Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/AS834.roa
File: AS834.roa (raw, json)
Hash identifier: vCYygmglJsHwJUs1G51kWzomSeuAHE9r6NKS9ER+l/A=
Subject key identifier: 6E:0D:F0:79:0B:E3:6D:C9:BF:2D:1D:11:42:80:45:28:2E:77:3A:A3
Certificate issuer: /CN=88c14ec02adbf083138eddd47871176ddeb93d9d
Certificate serial: 752EFF218526C1D52054C5F47C5808CBC3176B9D
Authority key identifier: 88:C1:4E:C0:2A:DB:F0:83:13:8E:DD:D4:78:71:17:6D:DE:B9:3D:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/AS834.roa
Signing time: Sat 09 May 2026 17:28:28 +0000
ROA not before: Sat 09 May 2026 17:23:28 +0000
ROA not after: Sat 08 May 2027 17:28:28 +0000
asID: 834
IP address blocks: 143.20.7.0/24 maxlen: 24
143.20.8.0/23 maxlen: 24
143.20.11.0/24 maxlen: 24
143.20.14.0/24 maxlen: 24
143.20.16.0/24 maxlen: 24
143.20.18.0/24 maxlen: 24
143.20.21.0/24 maxlen: 24
143.20.22.0/24 maxlen: 24
143.20.24.0/23 maxlen: 24
143.20.28.0/24 maxlen: 24
143.20.32.0/24 maxlen: 24
143.20.34.0/23 maxlen: 24
143.20.36.0/24 maxlen: 24
143.20.42.0/24 maxlen: 24
143.20.45.0/24 maxlen: 24
143.20.47.0/24 maxlen: 24
143.20.48.0/24 maxlen: 24
143.20.56.0/23 maxlen: 24
143.20.59.0/24 maxlen: 24
143.20.63.0/24 maxlen: 24
143.20.65.0/24 maxlen: 24
143.20.72.0/23 maxlen: 24
143.20.74.0/24 maxlen: 24
143.20.77.0/24 maxlen: 24
143.20.80.0/24 maxlen: 24
143.20.105.0/24 maxlen: 24
143.20.106.0/24 maxlen: 24
143.20.118.0/24 maxlen: 24
143.20.120.0/24 maxlen: 24
143.20.128.0/24 maxlen: 24
143.20.136.0/24 maxlen: 24
143.20.139.0/24 maxlen: 24
143.20.145.0/24 maxlen: 24
143.20.151.0/24 maxlen: 24
143.20.152.0/24 maxlen: 24
143.20.162.0/24 maxlen: 24
143.20.173.0/24 maxlen: 24
143.20.178.0/23 maxlen: 24
143.20.180.0/24 maxlen: 24
143.20.182.0/24 maxlen: 24
143.20.198.0/24 maxlen: 24
143.20.206.0/24 maxlen: 24
143.20.214.0/24 maxlen: 24
143.20.231.0/24 maxlen: 24
143.20.237.0/24 maxlen: 24
143.20.239.0/24 maxlen: 24
143.20.244.0/23 maxlen: 24
143.20.252.0/24 maxlen: 24
143.20.254.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.crl
rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.mft
rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 08:28:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
75:2e:ff:21:85:26:c1:d5:20:54:c5:f4:7c:58:08:cb:c3:17:6b:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88c14ec02adbf083138eddd47871176ddeb93d9d
Validity
Not Before: May 9 17:23:28 2026 GMT
Not After : May 8 17:28:28 2027 GMT
