Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS834.roa
File: AS834.roa (raw, json)
Hash identifier: 3EljdI1RV3S4gmQRWYxa6sSwoU9g7hfkqWj950hK+y8=
Subject key identifier: 30:B1:EB:75:20:B1:8C:DD:61:58:E0:66:04:9F:50:1B:1C:D6:69:B7
Certificate issuer: /CN=c2302af143c15daad50042d8455e689d0828eca9
Certificate serial: 02C5BD79B374BA357AFB167A6D095BB35E6C9B14
Authority key identifier: C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS834.roa
Signing time: Thu 21 Aug 2025 08:17:54 +0000
ROA not before: Thu 21 Aug 2025 08:12:54 +0000
ROA not after: Thu 20 Aug 2026 08:17:54 +0000
asID: 834
IP address blocks: 141.11.40.0/24 maxlen: 24
141.11.48.0/24 maxlen: 24
141.11.144.0/24 maxlen: 24
141.11.172.0/24 maxlen: 24
141.11.196.0/24 maxlen: 24
141.11.198.0/24 maxlen: 24
141.11.237.0/24 maxlen: 24
141.11.243.0/24 maxlen: 24
194.60.93.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.crl
rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.mft
rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Aug 2025 19:47:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
02:c5:bd:79:b3:74:ba:35:7a:fb:16:7a:6d:09:5b:b3:5e:6c:9b:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2302af143c15daad50042d8455e689d0828eca9
Validity
Not Before: Aug 21 08:12:54 2025 GMT
Not After : Aug 20 08:17:54 2026 GMT
Subject: CN=30B1EB7520B18CDD6158E066049F501B1CD669B7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:26:16:f7:64:df:c8:71:e1:17:f5:eb:a4:4d:
a4:92:06:bc:64:ba:a9:40:3c:12:d3:ba:6d:b1:25:
61:71:70:8c:c3:10:bf:7c:90:d9:ca:6b:ba:6c:e5:
18:59:0e:44:0c:a9:3d:2c:f2:77:69:a9:7a:05:ba:
c5:fa:e6:7a:56:1e:bc:84:cf:d0:b0:34:5a:72:e5:
91:7a:38:45:91:57:3e:34:11:8e:98:0b:93:0c:65:
fd:e4:7c:dc:a5:0b:4f:93:55:1a:a1:3b:93:02:90:
e0:1a:3c:2d:d8:e5:a6:13:5f:a4:d2:14:04:bf:4b:
49:af:9b:af:d4:57:7c:40:17:4c:af:c3:d6:5c:55:
53:3c:3d:65:7e:2d:e5:61:79:ec:f1:5d:ee:3f:f1:
7e:0c:2e:a1:60:32:05:14:3f:5b:08:7b:c2:fd:48:
b3:8d:76:51:8e:f5:7b:70:fe:d7:cc:d9:a9:cb:34:
80:51:67:08:81:09:1a:6b:b0:00:98:ca:02:4d:bd:
97:b1:45:8d:8a:8c:c6:8f:17:74:c6:50:cc:5c:f1:
3a:24:bd:1d:a9:f8:f6:88:53:e6:23:b1:03:f2:82:
02:da:6c:42:7e:df:7d:fe:e5:b3:ee:40:b4:d9:8b:
7b:e2:04:3c:2b:ca:14:c5:68:74:75:41:b6:94:02:
db:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:B1:EB:75:20:B1:8C:DD:61:58:E0:66:04:9F:50:1B:1C:D6:69:B7
X509v3 Authority Key Identifier:
keyid:C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS834.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.11.40.0/24
141.11.48.0/24
141.11.144.0/24
141.11.172.0/24
141.11.196.0/24
141.11.198.0/24
141.11.237.0/24
141.11.243.0/24
194.60.93.0/24
