Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS32043.roa
File: AS32043.roa (raw, json)
Hash identifier: yjVy6JrjUytIWcUnblElLL7hsaKflvgMveseY4IH2XQ=
Subject key identifier: EB:6C:31:A9:35:09:74:E8:9E:D2:B0:AC:F1:4E:F5:E6:E3:38:37:F5
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 74E48B54DEE8CBA98004F39BD63DB5C6C3E0601A
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS32043.roa
Signing time: Tue 02 Jun 2026 13:30:58 +0000
ROA not before: Tue 02 Jun 2026 13:25:58 +0000
ROA not after: Tue 01 Jun 2027 13:30:58 +0000
asID: 32043
IP address blocks: 143.14.63.0/24 maxlen: 24
143.14.72.0/24 maxlen: 24
143.14.73.0/24 maxlen: 24
143.14.74.0/24 maxlen: 24
143.14.214.0/24 maxlen: 24
155.117.48.0/24 maxlen: 24
155.117.49.0/24 maxlen: 24
155.117.50.0/24 maxlen: 24
155.117.53.0/24 maxlen: 24
155.117.62.0/24 maxlen: 24
155.117.191.0/24 maxlen: 24
155.117.192.0/24 maxlen: 24
155.117.236.0/24 maxlen: 24
162.141.18.0/24 maxlen: 24
162.141.53.0/24 maxlen: 24
162.141.164.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 04 Jun 2026 15:08:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
74:e4:8b:54:de:e8:cb:a9:80:04:f3:9b:d6:3d:b5:c6:c3:e0:60:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Jun 2 13:25:58 2026 GMT
Not After : Jun 1 13:30:58 2027 GMT
Subject: CN=EB6C31A9350974E89ED2B0ACF14EF5E6E33837F5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:e1:55:6a:a7:fe:4e:48:d5:67:7e:49:c7:06:
d5:9e:64:c1:38:79:23:d8:de:3f:06:b9:2d:92:da:
49:47:e1:9d:80:de:2f:f5:be:97:08:a2:8c:2c:a8:
49:71:30:6c:24:22:fe:12:ff:c1:6a:ec:43:82:50:
71:93:01:e3:1a:9c:d0:e4:20:17:b9:7c:32:23:0d:
cd:37:54:c3:97:60:26:1b:60:f3:3e:87:82:3b:7d:
04:43:5c:27:59:c4:51:22:95:7a:46:ac:68:ac:21:
ef:be:32:36:d9:4f:a2:d6:f3:e0:ad:a3:92:c9:60:
77:c9:52:7a:dc:38:11:5d:b7:b7:fb:93:7b:9f:50:
17:31:fb:c2:b7:14:d9:92:8f:5a:ef:b1:69:b1:88:
75:f2:a5:b0:80:2e:86:48:03:a4:44:2b:8e:4c:48:
1f:a9:37:9f:b3:60:79:dc:69:45:81:2a:38:b4:04:
41:4d:fd:7d:ab:ff:3b:37:79:b7:b7:03:50:ba:90:
a5:1c:81:55:23:39:c0:24:80:19:e3:17:6a:13:0c:
14:52:c5:bd:f1:43:76:27:cd:ea:18:eb:3c:9b:94:
66:d1:9a:04:f0:3f:e3:72:99:10:cd:6b:5f:66:04:
41:e7:54:44:1a:99:eb:93:6f:22:dd:25:a9:37:ba:
71:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:6C:31:A9:35:09:74:E8:9E:D2:B0:AC:F1:4E:F5:E6:E3:38:37:F5
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS32043.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.14.63.0/24
143.14.72.0-143.14.74.255
