Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS32043.roa
File: AS32043.roa (raw, json)
Hash identifier: 9+fhEWY4oT8D8wFQqW4YNlvWRYKxbT8a5vGt0dZVczY=
Subject key identifier: 6B:5F:1C:C6:C7:B8:BA:41:11:70:D3:04:CD:F6:E1:33:AE:35:E8:46
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 150219036698477746A3602BE1EDE0FEC414B3E7
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS32043.roa
Signing time: Thu 12 Mar 2026 09:36:41 +0000
ROA not before: Thu 12 Mar 2026 09:31:41 +0000
ROA not after: Thu 11 Mar 2027 09:36:41 +0000
asID: 32043
IP address blocks: 143.14.63.0/24 maxlen: 24
143.14.73.0/24 maxlen: 24
143.14.74.0/24 maxlen: 24
143.14.214.0/24 maxlen: 24
155.117.48.0/24 maxlen: 24
155.117.49.0/24 maxlen: 24
155.117.50.0/24 maxlen: 24
155.117.53.0/24 maxlen: 24
155.117.62.0/24 maxlen: 24
155.117.191.0/24 maxlen: 24
155.117.192.0/24 maxlen: 24
155.117.236.0/24 maxlen: 24
162.141.18.0/24 maxlen: 24
162.141.164.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Mar 2026 00:55:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
15:02:19:03:66:98:47:77:46:a3:60:2b:e1:ed:e0:fe:c4:14:b3:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Mar 12 09:31:41 2026 GMT
Not After : Mar 11 09:36:41 2027 GMT
Subject: CN=6B5F1CC6C7B8BA411170D304CDF6E133AE35E846
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:39:d0:a7:a3:65:1a:84:fb:3c:10:b9:0d:29:
24:38:d0:bd:ae:50:4e:65:1a:ba:8d:b9:41:17:70:
bd:dd:57:87:db:e4:13:15:c0:17:80:f2:71:99:e8:
e7:62:98:c5:04:fc:54:ed:a6:0b:dd:29:e7:b2:3c:
0d:97:7a:a5:be:af:8a:34:e8:3b:00:66:3c:fc:13:
81:88:38:d4:82:8c:70:2b:a4:57:49:da:80:8a:96:
92:d5:1a:ca:43:1f:10:f7:8e:72:93:bc:8b:e1:f2:
eb:88:d9:56:f3:2b:de:29:49:83:08:ac:29:6c:6d:
3b:0e:37:86:da:9a:eb:12:72:50:4f:16:04:89:cf:
59:39:c3:d8:66:db:2c:61:de:7a:e2:2e:96:ca:39:
33:92:b3:23:e2:73:b7:40:23:f1:3a:ed:65:91:03:
14:92:71:80:16:6f:55:70:10:0c:85:37:e8:d7:e3:
57:12:4f:cf:59:93:fc:f4:30:50:3a:88:71:ca:b8:
0c:50:29:c9:60:aa:d2:fc:82:80:c1:49:c2:1b:63:
c3:37:ef:97:14:70:a0:5d:76:cf:52:f5:ec:f2:92:
35:13:4d:af:35:80:d9:70:db:d2:ed:cd:a5:e8:30:
d3:77:2a:32:62:0a:4e:ac:bd:f5:71:0c:48:a8:d9:
e3:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:5F:1C:C6:C7:B8:BA:41:11:70:D3:04:CD:F6:E1:33:AE:35:E8:46
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS32043.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.14.63.0/24
143.14.73.0-143.14.74.255
143.14.214.0/24
