Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS834.roa
File: AS834.roa (raw, json)
Hash identifier: fefkhXWjYoFEsWHZa8ygoVoR5okTD2PJlUL0OYeo72A=
Subject key identifier: 69:BA:3E:97:BB:E8:38:10:04:01:50:98:62:C2:B1:6A:DE:D7:DE:24
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 7AA7DE82BD22E82ED26C2DDD106101E3439A39EB
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS834.roa
Signing time: Mon 05 May 2025 13:32:33 +0000
ROA not before: Mon 05 May 2025 13:27:33 +0000
ROA not after: Mon 04 May 2026 13:32:33 +0000
asID: 834
IP address blocks: 82.21.0.0/24 maxlen: 24
82.21.2.0/24 maxlen: 24
82.21.7.0/24 maxlen: 24
82.21.41.0/24 maxlen: 24
82.21.75.0/24 maxlen: 24
82.21.138.0/24 maxlen: 24
82.21.149.0/24 maxlen: 24
82.21.156.0/24 maxlen: 24
82.21.187.0/24 maxlen: 24
82.21.206.0/24 maxlen: 24
82.21.234.0/24 maxlen: 24
82.21.240.0/24 maxlen: 24
82.22.78.0/24 maxlen: 24
82.22.190.0/24 maxlen: 24
82.22.233.0/24 maxlen: 24
82.23.145.0/24 maxlen: 24
82.23.146.0/24 maxlen: 24
82.23.148.0/24 maxlen: 24
82.23.216.0/24 maxlen: 24
82.23.228.0/24 maxlen: 24
82.23.246.0/24 maxlen: 24
82.23.248.0/21 maxlen: 24
82.24.57.0/24 maxlen: 24
82.24.81.0/24 maxlen: 24
82.24.83.0/24 maxlen: 24
82.24.126.0/24 maxlen: 24
82.24.144.0/23 maxlen: 24
82.24.219.0/24 maxlen: 24
82.24.230.0/24 maxlen: 24
82.24.233.0/24 maxlen: 24
82.25.21.0/24 maxlen: 24
82.25.52.0/22 maxlen: 24
82.25.161.0/24 maxlen: 24
82.25.227.0/24 maxlen: 24
82.26.65.0/24 maxlen: 24
82.26.116.0/24 maxlen: 24
82.26.150.0/23 maxlen: 24
82.26.152.0/24 maxlen: 24
82.26.169.0/24 maxlen: 24
82.26.174.0/24 maxlen: 24
82.26.193.0/24 maxlen: 24
82.26.196.0/24 maxlen: 24
82.27.98.0/24 maxlen: 24
82.27.106.0/24 maxlen: 24
82.27.116.0/23 maxlen: 24
82.27.205.0/24 maxlen: 24
82.27.226.0/24 maxlen: 24
82.29.1.0/24 maxlen: 24
82.29.40.0/23 maxlen: 24
82.29.148.0/24 maxlen: 24
82.29.238.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 07 May 2025 04:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7a:a7:de:82:bd:22:e8:2e:d2:6c:2d:dd:10:61:01:e3:43:9a:39:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: May 5 13:27:33 2025 GMT
Not After : May 4 13:32:33 2026 GMT
Subject: CN=69BA3E97BBE838100401509862C2B16ADED7DE24