143.14.214.0/24
155.117.48.0-155.117.50.255
155.117.53.0/24
155.117.62.0/24
155.117.191.0-155.117.192.255
155.117.236.0/24
162.141.18.0/24
162.141.53.0/24
162.141.164.0/24
Signature Algorithm: sha256WithRSAEncryption
26:52:3f:1f:8c:21:27:86:38:f2:25:61:68:bc:4f:76:b2:2f:
4e:83:27:09:8b:56:34:89:8a:83:b7:d7:1b:52:6a:9f:8b:63:
56:ed:4f:73:5e:95:8d:4a:b5:4c:4e:35:96:1e:5f:22:52:d6:
1c:e1:14:4f:fa:5d:7b:15:aa:cd:09:9a:a3:20:57:11:22:aa:
14:8d:ab:bf:d6:7f:23:13:72:23:a0:10:29:73:c8:bf:37:d7:
28:4b:61:0c:96:9a:96:86:4d:67:0e:7f:56:2c:94:ef:5e:e6:
24:01:3f:8d:0e:75:a8:98:a2:58:9a:27:99:80:0c:de:31:00:
4d:54:d4:80:99:53:47:d6:a3:a6:be:bd:4c:0c:4b:22:ee:a2:
b3:59:e0:ce:ec:ff:8f:fb:83:9d:14:bc:35:aa:d9:80:f2:71:
0a:f0:0f:a8:90:38:42:a4:a0:f0:97:82:a3:6e:b4:98:d6:8b:
41:d5:26:c7:de:b1:8a:dc:71:bf:24:df:83:93:25:f1:00:21:
0b:46:e3:4d:65:32:d9:66:51:8a:72:52:58:c6:d1:66:c6:79:
98:47:a2:94:47:52:b6:5d:0c:4b:b9:05:57:2a:83:8f:9d:c4:
d7:46:d5:64:36:1e:a1:64:5d:f7:6a:be:ee:c9:3d:cc:31:95:
b4:54:91:00
-----BEGIN CERTIFICATE-----
MIIFUzCCBDugAwIBAgIUdOSLVN7oy6mABPOb1j21xsPgYBowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNjA2MDIxMzI1NThaFw0yNzA2MDExMzMwNThaMDMxMTAvBgNV
BAMTKEVCNkMzMUE5MzUwOTc0RTg5RUQyQjBBQ0YxNEVGNUU2RTMzODM3RjUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCq4VVqp/5OSNVnfknHBtWeZME4
eSPY3j8GuS2S2klH4Z2A3i/1vpcIoowsqElxMGwkIv4S/8Fq7EOCUHGTAeManNDk
IBe5fDIjDc03VMOXYCYbYPM+h4I7fQRDXCdZxFEilXpGrGisIe++MjbZT6LW8+Ct
o5LJYHfJUnrcOBFdt7f7k3ufUBcx+8K3FNmSj1rvsWmxiHXypbCALoZIA6REK45M
SB+pN5+zYHncaUWBKji0BEFN/X2r/zs3ebe3A1C6kKUcgVUjOcAkgBnjF2oTDBRS
xb3xQ3YnzeoY6zyblGbRmgTwP+NymRDNa19mBEHnVEQameuTbyLdJak3unFrAgMB
AAGjggJdMIICWTAdBgNVHQ4EFgQU62wxqTUJdOie0rCs8U715uM4N/UwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMzIwNDMucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwcwYIKwYBBQUHAQcBAf8EZDBiMGAEAgABMFoDBACPDj8w
DAMEA48OSAMEAI8OSgMEAI8O1jAMAwQEm3UwAwQAm3UyAwQAm3U1AwQAm3U+MAwD
BACbdb8DBACbdcADBACbdewDBACijRIDBACijTUDBACijaQwDQYJKoZIhvcNAQEL
BQADggEBACZSPx+MISeGOPIlYWi8T3ayL06DJwmLVjSJioO31xtSap+LY1btT3Ne
lY1KtUxONZYeXyJS1hzhFE/6XXsVqs0JmqMgVxEiqhSNq7/WfyMTciOgEClzyL83
1yhLYQyWmpaGTWcOf1YslO9e5iQBP40OdaiYoliaJ5mADN4xAE1U1ICZU0fWo6a+
vUwMSyLuorNZ4M7s/4/7g50UvDWq2YDycQrwD6iQOEKkoPCXgqNutJjWi0HVJsfe
sYrccb8k34OTJfEAIQtG401lMtlmUYpyUljG0WbGeZhHopRHUrZdDEu5BVcqg4+d
xNdG1WQ2HqFkXfdqvu7JPcwxlbRUkQA=
-----END CERTIFICATE-----
Generated at Thu Jun 4 01:16:51 2026 by rpki-client