Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS7843.roa
File: AS7843.roa (raw, json)
Hash identifier: sCNcfoKVCbvbel6vuCo3z+2W0dNVIpICs+zgx1EhP5k=
Subject key identifier: 16:21:6C:22:97:1D:0A:9C:C6:4B:2F:2D:66:70:42:EB:04:AE:6D:E1
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 348E04E7168476598BDE6A99B59DFB267FA174D8
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS7843.roa
Signing time: Wed 30 Apr 2025 18:43:59 +0000
ROA not before: Wed 30 Apr 2025 18:38:59 +0000
ROA not after: Wed 29 Apr 2026 18:43:59 +0000
asID: 7843
IP address blocks: 143.14.0.0/20 maxlen: 24
143.14.16.0/21 maxlen: 24
143.14.24.0/21 maxlen: 24
143.14.40.0/21 maxlen: 24
143.14.112.0/22 maxlen: 24
143.14.116.0/22 maxlen: 24
143.14.120.0/22 maxlen: 24
143.14.232.0/21 maxlen: 24
143.14.241.0/24 maxlen: 24
143.14.255.0/24 maxlen: 24
155.117.64.0/21 maxlen: 24
155.117.80.0/21 maxlen: 24
155.117.112.0/21 maxlen: 24
155.117.120.0/21 maxlen: 24
155.117.216.0/24 maxlen: 24
155.117.247.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 10 May 2025 16:09:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
34:8e:04:e7:16:84:76:59:8b:de:6a:99:b5:9d:fb:26:7f:a1:74:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Apr 30 18:38:59 2025 GMT
Not After : Apr 29 18:43:59 2026 GMT
Subject: CN=16216C22971D0A9CC64B2F2D667042EB04AE6DE1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:7a:8d:fe:03:c3:d7:96:da:f3:9a:30:e6:1a:
2e:47:a6:af:3a:bd:99:87:b3:02:be:11:21:5a:f0:
69:db:f9:87:f9:23:e9:0c:08:2d:d6:fd:24:b3:b4:
6e:4a:5f:3e:91:23:b7:ca:e5:1d:66:87:94:c1:2f:
37:a9:fc:c3:10:f1:88:14:13:35:6c:6f:18:fa:e3:
2e:bb:9d:3f:a5:3e:9b:ff:6b:74:f0:ca:c3:6e:40:
3d:bc:6d:4b:9f:bf:f8:05:ef:f1:af:9b:e8:c7:98:
bb:5b:d2:39:21:5b:22:03:cb:ad:18:cb:a6:d5:be:
d7:20:17:64:84:16:b5:a1:eb:3b:a1:f2:e2:f8:6c:
c6:15:0f:c3:98:e3:aa:c0:34:5a:2c:d0:e3:42:26:
2d:4c:c1:51:ae:9a:8f:a3:ed:df:15:cb:ff:d9:be:
a6:be:f1:e6:58:9a:f4:b5:4d:f2:c5:f1:75:d4:94:
34:0a:60:d7:1a:ba:77:4e:15:6d:e0:e8:fb:26:1c:
4f:7a:65:56:10:0b:46:ed:f1:46:e5:57:ab:b8:2f:
fd:1a:66:24:20:da:80:c5:11:62:7a:32:ec:ab:78:
5c:95:a5:53:a1:71:c1:3d:7a:52:a9:ba:40:f3:ad:
27:20:a1:1c:3e:59:4a:5e:e0:8d:94:48:3e:9a:f4:
6b:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:21:6C:22:97:1D:0A:9C:C6:4B:2F:2D:66:70:42:EB:04:AE:6D:E1
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS7843.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.14.0.0/19
