Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS834.roa
File: AS834.roa (raw, json)
Hash identifier: TUoe3H8U5cfcl5jjKWlZe1lIs8MJOxK+kVlhz3rzuCw=
Subject key identifier: 60:47:EC:B7:59:A6:2E:D4:2F:E6:4B:54:C4:C5:53:99:03:38:1B:7D
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 7DCB1F455AA3B25E4D19E7F4182300B68ED73B74
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS834.roa
Signing time: Tue 28 Jan 2025 17:37:07 +0000
ROA not before: Tue 28 Jan 2025 17:32:07 +0000
ROA not after: Tue 27 Jan 2026 17:37:07 +0000
asID: 834
IP address blocks: 96.62.129.0/24 maxlen: 24
96.62.130.0/23 maxlen: 24
96.62.132.0/22 maxlen: 24
96.62.136.0/22 maxlen: 24
96.62.141.0/24 maxlen: 24
96.62.142.0/23 maxlen: 24
96.62.144.0/21 maxlen: 24
96.62.160.0/20 maxlen: 24
96.62.176.0/22 maxlen: 24
96.62.188.0/23 maxlen: 24
96.62.196.0/22 maxlen: 24
96.62.208.0/22 maxlen: 24
96.62.212.0/23 maxlen: 24
96.62.215.0/24 maxlen: 24
96.62.225.0/24 maxlen: 24
96.62.226.0/24 maxlen: 24
96.62.230.0/24 maxlen: 24
96.62.236.0/22 maxlen: 24
96.62.240.0/23 maxlen: 24
96.62.245.0/24 maxlen: 24
96.62.246.0/24 maxlen: 24
96.62.252.0/24 maxlen: 24
140.150.232.0/22 maxlen: 24
145.223.66.0/23 maxlen: 24
145.223.68.0/22 maxlen: 24
146.103.18.0/24 maxlen: 24
146.103.34.0/23 maxlen: 24
146.103.51.0/24 maxlen: 24
147.79.31.0/24 maxlen: 24
148.135.145.0/24 maxlen: 24
148.135.152.0/23 maxlen: 24
148.135.154.0/24 maxlen: 24
148.135.156.0/24 maxlen: 24
148.135.182.0/23 maxlen: 24
148.135.255.0/24 maxlen: 24
150.241.192.0/22 maxlen: 24
150.241.196.0/23 maxlen: 24
150.241.199.0/24 maxlen: 24
150.241.200.0/21 maxlen: 24
150.241.208.0/22 maxlen: 24
150.241.212.0/23 maxlen: 24
150.241.214.0/24 maxlen: 24
150.241.216.0/21 maxlen: 24
150.241.224.0/24 maxlen: 24
150.241.228.0/22 maxlen: 24
150.241.232.0/23 maxlen: 24
150.241.234.0/24 maxlen: 24
150.241.236.0/22 maxlen: 24
150.241.240.0/21 maxlen: 24
150.241.248.0/24 maxlen: 24
150.241.250.0/23 maxlen: 24
150.241.253.0/24 maxlen: 24
150.241.254.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7d:cb:1f:45:5a:a3:b2:5e:4d:19:e7:f4:18:23:00:b6:8e:d7:3b:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Jan 28 17:32:07 2025 GMT
Not After : Jan 27 17:37:07 2026 GMT
