Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/AS834.roa
File: AS834.roa (raw, json)
Hash identifier: 6xLNdRvZ4rZKMYWK/o9lDs0Mb28t8YymTFTrTuZS01I=
Subject key identifier: 62:07:DC:C8:6E:61:66:C8:15:F2:5C:BB:47:4E:5F:E0:94:5D:1B:06
Certificate issuer: /CN=6ccdc82bae7800f7d507c737924869bdeb5a76ea
Certificate serial: 6C8E0230D56AFC5A47CAFBF603D5E48A65E3D343
Authority key identifier: 6C:CD:C8:2B:AE:78:00:F7:D5:07:C7:37:92:48:69:BD:EB:5A:76:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bM3IK654APfVB8c3kkhpvetaduo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/AS834.roa
Signing time: Tue 24 Mar 2026 08:26:28 +0000
ROA not before: Tue 24 Mar 2026 08:21:28 +0000
ROA not after: Tue 23 Mar 2027 08:26:28 +0000
asID: 834
IP address blocks: 147.125.128.0/24 maxlen: 24
147.125.131.0/24 maxlen: 24
147.125.136.0/22 maxlen: 24
147.125.149.0/24 maxlen: 24
147.125.158.0/24 maxlen: 24
147.125.160.0/19 maxlen: 24
147.125.192.0/22 maxlen: 24
147.125.198.0/24 maxlen: 24
147.125.204.0/24 maxlen: 24
147.125.207.0/24 maxlen: 24
147.125.209.0/24 maxlen: 24
147.125.210.0/23 maxlen: 24
147.125.212.0/23 maxlen: 24
147.125.240.0/22 maxlen: 24
147.125.244.0/23 maxlen: 24
147.125.246.0/24 maxlen: 24
147.125.250.0/23 maxlen: 24
147.125.252.0/24 maxlen: 24
147.125.254.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/6CCDC82BAE7800F7D507C737924869BDEB5A76EA.crl
rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/6CCDC82BAE7800F7D507C737924869BDEB5A76EA.mft
rsync://rpki.ripe.net/repository/DEFAULT/bM3IK654APfVB8c3kkhpvetaduo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 19:48:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6c:8e:02:30:d5:6a:fc:5a:47:ca:fb:f6:03:d5:e4:8a:65:e3:d3:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ccdc82bae7800f7d507c737924869bdeb5a76ea
Validity
Not Before: Mar 24 08:21:28 2026 GMT
Not After : Mar 23 08:26:28 2027 GMT
Subject: CN=6207DCC86E6166C815F25CBB474E5FE0945D1B06
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:af:22:b1:e6:9b:33:76:9a:ec:50:ee:1a:11:
ac:59:b2:d7:82:c5:76:06:d9:f9:94:6f:32:20:03:
07:5d:b7:33:33:36:aa:37:45:da:a5:c3:1a:7d:d8:
bd:f0:26:1c:ab:95:2b:fa:b8:94:6e:55:d2:b1:bc:
d7:f6:0c:4a:4a:a9:47:4d:85:4e:00:d9:a1:6e:5d:
65:fa:1a:1c:cc:d6:f2:be:36:67:6c:78:06:ad:97:
39:a1:cf:44:5a:b0:e7:51:8a:1d:ea:70:86:7a:32:
72:06:21:31:1b:88:ef:e0:8d:65:e5:84:bf:2b:c5:
f8:e5:e2:b8:e6:c5:8b:35:92:a4:0d:61:f8:1b:1b:
fb:c2:da:63:ce:41:9a:3f:a9:2c:ac:c7:3f:f7:fc:
1f:a6:cd:ee:79:ae:07:c2:6e:08:39:2f:ca:43:aa:
94:b5:c2:90:e7:62:5b:f3:fa:6a:e9:86:55:86:db:
86:00:21:6c:a4:46:05:1a:50:e1:f1:63:cc:7f:0f:
4d:7e:e6:a9:5f:6a:7b:00:0d:66:08:f9:ac:22:cb:
54:b2:82:17:0f:0e:b8:26:39:12:af:4d:23:07:3d:
bc:e9:5e:2c:15:41:57:65:b6:f4:9d:ac:53:6b:39:
db:1a:f3:03:d7:6a:19:58:da:84:3f:dd:77:a8:39:
2e:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:07:DC:C8:6E:61:66:C8:15:F2:5C:BB:47:4E:5F:E0:94:5D:1B:06
X509v3 Authority Key Identifier:
keyid:6C:CD:C8:2B:AE:78:00:F7:D5:07:C7:37:92:48:69:BD:EB:5A:76:EA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/6CCDC82BAE7800F7D507C737924869BDEB5A76EA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bM3IK654APfVB8c3kkhpvetaduo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/AS834.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.125.128.0/24
