Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS834.roa
File: AS834.roa (raw, json)
Hash identifier: tukYFjoGczY0Z8bdk+a4ZFD9P9ppfO91H/ue7srVIAU=
Subject key identifier: 7F:FC:4C:67:7B:99:51:DE:E4:12:E6:05:83:A7:5D:FC:E6:98:54:DE
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 330E598EBE17554391C8BF340A6EDA3A7F1CB40F
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS834.roa
Signing time: Fri 27 Jun 2025 17:43:17 +0000
ROA not before: Fri 27 Jun 2025 17:38:17 +0000
ROA not after: Fri 26 Jun 2026 17:43:17 +0000
asID: 834
IP address blocks: 82.23.135.0/24 maxlen: 24
82.23.246.0/24 maxlen: 24
82.23.251.0/24 maxlen: 24
82.25.35.0/24 maxlen: 24
82.25.36.0/24 maxlen: 24
82.25.41.0/24 maxlen: 24
82.25.135.0/24 maxlen: 24
82.25.161.0/24 maxlen: 24
82.26.65.0/24 maxlen: 24
82.26.156.0/24 maxlen: 24
82.26.171.0/24 maxlen: 24
82.29.41.0/24 maxlen: 24
82.29.43.0/24 maxlen: 24
82.29.44.0/24 maxlen: 24
82.29.48.0/24 maxlen: 24
82.29.50.0/24 maxlen: 24
82.29.74.0/24 maxlen: 24
82.29.88.0/24 maxlen: 24
82.29.103.0/24 maxlen: 24
82.29.107.0/24 maxlen: 24
82.29.109.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 11:27:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
33:0e:59:8e:be:17:55:43:91:c8:bf:34:0a:6e:da:3a:7f:1c:b4:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Jun 27 17:38:17 2025 GMT
Not After : Jun 26 17:43:17 2026 GMT
Subject: CN=7FFC4C677B9951DEE412E60583A75DFCE69854DE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:25:ef:4c:27:19:05:72:7d:7d:66:16:c8:85:
8c:66:fb:0e:f9:7f:2f:57:00:bf:b6:71:a1:ce:10:
a7:a6:1f:f1:27:2f:33:f7:bf:e9:26:a0:d6:89:af:
8a:20:9f:25:64:f8:29:ee:9b:1a:88:76:bb:d5:67:
f4:27:b9:9a:f8:88:11:d1:e5:39:cc:e0:c8:6f:e2:
80:55:52:85:da:2b:85:f2:5b:f0:eb:95:21:b0:9b:
71:45:0a:c1:a4:77:78:dd:0a:f3:f0:dd:bc:90:08:
f9:2c:c0:58:03:f9:02:b1:94:50:7a:42:53:9e:c1:
b4:ef:28:03:2f:17:57:c4:70:7d:25:11:36:f6:de:
48:c0:48:c7:8d:0a:4c:e1:34:8f:ba:61:40:9a:f8:
1d:04:d2:32:c8:19:2a:b7:08:65:14:7a:c9:7a:46:
04:78:84:93:60:dd:3c:30:c6:71:6c:df:f8:a2:e1:
67:62:57:a6:4b:f6:85:b0:1f:8b:8a:2b:24:46:e4:
f5:fa:34:1b:75:a0:20:c3:16:58:1e:c0:76:23:9d:
5f:b5:10:c1:8a:7a:b2:54:6d:37:c0:ff:bc:d5:a9:
b6:1a:60:e6:be:a1:ee:8e:6d:65:d3:23:b8:da:61:
47:5d:78:e0:42:7f:9f:31:56:8a:c7:69:0f:37:45:
50:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:FC:4C:67:7B:99:51:DE:E4:12:E6:05:83:A7:5D:FC:E6:98:54:DE
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS834.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.23.135.0/24
82.23.246.0/24
82.23.251.0/24
82.25.35.0-82.25.36.255
82.25.41.0/24
82.25.135.0/24
82.25.161.0/24