Subject: CN=6047ECB759A62ED42FE64B54C4C5539903381B7D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:a7:28:72:2f:f2:86:9b:d5:ec:f7:60:52:46:
9d:ea:bd:a6:91:20:58:d2:64:28:a0:48:4c:82:ac:
a2:3c:51:72:f9:08:0e:a8:e8:a4:bd:93:96:68:80:
a9:b2:c2:87:a9:57:01:aa:dd:37:ca:41:46:18:21:
de:d9:c5:f7:d8:73:bd:d7:34:7f:a4:4f:ce:f0:bd:
b8:ba:29:8e:17:ee:6f:b8:64:14:f7:b8:d5:99:ad:
d2:bb:ac:f6:d1:f5:1f:6f:e8:d4:10:a0:ac:c9:f6:
10:6e:0b:70:1b:74:0b:62:b0:60:3c:1b:ce:a7:68:
e6:81:11:6b:cd:e7:d4:c3:33:78:97:73:6b:d6:32:
d3:6f:cf:80:19:cf:cd:a7:f9:69:8d:59:8a:58:7f:
a9:aa:cb:60:70:a0:cd:db:20:44:64:94:51:e2:8b:
3f:ab:b0:13:60:c4:ed:4b:91:cc:66:94:eb:6d:d8:
30:22:7e:d4:bd:43:14:25:5e:1a:d4:7e:92:17:6d:
e8:3a:08:a5:3b:c7:7a:fc:1e:d9:9d:be:f3:1d:2a:
1e:eb:6f:fb:dd:70:0d:32:64:47:cd:6d:42:bb:a3:
fa:95:17:bc:be:32:b3:63:ed:b3:c4:03:fe:84:4a:
02:54:c8:24:ed:8c:a0:e5:d9:a3:cb:e9:4f:40:b5:
ba:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:47:EC:B7:59:A6:2E:D4:2F:E6:4B:54:C4:C5:53:99:03:38:1B:7D
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS834.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
96.62.129.0-96.62.139.255
96.62.141.0-96.62.151.255
96.62.160.0-96.62.179.255
96.62.188.0/23
96.62.196.0/22
96.62.208.0-96.62.213.255
96.62.215.0/24
96.62.225.0-96.62.226.255
96.62.230.0/24
96.62.236.0-96.62.241.255
96.62.245.0-96.62.246.255
96.62.252.0/24
140.150.232.0/22
145.223.66.0-145.223.71.255
146.103.18.0/24
146.103.34.0/23
146.103.51.0/24
147.79.31.0/24
148.135.145.0/24
148.135.152.0-148.135.154.255
148.135.156.0/24
148.135.182.0/23
148.135.255.0/24
150.241.192.0-150.241.197.255
150.241.199.0-150.241.214.255
150.241.216.0-150.241.224.255
150.241.228.0-150.241.234.255
150.241.236.0-150.241.248.255
150.241.250.0/23
150.241.253.0-150.241.254.255
Signature Algorithm: sha256WithRSAEncryption
21:54:a6:6a:00:3c:05:2a:8a:01:9b:32:41:e7:6b:6f:de:9d:
ca:5c:32:4f:6c:bd:00:f6:1c:a1:87:e7:7d:2b:37:03:55:51:
88:4b:62:7c:46:ab:8d:7a:0c:82:66:86:c3:71:c6:c4:10:77:
9c:59:4d:05:88:a2:5c:92:47:79:19:6b:21:9c:3c:dc:70:f0:
21:d7:16:2e:b4:72:d1:7a:73:71:35:90:58:5b:ef:6e:1f:24:
0d:99:44:c1:b8:4a:4b:02:7a:56:e3:72:4b:d8:48:69:1a:8d:
3d:8f:d2:5d:fd:ea:b8:5a:aa:0c:ba:f4:f8:a5:e4:f6:4f:21:
