Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/55b4d9e8-4111-4394-a3a6-bd8251e7fbbd/0/AS834.roa
File: AS834.roa (raw, json)
Hash identifier: DtdDdaSNw05AD/910+z7TY4zxaoVxggYt6cKXpFH9lY=
Subject key identifier: 80:50:A4:70:4C:06:62:70:34:8E:7D:10:85:3F:60:9E:3B:59:1E:25
Certificate issuer: /CN=9dfbff217105df8877d463f6e9bac28a4084d20c
Certificate serial: 5B2A1649FFFD76057D9EDE60AE668B518394C46C
Authority key identifier: 9D:FB:FF:21:71:05:DF:88:77:D4:63:F6:E9:BA:C2:8A:40:84:D2:0C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nfv_IXEF34h31GP26brCikCE0gw.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/55b4d9e8-4111-4394-a3a6-bd8251e7fbbd/0/AS834.roa
Signing time: Mon 23 Mar 2026 14:37:05 +0000
ROA not before: Mon 23 Mar 2026 14:32:05 +0000
ROA not after: Mon 22 Mar 2027 14:37:05 +0000
asID: 834
IP address blocks: 83.171.244.0/23 maxlen: 24
83.171.246.0/24 maxlen: 24
188.119.69.0/24 maxlen: 24
193.32.205.0/24 maxlen: 24
193.32.207.0/24 maxlen: 24
193.187.111.0/24 maxlen: 24
193.187.134.0/24 maxlen: 24
194.93.50.0/23 maxlen: 24
212.115.102.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/55b4d9e8-4111-4394-a3a6-bd8251e7fbbd/0/9DFBFF217105DF8877D463F6E9BAC28A4084D20C.crl
rsync://rsync.paas.rpki.ripe.net/repository/55b4d9e8-4111-4394-a3a6-bd8251e7fbbd/0/9DFBFF217105DF8877D463F6E9BAC28A4084D20C.mft
rsync://rpki.ripe.net/repository/DEFAULT/nfv_IXEF34h31GP26brCikCE0gw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5b:2a:16:49:ff:fd:76:05:7d:9e:de:60:ae:66:8b:51:83:94:c4:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9dfbff217105df8877d463f6e9bac28a4084d20c
Validity
Not Before: Mar 23 14:32:05 2026 GMT
Not After : Mar 22 14:37:05 2027 GMT
Subject: CN=8050A4704C066270348E7D10853F609E3B591E25
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:e0:28:f5:f9:06:cb:7e:2f:f6:f8:54:ab:16:
ad:9a:e6:c7:53:0d:57:55:9b:d3:e1:5c:c1:17:82:
17:85:35:9c:cc:e0:10:86:f2:3d:20:f3:78:e5:60:
aa:1f:fb:76:39:b3:4e:65:22:ac:df:ee:9e:6f:46:
5b:4a:d6:f4:47:e8:06:1d:b0:ee:6d:f4:a7:e9:63:
7f:0f:47:d6:64:1c:d8:0d:f5:91:2c:a9:45:8a:6e:
3f:31:ec:41:35:3d:df:f2:66:74:8c:ec:05:24:3d:
5c:dc:a6:43:c8:3a:a4:a5:0c:32:a5:5d:7c:29:1d:
db:4e:e9:28:ed:1f:c8:0b:39:41:59:fd:77:4a:02:
91:04:d1:46:24:b1:45:a6:4e:9e:b3:8e:d7:da:e4:
da:c9:03:7c:99:7a:f4:03:4f:d9:51:0e:cf:aa:44:
aa:68:17:e4:23:91:54:49:d4:8d:6b:89:ec:a5:38:
0e:56:b1:6e:04:88:70:18:ac:5b:b6:44:4b:40:54:
f8:16:db:23:34:ec:cf:cb:7a:02:2e:65:99:40:1e:
2c:7f:27:95:75:5b:b6:73:5f:73:ef:fc:b5:b3:e8:
f2:96:aa:b7:23:f7:60:b1:38:20:d1:fb:d2:91:a8:
5e:10:83:26:7f:39:84:60:d8:a1:6d:b6:f0:0f:1d:
8f:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:50:A4:70:4C:06:62:70:34:8E:7D:10:85:3F:60:9E:3B:59:1E:25
X509v3 Authority Key Identifier:
keyid:9D:FB:FF:21:71:05:DF:88:77:D4:63:F6:E9:BA:C2:8A:40:84:D2:0C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/55b4d9e8-4111-4394-a3a6-bd8251e7fbbd/0/9DFBFF217105DF8877D463F6E9BAC28A4084D20C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nfv_IXEF34h31GP26brCikCE0gw.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/55b4d9e8-4111-4394-a3a6-bd8251e7fbbd/0/AS834.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.171.244.0-83.171.246.255
