:FB:FF:21:71:05:DF:88:77:D4:63:F6:E9:BA:C2:8A:40:84:D2:0C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nfv_IXEF34h31GP26brCikCE0gw.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/55b4d9e8-4111-4394-a3a6-bd8251e7fbbd/0/AS834.roa
Signing time: Tue 12 May 2026 11:46:56 +0000
ROA not before: Tue 12 May 2026 11:41:56 +0000
ROA not after: Tue 11 May 2027 11:46:56 +0000
asID: 834
IP address blocks: 83.171.246.0/24 maxlen: 24
188.119.69.0/24 maxlen: 24
193.32.207.0/24 maxlen: 24
193.187.111.0/24 maxlen: 24
194.93.50.0/23 maxlen: 24
212.115.102.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/55b4d9e8-4111-4394-a3a6-bd8251e7fbbd/0/9DFBFF217105DF8877D463F6E9BAC28A4084D20C.crl
rsync://rsync.paas.rpki.ripe.net/repository/55b4d9e8-4111-4394-a3a6-bd8251e7fbbd/0/9DFBFF217105DF8877D463F6E9BAC28A4084D20C.mft
rsync://rpki.ripe.net/repository/DEFAULT/nfv_IXEF34h31GP26brCikCE0gw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
02:e3:59:9c:89:78:47:80:b7:59:a1:bf:80:77:c3:8e:b1:a0:4e:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9dfbff217105df8877d463f6e9bac28a4084d20c
Validity
Not Before: May 12 11:41:56 2026 GMT
Not After : May 11 11:46:56 2027 GMT
Subject: CN=65CD071ADCD87222E355CCFE658ABD06503456D2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:8c:f5:f0:65:2e:b5:43:e5:88:06:d5:7a:59:
41:1c:0b:de:cd:71:b6:06:44:54:82:54:5b:bd:f1:
25:f9:2e:61:43:1b:2d:3d:60:d5:d0:86:5e:0b:22:
b2:af:f9:51:49:af:8c:c9:6a:e6:f7:1a:a7:8f:35:
9b:8c:1c:14:fa:46:cd:36:be:4e:21:59:8e:ac:25:
9a:ba:d7:2b:06:b7:4f:5d:71:b4:51:d6:3e:8a:c7:
74:7d:52:9b:7d:ab:83:a6:0d:dd:ab:06:ab:c9:49:
04:b0:d9:e9:2b:0b:4e:f3:fd:b0:ff:84:5a:45:55:
6f:b7:11:c2:a7:df:76:71:8f:4f:b5:f1:d8:1d:a7:
ab:28:a5:c8:ec:38:47:c3:7c:a9:0b:a2:e8:eb:10:
a4:99:0c:62:e7:b5:0a:53:c2:d2:bd:cc:d0:36:69:
f9:30:cd:81:5c:67:e2:8c:eb:da:bf:cb:d1:ee:b3:
88:af:13:03:a5:6c:f8:47:97:06:ae:22:c0:14:3d:
58:6b:a3:80:a9:f3:4d:f3:fb:68:fc:e5:fb:ae:1d:
1e:26:25:81:85:6d:5a:12:b3:c2:77:89:a5:4d:a4:
d7:da:ae:4e:d8:b2:8d:7f:4c:ef:c6:49:23:8f:2a:
1a:a9:7f:14:e7:85:3a:e5:fd:99:c6:cf:d5:de:68:
19:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:CD:07:1A:DC:D8:72:22:E3:55:CC:FE:65:8A:BD:06:50:34:56:D2
X509v3 Authority Key Identifier:
keyid:9D:FB:FF:21:71:05:DF:88:77:D4:63:F6:E9:BA:C2:8A:40:84:D2:0C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/55b4d9e8-4111-4394-a3a6-bd8251e7fbbd/0/9DFBFF217105DF8877D463F6E9BAC28A4084D20C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nfv_IXEF34h31GP26brCikCE0gw.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/55b4d9e8-4111-4394-a3a6-bd8251e7fbbd/0/AS834.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.171.246.0/24
188.119.69.0/24