143.14.40.0/21
143.14.112.0-143.14.123.255
143.14.232.0/21
143.14.241.0/24
143.14.255.0/24
155.117.64.0/21
155.117.80.0/21
155.117.112.0/20
155.117.216.0/24
155.117.247.0/24
Signature Algorithm: sha256WithRSAEncryption
49:06:ac:10:93:40:82:5a:be:e1:e2:99:55:bf:94:07:1f:6d:
65:69:b1:a1:b0:2e:82:84:f8:e9:c6:2e:bd:22:01:36:de:4b:
1f:ca:a3:2d:88:14:57:fe:56:b8:52:64:58:f8:50:e9:63:7d:
2e:3e:a2:06:d3:7b:5f:ab:7e:04:e4:57:eb:6d:76:1e:b9:fe:
69:0f:f3:53:40:a1:f7:d2:25:27:26:39:14:d6:e1:1f:bb:2d:
65:3f:54:25:da:ac:c0:bb:4e:66:dc:06:6f:72:2a:21:28:de:
bf:7d:97:2e:c6:12:17:34:4d:71:04:91:36:25:73:b5:74:e9:
3b:c5:f7:c6:3c:fe:28:bf:f6:12:4a:28:ab:a0:ef:14:a2:4d:
dd:97:6e:eb:e8:f2:60:f5:f1:1d:3f:5f:5d:99:18:6d:81:53:
d1:2d:20:09:c7:81:05:00:e0:15:54:b5:83:7b:c0:09:fd:73:
82:0d:92:d9:4a:0b:50:89:18:7f:a3:9f:f1:36:d9:93:4d:8a:
e4:e0:e9:ee:18:2f:b4:75:f1:51:96:fc:82:c6:01:7c:f7:79:
04:f2:ba:b1:8d:2e:71:a5:5d:8d:c5:0e:a1:db:a4:50:ce:50:
2e:b7:17:2b:36:3f:d1:5b:9a:98:c8:25:9f:0e:8d:03:99:fd:
9e:76:34:14
-----BEGIN CERTIFICATE-----
MIIFQjCCBCqgAwIBAgIUNI4E5xaEdlmL3mqZtZ37Jn+hdNgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTA0MzAxODM4NTlaFw0yNjA0MjkxODQzNTlaMDMxMTAvBgNV
BAMTKDE2MjE2QzIyOTcxRDBBOUNDNjRCMkYyRDY2NzA0MkVCMDRBRTZERTEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCZeo3+A8PXltrzmjDmGi5Hpq86
vZmHswK+ESFa8Gnb+Yf5I+kMCC3W/SSztG5KXz6RI7fK5R1mh5TBLzep/MMQ8YgU
EzVsbxj64y67nT+lPpv/a3TwysNuQD28bUufv/gF7/Gvm+jHmLtb0jkhWyIDy60Y
y6bVvtcgF2SEFrWh6zuh8uL4bMYVD8OY46rANFos0ONCJi1MwVGumo+j7d8Vy//Z
vqa+8eZYmvS1TfLF8XXUlDQKYNcaundOFW3g6PsmHE96ZVYQC0bt8UblV6u4L/0a
ZiQg2oDFEWJ6MuyreFyVpVOhccE9elKpukDzrScgoRw+WUpe4I2USD6a9GsPAgMB
AAGjggJMMIICSDAdBgNVHQ4EFgQUFiFsIpcdCpzGSy8tZnBC6wSubeEwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTNzg0My5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBjBggrBgEFBQcBBwEB/wRUMFIwUAQCAAEwSgMEBY8OAAME
A48OKDAMAwQEjw5wAwQCjw54AwQDjw7oAwQAjw7xAwQAjw7/AwQDm3VAAwQDm3VQ
AwQEm3VwAwQAm3XYAwQAm3X3MA0GCSqGSIb3DQEBCwUAA4IBAQBJBqwQk0CCWr7h
4plVv5QHH21labGhsC6ChPjpxi69IgE23ksfyqMtiBRX/la4UmRY+FDpY30uPqIG
03tfq34E5FfrbXYeuf5pD/NTQKH30iUnJjkU1uEfuy1lP1Ql2qzAu05m3AZvcioh
KN6/fZcuxhIXNE1xBJE2JXO1dOk7xffGPP4ov/YSSiiroO8Uok3dl27r6PJg9fEd
P19dmRhtgVPRLSAJx4EFAOAVVLWDe8AJ/XOCDZLZSgtQiRh/o5/xNtmTTYrk4Onu
GC+0dfFRlvyCxgF893kE8rqxjS5xpV2NxQ6h26RQzlAutxcrNj/RW5qYyCWfDo0D
mf2edjQU
-----END CERTIFICATE-----
Generated at Sat May 10 08:18:20 2025 by rpki-client