Signature Algorithm: sha256WithRSAEncryption
66:0b:b7:f9:79:26:e8:f4:36:30:94:48:59:23:5e:5b:a4:f6:
77:cb:1c:8e:20:fa:41:28:03:5b:0c:40:48:6d:ce:24:a0:f5:
e5:19:5b:c7:56:ce:8c:4d:3f:80:4a:59:fa:68:10:e4:da:c8:
e1:5b:93:8f:fa:ec:31:57:6f:24:04:b1:2f:38:68:9d:db:6b:
15:96:91:84:c2:cd:5d:da:dd:a7:b1:af:50:70:28:0c:9f:a4:
6d:8f:62:18:80:ea:3b:a3:b0:0e:81:44:af:f8:9a:fe:a8:5f:
c5:5c:0d:5c:04:63:0b:19:4c:5a:01:c7:63:f9:51:c9:41:a2:
d9:fc:e6:26:20:8c:7e:d7:b8:cf:1a:03:9e:c2:a1:d6:41:1c:
e1:ed:68:fd:5e:1c:c6:7a:7a:42:45:e6:ac:b7:a3:64:95:56:
41:4a:03:2f:00:33:1b:bf:a8:90:d5:a7:ac:03:82:35:24:7e:
81:e4:96:07:22:d6:86:3d:32:79:18:a2:7a:e0:d3:90:39:0a:
d2:ee:06:10:83:e1:8a:95:bb:5b:a3:76:cf:78:c9:50:6b:ad:
3a:4b:5a:65:75:b6:83:59:e9:4c:e8:3f:17:e4:77:e3:74:9e:
1a:5c:9d:f0:eb:f7:28:8f:c9:43:53:1e:ee:33:2c:ec:77:72:
6e:2a:83:2c
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgIUAsW9ebN0ujV6+xZ6bQlbs15smxQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYzIzMDJhZjE0M2MxNWRhYWQ1MDA0MmQ4NDU1ZTY4OWQw
ODI4ZWNhOTAeFw0yNTA4MjEwODEyNTRaFw0yNjA4MjAwODE3NTRaMDMxMTAvBgNV
BAMTKDMwQjFFQjc1MjBCMThDREQ2MTU4RTA2NjA0OUY1MDFCMUNENjY5QjcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5Jhb3ZN/IceEX9eukTaSSBrxk
uqlAPBLTum2xJWFxcIzDEL98kNnKa7ps5RhZDkQMqT0s8ndpqXoFusX65npWHryE
z9CwNFpy5ZF6OEWRVz40EY6YC5MMZf3kfNylC0+TVRqhO5MCkOAaPC3Y5aYTX6TS
FAS/S0mvm6/UV3xAF0yvw9ZcVVM8PWV+LeVheezxXe4/8X4MLqFgMgUUP1sIe8L9
SLONdlGO9Xtw/tfM2anLNIBRZwiBCRprsACYygJNvZexRY2KjMaPF3TGUMxc8Tok
vR2p+PaIU+YjsQPyggLabEJ+333+5bPuQLTZi3viBDwryhTFaHR1QbaUAttlAgMB
AAGjggI3MIICMzAdBgNVHQ4EFgQUMLHrdSCxjN1hWOBmBJ9QGxzWabcwHwYDVR0j
BBgwFoAUwjAq8UPBXarVAELYRV5onQgo7KkwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYTkzY2I1NWMtOTU3MS00NGM4LTkwZTEtOTY1YjkyNzY5
ZTRlLzAvQzIzMDJBRjE0M0MxNURBQUQ1MDA0MkQ4NDU1RTY4OUQwODI4RUNBOS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3dqQXE4VVBCWGFyVkFFTFlSVjVvblFn
bzdLay5jZXIweAYIKwYBBQUHAQsEbDBqMGgGCCsGAQUFBzALhlxyc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2E5M2NiNTVjLTk1NzEt
NDRjOC05MGUxLTk2NWI5Mjc2OWU0ZS8wL0FTODM0LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQAjQsoAwQA
jQswAwQAjQuQAwQAjQusAwQAjQvEAwQAjQvGAwQAjQvtAwQAjQvzAwQAwjxdMA0G
CSqGSIb3DQEBCwUAA4IBAQBmC7f5eSbo9DYwlEhZI15bpPZ3yxyOIPpBKANbDEBI
bc4koPXlGVvHVs6MTT+ASln6aBDk2sjhW5OP+uwxV28kBLEvOGid22sVlpGEws1d
2t2nsa9QcCgMn6Rtj2IYgOo7o7AOgUSv+Jr+qF/FXA1cBGMLGUxaAcdj+VHJQaLZ
/OYmIIx+17jPGgOewqHWQRzh7Wj9XhzGenpCReast6NklVZBSgMvADMbv6iQ1aes
A4I1JH6B5JYHItaGPTJ5GKJ64NOQOQrS7gYQg+GKlbtbo3bPeMlQa606S1pldbaD
WelM6D8X5HfjdJ4aXJ3w6/coj8lDUx7uMyzsd3JuKoMs
-----END CERTIFICATE-----
Generated at Sat Aug 23 06:45:30 2025 by rpki-client