Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS834.roa
File: AS834.roa (raw, json)
Hash identifier: X+t3h0D7BIv/tcOxR2UNvobmwvdBVIsHzZ3lh/H5XOU=
Subject key identifier: CD:DD:92:80:03:D4:BD:94:3C:9E:84:03:75:14:76:0B:E4:3C:69:B2
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 780726C4284F8E1B8A1157E14F275D39054FD7A9
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS834.roa
Signing time: Sun 19 Oct 2025 00:00:45 +0000
ROA not before: Sat 18 Oct 2025 23:55:45 +0000
ROA not after: Sun 18 Oct 2026 00:00:45 +0000
asID: 834
IP address blocks: 82.22.7.0/24 maxlen: 24
82.22.8.0/22 maxlen: 24
82.22.14.0/23 maxlen: 24
82.22.16.0/23 maxlen: 24
82.22.18.0/24 maxlen: 24
82.22.21.0/24 maxlen: 24
82.22.23.0/24 maxlen: 24
82.22.25.0/24 maxlen: 24
82.22.27.0/24 maxlen: 24
82.22.28.0/22 maxlen: 24
82.22.32.0/24 maxlen: 24
82.22.34.0/23 maxlen: 24
82.22.36.0/24 maxlen: 24
82.22.38.0/23 maxlen: 24
82.22.40.0/23 maxlen: 24
82.22.47.0/24 maxlen: 24
82.22.50.0/24 maxlen: 24
82.22.53.0/24 maxlen: 24
82.22.57.0/24 maxlen: 24
82.22.61.0/24 maxlen: 24
82.22.63.0/24 maxlen: 24
82.26.65.0/24 maxlen: 24
82.26.196.0/24 maxlen: 24
82.29.6.0/24 maxlen: 24
82.29.109.0/24 maxlen: 24
82.29.125.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 01:50:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
78:07:26:c4:28:4f:8e:1b:8a:11:57:e1:4f:27:5d:39:05:4f:d7:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Oct 18 23:55:45 2025 GMT
Not After : Oct 18 00:00:45 2026 GMT
Subject: CN=CDDD928003D4BD943C9E84037514760BE43C69B2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:0d:a9:b4:19:34:98:ac:a1:f6:f0:81:cd:50:
3b:88:5f:04:12:bc:5d:b3:6f:28:ec:76:b5:a3:1b:
c2:db:6a:01:06:ff:a9:7e:a4:b7:21:6f:d3:c2:2c:
c9:42:aa:34:3a:c8:70:ae:07:d5:d8:cf:05:d9:24:
e2:db:24:3f:a8:e4:30:fc:70:3f:f8:69:c5:1d:4d:
4f:80:4a:eb:ed:ec:ed:d5:38:ec:25:8a:d9:a2:cb:
47:69:2f:c2:e7:be:05:a4:06:b0:6e:79:82:35:9c:
6d:57:97:f7:09:40:2c:be:28:63:55:98:39:2b:9a:
b5:71:04:8a:5b:a5:10:e7:2b:76:4b:e3:2b:c9:30:
2e:b8:05:35:e1:ed:28:f9:96:53:fc:d8:12:03:f9:
9c:21:a7:12:39:ab:96:c7:32:56:39:26:c3:91:88:
f2:24:59:81:9b:bf:a7:f5:96:d0:80:17:3c:e0:15:
12:16:dd:d5:2f:0d:f4:7a:01:18:db:38:0f:29:72:
d1:eb:06:2c:09:7d:36:54:00:f7:3a:58:3f:cd:d0:
97:55:e5:fa:90:11:b0:d7:f6:35:a0:4e:ca:5c:f4:
51:6f:38:65:79:7c:74:60:57:eb:2c:f1:84:a6:e3:
70:f3:0c:6b:fc:8e:90:8e:a7:93:81:e3:c0:25:5f:
c8:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:DD:92:80:03:D4:BD:94:3C:9E:84:03:75:14:76:0B:E4:3C:69:B2
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS834.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.22.7.0-82.22.11.255
82.22.14.0-82.22.18.255
82.22.21.0/24
82.22.23.0/24
82.22.25.0/24
