Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS7843.roa
File: AS7843.roa (raw, json)
Hash identifier: lMdg9QMk9268Vc9gMZ1tSqCFM7pVbcWhA74DCHUMrIc=
Subject key identifier: 1C:57:CC:B0:D6:DC:49:EC:42:EE:2E:02:A8:0D:0D:04:43:32:8C:89
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 641EA2B6D4C0F40D3EFE6D4A5451D5FC1E332108
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS7843.roa
Signing time: Mon 18 Aug 2025 19:04:16 +0000
ROA not before: Mon 18 Aug 2025 18:59:16 +0000
ROA not after: Mon 17 Aug 2026 19:04:16 +0000
asID: 7843
IP address blocks: 82.21.138.0/24 maxlen: 24
82.22.136.0/22 maxlen: 24
82.22.190.0/24 maxlen: 24
82.23.140.0/23 maxlen: 24
82.23.152.0/21 maxlen: 24
82.23.162.0/23 maxlen: 24
82.24.0.0/22 maxlen: 24
82.24.31.0/24 maxlen: 24
82.24.36.0/22 maxlen: 24
82.24.112.0/23 maxlen: 24
82.26.174.0/24 maxlen: 24
82.27.144.0/20 maxlen: 24
82.29.30.0/23 maxlen: 24
82.29.144.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 14:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
64:1e:a2:b6:d4:c0:f4:0d:3e:fe:6d:4a:54:51:d5:fc:1e:33:21:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Aug 18 18:59:16 2025 GMT
Not After : Aug 17 19:04:16 2026 GMT
Subject: CN=1C57CCB0D6DC49EC42EE2E02A80D0D0443328C89
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:84:f7:81:0c:6c:2b:4d:4b:9a:bc:34:2e:2e:
17:e7:bb:79:1a:34:b5:97:7f:aa:de:fd:f7:5e:40:
bc:43:03:8d:cd:8b:4b:cd:75:2d:33:48:26:c5:e1:
94:02:77:7d:c0:bc:79:49:78:22:1d:4b:26:cf:2e:
86:c1:34:32:9a:2c:55:ef:ff:63:4f:21:e6:23:9c:
5c:43:4b:cd:18:a6:e2:67:a2:c9:83:c7:b9:8a:e2:
c4:7d:83:2a:2b:c5:15:df:40:91:92:13:12:30:84:
09:55:65:1d:1f:72:07:fd:10:84:92:5a:43:0d:27:
12:b8:a1:fc:d2:a2:fa:81:d6:c6:ae:5a:ee:5f:2e:
bc:94:21:ad:d6:d1:2f:68:d3:39:61:3c:83:55:af:
18:85:0a:6a:71:d0:d5:2f:5e:51:da:60:41:9b:9b:
38:15:3f:e4:21:5a:be:90:79:dd:b7:80:24:89:ac:
eb:e5:bf:c0:ac:c1:53:72:aa:f2:8a:75:24:50:d0:
15:84:86:e0:20:52:4e:78:4a:d7:5e:e5:5f:f5:53:
2a:87:5a:11:61:a2:5a:30:3b:c2:41:43:c0:61:1e:
1f:85:e6:7a:e0:32:39:be:e8:6e:69:38:16:f0:68:
74:51:06:e0:a2:33:be:5a:6f:76:69:15:43:24:96:
e7:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:57:CC:B0:D6:DC:49:EC:42:EE:2E:02:A8:0D:0D:04:43:32:8C:89
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS7843.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.138.0/24
82.22.136.0/22
82.22.190.0/24
82.23.140.0/23
82.23.152.0/21
