Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS7843.roa
File: AS7843.roa (raw, json)
Hash identifier: zhwt/fI0MkliJDa1+/Md+btbAM0+E19Rd1H5lSeUlGo=
Subject key identifier: C6:26:E3:F6:C5:66:2F:FB:7D:94:BC:09:FC:0D:12:62:55:DA:81:44
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 12B682A49277654CADE4FAD979A0628DAC2BB0BD
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS7843.roa
Signing time: Fri 26 Sep 2025 00:07:00 +0000
ROA not before: Fri 26 Sep 2025 00:02:00 +0000
ROA not after: Fri 25 Sep 2026 00:07:00 +0000
asID: 7843
IP address blocks: 82.22.136.0/22 maxlen: 24
82.23.140.0/23 maxlen: 24
82.23.152.0/21 maxlen: 24
82.24.36.0/22 maxlen: 24
82.27.144.0/20 maxlen: 24
82.29.30.0/23 maxlen: 24
82.29.144.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 20:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
12:b6:82:a4:92:77:65:4c:ad:e4:fa:d9:79:a0:62:8d:ac:2b:b0:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Sep 26 00:02:00 2025 GMT
Not After : Sep 25 00:07:00 2026 GMT
Subject: CN=C626E3F6C5662FFB7D94BC09FC0D126255DA8144
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:c7:8e:74:b8:10:d7:eb:ab:94:34:c0:b2:6e:
3e:62:5c:f0:c3:91:15:99:5c:90:53:57:1b:01:0a:
cb:40:ba:a9:24:bc:db:3c:14:6e:a2:b2:9c:1e:67:
d8:65:ad:99:35:dd:cf:9d:86:04:4b:64:b3:e5:a0:
13:77:6f:f0:96:47:48:6f:c5:1a:a1:e7:2b:7c:cb:
76:46:f9:94:77:0e:fa:10:9d:da:35:03:4a:9b:27:
6e:81:c2:84:7b:02:99:c9:b4:01:99:69:23:32:7b:
a8:5d:87:b5:d3:18:5d:80:ca:a6:7c:80:e3:ea:2b:
80:61:fa:92:3e:e3:6f:3c:2d:2d:e6:2e:cf:1a:4f:
a1:8d:23:28:f8:cc:48:13:d3:1d:90:7e:5a:f9:38:
14:f7:86:e3:01:ab:40:a5:f1:2f:07:50:7a:59:c5:
d9:87:9b:d4:93:02:56:42:a1:1f:b8:e7:83:5e:5f:
5e:be:a0:ff:69:84:ed:6d:bf:c1:33:a6:78:ff:ea:
32:88:22:a6:2e:74:2e:dd:54:d4:b3:63:cd:d0:32:
01:51:92:75:e6:57:3f:a6:8f:36:2c:3c:0f:69:4f:
50:27:d9:fd:27:ad:0c:ec:4e:a6:ff:f2:71:c3:78:
41:f5:df:71:12:ce:67:c4:94:d4:fc:a9:cd:da:bb:
48:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:26:E3:F6:C5:66:2F:FB:7D:94:BC:09:FC:0D:12:62:55:DA:81:44
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS7843.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.22.136.0/22
82.23.140.0/23
82.23.152.0/21
82.24.36.0/22
82.27.144.0/20
82.29.30.0/23