188.119.69.0/24
193.32.205.0/24
193.32.207.0/24
193.187.111.0/24
193.187.134.0/24
194.93.50.0/23
212.115.102.0/24
Signature Algorithm: sha256WithRSAEncryption
90:d1:cf:5c:3f:60:8d:2b:49:37:51:dd:1a:cf:eb:db:59:6a:
02:3e:05:48:d6:52:1f:85:9a:3a:91:b0:20:a1:97:b5:56:3e:
be:5c:8b:a1:d3:84:f0:8f:9f:93:80:2e:7f:c6:2f:01:36:14:
d3:6a:19:3d:75:20:b2:c6:ca:50:ba:db:52:30:60:44:41:c7:
db:e8:94:59:89:30:2b:f3:a5:f3:90:4c:44:09:35:76:a6:70:
d0:db:4e:4b:89:26:1a:fe:a6:8f:00:7a:78:ce:48:db:91:8a:
e6:2b:37:bb:7a:46:a3:74:75:bb:db:4d:78:7a:e7:0f:20:d0:
64:9b:8e:67:5b:2d:2e:3f:b1:3a:2c:1f:ba:bc:84:4b:36:27:
03:54:9f:d6:c7:99:5e:40:ad:8f:f8:a4:11:a0:6c:69:96:41:
a3:99:b2:34:f5:31:44:53:59:8f:ca:e5:69:f0:41:05:97:a8:
78:af:01:ea:80:dc:22:7f:fc:70:ef:a4:c0:67:a1:b1:66:54:
07:2a:bd:17:70:28:4d:16:1e:16:fc:2e:01:1a:90:45:29:17:
e5:71:eb:d3:8b:e5:2b:56:93:11:e2:7d:11:cf:47:35:c3:7a:
e6:82:4e:b2:f7:e5:70:41:ad:66:2b:2f:da:71:e2:8f:99:6d:
ba:cf:88:17
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIUWyoWSf/9dgV9nt5grmaLUYOUxGwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWRmYmZmMjE3MTA1ZGY4ODc3ZDQ2M2Y2ZTliYWMyOGE0
MDg0ZDIwYzAeFw0yNjAzMjMxNDMyMDVaFw0yNzAzMjIxNDM3MDVaMDMxMTAvBgNV
BAMTKDgwNTBBNDcwNEMwNjYyNzAzNDhFN0QxMDg1M0Y2MDlFM0I1OTFFMjUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCu4Cj1+QbLfi/2+FSrFq2a5sdT
DVdVm9PhXMEXgheFNZzM4BCG8j0g83jlYKof+3Y5s05lIqzf7p5vRltK1vRH6AYd
sO5t9KfpY38PR9ZkHNgN9ZEsqUWKbj8x7EE1Pd/yZnSM7AUkPVzcpkPIOqSlDDKl
XXwpHdtO6SjtH8gLOUFZ/XdKApEE0UYksUWmTp6zjtfa5NrJA3yZevQDT9lRDs+q
RKpoF+QjkVRJ1I1rieylOA5WsW4EiHAYrFu2REtAVPgW2yM07M/LegIuZZlAHix/
J5V1W7ZzX3Pv/LWz6PKWqrcj92CxOCDR+9KRqF4QgyZ/OYRg2KFttvAPHY9HAgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQUgFCkcEwGYnA0jn0QhT9gnjtZHiUwHwYDVR0j
BBgwFoAUnfv/IXEF34h31GP26brCikCE0gwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTViNGQ5ZTgtNDExMS00Mzk0LWEzYTYtYmQ4MjUxZTdm
YmJkLzAvOURGQkZGMjE3MTA1REY4ODc3RDQ2M0Y2RTlCQUMyOEE0MDg0RDIwQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL25mdl9JWEVGMzRoMzFHUDI2YnJDaWtD
RTBndy5jZXIweAYIKwYBBQUHAQsEbDBqMGgGCCsGAQUFBzALhlxyc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzU1YjRkOWU4LTQxMTEt
NDM5NC1hM2E2LWJkODI1MWU3ZmJiZC8wL0FTODM0LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAATA4MAwDBAJTq/QD
BABTq/YDBAC8d0UDBADBIM0DBADBIM8DBADBu28DBADBu4YDBAHCXTIDBADUc2Yw
DQYJKoZIhvcNAQELBQADggEBAJDRz1w/YI0rSTdR3RrP69tZagI+BUjWUh+FmjqR
sCChl7VWPr5ci6HThPCPn5OALn/GLwE2FNNqGT11ILLGylC621IwYERBx9volFmJ
MCvzpfOQTEQJNXamcNDbTkuJJhr+po8AenjOSNuRiuYrN7t6RqN0dbvbTXh65w8g
0GSbjmdbLS4/sTosH7q8hEs2JwNUn9bHmV5ArY/4pBGgbGmWQaOZsjT1MURTWY/K
5WnwQQWXqHivAeqA3CJ//HDvpMBnobFmVAcqvRdwKE0WHhb8LgEakEUpF+Vx69OL
5StWkxHifRHPRzXDeuaCTrL35XBBrWYrL9px4o+ZbbrPiBc=
-----END CERTIFICATE-----
Generated at Thu Mar 26 09:19:49 2026 by rpki-client