82.22.27.0-82.22.32.255
82.22.34.0-82.22.36.255
82.22.38.0-82.22.41.255
82.22.47.0/24
82.22.50.0/24
82.22.53.0/24
82.22.57.0/24
82.22.61.0/24
82.22.63.0/24
82.26.65.0/24
82.26.196.0/24
82.29.6.0/24
82.29.109.0/24
82.29.125.0/24
Signature Algorithm: sha256WithRSAEncryption
0c:04:7e:bf:28:b1:6e:1b:20:cc:8e:92:05:1c:77:48:bd:54:
0b:19:53:e3:3b:7c:d2:94:19:6c:88:1d:40:f6:b1:9c:fb:da:
09:46:96:ea:d9:6f:79:cf:eb:4f:18:cf:1a:f5:58:1c:5f:48:
b7:eb:fd:fd:f1:94:4b:eb:19:66:25:93:41:df:f4:07:dd:95:
fa:55:06:34:2e:bf:c7:ec:a3:c7:a9:17:b3:b2:4a:4e:bc:74:
12:66:48:fd:2b:ed:0d:cf:85:1b:04:37:ba:3a:e3:ce:0f:cc:
0b:e6:e1:73:da:9b:08:27:02:39:28:e1:d3:73:72:f5:ea:a3:
10:0c:f3:36:bd:cc:d9:b5:d2:5a:f5:63:56:60:28:9b:44:c7:
b4:b8:40:1d:5d:13:f2:ec:9c:f0:44:d0:6d:51:90:e6:c7:91:
cf:48:3b:df:5d:d1:26:ce:f2:6e:62:5a:d1:25:d3:2e:df:6f:
b8:65:f7:8f:22:07:f6:25:39:34:cc:59:6a:3c:83:fb:b8:fc:
38:a2:b3:08:5a:6a:7d:1e:67:b2:24:cc:77:2d:67:8d:e2:ac:
b5:8b:a0:68:e8:b6:b9:b4:28:07:24:87:51:50:84:3a:d6:17:
5b:73:8f:90:fb:04:cf:c1:3f:62:67:c1:d5:02:17:42:b1:4b:
96:03:bd:48
-----BEGIN CERTIFICATE-----
MIIFljCCBH6gAwIBAgIUeAcmxChPjhuKEVfhTyddOQVP16kwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTEwMTgyMzU1NDVaFw0yNjEwMTgwMDAwNDVaMDMxMTAvBgNV
BAMTKENEREQ5MjgwMDNENEJEOTQzQzlFODQwMzc1MTQ3NjBCRTQzQzY5QjIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDWDam0GTSYrKH28IHNUDuIXwQS
vF2zbyjsdrWjG8LbagEG/6l+pLchb9PCLMlCqjQ6yHCuB9XYzwXZJOLbJD+o5DD8
cD/4acUdTU+ASuvt7O3VOOwlitmiy0dpL8LnvgWkBrBueYI1nG1Xl/cJQCy+KGNV
mDkrmrVxBIpbpRDnK3ZL4yvJMC64BTXh7Sj5llP82BID+ZwhpxI5q5bHMlY5JsOR
iPIkWYGbv6f1ltCAFzzgFRIW3dUvDfR6ARjbOA8pctHrBiwJfTZUAPc6WD/N0JdV
5fqQEbDX9jWgTspc9FFvOGV5fHRgV+ss8YSm43DzDGv8jpCOp5OB48AlX8irAgMB
AAGjggKgMIICnDAdBgNVHQ4EFgQUzd2SgAPUvZQ8noQDdRR2C+Q8abIwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIweAYIKwYBBQUHAQsEbDBqMGgGCCsGAQUFBzALhlxyc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTODM0LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG3BggrBgEFBQcBBwEB/wSBpzCBpDCBoQQCAAEwgZowDAME
AFIWBwMEAlIWCDAMAwQBUhYOAwQAUhYSAwQAUhYVAwQAUhYXAwQAUhYZMAwDBABS
FhsDBABSFiAwDAMEAVIWIgMEAFIWJDAMAwQBUhYmAwQBUhYoAwQAUhYvAwQAUhYy
AwQAUhY1AwQAUhY5AwQAUhY9AwQAUhY/AwQAUhpBAwQAUhrEAwQAUh0GAwQAUh1t
AwQAUh19MA0GCSqGSIb3DQEBCwUAA4IBAQAMBH6/KLFuGyDMjpIFHHdIvVQLGVPj
O3zSlBlsiB1A9rGc+9oJRpbq2W95z+tPGM8a9VgcX0i36/398ZRL6xlmJZNB3/QH
3ZX6VQY0Lr/H7KPHqRezskpOvHQSZkj9K+0Nz4UbBDe6OuPOD8wL5uFz2psIJwI5
KOHTc3L16qMQDPM2vczZtdJa9WNWYCibRMe0uEAdXRPy7JzwRNBtUZDmx5HPSDvf
XdEmzvJuYlrRJdMu32+4ZfePIgf2JTk0zFlqPIP7uPw4orMIWmp9HmeyJMx3LWeN
4qy1i6Bo6La5tCgHJIdRUIQ61hdbc4+Q+wTPwT9iZ8HVAhdCsUuWA71I
-----END CERTIFICATE-----
Generated at Sun Oct 19 14:43:35 2025 by rpki-client