Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS7843.roa
File: AS7843.roa (raw, json)
Hash identifier: +/jD+MYWTf+WBltdITQasexkk1KeYT89l68KzlgylmQ=
Subject key identifier: A9:6B:4F:91:AA:88:69:13:3B:25:2B:2F:48:2E:01:79:47:83:7C:90
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 7DAB7EEA4D9FEA1388AE05A56185C6D6B4F0A522
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS7843.roa
Signing time: Tue 17 Jun 2025 21:14:07 +0000
ROA not before: Tue 17 Jun 2025 21:09:07 +0000
ROA not after: Tue 16 Jun 2026 21:14:07 +0000
asID: 7843
IP address blocks: 82.21.138.0/24 maxlen: 24
82.22.136.0/22 maxlen: 24
82.22.190.0/24 maxlen: 24
82.23.140.0/23 maxlen: 24
82.23.152.0/21 maxlen: 24
82.23.162.0/23 maxlen: 24
82.24.0.0/22 maxlen: 24
82.24.31.0/24 maxlen: 24
82.24.36.0/22 maxlen: 24
82.26.174.0/24 maxlen: 24
82.27.144.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 11:27:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7d:ab:7e:ea:4d:9f:ea:13:88:ae:05:a5:61:85:c6:d6:b4:f0:a5:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Jun 17 21:09:07 2025 GMT
Not After : Jun 16 21:14:07 2026 GMT
Subject: CN=A96B4F91AA8869133B252B2F482E017947837C90
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:56:fd:23:fd:86:83:92:24:2f:58:2f:25:4d:
c4:42:dc:fe:c5:16:f1:a0:52:2b:e5:b4:1e:13:e1:
4b:24:f9:ea:65:e9:d1:5d:4d:4a:53:5a:c1:9e:0a:
32:1e:ed:fc:fa:90:81:0b:04:dd:a4:fc:f9:69:44:
4a:bb:68:51:56:9f:bd:ef:91:8e:d5:c5:75:37:56:
02:ab:e7:49:93:a9:a9:00:c5:38:c7:c4:28:de:25:
90:51:33:75:c7:ef:7d:0a:89:8e:56:75:81:10:af:
f5:75:f8:c4:57:76:2a:1f:14:9a:6e:7f:d9:7e:0a:
ee:f5:5c:dd:77:c1:79:6d:16:4e:08:69:d8:f4:77:
de:b4:79:36:df:7d:a6:92:e1:41:52:fd:78:c0:ae:
36:60:cb:b3:b3:e9:4d:f4:be:b6:f7:63:a8:b2:6a:
b7:8b:38:50:e8:9c:b4:e5:24:8f:63:a2:20:9d:8c:
18:65:b7:a0:b4:0f:09:58:a6:d5:7b:78:bd:3e:00:
bb:4d:c7:66:43:95:0a:ba:f5:2a:18:1d:a8:ca:3c:
9f:a1:88:b1:85:b2:3e:de:29:c6:dd:a2:cf:58:4b:
a5:97:18:e7:af:61:cc:e4:46:d1:6b:4a:c4:c8:20:
7a:5e:31:58:4f:e6:87:ca:d5:24:d1:68:d6:a8:bd:
13:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:6B:4F:91:AA:88:69:13:3B:25:2B:2F:48:2E:01:79:47:83:7C:90
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS7843.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.138.0/24
82.22.136.0/22
82.22.190.0/24
82.23.140.0/23
82.23.152.0/21
82.23.162.0/23
