Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS834.roa
File: AS834.roa (raw, json)
Hash identifier: xim1SLa2ckEClvpLqQQLXh+I9kqzDwSZwyhExgtO9O8=
Subject key identifier: D2:55:D0:9C:88:A3:36:1C:BD:28:DB:3F:0B:97:D1:01:2C:F4:2C:79
Certificate issuer: /CN=c2302af143c15daad50042d8455e689d0828eca9
Certificate serial: 402AE6037BEDDF44CAD69C09377153708533E1FB
Authority key identifier: C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS834.roa
Signing time: Wed 25 Mar 2026 13:37:51 +0000
ROA not before: Wed 25 Mar 2026 13:32:51 +0000
ROA not after: Wed 24 Mar 2027 13:37:51 +0000
asID: 834
IP address blocks: 141.11.63.0/24 maxlen: 24
141.11.79.0/24 maxlen: 24
141.11.245.0/24 maxlen: 24
194.60.90.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.crl
rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.mft
rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
40:2a:e6:03:7b:ed:df:44:ca:d6:9c:09:37:71:53:70:85:33:e1:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2302af143c15daad50042d8455e689d0828eca9
Validity
Not Before: Mar 25 13:32:51 2026 GMT
Not After : Mar 24 13:37:51 2027 GMT
Subject: CN=D255D09C88A3361CBD28DB3F0B97D1012CF42C79
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:44:c5:f5:19:74:f1:25:98:8e:4f:79:0e:09:
62:b2:9e:a7:d9:5e:da:44:06:55:b0:a9:4c:9c:f4:
cb:1c:8a:d2:af:21:5d:f8:26:6f:22:b8:5a:bc:33:
6c:fe:c9:11:f3:1b:79:2d:99:ae:26:a9:6b:8e:ed:
c4:43:96:1e:10:51:84:5d:1e:d4:a3:60:a5:23:48:
f7:ed:a3:45:5d:a4:bf:f8:9f:8b:38:ed:51:d5:0a:
e1:3c:2c:ac:4a:bb:51:e6:20:f0:28:42:da:ea:4d:
a0:36:c8:23:b2:99:79:3a:fa:3a:b9:26:74:34:be:
7d:4c:fd:ab:e5:f1:26:ab:c8:98:c7:eb:71:0e:8b:
59:68:af:d3:40:ea:f8:95:e1:57:95:6a:1e:1b:55:
c5:fa:d1:c9:29:f5:2e:cd:14:5d:4b:62:be:11:d2:
89:b7:4a:7b:c2:a5:9a:8e:53:1a:c2:b9:f0:6a:43:
0d:fe:e2:95:cb:46:c6:a8:fc:7d:91:5a:8d:68:8c:
b6:77:8f:e0:b0:af:ee:b1:96:c5:09:0e:ae:12:00:
81:77:b2:eb:96:86:13:ea:2f:01:10:3a:fc:59:32:
a5:12:af:fc:37:b7:ee:e1:70:14:f5:82:9c:58:98:
35:10:80:dd:99:e9:72:3e:fc:43:3c:29:1f:c9:47:
63:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:55:D0:9C:88:A3:36:1C:BD:28:DB:3F:0B:97:D1:01:2C:F4:2C:79
X509v3 Authority Key Identifier:
keyid:C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS834.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.11.63.0/24
141.11.79.0/24
141.11.245.0/24
194.60.90.0/24
Signature Algorithm: sha256WithRSAEncryption
7a:90:8c:61:cf:de:4f:9d:2b:2f:a4:73:2c:0c:50:b9:f5:ff:
52:b3:1a:7b:2d:cc:07:30:6c:bb:8c:17:e3:1f:78:60:1f:3d:
89:b6:b5:a9:e1:7d:dc:ec:9d:fc:39:e7:c0:97:13:49:36:f9:
ff:eb:4d:35:54:53:5b:28:95:8d:e1:0f:fa:ad:df:97:f3:a8:
4d:08:3c:b0:c9:c9:da:51:ac:c3:1f:f7:f3:ff:75:0c:8e:f5:
86:2a:05:cb:d0:6e:39:ef:1e:64:98:1a:69:6f:e3:7f:db:6f:
12:f3:33:6e:9e:66:dc:c7:f3:4b:68:ef:6d:db:9d:63:e4:35:
51:d3:76:07:ff:05:cd:ac:ce:7a:2e:5c:20:57:02:12:31:84:
56:2d:29:c8:b8:84:14:b3:d4:9a:7b:15:28:a5:f2:43:6e:bc:
97:22:d1:c0:e5:ee:a2:3d:8a:0b:58:db:3f:5e:ac:88:4c:08:
ae:12:8e:32:90:c0:db:bd:7b:15:23:1c:c5:4a:e7:d8:a3:c1:
f4:bd:8f:54:0f:2f:8e:a9:84:b4:bc:b4:cc:77:4d:c1:0b:36:
c6:a3:d6:3e:da:0b:77:aa:b4:62:b5:52:0a:f4:24:37:29:0e:
03:4b:24:c2:99:4e:6f:24:ff:83:68:75:b4:11:fd:41:11:17:
77:a4:ed:b7
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgIUQCrmA3vt30TK1pwJN3FTcIUz4fswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYzIzMDJhZjE0M2MxNWRhYWQ1MDA0MmQ4NDU1ZTY4OWQw
ODI4ZWNhOTAeFw0yNjAzMjUxMzMyNTFaFw0yNzAzMjQxMzM3NTFaMDMxMTAvBgNV
BAMTKEQyNTVEMDlDODhBMzM2MUNCRDI4REIzRjBCOTdEMTAxMkNGNDJDNzkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDlRMX1GXTxJZiOT3kOCWKynqfZ
XtpEBlWwqUyc9MscitKvIV34Jm8iuFq8M2z+yRHzG3ktma4mqWuO7cRDlh4QUYRd
HtSjYKUjSPfto0VdpL/4n4s47VHVCuE8LKxKu1HmIPAoQtrqTaA2yCOymXk6+jq5
JnQ0vn1M/avl8SaryJjH63EOi1lor9NA6viV4VeVah4bVcX60ckp9S7NFF1LYr4R
0om3SnvCpZqOUxrCufBqQw3+4pXLRsao/H2RWo1ojLZ3j+Cwr+6xlsUJDq4SAIF3
suuWhhPqLwEQOvxZMqUSr/w3t+7hcBT1gpxYmDUQgN2Z6XI+/EM8KR/JR2PpAgMB
AAGjggIZMIICFTAdBgNVHQ4EFgQU0lXQnIijNhy9KNs/C5fRASz0LHkwHwYDVR0j
BBgwFoAUwjAq8UPBXarVAELYRV5onQgo7KkwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYTkzY2I1NWMtOTU3MS00NGM4LTkwZTEtOTY1YjkyNzY5
ZTRlLzAvQzIzMDJBRjE0M0MxNURBQUQ1MDA0MkQ4NDU1RTY4OUQwODI4RUNBOS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3dqQXE4VVBCWGFyVkFFTFlSVjVvblFn
bzdLay5jZXIweAYIKwYBBQUHAQsEbDBqMGgGCCsGAQUFBzALhlxyc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2E5M2NiNTVjLTk1NzEt
NDRjOC05MGUxLTk2NWI5Mjc2OWU0ZS8wL0FTODM0LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAjQs/AwQA
jQtPAwQAjQv1AwQAwjxaMA0GCSqGSIb3DQEBCwUAA4IBAQB6kIxhz95PnSsvpHMs
DFC59f9Ssxp7LcwHMGy7jBfjH3hgHz2JtrWp4X3c7J38OefAlxNJNvn/6001VFNb
KJWN4Q/6rd+X86hNCDywycnaUazDH/fz/3UMjvWGKgXL0G457x5kmBppb+N/228S
8zNunmbcx/NLaO9t251j5DVR03YH/wXNrM56LlwgVwISMYRWLSnIuIQUs9SaexUo
pfJDbryXItHA5e6iPYoLWNs/XqyITAiuEo4ykMDbvXsVIxzFSufYo8H0vY9UDy+O
qYS0vLTMd03BCzbGo9Y+2gt3qrRitVIK9CQ3KQ4DSyTCmU5vJP+DaHW0Ef1BERd3
pO23
-----END CERTIFICATE-----
Generated at Thu Mar 26 06:35:09 2026 by rpki-client