Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/AS834.roa
File: AS834.roa (raw, json)
Hash identifier: 13BeaRMuQ/j7APtkObeCwvhIsR9DKW9fxbXipv3PnQs=
Subject key identifier: D6:22:0C:DB:F6:34:7E:E5:D0:32:8E:FC:F8:34:83:0F:0A:62:DC:31
Certificate issuer: /CN=7051b4c2f7ae9ef80b53000b32ab8f5d2f2f415b
Certificate serial: 65FC46F13FC1FE72867C061D91A0DE8704171364
Authority key identifier: 70:51:B4:C2:F7:AE:9E:F8:0B:53:00:0B:32:AB:8F:5D:2F:2F:41:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cFG0wveunvgLUwALMquPXS8vQVs.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/AS834.roa
Signing time: Sat 23 Aug 2025 00:02:43 +0000
ROA not before: Fri 22 Aug 2025 23:57:43 +0000
ROA not after: Sat 22 Aug 2026 00:02:43 +0000
asID: 834
IP address blocks: 193.32.206.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/7051B4C2F7AE9EF80B53000B32AB8F5D2F2F415B.crl
rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/7051B4C2F7AE9EF80B53000B32AB8F5D2F2F415B.mft
rsync://rpki.ripe.net/repository/DEFAULT/cFG0wveunvgLUwALMquPXS8vQVs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
65:fc:46:f1:3f:c1:fe:72:86:7c:06:1d:91:a0:de:87:04:17:13:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7051b4c2f7ae9ef80b53000b32ab8f5d2f2f415b
Validity
Not Before: Aug 22 23:57:43 2025 GMT
Not After : Aug 22 00:02:43 2026 GMT
Subject: CN=D6220CDBF6347EE5D0328EFCF834830F0A62DC31
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:2d:95:15:b2:99:e2:fc:26:4e:94:a7:dd:70:
1c:32:33:c8:d5:db:11:c7:c2:01:09:a3:5e:09:f8:
ab:a3:63:e9:ec:f1:d7:35:0a:a5:bd:c9:1a:b5:f0:
28:56:4b:3d:59:f5:32:c1:c0:48:ac:a1:8e:f6:26:
8a:91:cc:a4:ea:d0:69:12:3f:95:1d:c2:f9:22:53:
93:40:e8:29:57:74:58:60:05:bf:b3:92:26:f2:77:
22:bd:22:25:d0:ea:41:7a:2a:5f:a8:2b:65:0e:71:
a5:b6:4c:8b:28:d3:f0:b2:30:e4:1a:df:42:7a:19:
33:a0:2b:e7:90:91:eb:d6:ad:6d:15:c9:01:51:53:
71:c0:d1:ab:fb:0f:97:66:af:cf:8e:2d:c4:02:dc:
56:7b:7c:4c:8e:0a:04:ab:a2:41:47:ae:0d:61:75:
3a:f7:4a:25:44:98:17:24:db:f0:87:15:81:26:e7:
b2:08:f4:b3:8a:b0:75:f8:84:82:49:61:a9:25:7a:
2c:01:9b:02:b8:7a:bd:3f:43:5a:9c:c0:d7:fd:0d:
d1:09:a5:da:b0:e2:c1:f2:f6:2a:b0:23:a9:0d:44:
b8:42:2b:e0:b5:06:83:06:21:24:a5:e0:52:23:56:
1d:e8:40:45:80:6a:61:63:f4:9a:3b:58:a4:32:c1:
05:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:22:0C:DB:F6:34:7E:E5:D0:32:8E:FC:F8:34:83:0F:0A:62:DC:31
X509v3 Authority Key Identifier:
keyid:70:51:B4:C2:F7:AE:9E:F8:0B:53:00:0B:32:AB:8F:5D:2F:2F:41:5B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/7051B4C2F7AE9EF80B53000B32AB8F5D2F2F415B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cFG0wveunvgLUwALMquPXS8vQVs.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/AS834.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.32.206.0/24
