Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS7843.roa
File: AS7843.roa (raw, json)
Hash identifier: 7OEsPYRP6MpxGb+VIvS2vy9cQIrKWx581wylVceVMwQ=
Subject key identifier: 64:BA:B6:EE:AF:20:9B:F1:99:9C:C3:80:6C:75:26:92:E4:53:BD:B8
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 03523CC937E49A3957ECF27E01FFD86786FF0EA8
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS7843.roa
Signing time: Thu 26 Jun 2025 00:00:32 +0000
ROA not before: Wed 25 Jun 2025 23:55:32 +0000
ROA not after: Thu 25 Jun 2026 00:00:32 +0000
asID: 7843
IP address blocks: 143.14.16.0/21 maxlen: 24
143.14.232.0/21 maxlen: 24
162.141.22.0/23 maxlen: 24
162.141.24.0/22 maxlen: 24
162.141.28.0/22 maxlen: 24
162.141.32.0/22 maxlen: 24
162.141.40.0/22 maxlen: 24
162.141.56.0/22 maxlen: 24
162.141.60.0/22 maxlen: 24
162.141.72.0/22 maxlen: 24
162.141.144.0/21 maxlen: 24
162.141.156.0/23 maxlen: 24
162.141.168.0/21 maxlen: 24
162.141.184.0/21 maxlen: 24
162.141.192.0/21 maxlen: 24
162.141.200.0/21 maxlen: 24
162.141.208.0/21 maxlen: 24
162.141.216.0/21 maxlen: 24
162.141.224.0/21 maxlen: 24
162.141.232.0/21 maxlen: 24
162.141.240.0/21 maxlen: 24
162.141.248.0/21 maxlen: 24
167.148.16.0/21 maxlen: 24
167.148.24.0/22 maxlen: 24
167.148.36.0/22 maxlen: 24
167.148.48.0/21 maxlen: 24
167.148.56.0/22 maxlen: 24
167.148.60.0/22 maxlen: 24
167.148.64.0/22 maxlen: 24
167.148.76.0/22 maxlen: 24
167.148.88.0/21 maxlen: 24
167.148.108.0/22 maxlen: 24
167.148.120.0/22 maxlen: 24
167.148.168.0/22 maxlen: 24
167.148.224.0/21 maxlen: 24
167.148.232.0/21 maxlen: 24
167.148.240.0/21 maxlen: 24
167.148.248.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Jun 2025 00:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
03:52:3c:c9:37:e4:9a:39:57:ec:f2:7e:01:ff:d8:67:86:ff:0e:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Jun 25 23:55:32 2025 GMT
Not After : Jun 25 00:00:32 2026 GMT
Subject: CN=64BAB6EEAF209BF1999CC3806C752692E453BDB8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:77:5a:1a:0b:a3:23:c9:4e:95:9a:4a:f1:ea:
ce:8d:6e:b8:3a:dd:8e:d0:d9:43:e5:76:b6:c6:32:
a5:66:49:d6:99:50:aa:48:ed:1d:b2:26:ab:f6:c6:
9a:bd:fd:6b:f4:b5:b4:a9:35:b2:0c:39:06:05:d9:
10:61:f3:08:e5:aa:47:b6:a0:22:92:c6:48:81:78:
6e:18:2c:e7:d6:46:d7:c8:87:18:53:15:89:bb:89:
df:a8:5f:80:1c:de:c5:19:e8:d1:1f:b1:cf:bd:da:
79:10:80:d9:21:8b:a9:29:15:43:c3:1c:0a:e2:a6:
c5:00:ea:54:9a:cc:67:aa:b1:fa:b1:cb:42:84:52:
17:bd:47:d5:68:ca:5d:d3:39:ff:01:d0:bc:f1:cc:
39:7e:6a:aa:64:31:39:6b:7d:e5:d0:50:e6:f1:6f:
27:ff:0c:58:14:95:dc:8c:04:15:c3:01:c5:ef:fc:
f0:2e:e6:94:9e:7f:4a:7e:a8:2d:05:9c:25:30:1f:
3d:f3:78:87:fa:27:23:7c:2e:3e:15:e3:71:36:30:
46:77:6a:5b:f2:13:0d:73:2e:aa:88:7b:46:a8:f2:
d5:bf:78:70:d0:21:3e:ae:91:2d:56:2c:80:e4:c8:
fe:a5:d4:b3:10:8c:53:7e:87:8d:16:69:c1:b8:e9:
66:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:BA:B6:EE:AF:20:9B:F1:99:9C:C3:80:6C:75:26:92:E4:53:BD:B8