Subject: CN=6E0DF0790BE36DC9BF2D1D11428045282E773AA3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:f7:75:11:cb:3c:83:0a:b2:94:58:58:4d:25:
f5:54:b9:e9:07:6c:62:25:b9:2c:6d:61:ae:ce:b6:
07:8b:c8:22:f5:9c:fb:8d:8a:de:9e:a1:b6:d5:ac:
1d:6a:c4:01:93:2f:f2:e8:59:94:70:db:b3:85:27:
8d:66:68:fb:06:eb:87:74:0a:d1:68:48:dd:88:02:
40:ec:30:f5:86:c8:b8:c5:1a:5d:0b:19:4c:32:5a:
99:1b:97:ef:e2:ab:57:e5:73:f9:33:00:66:e8:91:
d4:11:28:87:51:6e:03:47:28:3e:eb:10:79:85:9a:
f1:30:bc:92:00:0d:f8:bb:2b:ed:2b:d3:69:52:46:
e4:9e:d3:a2:89:8a:6e:6a:2c:ba:eb:bb:76:d2:33:
c6:15:29:78:3f:3f:7b:e1:24:99:57:d7:c8:52:30:
bc:ec:9e:09:5d:c0:0c:2d:c5:3d:bb:bc:fc:54:43:
fb:6f:40:09:f3:3f:56:93:c2:88:bf:25:4f:ca:cc:
7d:a2:18:5c:82:2d:91:0d:de:4b:da:6f:1b:c7:a9:
1b:d1:07:70:25:e8:49:ca:d2:ff:59:83:c3:76:1c:
38:35:f4:19:4b:9f:01:24:1f:7d:a4:1c:a1:2c:b2:
b6:a3:04:d6:aa:65:16:51:47:c5:13:47:fe:0b:28:
e2:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:0D:F0:79:0B:E3:6D:C9:BF:2D:1D:11:42:80:45:28:2E:77:3A:A3
X509v3 Authority Key Identifier:
keyid:88:C1:4E:C0:2A:DB:F0:83:13:8E:DD:D4:78:71:17:6D:DE:B9:3D:9D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/AS834.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.20.7.0-143.20.9.255
143.20.11.0/24
143.20.14.0/24
143.20.16.0/24
143.20.18.0/24
143.20.21.0-143.20.22.255
143.20.24.0/23
143.20.28.0/24
143.20.32.0/24
143.20.34.0-143.20.36.255
143.20.42.0/24
143.20.45.0/24
143.20.47.0-143.20.48.255
143.20.56.0/23
143.20.59.0/24
143.20.63.0/24
143.20.65.0/24
143.20.72.0-143.20.74.255
143.20.77.0/24
143.20.80.0/24
143.20.105.0-143.20.106.255
143.20.118.0/24
143.20.120.0/24
143.20.128.0/24
143.20.136.0/24
143.20.139.0/24
143.20.145.0/24
143.20.151.0-143.20.152.255
143.20.162.0/24
143.20.173.0/24
143.20.178.0-143.20.180.255
143.20.182.0/24
143.20.198.0/24
143.20.206.0/24
143.20.214.0/24
143.20.231.0/24
143.20.237.0/24
143.20.239.0/24
143.20.244.0/23
143.20.252.0/24
143.20.254.0/24
Signature Algorithm: sha256WithRSAEncryption
0d:4e:7a:05:2a:56:3c:81:64:bb:ed:7e:a1:f8:4b:21:d7:ec:
dc:ba:79:1d:e3:a6:8f:b2:2d:89:b6:7a:04:bd:16:e0:05:00:
f4:1b:7b:cb:68:55:42:f8:b6:43:33:a1:ed:5b:09:ee:e7:10:
aa:a7:2a:91:12:81:58:b5:96:6e:a9:3f:66:5d:78:f4:61:d7:
f4:c5:40:a0:3b:20:2f:e6:2e:6d:b2:75:88:c8:56:85:4c:80:
e4:dd:92:74:18:68:34:03:dd:c8:59:c6:fe:94:e0:1d:15:be:
6b:68:6d:08:85:1f:8a:48:8c:ae:91:e2:85:17:53:09:a0:c7:
9d:bf:57:4f:c9:c2:60:72:b8:c8:e7:3f:93:43:b1:9a:32:13:
6b:84:56:87:f2:2b:75:7a:a0:3f:48:06:e3:15:9b:d6:82:bc:
c0:c5:6a:d0:6b:e1:9f:bb:63:ce:2c:be:98:43:3c:21:4e:01:
c0:cf:e0:b5:a2:f2:72:0e:b0:51:a8:60:f6:4c:70:04:5e:24:
fc:05:12:83:d0:4d:bf:9b:ae:40:bc:54:1c:d8:2d:0e:a5:f2:
4f:f9:c0:2b:34:70:06:36:22:3a:60:de:81:6d:12:72:c7:c7:
63:8a:6c:e1:5a:0d:df:2c:bd:c6:8a:8f:00:13:7e:8f:46:8a:
db:72:2e:dd
-----BEGIN CERTIFICATE-----
MIIGNzCCBR+gAwIBAgIUdS7/IYUmwdUgVMX0fFgIy8MXa50wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODhjMTRlYzAyYWRiZjA4MzEzOGVkZGQ0Nzg3MTE3NmRk
ZWI5M2Q5ZDAeFw0yNjA1MDkxNzIzMjhaFw0yNzA1MDgxNzI4MjhaMDMxMTAvBgNV
BAMTKDZFMERGMDc5MEJFMzZEQzlCRjJEMUQxMTQyODA0NTI4MkU3NzNBQTMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCj93URyzyDCrKUWFhNJfVUuekH
bGIluSxtYa7OtgeLyCL1nPuNit6eobbVrB1qxAGTL/LoWZRw27OFJ41maPsG64d0
CtFoSN2IAkDsMPWGyLjFGl0LGUwyWpkbl+/iq1flc/kzAGbokdQRKIdRbgNHKD7r
EHmFmvEwvJIADfi7K+0r02lSRuSe06KJim5qLLrru3bSM8YVKXg/P3vhJJlX18hS
MLzsngldwAwtxT27vPxUQ/tvQAnzP1aTwoi/JU/KzH2iGFyCLZEN3kvabxvHqRvR
B3Al6EnK0v9Zg8N2HDg19BlLnwEkH32kHKEssrajBNaqZRZRR8UTR/4LKOJLAgMB
AAGjggNBMIIDPTAdBgNVHQ4EFgQUbg3weQvjbcm/LR0RQoBFKC53OqMwHwYDVR0j
BBgwFoAUiMFOwCrb8IMTjt3UeHEXbd65PZ0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQwOWQ3YjItZWU2NC00OWYxLWFkODEtOGU0YTEwN2Q2
MmUwLzAvODhDMTRFQzAyQURCRjA4MzEzOEVEREQ0Nzg3MTE3NkRERUI5M0Q5RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2lNRk93Q3JiOElNVGp0M1VlSEVYYmQ2
NVBaMC5jZXIweAYIKwYBBQUHAQsEbDBqMGgGCCsGAQUFBzALhlxyc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0MDlkN2IyLWVlNjQt
NDlmMS1hZDgxLThlNGExMDdkNjJlMC8wL0FTODM0LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBVwYIKwYBBQUHAQcBAf8EggFGMIIBQjCCAT4EAgABMIIB
NjAMAwQAjxQHAwQBjxQIAwQAjxQLAwQAjxQOAwQAjxQQAwQAjxQSMAwDBACPFBUD
BACPFBYDBAGPFBgDBACPFBwDBACPFCAwDAMEAY8UIgMEAI8UJAMEAI8UKgMEAI8U
LTAMAwQAjxQvAwQAjxQwAwQBjxQ4AwQAjxQ7AwQAjxQ/AwQAjxRBMAwDBAOPFEgD
BACPFEoDBACPFE0DBACPFFAwDAMEAI8UaQMEAI8UagMEAI8UdgMEAI8UeAMEAI8U
gAMEAI8UiAMEAI8UiwMEAI8UkTAMAwQAjxSXAwQAjxSYAwQAjxSiAwQAjxStMAwD
BAGPFLIDBACPFLQDBACPFLYDBACPFMYDBACPFM4DBACPFNYDBACPFOcDBACPFO0D
BACPFO8DBAGPFPQDBACPFPwDBACPFP4wDQYJKoZIhvcNAQELBQADggEBAA1OegUq
VjyBZLvtfqH4SyHX7Ny6eR3jpo+yLYm2egS9FuAFAPQbe8toVUL4tkMzoe1bCe7n
EKqnKpESgVi1lm6pP2ZdePRh1/TFQKA7IC/mLm2ydYjIVoVMgOTdknQYaDQD3chZ
xv6U4B0VvmtobQiFH4pIjK6R4oUXUwmgx52/V0/JwmByuMjnP5NDsZoyE2uEVofy
K3V6oD9IBuMVm9aCvMDFatBr4Z+7Y84svphDPCFOAcDP4LWi8nIOsFGoYPZMcARe
JPwFEoPQTb+brkC8VBzYLQ6l8k/5wCs0cAY2Ijpg3oFtEnLHx2OKbOFaDd8svcaK
jwATfo9GittyLt0=
-----END CERTIFICATE-----
Generated at Tue May 12 22:24:32 2026 by rpki-client