82.26.65.0/24
82.26.156.0/24
82.26.171.0/24
82.29.41.0/24
82.29.43.0-82.29.44.255
82.29.48.0/24
82.29.50.0/24
82.29.74.0/24
82.29.88.0/24
82.29.103.0/24
82.29.107.0/24
82.29.109.0/24
Signature Algorithm: sha256WithRSAEncryption
82:0c:df:a8:ee:67:a2:fa:bf:5a:5c:ea:0f:16:fa:61:d9:4c:
c8:23:ab:ac:67:ef:88:d6:81:df:2f:07:23:8d:92:11:71:1f:
ea:54:31:4b:f8:a3:b6:d1:36:2e:c2:a5:f1:7d:49:13:ef:d1:
2e:21:d7:65:65:ee:b3:f2:22:1f:60:01:3f:5b:df:8e:b3:ab:
f0:71:99:07:3f:87:e8:94:e3:45:f4:26:46:4c:fd:2d:7e:4d:
8e:db:6d:9a:80:38:c3:13:ce:d4:29:20:3c:28:89:6c:0d:f8:
6d:13:ed:40:11:49:0c:32:c8:07:a0:c7:16:ba:4d:bf:76:6d:
32:6f:98:c5:e7:4a:c3:b1:c8:94:f9:8d:08:67:09:fb:0e:df:
ad:5f:87:26:b6:6d:0a:2d:93:98:f5:d3:44:93:78:8e:2f:3d:
86:5b:73:0d:44:57:e5:cb:dc:7c:68:db:a6:b5:ad:dd:8d:ac:
a5:74:d3:2a:7c:93:91:ce:ef:f6:51:13:1d:f2:ca:a8:a2:c3:
f4:50:17:4b:6c:01:61:0b:e3:3b:11:8a:ea:25:b2:78:5e:cf:
2b:e0:5b:f3:a7:62:64:57:5a:a1:40:26:31:36:a3:8c:df:49:
1d:22:e3:f8:5a:dc:4f:2e:2a:a7:8f:d1:a4:8e:9d:ef:2e:89:
48:46:07:83
-----BEGIN CERTIFICATE-----
MIIFfjCCBGagAwIBAgIUMw5Zjr4XVUORyL80Cm7aOn8ctA8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTA2MjcxNzM4MTdaFw0yNjA2MjYxNzQzMTdaMDMxMTAvBgNV
BAMTKDdGRkM0QzY3N0I5OTUxREVFNDEyRTYwNTgzQTc1REZDRTY5ODU0REUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCqJe9MJxkFcn19ZhbIhYxm+w75
fy9XAL+2caHOEKemH/EnLzP3v+kmoNaJr4ognyVk+CnumxqIdrvVZ/QnuZr4iBHR
5TnM4Mhv4oBVUoXaK4XyW/DrlSGwm3FFCsGkd3jdCvPw3byQCPkswFgD+QKxlFB6
QlOewbTvKAMvF1fEcH0lETb23kjASMeNCkzhNI+6YUCa+B0E0jLIGSq3CGUUesl6
RgR4hJNg3TwwxnFs3/ii4WdiV6ZL9oWwH4uKKyRG5PX6NBt1oCDDFlgewHYjnV+1
EMGKerJUbTfA/7zVqbYaYOa+oe6ObWXTI7jaYUddeOBCf58xVorHaQ83RVCrAgMB
AAGjggKIMIIChDAdBgNVHQ4EFgQUf/xMZ3uZUd7kEuYFg6dd/OaYVN4wHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIweAYIKwYBBQUHAQsEbDBqMGgGCCsGAQUFBzALhlxyc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTODM0LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGfBggrBgEFBQcBBwEB/wSBjzCBjDCBiQQCAAEwgYIDBABS
F4cDBABSF/YDBABSF/swDAMEAFIZIwMEAFIZJAMEAFIZKQMEAFIZhwMEAFIZoQME
AFIaQQMEAFIanAMEAFIaqwMEAFIdKTAMAwQAUh0rAwQAUh0sAwQAUh0wAwQAUh0y
AwQAUh1KAwQAUh1YAwQAUh1nAwQAUh1rAwQAUh1tMA0GCSqGSIb3DQEBCwUAA4IB
AQCCDN+o7mei+r9aXOoPFvph2UzII6usZ++I1oHfLwcjjZIRcR/qVDFL+KO20TYu
wqXxfUkT79EuIddlZe6z8iIfYAE/W9+Os6vwcZkHP4folONF9CZGTP0tfk2O222a
gDjDE87UKSA8KIlsDfhtE+1AEUkMMsgHoMcWuk2/dm0yb5jF50rDsciU+Y0IZwn7
Dt+tX4cmtm0KLZOY9dNEk3iOLz2GW3MNRFfly9x8aNumta3djayldNMqfJORzu/2
URMd8sqoosP0UBdLbAFhC+M7EYrqJbJ4Xs8r4Fvzp2JkV1qhQCYxNqOM30kdIuP4
WtxPLiqnj9Gkjp3vLolIRgeD
-----END CERTIFICATE-----
Generated at Sat Jun 28 23:48:58 2025 by rpki-client