Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/AS834.roa
File: AS834.roa (raw, json)
Hash identifier: 4wlnU7PZYNuynZKGuTWnWLFpBtIeCXX31aczpKigvEY=
Subject key identifier: 13:DA:3F:27:A0:4C:34:E1:8B:1A:EC:C3:73:50:98:1C:AB:DB:0A:F4
Certificate issuer: /CN=88c14ec02adbf083138eddd47871176ddeb93d9d
Certificate serial: 4C7AD61F618895882596090C2F88AF591643D13A
Authority key identifier: 88:C1:4E:C0:2A:DB:F0:83:13:8E:DD:D4:78:71:17:6D:DE:B9:3D:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/AS834.roa
Signing time: Wed 25 Mar 2026 11:40:52 +0000
ROA not before: Wed 25 Mar 2026 11:35:52 +0000
ROA not after: Wed 24 Mar 2027 11:40:52 +0000
asID: 834
IP address blocks: 143.20.11.0/24 maxlen: 24
143.20.14.0/24 maxlen: 24
143.20.18.0/24 maxlen: 24
143.20.21.0/24 maxlen: 24
143.20.22.0/24 maxlen: 24
143.20.24.0/23 maxlen: 24
143.20.26.0/24 maxlen: 24
143.20.28.0/24 maxlen: 24
143.20.32.0/24 maxlen: 24
143.20.34.0/23 maxlen: 24
143.20.36.0/24 maxlen: 24
143.20.42.0/23 maxlen: 24
143.20.45.0/24 maxlen: 24
143.20.47.0/24 maxlen: 24
143.20.48.0/24 maxlen: 24
143.20.53.0/24 maxlen: 24
143.20.56.0/23 maxlen: 24
143.20.59.0/24 maxlen: 24
143.20.63.0/24 maxlen: 24
143.20.65.0/24 maxlen: 24
143.20.72.0/23 maxlen: 24
143.20.77.0/24 maxlen: 24
143.20.80.0/24 maxlen: 24
143.20.103.0/24 maxlen: 24
143.20.105.0/24 maxlen: 24
143.20.106.0/24 maxlen: 24
143.20.116.0/24 maxlen: 24
143.20.118.0/24 maxlen: 24
143.20.120.0/24 maxlen: 24
143.20.128.0/24 maxlen: 24
143.20.131.0/24 maxlen: 24
143.20.132.0/24 maxlen: 24
143.20.147.0/24 maxlen: 24
143.20.151.0/24 maxlen: 24
143.20.152.0/24 maxlen: 24
143.20.157.0/24 maxlen: 24
143.20.162.0/24 maxlen: 24
143.20.168.0/24 maxlen: 24
143.20.173.0/24 maxlen: 24
143.20.178.0/23 maxlen: 24
143.20.182.0/24 maxlen: 24
143.20.194.0/24 maxlen: 24
143.20.196.0/24 maxlen: 24
143.20.198.0/24 maxlen: 24
143.20.200.0/22 maxlen: 24
143.20.206.0/24 maxlen: 24
143.20.214.0/24 maxlen: 24
143.20.216.0/23 maxlen: 24
143.20.218.0/24 maxlen: 24
143.20.220.0/22 maxlen: 24
143.20.224.0/22 maxlen: 24
143.20.231.0/24 maxlen: 24
143.20.232.0/22 maxlen: 24
143.20.237.0/24 maxlen: 24
143.20.239.0/24 maxlen: 24
143.20.244.0/23 maxlen: 24
143.20.247.0/24 maxlen: 24
143.20.248.0/22 maxlen: 24
143.20.252.0/24 maxlen: 24
143.20.254.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.crl
rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.mft
rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 13:58:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4c:7a:d6:1f:61:88:95:88:25:96:09:0c:2f:88:af:59:16:43:d1:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88c14ec02adbf083138eddd47871176ddeb93d9d
