Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/AS834.roa
File: AS834.roa (raw, json)
Hash identifier: lY8SgayP0decbfe8sFPaBX+IshbAn7CuuUqlaoSrPCg=
Subject key identifier: A2:6C:7C:09:44:F5:D2:D8:2D:69:7E:30:F5:EC:6C:F5:DF:F2:D8:D5
Certificate issuer: /CN=88c14ec02adbf083138eddd47871176ddeb93d9d
Certificate serial: 29F22EEFFDDBDCE70A9E8B63E45866B5876B0FAB
Authority key identifier: 88:C1:4E:C0:2A:DB:F0:83:13:8E:DD:D4:78:71:17:6D:DE:B9:3D:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/AS834.roa
Signing time: Sat 23 Aug 2025 00:02:42 +0000
ROA not before: Fri 22 Aug 2025 23:57:42 +0000
ROA not after: Sat 22 Aug 2026 00:02:42 +0000
asID: 834
IP address blocks: 143.20.12.0/24 maxlen: 24
143.20.43.0/24 maxlen: 24
143.20.64.0/24 maxlen: 24
143.20.77.0/24 maxlen: 24
143.20.82.0/24 maxlen: 24
143.20.134.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.crl
rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.mft
rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
29:f2:2e:ef:fd:db:dc:e7:0a:9e:8b:63:e4:58:66:b5:87:6b:0f:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88c14ec02adbf083138eddd47871176ddeb93d9d
Validity
Not Before: Aug 22 23:57:42 2025 GMT
Not After : Aug 22 00:02:42 2026 GMT
Subject: CN=A26C7C0944F5D2D82D697E30F5EC6CF5DFF2D8D5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:57:45:a2:82:1c:20:6c:22:32:db:4d:81:fd:
ce:00:6a:94:ca:f9:36:e9:8e:84:8d:4a:c9:7b:f2:
f9:24:7a:a7:88:d5:d2:6e:7c:c8:21:0a:74:b7:72:
8e:ed:67:49:56:ed:06:74:ec:d5:62:a8:8a:88:83:
b6:bd:56:c6:e8:43:8c:32:2e:58:35:5a:cc:81:ac:
cb:01:88:f7:f8:02:ef:17:da:f2:5f:1f:58:ab:53:
82:22:1d:b1:14:fc:3d:30:71:4b:b5:79:4f:b0:2c:
81:50:f4:d2:3c:50:d2:83:5a:ee:c6:d6:a9:8f:d8:
ce:a7:52:f0:ee:71:0f:e3:63:38:6c:12:fa:ce:2b:
5e:06:d4:c9:0c:38:52:20:91:d2:8f:e4:b0:8a:d9:
64:66:27:44:1e:25:1d:eb:20:e4:00:5a:7d:77:a8:
53:8f:50:26:9d:32:b3:a3:90:bc:d3:c4:9f:c4:2c:
ab:45:16:1f:c8:62:d9:3d:96:9f:f5:5c:4f:e9:19:
f5:d6:f0:70:13:21:b9:5f:72:96:64:c8:d5:08:02:
bf:4a:2c:93:54:bf:14:af:36:85:81:68:df:41:c6:
9b:e2:83:47:0b:4f:59:65:30:9b:0c:19:e5:93:47:
e6:60:c9:88:ef:bb:c6:31:61:ed:64:95:80:e5:f2:
b7:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:6C:7C:09:44:F5:D2:D8:2D:69:7E:30:F5:EC:6C:F5:DF:F2:D8:D5
X509v3 Authority Key Identifier:
keyid:88:C1:4E:C0:2A:DB:F0:83:13:8E:DD:D4:78:71:17:6D:DE:B9:3D:9D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/AS834.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.20.12.0/24
143.20.43.0/24
143.20.64.0/24
143.20.77.0/24
143.20.82.0/24
143.20.134.0/24
Signature Algorithm: sha256WithRSAEncryption