82.23.162.0/23
82.24.0.0/22
82.24.31.0/24
82.24.36.0/22
82.24.112.0/23
82.26.174.0/24
82.27.144.0/20
82.29.30.0/23
82.29.144.0/22
Signature Algorithm: sha256WithRSAEncryption
13:79:bb:6b:23:e3:69:3c:2a:15:de:86:e2:10:6f:bb:7b:e3:
49:ab:c9:a2:aa:6f:f6:cd:a0:e3:11:fc:74:4c:38:32:a6:18:
e2:df:14:f6:88:92:98:80:fa:86:d3:7b:3b:08:9b:36:8a:3d:
d4:eb:d4:d9:b0:cb:80:fe:b2:08:b3:97:9d:88:5d:5b:23:04:
07:60:6f:5c:2d:91:59:58:19:c9:12:7f:93:75:cf:ed:02:5d:
85:fd:b1:ca:41:e8:1d:19:b4:eb:ca:be:59:96:a7:21:6f:9d:
fd:84:c1:59:2f:67:af:2c:9e:39:e0:c9:f0:66:08:9e:a7:96:
53:6d:6c:f8:77:77:5a:c6:a6:98:c4:ce:46:21:10:0d:c0:40:
5c:92:f5:33:fb:e2:87:ce:cf:32:a6:b7:c4:82:e2:a5:6d:e6:
89:41:36:32:b4:7a:a1:79:7d:b8:63:ab:1c:bf:2d:e3:8b:61:
c5:dd:d9:b6:97:4b:e7:c9:86:06:69:a1:f1:99:01:9f:d3:67:
55:98:b9:84:e2:3f:64:ea:0b:d5:4b:ee:92:f5:9d:35:1b:fb:
ab:a1:54:82:c1:88:08:17:58:3a:b0:f0:e2:25:7f:20:6c:8a:
60:cf:ed:0c:63:0a:6a:30:d9:32:21:ca:98:9b:f5:f9:cb:66:
1e:71:6b:37
-----BEGIN CERTIFICATE-----
MIIFTDCCBDSgAwIBAgIUZB6ittTA9A0+/m1KVFHV/B4zIQgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTA4MTgxODU5MTZaFw0yNjA4MTcxOTA0MTZaMDMxMTAvBgNV
BAMTKDFDNTdDQ0IwRDZEQzQ5RUM0MkVFMkUwMkE4MEQwRDA0NDMzMjhDODkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDJhPeBDGwrTUuavDQuLhfnu3ka
NLWXf6re/fdeQLxDA43Ni0vNdS0zSCbF4ZQCd33AvHlJeCIdSybPLobBNDKaLFXv
/2NPIeYjnFxDS80YpuJnosmDx7mK4sR9gyorxRXfQJGSExIwhAlVZR0fcgf9EISS
WkMNJxK4ofzSovqB1sauWu5fLryUIa3W0S9o0zlhPINVrxiFCmpx0NUvXlHaYEGb
mzgVP+QhWr6Qed23gCSJrOvlv8CswVNyqvKKdSRQ0BWEhuAgUk54Stde5V/1UyqH
WhFholowO8JBQ8BhHh+F5nrgMjm+6G5pOBbwaHRRBuCiM75ab3ZpFUMklucvAgMB
AAGjggJWMIICUjAdBgNVHQ4EFgQUHFfMsNbcSexC7i4CqA0NBEMyjIkwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTNzg0My5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBtBggrBgEFBQcBBwEB/wReMFwwWgQCAAEwVAMEAFIVigME
AlIWiAMEAFIWvgMEAVIXjAMEA1IXmAMEAVIXogMEAlIYAAMEAFIYHwMEAlIYJAME
AVIYcAMEAFIargMEBFIbkAMEAVIdHgMEAlIdkDANBgkqhkiG9w0BAQsFAAOCAQEA
E3m7ayPjaTwqFd6G4hBvu3vjSavJoqpv9s2g4xH8dEw4MqYY4t8U9oiSmID6htN7
OwibNoo91OvU2bDLgP6yCLOXnYhdWyMEB2BvXC2RWVgZyRJ/k3XP7QJdhf2xykHo
HRm068q+WZanIW+d/YTBWS9nryyeOeDJ8GYInqeWU21s+Hd3WsammMTORiEQDcBA
XJL1M/vih87PMqa3xILipW3miUE2MrR6oXl9uGOrHL8t44thxd3ZtpdL58mGBmmh
8ZkBn9NnVZi5hOI/ZOoL1UvukvWdNRv7q6FUgsGICBdYOrDw4iV/IGyKYM/tDGMK
ajDZMiHKmJv1+ctmHnFrNw==
-----END CERTIFICATE-----
Generated at Sat Aug 23 21:07:49 2025 by rpki-client