82.24.0.0/22
82.24.31.0/24
82.24.36.0/22
82.26.174.0/24
82.27.144.0/20
Signature Algorithm: sha256WithRSAEncryption
38:59:d7:29:f4:3d:86:54:36:47:25:a4:d5:0a:d3:21:fe:07:
37:0f:cc:62:65:b4:45:e6:de:87:0b:e8:b5:b0:dd:ea:1e:be:
77:09:e2:ff:4b:01:8d:11:dc:3c:6e:06:35:32:da:39:13:5e:
0a:73:ed:23:b0:98:8b:39:64:72:df:dd:c6:29:95:35:81:61:
7b:95:19:1a:7f:07:f9:01:b2:4c:b3:39:b6:51:4f:b7:d2:d4:
5c:4c:4b:e3:0a:9d:82:34:46:cb:65:ae:75:07:bb:07:21:35:
7b:b1:96:c7:64:3f:a7:40:df:35:41:63:b6:75:d1:de:4a:d9:
45:90:3f:bb:40:f4:ec:dc:ec:78:d3:e7:a9:a7:30:19:71:13:
c2:c2:6d:3d:08:c8:f1:7b:25:d6:be:9d:7c:2b:a1:68:65:d4:
f4:2e:54:29:c0:7d:34:1a:d6:47:70:af:84:64:9e:9c:87:c3:
43:31:5c:f0:ab:c2:f0:ab:39:a4:05:3c:f3:05:c2:cf:eb:9e:
94:06:6a:7a:91:85:c4:e8:3a:0a:0a:68:10:83:ee:22:5e:61:
8d:2a:c2:e7:ff:5e:0d:bb:51:6f:fe:19:bf:47:54:0d:61:f7:
2e:b1:b9:a4:64:9a:bf:a0:f9:9a:87:19:67:4a:4f:07:17:7b:
9a:3a:bb:8d
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgIUfat+6k2f6hOIrgWlYYXG1rTwpSIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTA2MTcyMTA5MDdaFw0yNjA2MTYyMTE0MDdaMDMxMTAvBgNV
BAMTKEE5NkI0RjkxQUE4ODY5MTMzQjI1MkIyRjQ4MkUwMTc5NDc4MzdDOTAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDVVv0j/YaDkiQvWC8lTcRC3P7F
FvGgUivltB4T4Usk+epl6dFdTUpTWsGeCjIe7fz6kIELBN2k/PlpREq7aFFWn73v
kY7VxXU3VgKr50mTqakAxTjHxCjeJZBRM3XH730KiY5WdYEQr/V1+MRXdiofFJpu
f9l+Cu71XN13wXltFk4Iadj0d960eTbffaaS4UFS/XjArjZgy7Oz6U30vrb3Y6iy
areLOFDonLTlJI9joiCdjBhlt6C0DwlYptV7eL0+ALtNx2ZDlQq69SoYHajKPJ+h
iLGFsj7eKcbdos9YS6WXGOevYczkRtFrSsTIIHpeMVhP5ofK1STRaNaovROXAgMB
AAGjggJEMIICQDAdBgNVHQ4EFgQUqWtPkaqIaRM7JSsvSC4BeUeDfJAwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTNzg0My5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBbBggrBgEFBQcBBwEB/wRMMEowSAQCAAEwQgMEAFIVigME
AlIWiAMEAFIWvgMEAVIXjAMEA1IXmAMEAVIXogMEAlIYAAMEAFIYHwMEAlIYJAME
AFIargMEBFIbkDANBgkqhkiG9w0BAQsFAAOCAQEAOFnXKfQ9hlQ2RyWk1QrTIf4H
Nw/MYmW0RebehwvotbDd6h6+dwni/0sBjRHcPG4GNTLaORNeCnPtI7CYizlkct/d
ximVNYFhe5UZGn8H+QGyTLM5tlFPt9LUXExL4wqdgjRGy2WudQe7ByE1e7GWx2Q/
p0DfNUFjtnXR3krZRZA/u0D07NzseNPnqacwGXETwsJtPQjI8Xsl1r6dfCuhaGXU
9C5UKcB9NBrWR3CvhGSenIfDQzFc8KvC8Ks5pAU88wXCz+uelAZqepGFxOg6Cgpo
EIPuIl5hjSrC5/9eDbtRb/4Zv0dUDWH3LrG5pGSav6D5mocZZ0pPBxd7mjq7jQ==
-----END CERTIFICATE-----
Generated at Sat Jun 28 23:50:02 2025 by rpki-client