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:a4:62:c5:7a:94:6c:ff:77:2a:26:20:d5:7d:
b9:18:da:e2:95:07:8d:71:69:3b:2c:03:b8:b8:d9:
08:b5:66:18:da:f7:92:fa:78:5a:98:ae:b1:a9:da:
0c:95:1c:b3:23:e3:8c:9b:91:fa:ac:c6:fd:56:17:
13:2a:f8:22:c3:4a:8d:8a:7b:37:2f:65:23:88:20:
15:96:32:38:7d:99:1f:ae:30:68:2a:0e:bb:9f:1e:
9e:c6:3e:53:6e:4b:58:fe:14:6e:14:82:c4:af:7f:
a7:1f:86:51:6a:f2:38:6b:03:c2:44:59:bc:6d:61:
91:b9:ee:09:e2:77:28:f3:59:b2:df:71:59:7a:9d:
c2:9c:75:f4:7f:47:79:7c:dd:36:f2:d4:35:ea:fe:
87:68:e3:09:eb:e9:5b:6a:9e:ab:9d:75:93:ff:c0:
9b:0b:64:0e:06:89:89:9b:ef:40:01:f0:24:55:1d:
4d:95:fe:b4:6e:36:1f:68:be:68:70:95:e4:7a:6f:
f6:9c:9d:d7:39:f7:f8:b6:ba:89:4e:d7:39:29:c9:
1b:d5:fe:83:84:93:f9:0c:26:85:ca:86:cd:7b:df:
c2:b3:25:77:cb:18:81:08:c2:b2:06:18:91:f8:42:
6a:b7:05:96:16:da:07:72:f3:10:08:eb:de:27:2f:
24:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:BA:3E:97:BB:E8:38:10:04:01:50:98:62:C2:B1:6A:DE:D7:DE:24
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS834.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.0.0/24
82.21.2.0/24
82.21.7.0/24
82.21.41.0/24
82.21.75.0/24
82.21.138.0/24
82.21.149.0/24
82.21.156.0/24
82.21.187.0/24
82.21.206.0/24
82.21.234.0/24
82.21.240.0/24
82.22.78.0/24
82.22.190.0/24
82.22.233.0/24
82.23.145.0-82.23.146.255
82.23.148.0/24
82.23.216.0/24
82.23.228.0/24
82.23.246.0/24
82.23.248.0/21
82.24.57.0/24
82.24.81.0/24
82.24.83.0/24
82.24.126.0/24
82.24.144.0/23
82.24.219.0/24
82.24.230.0/24
82.24.233.0/24
82.25.21.0/24
82.25.52.0/22
82.25.161.0/24
82.25.227.0/24
82.26.65.0/24
82.26.116.0/24
82.26.150.0-82.26.152.255
82.26.169.0/24
82.26.174.0/24
82.26.193.0/24
82.26.196.0/24
82.27.98.0/24
82.27.106.0/24
82.27.116.0/23
82.27.205.0/24
82.27.226.0/24
82.29.1.0/24
82.29.40.0/23
82.29.148.0/24
82.29.238.0/23
Signature Algorithm: sha256WithRSAEncryption
9b:4e:c7:38:98:ac:b0:8b:97:f2:c5:95:b6:65:18:4f:5a:7e:
d8:bd:84:a1:f1:40:dd:5a:71:f3:a4:7e:ad:9e:d3:2d:72:8d:
36:fe:be:78:6b:e5:57:10:c7:d6:41:ac:ec:ee:eb:fd:22:67:
35:ba:65:c6:11:38:e9:93:05:2b:69:30:dc:e6:16:ee:d2:a2:
a3:c4:b0:2d:09:c1:40:3f:61:c4:6b:c6:89:c0:c0:7a:c2:7b:
40:34:b1:55:a4:92:ea:c8:a0:41:93:bb:ff:0e:78:4e:e0:5a:
ac:bd:4c:1f:17:a6:00:32:30:f7:76:ba:e6:36:36:56:a2:81:
ce:52:c7:b4:92:f1:18:1b:ca:5d:83:a6:99:44:e7:18:32:54:
56:85:ff:e1:3e:ba:8f:bb:9b:99:3f:1b:1c:44:54:55:d2:70:
c4:8c:9e:84:50:33:20:20:0c:1f:ad:22:54:5e:cc:92:09:f8:
c4:1c:c2:cc:af:11:9a:4d:a3:93:3a:d8:64:81:72:e6:54:ff:
65:e8:8e:c2:01:2e:36:69:67:27:d1:60:f6:94:21:da:d4:43:
72:a6:f6:5d:53:3f:01:16:41:9c:e2:7b:37:b5:28:92:d6:77:
c2:16:86:d3:2e:01:54:68:a3:3e:9a:56:d6:b9:14:bf:22:c1:
86:3c:86:9d
-----BEGIN CERTIFICATE-----
MIIGNzCCBR+gAwIBAgIUeqfegr0i6C7SbC3dEGEB40OaOeswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTA1MDUxMzI3MzNaFw0yNjA1MDQxMzMyMzNaMDMxMTAvBgNV
BAMTKDY5QkEzRTk3QkJFODM4MTAwNDAxNTA5ODYyQzJCMTZBREVEN0RFMjQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDYpGLFepRs/3cqJiDVfbkY2uKV
B41xaTssA7i42Qi1Zhja95L6eFqYrrGp2gyVHLMj44ybkfqsxv1WFxMq+CLDSo2K
ezcvZSOIIBWWMjh9mR+uMGgqDrufHp7GPlNuS1j+FG4UgsSvf6cfhlFq8jhrA8JE
WbxtYZG57gnidyjzWbLfcVl6ncKcdfR/R3l83Tby1DXq/odo4wnr6VtqnquddZP/
wJsLZA4GiYmb70AB8CRVHU2V/rRuNh9ovmhwleR6b/acndc59/i2uolO1zkpyRvV
/oOEk/kMJoXKhs1738KzJXfLGIEIwrIGGJH4Qmq3BZYW2gdy8xAI694nLyTbAgMB
AAGjggNBMIIDPTAdBgNVHQ4EFgQUabo+l7voOBAEAVCYYsKxat7X3iQwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIweAYIKwYBBQUHAQsEbDBqMGgGCCsGAQUFBzALhlxyc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTODM0LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBVwYIKwYBBQUHAQcBAf8EggFGMIIBQjCCAT4EAgABMIIB
NgMEAFIVAAMEAFIVAgMEAFIVBwMEAFIVKQMEAFIVSwMEAFIVigMEAFIVlQMEAFIV
nAMEAFIVuwMEAFIVzgMEAFIV6gMEAFIV8AMEAFIWTgMEAFIWvgMEAFIW6TAMAwQA
UheRAwQAUheSAwQAUheUAwQAUhfYAwQAUhfkAwQAUhf2AwQDUhf4AwQAUhg5AwQA
UhhRAwQAUhhTAwQAUhh+AwQBUhiQAwQAUhjbAwQAUhjmAwQAUhjpAwQAUhkVAwQC
Uhk0AwQAUhmhAwQAUhnjAwQAUhpBAwQAUhp0MAwDBAFSGpYDBABSGpgDBABSGqkD
BABSGq4DBABSGsEDBABSGsQDBABSG2IDBABSG2oDBAFSG3QDBABSG80DBABSG+ID
BABSHQEDBAFSHSgDBABSHZQDBAFSHe4wDQYJKoZIhvcNAQELBQADggEBAJtOxziY
rLCLl/LFlbZlGE9afti9hKHxQN1acfOkfq2e0y1yjTb+vnhr5VcQx9ZBrOzu6/0i
ZzW6ZcYROOmTBStpMNzmFu7SoqPEsC0JwUA/YcRrxonAwHrCe0A0sVWkkurIoEGT
u/8OeE7gWqy9TB8XpgAyMPd2uuY2Nlaigc5Sx7SS8Rgbyl2DpplE5xgyVFaF/+E+
uo+7m5k/GxxEVFXScMSMnoRQMyAgDB+tIlRezJIJ+MQcwsyvEZpNo5M62GSBcuZU
/2XojsIBLjZpZyfRYPaUIdrUQ3Km9l1TPwEWQZzieze1KJLWd8IWhtMuAVRooz6a
Vta5FL8iwYY8hp0=
-----END CERTIFICATE-----
Generated at Tue May 6 13:40:12 2025 by rpki-client