147.125.131.0/24
147.125.136.0/22
147.125.149.0/24
147.125.158.0/24
147.125.160.0-147.125.195.255
147.125.198.0/24
147.125.204.0/24
147.125.207.0/24
147.125.209.0-147.125.213.255
147.125.240.0-147.125.246.255
147.125.250.0-147.125.252.255
147.125.254.0/24
Signature Algorithm: sha256WithRSAEncryption
93:20:45:a8:86:a8:dc:9d:f5:e2:b4:ae:53:bd:6d:74:8d:c1:
03:4b:71:36:e2:cd:54:3c:76:8c:ad:c5:7c:d0:81:9d:89:14:
80:0f:18:48:04:80:db:ab:17:33:15:d2:42:f1:ae:e4:dc:22:
9b:32:57:70:42:c5:07:ac:c0:32:ff:40:68:5a:ff:ef:9f:9c:
98:0a:92:94:47:90:9c:70:43:70:56:4f:de:25:69:62:b3:66:
01:97:6d:30:56:13:70:fb:c6:b8:f6:84:b7:2f:ae:a5:c8:a5:
5c:c1:2e:ad:99:b1:69:2e:2a:30:1c:83:4c:47:2f:08:e0:99:
86:72:d8:b1:b5:c6:3f:eb:8f:81:da:4f:5d:4d:07:bf:07:3d:
9c:36:8b:5b:07:f2:fd:a1:ac:f0:21:77:b6:69:9f:d7:31:15:
79:a4:fd:c3:ce:ca:d6:88:fb:b0:26:b0:70:e2:06:7a:7b:28:
64:24:24:8d:f5:5a:95:e0:94:5c:9e:77:78:c4:71:de:b9:76:
4a:12:80:7f:a1:96:65:6b:3f:8e:b4:2e:d4:3f:04:11:85:f8:
16:38:c5:a6:05:fb:d8:bf:38:25:aa:77:c6:36:3f:eb:44:41:
d3:13:1e:b6:1c:c0:4b:90:7d:62:75:bf:48:36:e1:95:97:38:
3b:fb:b6:41
-----BEGIN CERTIFICATE-----
MIIFZjCCBE6gAwIBAgIUbI4CMNVq/FpHyvv2A9XkimXj00MwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNmNjZGM4MmJhZTc4MDBmN2Q1MDdjNzM3OTI0ODY5YmRl
YjVhNzZlYTAeFw0yNjAzMjQwODIxMjhaFw0yNzAzMjMwODI2MjhaMDMxMTAvBgNV
BAMTKDYyMDdEQ0M4NkU2MTY2QzgxNUYyNUNCQjQ3NEU1RkUwOTQ1RDFCMDYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQClryKx5pszdprsUO4aEaxZsteC
xXYG2fmUbzIgAwddtzMzNqo3Rdqlwxp92L3wJhyrlSv6uJRuVdKxvNf2DEpKqUdN
hU4A2aFuXWX6GhzM1vK+NmdseAatlzmhz0RasOdRih3qcIZ6MnIGITEbiO/gjWXl
hL8rxfjl4rjmxYs1kqQNYfgbG/vC2mPOQZo/qSysxz/3/B+mze55rgfCbgg5L8pD
qpS1wpDnYlvz+mrphlWG24YAIWykRgUaUOHxY8x/D01+5qlfansADWYI+awiy1Sy
ghcPDrgmORKvTSMHPbzpXiwVQVdltvSdrFNrOdsa8wPXahlY2oQ/3XeoOS5XAgMB
AAGjggJwMIICbDAdBgNVHQ4EFgQUYgfcyG5hZsgV8ly7R05f4JRdGwYwHwYDVR0j
BBgwFoAUbM3IK654APfVB8c3kkhpvetaduowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvY2NkMzg4NGEtYzM4NS00YjY1LTk4NjYtNGY2MzgzMTcy
NjcyLzAvNkNDREM4MkJBRTc4MDBGN0Q1MDdDNzM3OTI0ODY5QkRFQjVBNzZFQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2JNM0lLNjU0QVBmVkI4YzNra2hwdmV0
YWR1by5jZXIweAYIKwYBBQUHAQsEbDBqMGgGCCsGAQUFBzALhlxyc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2NjZDM4ODRhLWMzODUt
NGI2NS05ODY2LTRmNjM4MzE3MjY3Mi8wL0FTODM0LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGHBggrBgEFBQcBBwEB/wR4MHYwdAQCAAEwbgMEAJN9gAME
AJN9gwMEApN9iAMEAJN9lQMEAJN9njAMAwQFk32gAwQCk33AAwQAk33GAwQAk33M
AwQAk33PMAwDBACTfdEDBAGTfdQwDAMEBJN98AMEAJN99jAMAwQBk336AwQAk338
AwQAk33+MA0GCSqGSIb3DQEBCwUAA4IBAQCTIEWohqjcnfXitK5TvW10jcEDS3E2
4s1UPHaMrcV80IGdiRSADxhIBIDbqxczFdJC8a7k3CKbMldwQsUHrMAy/0BoWv/v
n5yYCpKUR5CccENwVk/eJWlis2YBl20wVhNw+8a49oS3L66lyKVcwS6tmbFpLiow
HINMRy8I4JmGctixtcY/64+B2k9dTQe/Bz2cNotbB/L9oazwIXe2aZ/XMRV5pP3D
zsrWiPuwJrBw4gZ6eyhkJCSN9VqV4JRcnnd4xHHeuXZKEoB/oZZlaz+OtC7UPwQR
hfgWOMWmBfvYvzglqnfGNj/rREHTEx62HMBLkH1idb9INuGVlzg7+7ZB
-----END CERTIFICATE-----
Generated at Thu Mar 26 09:19:36 2026 by rpki-client