b5:2c:a5:b9:33:27:73:2b:08:75:2e:81:d7:50:03:32:01:e7:
e8:22:cb:44:a2:79:73:58:79:ad:a2:b1:df:67:43:b2:8b:d2:
66:fc:f8:4e:20:09:44:fa:3f:c9:f0:44:3a:f0:b0:ef:11:22:
8f:72:93:19:32:ce:41:2b:d5:13:1a:32:10:f1:c3:4c:ea:ae:
41:9e:02:61:85:15:ed:6a:39:54:07:59:f2:ef:7c:be:05:42:
b4:05:bd:e4:63:c4:c0:23:ae:f0:c9:e7:ad:4e:9c:13:d6:ae:
51:31:90:30:5e:36:13:eb:60:3e:93:4d:d7:06:45:0a:6d:fd:
61:7d:a7:e2
-----BEGIN CERTIFICATE-----
MIIGLTCCBRWgAwIBAgIUfcsfRVqjsl5NGef0GCMAto7XO3QwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTAxMjgxNzMyMDdaFw0yNjAxMjcxNzM3MDdaMDMxMTAvBgNV
BAMTKDYwNDdFQ0I3NTlBNjJFRDQyRkU2NEI1NEM0QzU1Mzk5MDMzODFCN0QwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCepyhyL/KGm9Xs92BSRp3qvaaR
IFjSZCigSEyCrKI8UXL5CA6o6KS9k5ZogKmywoepVwGq3TfKQUYYId7ZxffYc73X
NH+kT87wvbi6KY4X7m+4ZBT3uNWZrdK7rPbR9R9v6NQQoKzJ9hBuC3AbdAtisGA8
G86naOaBEWvN59TDM3iXc2vWMtNvz4AZz82n+WmNWYpYf6mqy2BwoM3bIERklFHi
iz+rsBNgxO1LkcxmlOtt2DAiftS9QxQlXhrUfpIXbeg6CKU7x3r8HtmdvvMdKh7r
b/vdcA0yZEfNbUK7o/qVF7y+MrNj7bPEA/6ESgJUyCTtjKDl2aPL6U9AtbqFAgMB
AAGjggM3MIIDMzAdBgNVHQ4EFgQUYEfst1mmLtQv5ktUxMVTmQM4G30wHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIweAYIKwYBBQUHAQsEbDBqMGgGCCsGAQUFBzALhlxyc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTODM0LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBTQYIKwYBBQUHAQcBAf8EggE8MIIBODCCATQEAgABMIIB
LDAMAwQAYD6BAwQCYD6IMAwDBABgPo0DBANgPpAwDAMEBWA+oAMEAmA+sAMEAWA+
vAMEAmA+xDAMAwQEYD7QAwQBYD7UAwQAYD7XMAwDBABgPuEDBABgPuIDBABgPuYw
DAMEAmA+7AMEAWA+8DAMAwQAYD71AwQAYD72AwQAYD78AwQCjJboMAwDBAGR30ID
BAOR30ADBACSZxIDBAGSZyIDBACSZzMDBACTTx8DBACUh5EwDAMEA5SHmAMEAJSH
mgMEAJSHnAMEAZSHtgMEAJSH/zAMAwQGlvHAAwQBlvHEMAwDBACW8ccDBACW8dYw
DAMEA5bx2AMEAJbx4DAMAwQClvHkAwQAlvHqMAwDBAKW8ewDBACW8fgDBAGW8fow
DAMEAJbx/QMEAJbx/jANBgkqhkiG9w0BAQsFAAOCAQEAIVSmagA8BSqKAZsyQedr
b96dylwyT2y9APYcoYfnfSs3A1VRiEtifEarjXoMgmaGw3HGxBB3nFlNBYiiXJJH
eRlrIZw83HDwIdcWLrRy0XpzcTWQWFvvbh8kDZlEwbhKSwJ6VuNyS9hIaRqNPY/S
Xf3quFqqDLr0+KXk9k8htSyluTMncysIdS6B11ADMgHn6CLLRKJ5c1h5raKx32dD
sovSZvz4TiAJRPo/yfBEOvCw7xEij3KTGTLOQSvVExoyEPHDTOquQZ4CYYUV7Wo5
VAdZ8u98vgVCtAW95GPEwCOu8MnnrU6cE9auUTGQMF42E+tgPpNN1wZFCm39YX2n
4g==
-----END CERTIFICATE-----
Generated at Fri Apr 25 18:26:16 2025 by rpki-client