Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS834.roa
File: AS834.roa (raw, json)
Hash identifier: guCT5IBh5FM4JDMVbteQt0TWcTBAbWUNS8eIE3+7/nM=
Subject key identifier: D9:6F:3B:55:71:67:3E:67:74:A3:32:D2:4C:B2:88:2D:A3:66:7A:8E
Certificate issuer: /CN=c2302af143c15daad50042d8455e689d0828eca9
Certificate serial: 504E435C74F64548AA75C05860DB233C6D2E5741
Authority key identifier: C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS834.roa
Signing time: Tue 06 May 2025 09:45:45 +0000
ROA not before: Tue 06 May 2025 09:40:45 +0000
ROA not after: Tue 05 May 2026 09:45:45 +0000
asID: 834
IP address blocks: 141.11.39.0/24 maxlen: 24
141.11.124.0/24 maxlen: 24
141.11.245.0/24 maxlen: 24
194.60.89.0/24 maxlen: 24
194.60.90.0/24 maxlen: 24
194.60.92.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.crl
rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.mft
rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 08 May 2025 12:34:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
50:4e:43:5c:74:f6:45:48:aa:75:c0:58:60:db:23:3c:6d:2e:57:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2302af143c15daad50042d8455e689d0828eca9
Validity
Not Before: May 6 09:40:45 2025 GMT
Not After : May 5 09:45:45 2026 GMT
Subject: CN=D96F3B5571673E6774A332D24CB2882DA3667A8E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:62:42:6c:c5:b3:f7:60:e5:50:7f:4b:a9:ac:
a2:17:bf:c7:b5:a6:d2:8b:22:6d:e8:d0:47:f3:b4:
a1:f1:75:ed:24:ef:31:1d:f8:b8:e6:6e:32:f0:71:
46:33:66:0b:f1:f3:f4:e6:fc:17:0b:55:1e:a5:b5:
b1:05:66:9b:1c:85:65:32:c4:80:13:75:ee:b7:0b:
09:16:be:7d:94:a9:7f:ba:23:88:8c:39:f5:58:fd:
6f:e5:cd:4c:8c:71:77:8a:38:90:68:fb:39:c6:cc:
58:af:e3:ee:68:ee:1b:2c:d9:16:a0:e0:4b:0a:8d:
79:ef:af:93:1d:ff:41:f6:72:9e:4b:6a:47:c6:76:
8f:59:16:95:fa:02:1a:2c:e1:32:9e:b3:18:a9:19:
63:3d:29:1a:fb:67:49:84:a6:cc:fd:a9:f1:23:ac:
ae:4a:af:c9:a1:05:c5:f1:e8:7c:76:7d:fd:12:0f:
0d:be:d8:95:98:92:cd:e1:bb:a1:6f:21:46:f9:48:
a2:8e:cc:a1:16:2c:2e:51:03:aa:b7:a2:8d:fe:2e:
bb:c8:5f:16:e2:df:d5:25:b0:b1:d6:a0:ad:df:36:
14:3f:5a:0d:f8:2a:e8:40:27:d7:8a:66:b5:2d:95:
83:5a:9b:59:4f:f6:bc:b4:95:e3:84:b7:0a:80:dd:
6e:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:6F:3B:55:71:67:3E:67:74:A3:32:D2:4C:B2:88:2D:A3:66:7A:8E
X509v3 Authority Key Identifier:
keyid:C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS834.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.11.39.0/24
141.11.124.0/24
141.11.245.0/24
194.60.89.0-194.60.90.255
194.60.92.0/23
Signature Algorithm: sha256WithRSAEncryption