193.32.207.0/24
193.187.111.0/24
194.93.50.0/23
212.115.102.0/24
Signature Algorithm: sha256WithRSAEncryption
24:1a:95:5e:84:20:11:fd:f9:34:7d:12:ed:5b:47:2b:9f:41:
48:ec:ff:4d:c7:16:2a:0a:a9:4c:f9:60:80:85:db:64:4d:10:
70:0b:f6:ac:c9:15:cf:0f:ea:61:17:60:65:c2:06:fc:fe:21:
43:99:90:29:2a:06:2b:b0:b9:c0:53:67:52:a0:0e:da:75:d7:
00:18:85:f2:04:07:e7:f5:46:bf:49:df:e3:f0:9f:9c:e8:e4:
c5:6c:a2:00:3b:26:0f:2f:64:3f:56:c7:45:d7:d5:bb:e0:cd:
f0:f2:19:1e:2e:87:71:b9:06:c2:d8:30:1a:fe:33:67:93:05:
46:26:c1:f1:61:6f:37:a5:ec:5b:84:cf:3d:a7:ba:ea:41:22:
15:e9:39:d7:a1:04:3b:be:b3:a0:1e:75:4f:71:e0:9b:93:ec:
52:15:1d:9d:9f:43:34:50:3d:15:f8:79:80:05:22:ad:93:f9:
e1:00:46:c0:9e:70:1c:83:76:e8:24:7e:41:52:ab:11:53:a9:
52:0e:62:57:d3:02:8f:07:18:a3:b0:d3:0b:b0:62:21:b7:d3:
6d:79:d1:df:ce:93:dc:50:b3:7a:af:3e:03:2b:00:91:53:57:
c1:6e:b6:a7:79:ab:b4:61:df:7e:82:ad:ab:aa:c9:e9:d9:c7:
14:69:ad:a9
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgIUAuNZnIl4R4C3WaG/gHfDjrGgTg0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWRmYmZmMjE3MTA1ZGY4ODc3ZDQ2M2Y2ZTliYWMyOGE0
MDg0ZDIwYzAeFw0yNjA1MTIxMTQxNTZaFw0yNzA1MTExMTQ2NTZaMDMxMTAvBgNV
BAMTKDY1Q0QwNzFBRENEODcyMjJFMzU1Q0NGRTY1OEFCRDA2NTAzNDU2RDIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCzjPXwZS61Q+WIBtV6WUEcC97N
cbYGRFSCVFu98SX5LmFDGy09YNXQhl4LIrKv+VFJr4zJaub3GqePNZuMHBT6Rs02
vk4hWY6sJZq61ysGt09dcbRR1j6Kx3R9Upt9q4OmDd2rBqvJSQSw2ekrC07z/bD/
hFpFVW+3EcKn33Zxj0+18dgdp6sopcjsOEfDfKkLoujrEKSZDGLntQpTwtK9zNA2
afkwzYFcZ+KM69q/y9Hus4ivEwOlbPhHlwauIsAUPVhro4Cp803z+2j85fuuHR4m
JYGFbVoSs8J3iaVNpNfark7Yso1/TO/GSSOPKhqpfxTnhTrl/ZnGz9XeaBmzAgMB
AAGjggIlMIICITAdBgNVHQ4EFgQUZc0HGtzYciLjVcz+ZYq9BlA0VtIwHwYDVR0j
BBgwFoAUnfv/IXEF34h31GP26brCikCE0gwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTViNGQ5ZTgtNDExMS00Mzk0LWEzYTYtYmQ4MjUxZTdm
YmJkLzAvOURGQkZGMjE3MTA1REY4ODc3RDQ2M0Y2RTlCQUMyOEE0MDg0RDIwQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL25mdl9JWEVGMzRoMzFHUDI2YnJDaWtD
RTBndy5jZXIweAYIKwYBBQUHAQsEbDBqMGgGCCsGAQUFBzALhlxyc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzU1YjRkOWU4LTQxMTEt
NDM5NC1hM2E2LWJkODI1MWU3ZmJiZC8wL0FTODM0LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAU6v2AwQA
vHdFAwQAwSDPAwQAwbtvAwQBwl0yAwQA1HNmMA0GCSqGSIb3DQEBCwUAA4IBAQAk
GpVehCAR/fk0fRLtW0crn0FI7P9NxxYqCqlM+WCAhdtkTRBwC/asyRXPD+phF2Bl
wgb8/iFDmZApKgYrsLnAU2dSoA7addcAGIXyBAfn9Ua/Sd/j8J+c6OTFbKIAOyYP
L2Q/VsdF19W74M3w8hkeLodxuQbC2DAa/jNnkwVGJsHxYW83pexbhM89p7rqQSIV
6TnXoQQ7vrOgHnVPceCbk+xSFR2dn0M0UD0V+HmABSKtk/nhAEbAnnAcg3boJH5B
UqsRU6lSDmJX0wKPBxijsNMLsGIht9NtedHfzpPcULN6rz4DKwCRU1fBbraneau0
Yd9+gq2rqsnp2ccUaa2p
-----END CERTIFICATE-----
Generated at Tue May 12 22:29:17 2026 by rpki-client