Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS834.roa
File: AS834.roa (raw, json)
Hash identifier: oQDDwOOB+ELJbFQEkGqxASFO9eHm0ei3gtwVI0gNL9c=
Subject key identifier: D5:9B:26:C2:42:2B:93:F0:5D:81:D3:1A:30:97:6B:9F:92:45:94:EB
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 09EC585CA166D67FA597B6CF556EDB5FE96141B3
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS834.roa
Signing time: Sat 23 Aug 2025 00:05:48 +0000
ROA not before: Sat 23 Aug 2025 00:00:48 +0000
ROA not after: Sat 22 Aug 2026 00:05:48 +0000
asID: 834
IP address blocks: 82.21.188.0/24 maxlen: 24
82.22.125.0/24 maxlen: 24
82.26.65.0/24 maxlen: 24
82.26.116.0/24 maxlen: 24
82.27.11.0/24 maxlen: 24
82.27.23.0/24 maxlen: 24
82.29.107.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 03:52:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
09:ec:58:5c:a1:66:d6:7f:a5:97:b6:cf:55:6e:db:5f:e9:61:41:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Aug 23 00:00:48 2025 GMT
Not After : Aug 22 00:05:48 2026 GMT
Subject: CN=D59B26C2422B93F05D81D31A30976B9F924594EB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:80:28:91:2c:cd:20:c9:39:07:fa:ff:69:fb:
92:18:e2:81:e1:db:e4:b7:a0:43:54:16:94:9f:41:
6d:d4:05:99:f3:e3:e3:b7:03:d2:a3:ad:56:e6:7e:
b9:e5:d6:88:d7:53:2b:90:37:25:02:ce:9c:80:91:
2c:b2:16:5d:09:f7:40:1c:0a:9f:69:eb:38:87:c4:
2a:49:d3:08:f6:e8:84:b6:8a:e4:88:75:53:15:0a:
72:bd:00:8a:e7:3c:a2:ad:44:b7:a4:06:77:bd:98:
77:8e:5d:65:31:82:b0:f9:82:c7:cb:66:6b:35:64:
14:60:ed:61:41:7c:b1:bd:ad:c9:ef:76:19:d4:2c:
5b:69:a7:75:29:cf:f2:91:1c:6f:88:ca:04:0b:03:
47:73:02:d6:9b:df:02:eb:55:fe:cd:09:22:44:87:
f9:7a:c4:65:b8:6a:7f:55:a4:86:d8:f8:7b:3d:81:
95:f5:f4:86:64:10:30:43:ee:82:c4:45:74:4e:cd:
ee:50:cf:2f:bd:78:40:01:c8:0c:50:15:23:76:4f:
e0:bd:2b:d1:30:88:c9:0c:d8:04:a1:b4:b4:6d:b8:
2d:24:d0:1f:c4:5e:bd:cd:3d:42:82:34:eb:d7:25:
26:0c:20:94:8b:e7:9e:b3:2b:83:60:15:a3:3d:34:
0e:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:9B:26:C2:42:2B:93:F0:5D:81:D3:1A:30:97:6B:9F:92:45:94:EB
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS834.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.188.0/24
82.22.125.0/24
82.26.65.0/24
82.26.116.0/24
82.27.11.0/24
82.27.23.0/24
82.29.107.0/24
Signature Algorithm: sha256WithRSAEncryption
4e:d0:6c:77:2d:d0:29:46:6f:d6:54:da:ca:42:96:70:20:e7:
d8:d1:ff:9c:37:59:ff:24:04:0e:6e:ac:c2:0a:a2:34:e2:da:
55:ce:c3:9f:53:0a:35:86:ba:4c:ba:bd:cc:b9:fe:3c:5d:98:
4a:fa:a1:36:17:fb:d7:f4:4e:32:c9:9c:de:48:5c:6d:63:67:
91:10:dd:15:a9:e9:9e:a2:6e:f3:a7:48:9b:3f:b8:88:aa:aa:
bc:12:0f:1b:5e:db:5d:a2:9f:e0:17:5a:43:ae:b1:14:62:61:
8b:10:f7:44:23:2b:77:9c:45:94:11:68:74:01:bb:18:07:15:
4d:94:c2:ae:7e:55:b4:2e:dd:6a:62:75:d8:a6:03:92:22:b4:
89:9a:41:c2:22:bd:02:5a:cf:e7:35:74:c1:00:01:fa:a0:3f:
0c:95:1f:fd:3c:3e:ed:68:94:10:d4:9f:f0:7b:ef:03:6c:ce:
bd:6b:e6:d5:21:10:1b:bf:f9:79:5d:da:79:5c:99:91:14:90:
dd:a8:7a:c6:78:21:d6:b3:85:1a:86:8c:ef:81:36:a9:f1:f4:
24:c3:9d:85:43:e8:70:45:2c:57:9f:ce:84:fe:00:0f:56:86:
ba:49:bb:d7:c4:12:36:ac:1a:99:b8:51:3a:08:cb:95:00:b5:
9b:2b:3c:d2
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgIUCexYXKFm1n+ll7bPVW7bX+lhQbMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTA4MjMwMDAwNDhaFw0yNjA4MjIwMDA1NDhaMDMxMTAvBgNV
BAMTKEQ1OUIyNkMyNDIyQjkzRjA1RDgxRDMxQTMwOTc2QjlGOTI0NTk0RUIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCygCiRLM0gyTkH+v9p+5IY4oHh
2+S3oENUFpSfQW3UBZnz4+O3A9KjrVbmfrnl1ojXUyuQNyUCzpyAkSyyFl0J90Ac
Cp9p6ziHxCpJ0wj26IS2iuSIdVMVCnK9AIrnPKKtRLekBne9mHeOXWUxgrD5gsfL
Zms1ZBRg7WFBfLG9rcnvdhnULFtpp3Upz/KRHG+IygQLA0dzAtab3wLrVf7NCSJE
h/l6xGW4an9VpIbY+Hs9gZX19IZkEDBD7oLERXROze5Qzy+9eEAByAxQFSN2T+C9
K9EwiMkM2AShtLRtuC0k0B/EXr3NPUKCNOvXJSYMIJSL556zK4NgFaM9NA4fAgMB
AAGjggIrMIICJzAdBgNVHQ4EFgQU1ZsmwkIrk/BdgdMaMJdrn5JFlOswHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIweAYIKwYBBQUHAQsEbDBqMGgGCCsGAQUFBzALhlxyc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTODM0LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAUhW8AwQA
UhZ9AwQAUhpBAwQAUhp0AwQAUhsLAwQAUhsXAwQAUh1rMA0GCSqGSIb3DQEBCwUA
A4IBAQBO0Gx3LdApRm/WVNrKQpZwIOfY0f+cN1n/JAQObqzCCqI04tpVzsOfUwo1
hrpMur3Muf48XZhK+qE2F/vX9E4yyZzeSFxtY2eREN0Vqemeom7zp0ibP7iIqqq8
Eg8bXttdop/gF1pDrrEUYmGLEPdEIyt3nEWUEWh0AbsYBxVNlMKuflW0Lt1qYnXY
pgOSIrSJmkHCIr0CWs/nNXTBAAH6oD8MlR/9PD7taJQQ1J/we+8DbM69a+bVIRAb
v/l5Xdp5XJmRFJDdqHrGeCHWs4UahozvgTap8fQkw52FQ+hwRSxXn86E/gAPVoa6
SbvXxBI2rBqZuFE6CMuVALWbKzzS
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:46:09 2025 by rpki-client