Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/AS834.roa
File: AS834.roa (raw, json)
Hash identifier: RmqNlts8yWIy8lmqJ4oETtIqSXvAAmdZelxs/Y7+mnI=
Subject key identifier: 43:DE:20:0D:05:07:FF:84:A2:D4:D6:02:70:4C:76:DB:BD:94:72:AC
Certificate issuer: /CN=03b1ba3fdb91d8d9ea76c5776320eb7eb2d6ed9d
Certificate serial: 0814C2A88A97A5C491508FEF391E58F355C17FA1
Authority key identifier: 03:B1:BA:3F:DB:91:D8:D9:EA:76:C5:77:63:20:EB:7E:B2:D6:ED:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/A7G6P9uR2NnqdsV3YyDrfrLW7Z0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/AS834.roa
Signing time: Mon 11 May 2026 19:42:06 +0000
ROA not before: Mon 11 May 2026 19:37:06 +0000
ROA not after: Mon 10 May 2027 19:42:06 +0000
asID: 834
IP address blocks: 45.158.9.0/24 maxlen: 24
147.78.120.0/24 maxlen: 24
152.89.250.0/24 maxlen: 24
185.155.222.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/03B1BA3FDB91D8D9EA76C5776320EB7EB2D6ED9D.crl
rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/03B1BA3FDB91D8D9EA76C5776320EB7EB2D6ED9D.mft
rsync://rpki.ripe.net/repository/DEFAULT/A7G6P9uR2NnqdsV3YyDrfrLW7Z0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
08:14:c2:a8:8a:97:a5:c4:91:50:8f:ef:39:1e:58:f3:55:c1:7f:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=03b1ba3fdb91d8d9ea76c5776320eb7eb2d6ed9d
Validity
Not Before: May 11 19:37:06 2026 GMT
Not After : May 10 19:42:06 2027 GMT
Subject: CN=43DE200D0507FF84A2D4D602704C76DBBD9472AC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:30:31:af:f0:6f:8a:4a:76:3a:15:a0:21:2e:
49:e8:ba:17:da:f5:b9:6a:df:87:75:e6:4a:2e:12:
8c:b9:a2:1c:4f:40:f9:58:6b:a7:83:8a:3b:1a:f6:
9f:68:c1:ae:a7:68:e5:ff:16:a5:f8:e1:4e:06:16:
8e:9e:db:78:10:43:57:9c:a4:a0:26:61:5d:e4:c8:
1c:3e:29:c5:53:72:7a:80:b7:8e:0b:a8:e6:55:ef:
34:51:a8:e8:f8:1e:ad:cc:57:4a:41:d0:cf:85:b1:
b0:44:cd:d8:25:90:c4:e5:71:46:84:86:94:48:d2:
fa:54:bb:de:1b:fd:62:5c:b2:06:58:23:11:e6:26:
69:b3:45:7f:ec:30:eb:93:7f:43:35:59:e3:36:a3:
7c:4e:15:55:45:61:e8:97:e0:25:c0:d4:69:01:83:
9d:89:ba:86:57:7d:c5:0c:08:5c:d4:08:12:65:21:
1a:99:a4:72:89:50:e8:33:29:f4:4a:7a:86:ab:2b:
b1:8c:ff:16:f7:1f:72:a9:78:0b:15:e1:5d:6a:c4:
3b:68:0f:dd:1e:00:7b:08:62:0d:57:9d:2f:3f:eb:
a8:33:c4:19:d1:b6:88:2b:a3:4e:33:47:1c:54:bd:
c5:ed:6c:2d:27:d2:8f:af:e7:c6:51:db:0b:e6:8a:
36:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:DE:20:0D:05:07:FF:84:A2:D4:D6:02:70:4C:76:DB:BD:94:72:AC
X509v3 Authority Key Identifier:
keyid:03:B1:BA:3F:DB:91:D8:D9:EA:76:C5:77:63:20:EB:7E:B2:D6:ED:9D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/03B1BA3FDB91D8D9EA76C5776320EB7EB2D6ED9D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A7G6P9uR2NnqdsV3YyDrfrLW7Z0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/AS834.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.158.9.0/24