82.29.144.0/22
Signature Algorithm: sha256WithRSAEncryption
68:c5:c0:72:e4:e8:27:e9:61:41:68:5e:e8:ba:8c:f6:94:ab:
60:5d:fc:ed:f0:5b:26:aa:36:af:95:aa:b9:6b:b5:db:35:de:
c4:dd:45:e8:1b:0d:cc:5a:81:87:e1:6c:de:3f:ce:ab:00:f4:
74:20:ac:e7:4f:e3:57:7d:cd:c8:54:9f:58:6f:a5:1c:55:7c:
4d:e2:06:5f:55:e7:5c:2b:e2:90:43:e7:85:db:6a:98:b5:1b:
0a:77:cc:89:b4:c9:c9:6d:9b:3b:4c:21:6f:7e:18:d2:7d:b1:
75:9c:28:1b:55:1e:e7:27:11:58:86:75:04:75:1f:ee:e0:1a:
21:8f:35:d8:71:b3:80:c4:9f:e8:1c:a5:27:a9:27:99:da:ef:
c8:1e:16:a8:b4:e0:4d:5a:13:33:1c:e7:04:3a:e4:7d:0b:0c:
d0:d5:d3:ae:ab:a0:d6:db:9b:f2:d6:ae:74:b9:dc:57:3e:30:
cb:5d:51:fc:8f:b4:d2:98:8f:df:40:cd:9b:50:25:5c:dd:64:
87:9b:c3:6e:63:c8:9a:44:06:d7:1e:81:2e:f4:9c:09:50:b1:
a2:67:bf:84:4d:b6:5b:d3:3e:7b:c0:81:76:e6:6a:46:f7:1e:
5e:33:b9:ff:64:91:20:13:5f:d8:46:2d:71:54:97:ef:5f:b4:
c3:e0:34:d9
-----BEGIN CERTIFICATE-----
MIIFIjCCBAqgAwIBAgIUEraCpJJ3ZUyt5PrZeaBijawrsL0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTA5MjYwMDAyMDBaFw0yNjA5MjUwMDA3MDBaMDMxMTAvBgNV
BAMTKEM2MjZFM0Y2QzU2NjJGRkI3RDk0QkMwOUZDMEQxMjYyNTVEQTgxNDQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDmx450uBDX66uUNMCybj5iXPDD
kRWZXJBTVxsBCstAuqkkvNs8FG6ispweZ9hlrZk13c+dhgRLZLPloBN3b/CWR0hv
xRqh5yt8y3ZG+ZR3DvoQndo1A0qbJ26BwoR7ApnJtAGZaSMye6hdh7XTGF2AyqZ8
gOPqK4Bh+pI+4288LS3mLs8aT6GNIyj4zEgT0x2Qflr5OBT3huMBq0Cl8S8HUHpZ
xdmHm9STAlZCoR+454NeX16+oP9phO1tv8Ezpnj/6jKIIqYudC7dVNSzY83QMgFR
knXmVz+mjzYsPA9pT1An2f0nrQzsTqb/8nHDeEH133ESzmfElNT8qc3au0hHAgMB
AAGjggIsMIICKDAdBgNVHQ4EFgQUxibj9sVmL/t9lLwJ/A0SYlXagUQwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTNzg0My5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBDBggrBgEFBQcBBwEB/wQ0MDIwMAQCAAEwKgMEAlIWiAME
AVIXjAMEA1IXmAMEAlIYJAMEBFIbkAMEAVIdHgMEAlIdkDANBgkqhkiG9w0BAQsF
AAOCAQEAaMXAcuToJ+lhQWhe6LqM9pSrYF387fBbJqo2r5WquWu12zXexN1F6BsN
zFqBh+Fs3j/OqwD0dCCs50/jV33NyFSfWG+lHFV8TeIGX1XnXCvikEPnhdtqmLUb
CnfMibTJyW2bO0whb34Y0n2xdZwoG1Ue5ycRWIZ1BHUf7uAaIY812HGzgMSf6Byl
J6knmdrvyB4WqLTgTVoTMxznBDrkfQsM0NXTrqug1tub8taudLncVz4wy11R/I+0
0piP30DNm1AlXN1kh5vDbmPImkQG1x6BLvScCVCxome/hE22W9M+e8CBduZqRvce
XjO5/2SRIBNf2EYtcVSX71+0w+A02Q==
-----END CERTIFICATE-----
Generated at Mon Oct 20 06:42:47 2025 by rpki-client