ce:3f:35:51:40:02:62:db:1c:c4:85:0e:9e:f0:9a:79:14:f6:
ae:ce:30:ff:26:da:5b:0e:9f:c0:44:b1:b8:da:27:27:5f:cd:
c2:7c:5d:28:fa:d2:76:3e:4b:e6:0d:1a:a2:45:92:71:5e:03:
54:f2:f3:10:9e:b6:25:2c:20:62:8f:57:b8:eb:ec:7f:5e:7f:
d7:9d:2c:48:d7:d3:fd:07:65:28:13:e9:1f:79:f7:72:b4:0a:
96:84:32:22:41:1d:ee:e9:a0:06:f9:b2:d2:a9:bf:2c:85:a4:
46:50:4e:ce:ee:21:40:0e:ba:71:6d:2c:af:41:6c:21:65:37:
4e:63:41:a5:23:07:63:17:30:a4:d7:30:69:21:3d:84:39:47:
e5:90:35:dd:61:9e:e6:c9:9e:26:fa:14:91:41:85:d5:f0:7b:
b4:b0:83:38:8a:33:2d:4a:b1:c1:33:fd:c8:ab:f5:f7:9b:3d:
c3:79:c6:a9:d2:f5:61:29:0c:d6:c6:05:38:6d:19:92:0b:6a:
a0:78:a4:ad:8b:33:4a:40:6c:da:e6:c2:37:e4:85:54:59:66:
f8:bc:ac:16:91:1a:f6:6f:35:ff:d6:4e:71:21:da:99:c4:06:
c5:d6:f6:8a:ab:29:6a:0e:58:33:15:82:32:f1:ff:8a:51:ec:
cc:06:29:cc
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgIUKfIu7/3b3OcKnotj5FhmtYdrD6swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODhjMTRlYzAyYWRiZjA4MzEzOGVkZGQ0Nzg3MTE3NmRk
ZWI5M2Q5ZDAeFw0yNTA4MjIyMzU3NDJaFw0yNjA4MjIwMDAyNDJaMDMxMTAvBgNV
BAMTKEEyNkM3QzA5NDRGNUQyRDgyRDY5N0UzMEY1RUM2Q0Y1REZGMkQ4RDUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCQV0WighwgbCIy202B/c4AapTK
+TbpjoSNSsl78vkkeqeI1dJufMghCnS3co7tZ0lW7QZ07NViqIqIg7a9VsboQ4wy
Llg1WsyBrMsBiPf4Au8X2vJfH1irU4IiHbEU/D0wcUu1eU+wLIFQ9NI8UNKDWu7G
1qmP2M6nUvDucQ/jYzhsEvrOK14G1MkMOFIgkdKP5LCK2WRmJ0QeJR3rIOQAWn13
qFOPUCadMrOjkLzTxJ/ELKtFFh/IYtk9lp/1XE/pGfXW8HATIblfcpZkyNUIAr9K
LJNUvxSvNoWBaN9Bxpvig0cLT1llMJsMGeWTR+ZgyYjvu8YxYe1klYDl8rfdAgMB
AAGjggIlMIICITAdBgNVHQ4EFgQUomx8CUT10tgtaX4w9exs9d/y2NUwHwYDVR0j
BBgwFoAUiMFOwCrb8IMTjt3UeHEXbd65PZ0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQwOWQ3YjItZWU2NC00OWYxLWFkODEtOGU0YTEwN2Q2
MmUwLzAvODhDMTRFQzAyQURCRjA4MzEzOEVEREQ0Nzg3MTE3NkRERUI5M0Q5RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2lNRk93Q3JiOElNVGp0M1VlSEVYYmQ2
NVBaMC5jZXIweAYIKwYBBQUHAQsEbDBqMGgGCCsGAQUFBzALhlxyc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0MDlkN2IyLWVlNjQt
NDlmMS1hZDgxLThlNGExMDdkNjJlMC8wL0FTODM0LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAjxQMAwQA
jxQrAwQAjxRAAwQAjxRNAwQAjxRSAwQAjxSGMA0GCSqGSIb3DQEBCwUAA4IBAQDO
PzVRQAJi2xzEhQ6e8Jp5FPauzjD/JtpbDp/ARLG42icnX83CfF0o+tJ2PkvmDRqi
RZJxXgNU8vMQnrYlLCBij1e46+x/Xn/XnSxI19P9B2UoE+kfefdytAqWhDIiQR3u
6aAG+bLSqb8shaRGUE7O7iFADrpxbSyvQWwhZTdOY0GlIwdjFzCk1zBpIT2EOUfl
kDXdYZ7myZ4m+hSRQYXV8Hu0sIM4ijMtSrHBM/3Iq/X3mz3Decap0vVhKQzWxgU4
bRmSC2qgeKStizNKQGza5sI35IVUWWb4vKwWkRr2bzX/1k5xIdqZxAbF1vaKqylq
DlgzFYIy8f+KUezMBinM
-----END CERTIFICATE-----
Generated at Sat Aug 23 06:34:45 2025 by rpki-client