Validity
Not Before: Mar 25 11:35:52 2026 GMT
Not After : Mar 24 11:40:52 2027 GMT
Subject: CN=13DA3F27A04C34E18B1AECC37350981CABDB0AF4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:5c:5e:9f:20:58:6b:59:ec:89:64:63:cf:04:
3d:4b:b6:62:f3:2b:38:42:c1:e5:6f:28:42:67:c1:
26:63:c7:0d:48:58:ce:eb:de:6b:ca:e7:6a:44:f5:
4b:0b:4f:09:e7:08:ef:e2:c9:77:84:4e:80:c4:05:
e7:14:1c:16:79:51:9d:d3:32:34:17:52:97:f5:a8:
51:b3:3a:4c:e6:c5:60:da:da:1b:65:ce:a1:01:46:
bc:b9:85:41:b7:f5:8c:42:09:e5:c5:93:0f:75:ec:
e9:6b:50:e0:db:14:09:fd:3c:0f:8c:f7:cf:2b:c9:
cd:62:db:18:ba:36:ac:c9:74:bb:b5:1a:01:53:c8:
84:eb:ab:c2:d8:29:8a:83:d5:bd:76:e6:ad:68:c9:
d6:d6:d4:06:b0:ac:30:09:59:fa:35:66:16:9f:ad:
19:9c:c0:5a:dd:9d:24:6a:16:ad:4c:ee:6f:19:bb:
d3:ce:a6:65:99:c6:c0:e0:5a:e8:e2:f5:c0:c9:95:
c6:53:cb:57:68:8f:36:71:d0:34:75:92:9a:08:2e:
4d:f7:00:ca:6e:66:0b:cb:0f:84:c9:05:42:cf:bb:
f0:a8:97:c4:df:35:3c:0f:35:68:9a:f6:9d:8f:d7:
cc:20:02:cf:e9:ab:47:90:f6:53:cc:40:88:f6:ea:
ba:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:DA:3F:27:A0:4C:34:E1:8B:1A:EC:C3:73:50:98:1C:AB:DB:0A:F4
X509v3 Authority Key Identifier:
keyid:88:C1:4E:C0:2A:DB:F0:83:13:8E:DD:D4:78:71:17:6D:DE:B9:3D:9D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/AS834.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.20.11.0/24
143.20.14.0/24
143.20.18.0/24
143.20.21.0-143.20.22.255
143.20.24.0-143.20.26.255
143.20.28.0/24
143.20.32.0/24
143.20.34.0-143.20.36.255
143.20.42.0/23
143.20.45.0/24
143.20.47.0-143.20.48.255
143.20.53.0/24
143.20.56.0/23
143.20.59.0/24
143.20.63.0/24
143.20.65.0/24
143.20.72.0/23
143.20.77.0/24
143.20.80.0/24
143.20.103.0/24
143.20.105.0-143.20.106.255
143.20.116.0/24
143.20.118.0/24
143.20.120.0/24
143.20.128.0/24
143.20.131.0-143.20.132.255
143.20.147.0/24
143.20.151.0-143.20.152.255
143.20.157.0/24
143.20.162.0/24
143.20.168.0/24
143.20.173.0/24
143.20.178.0/23
143.20.182.0/24
143.20.194.0/24
143.20.196.0/24
143.20.198.0/24
143.20.200.0/22
143.20.206.0/24
143.20.214.0/24
143.20.216.0-143.20.218.255
143.20.220.0-143.20.227.255
143.20.231.0-143.20.235.255
143.20.237.0/24
143.20.239.0/24
143.20.244.0/23
143.20.247.0-143.20.252.255
143.20.254.0/24
Signature Algorithm: sha256WithRSAEncryption
5d:65:b7:c5:84:1c:cb:62:fe:c1:ab:d0:a7:80:ab:13:80:f5:
a3:cb:60:fb:62:87:2e:bd:ed:ac:56:62:00:de:69:fb:44:10:
21:5b:42:20:bc:8b:b3:3a:6d:9c:fb:05:a5:28:70:59:bd:39:
da:38:48:a1:d6:3c:1c:4c:ba:63:d5:bd:bd:4e:4a:f7:c3:ac:
d3:3e:5d:1e:bb:d1:5f:ed:d4:e1:09:17:93:f7:40:19:3a:2f:
ff:5a:a5:81:71:3f:85:1e:97:a8:b1:21:ec:03:5c:eb:fd:1d:
33:e3:5b:d5:5c:b4:bd:9a:0d:3f:b4:9d:1a:2f:2c:f5:9a:70:
e0:1f:3d:9f:3b:5e:8f:bd:23:2a:75:3b:be:8d:a8:e7:78:f4:
ea:70:a8:43:ce:45:e1:5e:a3:f9:f5:33:f2:25:04:8d:89:93:
43:e2:2a:a7:5f:66:2e:11:e4:5b:00:99:85:3c:39:d9:13:15:
31:4d:5b:88:34:b7:77:ad:69:56:04:c9:d2:b2:66:17:ec:e5:
19:81:d6:3c:e9:7b:d4:8b:4e:c0:05:e1:f4:27:9c:73:23:9e:
85:c8:9f:68:2f:68:7e:d4:dd:4f:c0:aa:41:54:36:ff:90:d9:
60:c8:39:16:82:3f:2b:10:fe:96:26:79:31:b8:20:dd:6a:34:
b2:ab:55:14
-----BEGIN CERTIFICATE-----
MIIGeTCCBWGgAwIBAgIUTHrWH2GIlYgllgkML4ivWRZD0TowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODhjMTRlYzAyYWRiZjA4MzEzOGVkZGQ0Nzg3MTE3NmRk
ZWI5M2Q5ZDAeFw0yNjAzMjUxMTM1NTJaFw0yNzAzMjQxMTQwNTJaMDMxMTAvBgNV
BAMTKDEzREEzRjI3QTA0QzM0RTE4QjFBRUNDMzczNTA5ODFDQUJEQjBBRjQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCkXF6fIFhrWeyJZGPPBD1LtmLz
KzhCweVvKEJnwSZjxw1IWM7r3mvK52pE9UsLTwnnCO/iyXeEToDEBecUHBZ5UZ3T
MjQXUpf1qFGzOkzmxWDa2htlzqEBRry5hUG39YxCCeXFkw917OlrUODbFAn9PA+M
988ryc1i2xi6NqzJdLu1GgFTyITrq8LYKYqD1b125q1oydbW1AawrDAJWfo1Zhaf
rRmcwFrdnSRqFq1M7m8Zu9POpmWZxsDgWuji9cDJlcZTy1dojzZx0DR1kpoILk33
AMpuZgvLD4TJBULPu/Col8TfNTwPNWia9p2P18wgAs/pq0eQ9lPMQIj26rpFAgMB
AAGjggODMIIDfzAdBgNVHQ4EFgQUE9o/J6BMNOGLGuzDc1CYHKvbCvQwHwYDVR0j
BBgwFoAUiMFOwCrb8IMTjt3UeHEXbd65PZ0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQwOWQ3YjItZWU2NC00OWYxLWFkODEtOGU0YTEwN2Q2
MmUwLzAvODhDMTRFQzAyQURCRjA4MzEzOEVEREQ0Nzg3MTE3NkRERUI5M0Q5RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2lNRk93Q3JiOElNVGp0M1VlSEVYYmQ2
NVBaMC5jZXIweAYIKwYBBQUHAQsEbDBqMGgGCCsGAQUFBzALhlxyc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0MDlkN2IyLWVlNjQt
NDlmMS1hZDgxLThlNGExMDdkNjJlMC8wL0FTODM0LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBmQYIKwYBBQUHAQcBAf8EggGIMIIBhDCCAYAEAgABMIIB
eAMEAI8UCwMEAI8UDgMEAI8UEjAMAwQAjxQVAwQAjxQWMAwDBAOPFBgDBACPFBoD
BACPFBwDBACPFCAwDAMEAY8UIgMEAI8UJAMEAY8UKgMEAI8ULTAMAwQAjxQvAwQA
jxQwAwQAjxQ1AwQBjxQ4AwQAjxQ7AwQAjxQ/AwQAjxRBAwQBjxRIAwQAjxRNAwQA
jxRQAwQAjxRnMAwDBACPFGkDBACPFGoDBACPFHQDBACPFHYDBACPFHgDBACPFIAw
DAMEAI8UgwMEAI8UhAMEAI8UkzAMAwQAjxSXAwQAjxSYAwQAjxSdAwQAjxSiAwQA
jxSoAwQAjxStAwQBjxSyAwQAjxS2AwQAjxTCAwQAjxTEAwQAjxTGAwQCjxTIAwQA
jxTOAwQAjxTWMAwDBAOPFNgDBACPFNowDAMEAo8U3AMEAo8U4DAMAwQAjxTnAwQC
jxToAwQAjxTtAwQAjxTvAwQBjxT0MAwDBACPFPcDBACPFPwDBACPFP4wDQYJKoZI
hvcNAQELBQADggEBAF1lt8WEHMti/sGr0KeAqxOA9aPLYPtihy697axWYgDeaftE
ECFbQiC8i7M6bZz7BaUocFm9Odo4SKHWPBxMumPVvb1OSvfDrNM+XR670V/t1OEJ
F5P3QBk6L/9apYFxP4Uel6ixIewDXOv9HTPjW9VctL2aDT+0nRovLPWacOAfPZ87
Xo+9Iyp1O76NqOd49OpwqEPOReFeo/n1M/IlBI2Jk0PiKqdfZi4R5FsAmYU8OdkT
FTFNW4g0t3etaVYEydKyZhfs5RmB1jzpe9SLTsAF4fQnnHMjnoXIn2gvaH7U3U/A
qkFUNv+Q2WDIORaCPysQ/pYmeTG4IN1qNLKrVRQ=
-----END CERTIFICATE-----
Generated at Thu Mar 26 08:00:15 2026 by rpki-client