74:ca:49:5e:5c:5f:ae:dc:28:17:d0:02:ab:b9:c6:6e:9f:6c:
6f:db:6a:5d:1b:50:65:74:50:29:4e:85:7e:b6:47:66:59:b3:
a5:8c:12:85:e7:7a:52:f1:4e:ed:32:12:29:58:3d:82:6f:b9:
ed:42:da:bc:98:54:f8:e1:dc:8a:d4:9d:16:92:ec:a7:8a:dd:
f9:c0:8f:b7:9a:61:fe:09:32:bd:bb:04:b5:86:e3:df:b6:3a:
38:36:10:c5:f2:43:cf:dd:6c:65:5a:b2:b7:e9:02:47:8d:e2:
35:6d:8e:ad:61:dc:f4:79:b7:27:2b:6d:c7:f8:d8:4b:08:8e:
b8:1e:97:c3:62:9b:f7:0d:0e:64:43:71:d7:45:78:f6:72:49:
c0:9f:99:97:ad:20:d5:7d:48:3d:54:eb:8e:c6:00:e5:49:08:
52:12:65:33:a5:92:1c:00:e0:62:de:09:86:f2:f8:b3:c2:61:
6a:44:fe:e1:e0:8a:34:e1:1e:20:e3:c5:f1:61:4f:0e:a8:e5:
af:2d:50:f3:27:94:ad:b5:db:0a:48:01:95:13:12:81:fa:ca:
22:99:27:d3:c5:c2:15:6f:54:19:30:b6:4e:b0:b1:3a:24:8c:
6e:16:38:86:68:be:89:49:54:61:db:b0:7c:2a:ad:68:30:38:
98:e2:ea:de
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgIUUE5DXHT2RUiqdcBYYNsjPG0uV0EwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYzIzMDJhZjE0M2MxNWRhYWQ1MDA0MmQ4NDU1ZTY4OWQw
ODI4ZWNhOTAeFw0yNTA1MDYwOTQwNDVaFw0yNjA1MDUwOTQ1NDVaMDMxMTAvBgNV
BAMTKEQ5NkYzQjU1NzE2NzNFNjc3NEEzMzJEMjRDQjI4ODJEQTM2NjdBOEUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCUYkJsxbP3YOVQf0uprKIXv8e1
ptKLIm3o0EfztKHxde0k7zEd+LjmbjLwcUYzZgvx8/Tm/BcLVR6ltbEFZpschWUy
xIATde63CwkWvn2UqX+6I4iMOfVY/W/lzUyMcXeKOJBo+znGzFiv4+5o7hss2Rag
4EsKjXnvr5Md/0H2cp5LakfGdo9ZFpX6Ahos4TKesxipGWM9KRr7Z0mEpsz9qfEj
rK5Kr8mhBcXx6Hx2ff0SDw2+2JWYks3hu6FvIUb5SKKOzKEWLC5RA6q3oo3+LrvI
Xxbi39UlsLHWoK3fNhQ/Wg34KuhAJ9eKZrUtlYNam1lP9ry0leOEtwqA3W7PAgMB
AAGjggInMIICIzAdBgNVHQ4EFgQU2W87VXFnPmd0ozLSTLKILaNmeo4wHwYDVR0j
BBgwFoAUwjAq8UPBXarVAELYRV5onQgo7KkwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYTkzY2I1NWMtOTU3MS00NGM4LTkwZTEtOTY1YjkyNzY5
ZTRlLzAvQzIzMDJBRjE0M0MxNURBQUQ1MDA0MkQ4NDU1RTY4OUQwODI4RUNBOS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3dqQXE4VVBCWGFyVkFFTFlSVjVvblFn
bzdLay5jZXIweAYIKwYBBQUHAQsEbDBqMGgGCCsGAQUFBzALhlxyc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2E5M2NiNTVjLTk1NzEt
NDRjOC05MGUxLTk2NWI5Mjc2OWU0ZS8wL0FTODM0LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQAjQsnAwQA
jQt8AwQAjQv1MAwDBADCPFkDBADCPFoDBAHCPFwwDQYJKoZIhvcNAQELBQADggEB
AHTKSV5cX67cKBfQAqu5xm6fbG/bal0bUGV0UClOhX62R2ZZs6WMEoXnelLxTu0y
EilYPYJvue1C2ryYVPjh3IrUnRaS7KeK3fnAj7eaYf4JMr27BLWG49+2Ojg2EMXy
Q8/dbGVasrfpAkeN4jVtjq1h3PR5tycrbcf42EsIjrgel8Nim/cNDmRDcddFePZy
ScCfmZetINV9SD1U647GAOVJCFISZTOlkhwA4GLeCYby+LPCYWpE/uHgijThHiDj
xfFhTw6o5a8tUPMnlK212wpIAZUTEoH6yiKZJ9PFwhVvVBkwtk6wsTokjG4WOIZo
volJVGHbsHwqrWgwOJji6t4=
-----END CERTIFICATE-----
Generated at Wed May 7 20:02:47 2025 by rpki-client