Signature Algorithm: sha256WithRSAEncryption
9a:c0:2d:b4:8e:da:0c:6c:78:2f:b9:20:11:f9:4f:d9:8e:8f:
c8:0d:d3:99:98:e9:19:e8:35:7d:1f:9a:86:81:eb:4c:06:81:
2d:59:13:44:a9:c7:16:aa:4c:dd:d3:2a:e5:dc:fa:9c:fb:4b:
7a:c6:99:49:90:8e:f6:70:99:14:16:d5:2d:b0:c5:c7:a8:dc:
8a:18:1e:4d:ed:f4:34:d4:42:c6:85:f7:bc:25:b9:51:9f:01:
99:bf:87:7a:39:2d:3c:9f:16:6e:b7:b1:02:41:df:10:ed:b7:
35:60:2c:3b:47:07:6f:5e:2b:17:0f:86:b0:b8:da:1e:02:48:
c5:39:c3:4a:c1:c2:06:5c:57:5d:fe:07:de:34:30:6d:08:b1:
ee:16:22:09:a4:d5:fb:87:33:37:a6:ea:95:ae:e1:f0:06:d5:
ef:a9:00:33:06:2f:bd:50:b3:02:bc:fc:91:25:85:d7:7f:66:
cf:73:97:7b:e9:3e:68:22:ad:3a:f9:3c:ca:9c:60:0b:ed:69:
8a:d7:01:73:4f:09:55:dc:21:0d:db:b2:34:e2:d3:90:26:49:
57:d3:4d:cc:db:0d:48:ce:81:ff:a5:d6:cf:8d:19:cd:53:8f:
d4:26:8f:04:81:3b:ae:f0:9a:7b:fa:d1:ba:ff:d1:b4:17:29:
53:2d:db:8c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgIUZfxG8T/B/nKGfAYdkaDehwQXE2QwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzA1MWI0YzJmN2FlOWVmODBiNTMwMDBiMzJhYjhmNWQy
ZjJmNDE1YjAeFw0yNTA4MjIyMzU3NDNaFw0yNjA4MjIwMDAyNDNaMDMxMTAvBgNV
BAMTKEQ2MjIwQ0RCRjYzNDdFRTVEMDMyOEVGQ0Y4MzQ4MzBGMEE2MkRDMzEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCOLZUVspni/CZOlKfdcBwyM8jV
2xHHwgEJo14J+KujY+ns8dc1CqW9yRq18ChWSz1Z9TLBwEisoY72JoqRzKTq0GkS
P5UdwvkiU5NA6ClXdFhgBb+zkibydyK9IiXQ6kF6Kl+oK2UOcaW2TIso0/CyMOQa
30J6GTOgK+eQkevWrW0VyQFRU3HA0av7D5dmr8+OLcQC3FZ7fEyOCgSrokFHrg1h
dTr3SiVEmBck2/CHFYEm57II9LOKsHX4hIJJYakleiwBmwK4er0/Q1qcwNf9DdEJ
pdqw4sHy9iqwI6kNRLhCK+C1BoMGISSl4FIjVh3oQEWAamFj9Jo7WKQywQX1AgMB
AAGjggIHMIICAzAdBgNVHQ4EFgQU1iIM2/Y0fuXQMo78+DSDDwpi3DEwHwYDVR0j
BBgwFoAUcFG0wveunvgLUwALMquPXS8vQVswDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOWM1Y2U5ZmEtOWE2Zi00ZTBjLTk4MDktN2E0Nzg4NzQ0
ODkzLzAvNzA1MUI0QzJGN0FFOUVGODBCNTMwMDBCMzJBQjhGNUQyRjJGNDE1Qi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NGRzB3dmV1bnZnTFV3QUxNcXVQWFM4
dlFWcy5jZXIweAYIKwYBBQUHAQsEbDBqMGgGCCsGAQUFBzALhlxyc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzljNWNlOWZhLTlhNmYt
NGUwYy05ODA5LTdhNDc4ODc0NDg5My8wL0FTODM0LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwSDOMA0G
CSqGSIb3DQEBCwUAA4IBAQCawC20jtoMbHgvuSAR+U/Zjo/IDdOZmOkZ6DV9H5qG
getMBoEtWRNEqccWqkzd0yrl3Pqc+0t6xplJkI72cJkUFtUtsMXHqNyKGB5N7fQ0
1ELGhfe8JblRnwGZv4d6OS08nxZut7ECQd8Q7bc1YCw7RwdvXisXD4awuNoeAkjF
OcNKwcIGXFdd/gfeNDBtCLHuFiIJpNX7hzM3puqVruHwBtXvqQAzBi+9ULMCvPyR
JYXXf2bPc5d76T5oIq06+TzKnGAL7WmK1wFzTwlV3CEN27I04tOQJklX003M2w1I
zoH/pdbPjRnNU4/UJo8EgTuu8Jp7+tG6/9G0FylTLduM
-----END CERTIFICATE-----
Generated at Sat Aug 23 08:05:06 2025 by rpki-client