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS7843.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.14.16.0/21
143.14.232.0/21
162.141.22.0-162.141.35.255
162.141.40.0/22
162.141.56.0/21
162.141.72.0/22
162.141.144.0/21
162.141.156.0/23
162.141.168.0/21
162.141.184.0-162.141.255.255
167.148.16.0-167.148.27.255
167.148.36.0/22
167.148.48.0-167.148.67.255
167.148.76.0/22
167.148.88.0/21
167.148.108.0/22
167.148.120.0/22
167.148.168.0/22
167.148.224.0/19
Signature Algorithm: sha256WithRSAEncryption
45:8e:1b:00:bf:eb:ed:99:1c:b2:a8:03:71:9a:53:ef:67:f8:
53:0e:38:dc:be:1a:6f:55:9c:4c:99:4e:f4:8b:93:79:b3:01:
3d:22:bf:76:19:a1:da:fd:53:73:b1:76:7f:8b:26:24:8e:b9:
ef:d3:5e:75:2e:87:85:14:2d:64:fc:89:8f:75:13:3b:5e:b3:
0c:52:c3:b0:ae:29:30:f8:69:b3:a0:d7:69:52:a0:9f:29:91:
68:2d:67:4d:5f:d1:07:c9:7e:4e:e9:a4:03:be:5b:0e:22:7e:
b7:bd:c0:e0:b7:09:fe:35:e5:0a:d7:9f:a8:ec:2a:c2:08:25:
c0:83:6e:f2:39:5a:31:8d:9e:9e:98:e5:ab:fc:39:98:f5:50:
c3:02:d2:29:f7:49:96:81:78:58:31:e9:22:c5:b7:b3:78:83:
9e:47:38:09:e5:7a:30:0b:db:52:3a:70:64:7b:18:c5:58:fb:
1f:59:20:0e:bb:08:37:b2:62:30:eb:32:ff:f7:cb:73:58:7b:
7f:d8:91:44:8d:b6:bc:5e:9b:7d:3d:c1:67:d7:d1:8f:ff:55:
f1:60:08:9d:91:0c:6c:25:f1:96:f7:19:cb:c9:fd:69:57:2c:
24:15:e0:82:24:6d:89:0b:5b:69:51:65:bf:4c:8d:ba:36:4a:
43:5c:21:7c
-----BEGIN CERTIFICATE-----
MIIFjjCCBHagAwIBAgIUA1I8yTfkmjlX7PJ+Af/YZ4b/DqgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTA2MjUyMzU1MzJaFw0yNjA2MjUwMDAwMzJaMDMxMTAvBgNV
BAMTKDY0QkFCNkVFQUYyMDlCRjE5OTlDQzM4MDZDNzUyNjkyRTQ1M0JEQjgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC+d1oaC6MjyU6Vmkrx6s6Nbrg6
3Y7Q2UPldrbGMqVmSdaZUKpI7R2yJqv2xpq9/Wv0tbSpNbIMOQYF2RBh8wjlqke2
oCKSxkiBeG4YLOfWRtfIhxhTFYm7id+oX4Ac3sUZ6NEfsc+92nkQgNkhi6kpFUPD
HAripsUA6lSazGeqsfqxy0KEUhe9R9Voyl3TOf8B0LzxzDl+aqpkMTlrfeXQUObx
byf/DFgUldyMBBXDAcXv/PAu5pSef0p+qC0FnCUwHz3zeIf6JyN8Lj4V43E2MEZ3
alvyEw1zLqqIe0ao8tW/eHDQIT6ukS1WLIDkyP6l1LMQjFN+h40WacG46WbjAgMB
AAGjggKYMIIClDAdBgNVHQ4EFgQUZLq27q8gm/GZnMOAbHUmkuRTvbgwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTNzg0My5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCBrgYIKwYBBQUHAQcBAf8EgZ4wgZswgZgEAgABMIGRAwQD
jw4QAwQDjw7oMAwDBAGijRYDBAKijSADBAKijSgDBAOijTgDBAKijUgDBAOijZAD
BAGijZwDBAOijagwCwMEA6KNuAMDAaKMMAwDBASnlBADBAKnlBgDBAKnlCQwDAME
BKeUMAMEAqeUQAMEAqeUTAMEA6eUWAMEAqeUbAMEAqeUeAMEAqeUqAMEBaeU4DAN
BgkqhkiG9w0BAQsFAAOCAQEARY4bAL/r7ZkcsqgDcZpT72f4Uw443L4ab1WcTJlO
9IuTebMBPSK/dhmh2v1Tc7F2f4smJI6579NedS6HhRQtZPyJj3UTO16zDFLDsK4p
MPhps6DXaVKgnymRaC1nTV/RB8l+TumkA75bDiJ+t73A4LcJ/jXlCtefqOwqwggl
wINu8jlaMY2enpjlq/w5mPVQwwLSKfdJloF4WDHpIsW3s3iDnkc4CeV6MAvbUjpw
ZHsYxVj7H1kgDrsIN7JiMOsy//fLc1h7f9iRRI22vF6bfT3BZ9fRj/9V8WAInZEM
bCXxlvcZy8n9aVcsJBXggiRtiQtbaVFlv0yNujZKQ1whfA==
-----END CERTIFICATE-----
Generated at Sun Jun 29 07:29:09 2025 by rpki-client