155.117.48.0-155.117.50.255
155.117.53.0/24
155.117.62.0/24
155.117.191.0-155.117.192.255
155.117.236.0/24
162.141.18.0/24
162.141.164.0/24
Signature Algorithm: sha256WithRSAEncryption
3e:cb:1b:ea:c7:70:0f:0b:81:71:3c:16:e2:73:41:70:fd:d6:
42:e2:b1:22:54:86:d6:6b:b3:ba:b9:d5:9d:c0:b8:3d:08:ba:
ae:d0:a0:60:60:a0:ce:1a:ae:d9:90:e7:48:cf:3a:47:44:53:
81:d9:04:a5:b1:32:cd:84:ae:86:e9:5f:9c:3f:8d:a0:b8:45:
25:4f:15:db:7b:c8:21:6a:5b:5b:f2:4a:68:1e:09:5b:02:77:
6d:8a:8d:98:c4:17:26:74:0a:f3:a0:a0:27:ad:a8:10:a0:e4:
23:1b:ce:d2:a2:81:f0:ea:b2:e1:59:7d:87:97:a1:b9:94:36:
03:28:6e:dc:dd:e3:13:c0:ca:25:fd:af:60:34:c0:f0:03:ff:
10:2b:58:a7:94:ac:c7:44:61:4c:ea:b6:aa:bd:f6:ab:d9:64:
14:b3:be:ad:ee:b4:38:ed:47:4c:5f:a9:9b:ad:6c:8d:d2:45:
80:06:e6:1b:48:c4:a2:2a:d1:17:76:51:ab:e8:45:fc:84:36:
b5:7d:67:23:07:35:9a:92:bd:44:be:44:63:83:37:eb:d9:cd:
c9:c7:39:d1:01:2e:02:fc:c1:55:8a:06:09:4b:59:19:58:c4:
a2:8e:ca:da:d7:84:9f:47:d1:3b:6c:b5:d9:5c:9b:9d:13:27:
22:82:9e:51
-----BEGIN CERTIFICATE-----
MIIFTTCCBDWgAwIBAgIUFQIZA2aYR3dGo2Ar4e3g/sQUs+cwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNjAzMTIwOTMxNDFaFw0yNzAzMTEwOTM2NDFaMDMxMTAvBgNV
BAMTKDZCNUYxQ0M2QzdCOEJBNDExMTcwRDMwNENERjZFMTMzQUUzNUU4NDYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCkOdCno2UahPs8ELkNKSQ40L2u
UE5lGrqNuUEXcL3dV4fb5BMVwBeA8nGZ6OdimMUE/FTtpgvdKeeyPA2XeqW+r4o0
6DsAZjz8E4GIONSCjHArpFdJ2oCKlpLVGspDHxD3jnKTvIvh8uuI2VbzK94pSYMI
rClsbTsON4bamusSclBPFgSJz1k5w9hm2yxh3nriLpbKOTOSsyPic7dAI/E67WWR
AxSScYAWb1VwEAyFN+jX41cST89Zk/z0MFA6iHHKuAxQKclgqtL8goDBScIbY8M3
75cUcKBdds9S9ezykjUTTa81gNlw29LtzaXoMNN3KjJiCk6svfVxDEio2ePzAgMB
AAGjggJXMIICUzAdBgNVHQ4EFgQUa18cxse4ukERcNMEzfbhM6416EYwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMzIwNDMucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwbQYIKwYBBQUHAQcBAf8EXjBcMFoEAgABMFQDBACPDj8w
DAMEAI8OSQMEAI8OSgMEAI8O1jAMAwQEm3UwAwQAm3UyAwQAm3U1AwQAm3U+MAwD
BACbdb8DBACbdcADBACbdewDBACijRIDBACijaQwDQYJKoZIhvcNAQELBQADggEB
AD7LG+rHcA8LgXE8FuJzQXD91kLisSJUhtZrs7q51Z3AuD0Iuq7QoGBgoM4artmQ
50jPOkdEU4HZBKWxMs2ErobpX5w/jaC4RSVPFdt7yCFqW1vySmgeCVsCd22KjZjE
FyZ0CvOgoCetqBCg5CMbztKigfDqsuFZfYeXobmUNgMobtzd4xPAyiX9r2A0wPAD
/xArWKeUrMdEYUzqtqq99qvZZBSzvq3utDjtR0xfqZutbI3SRYAG5htIxKIq0Rd2
UavoRfyENrV9ZyMHNZqSvUS+RGODN+vZzcnHOdEBLgL8wVWKBglLWRlYxKKOytrX
hJ9H0Ttstdlcm50TJyKCnlE=
-----END CERTIFICATE-----
Generated at Sat Mar 28 10:13:48 2026 by rpki-client