147.78.120.0/24
152.89.250.0/24
185.155.222.0/24
Signature Algorithm: sha256WithRSAEncryption
89:79:70:38:36:14:32:2e:79:1c:8c:ab:e9:a8:5f:23:0e:18:
af:bb:ad:b0:2f:72:20:88:da:e1:08:24:79:bf:54:a6:38:a8:
48:70:a8:89:e2:ab:50:ec:2b:cd:53:de:7d:55:96:b4:c8:6c:
b0:5a:14:15:49:40:43:14:f5:13:81:1a:3f:e9:de:31:54:76:
cb:d4:da:f9:e1:f9:35:fa:bf:69:77:17:8a:a1:d5:bb:84:99:
9d:3e:ad:6c:79:d1:49:1f:7b:07:5a:fa:82:6c:81:0d:7b:94:
9d:ff:2f:cd:64:70:c4:9c:01:9c:d2:9c:99:6d:e5:aa:1b:05:
f7:00:62:05:5b:3e:97:31:7b:59:9a:e4:f9:7c:8f:6c:ab:11:
9a:4f:b5:93:85:fe:38:fa:ad:b0:93:78:6e:fb:8b:8b:0b:1e:
fd:2e:b0:74:17:31:d9:15:14:b0:15:c2:1f:0f:99:1f:85:bf:
b9:16:ce:ba:89:db:a1:06:a9:0c:46:6d:5e:db:6d:78:c0:49:
52:96:44:bf:c6:03:32:eb:93:27:4b:01:cf:9c:1f:8a:51:8a:
4b:99:d5:d2:64:9d:55:9c:df:41:d3:7b:2a:4c:ca:64:d1:c4:
64:04:ea:96:ac:f3:0d:f7:76:14:87:20:1b:fe:9d:7f:bf:fb:
b0:34:bc:4c
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgIUCBTCqIqXpcSRUI/vOR5Y81XBf6EwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDNiMWJhM2ZkYjkxZDhkOWVhNzZjNTc3NjMyMGViN2Vi
MmQ2ZWQ5ZDAeFw0yNjA1MTExOTM3MDZaFw0yNzA1MTAxOTQyMDZaMDMxMTAvBgNV
BAMTKDQzREUyMDBEMDUwN0ZGODRBMkQ0RDYwMjcwNEM3NkRCQkQ5NDcyQUMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDVMDGv8G+KSnY6FaAhLknouhfa
9blq34d15kouEoy5ohxPQPlYa6eDijsa9p9owa6naOX/FqX44U4GFo6e23gQQ1ec
pKAmYV3kyBw+KcVTcnqAt44LqOZV7zRRqOj4Hq3MV0pB0M+FsbBEzdglkMTlcUaE
hpRI0vpUu94b/WJcsgZYIxHmJmmzRX/sMOuTf0M1WeM2o3xOFVVFYeiX4CXA1GkB
g52JuoZXfcUMCFzUCBJlIRqZpHKJUOgzKfRKeoarK7GM/xb3H3KpeAsV4V1qxDto
D90eAHsIYg1XnS8/66gzxBnRtogro04zRxxUvcXtbC0n0o+v58ZR2wvmijaXAgMB
AAGjggIZMIICFTAdBgNVHQ4EFgQUQ94gDQUH/4Si1NYCcEx2272UcqwwHwYDVR0j
BBgwFoAUA7G6P9uR2NnqdsV3YyDrfrLW7Z0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvN2ZmMGY1NTUtZGJhNy00MTkyLWEwMWQtZjY5MTZkNWJi
ODRlLzAvMDNCMUJBM0ZEQjkxRDhEOUVBNzZDNTc3NjMyMEVCN0VCMkQ2RUQ5RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0E3RzZQOXVSMk5ucWRzVjNZeURyZnJM
VzdaMC5jZXIweAYIKwYBBQUHAQsEbDBqMGgGCCsGAQUFBzALhlxyc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzdmZjBmNTU1LWRiYTct
NDE5Mi1hMDFkLWY2OTE2ZDViYjg0ZS8wL0FTODM0LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALZ4JAwQA
k054AwQAmFn6AwQAuZveMA0GCSqGSIb3DQEBCwUAA4IBAQCJeXA4NhQyLnkcjKvp
qF8jDhivu62wL3IgiNrhCCR5v1SmOKhIcKiJ4qtQ7CvNU959VZa0yGywWhQVSUBD
FPUTgRo/6d4xVHbL1Nr54fk1+r9pdxeKodW7hJmdPq1sedFJH3sHWvqCbIENe5Sd
/y/NZHDEnAGc0pyZbeWqGwX3AGIFWz6XMXtZmuT5fI9sqxGaT7WThf44+q2wk3hu
+4uLCx79LrB0FzHZFRSwFcIfD5kfhb+5Fs66iduhBqkMRm1e2214wElSlkS/xgMy
65MnSwHPnB+KUYpLmdXSZJ1VnN9B03sqTMpk0cRkBOqWrPMN93YUhyAb/p1/v/uw
NLxM
-----END CERTIFICATE-----
Generated at Tue May 12 22:37:46 2026 by rpki-client