Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS32043.roa
File: AS32043.roa (raw, json)
Hash identifier: Zmd97YwBsH6O+aeCIFn3HFNeIgtPqBjd0DI7RqcVb9s=
Subject key identifier: 54:F7:70:5A:2D:26:78:CA:A3:28:AC:34:4F:FF:1C:38:11:F4:43:F3
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 56C091F423E4097084C3AF34944873A0BABCEDA1
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS32043.roa
Signing time: Tue 13 May 2025 06:02:09 +0000
ROA not before: Tue 13 May 2025 05:57:09 +0000
ROA not after: Tue 12 May 2026 06:02:09 +0000
asID: 32043
IP address blocks: 143.14.63.0/24 maxlen: 24
143.14.73.0/24 maxlen: 24
143.14.74.0/24 maxlen: 24
155.117.48.0/24 maxlen: 24
155.117.49.0/24 maxlen: 24
155.117.50.0/24 maxlen: 24
155.117.53.0/24 maxlen: 24
155.117.62.0/24 maxlen: 24
155.117.191.0/24 maxlen: 24
155.117.192.0/24 maxlen: 24
155.117.236.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 07 Jun 2025 06:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
56:c0:91:f4:23:e4:09:70:84:c3:af:34:94:48:73:a0:ba:bc:ed:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: May 13 05:57:09 2025 GMT
Not After : May 12 06:02:09 2026 GMT
Subject: CN=54F7705A2D2678CAA328AC344FFF1C3811F443F3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:f9:7b:c5:d3:bb:ab:d5:3b:2c:fd:54:ec:43:
05:b2:c8:9c:3f:10:87:d6:f6:04:45:16:cc:0f:03:
bb:0d:73:24:84:6c:6f:7a:c4:b7:ea:ee:e1:b1:f2:
8e:a1:8a:df:4d:68:6b:16:bb:a5:18:03:e3:9e:65:
11:cc:6f:8b:c5:fb:e5:cd:6e:a6:8f:75:57:f8:8a:
10:c3:28:0f:2a:96:61:5c:12:0b:86:f2:94:3d:99:
91:3b:2f:bf:de:1d:97:14:84:69:75:aa:aa:3e:d0:
e8:8b:91:76:40:c0:2e:5a:f3:b4:e5:0b:b7:ea:df:
7c:0a:88:62:73:a2:1f:87:34:e4:b3:5d:fe:1c:54:
a6:2e:1f:4f:94:31:a6:4f:f6:52:a4:5f:2b:ce:35:
dc:e2:ce:b4:b4:fc:57:4c:99:9f:45:28:44:a3:a7:
93:08:d1:40:a1:a6:af:f3:00:5f:3a:44:85:fa:bf:
71:c4:ac:8d:22:90:14:a3:42:b1:78:e4:fc:3b:b7:
93:81:56:fc:a6:2e:3a:46:cd:fd:ab:68:8b:4d:24:
6d:e2:ef:74:5e:2e:11:2d:b5:6d:3d:a4:c8:db:e4:
94:b8:03:83:5e:d9:81:26:71:93:e4:6b:3d:24:b7:
55:8c:c2:de:4c:6e:b9:0d:1c:7b:e9:4f:fb:39:68:
0f:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:F7:70:5A:2D:26:78:CA:A3:28:AC:34:4F:FF:1C:38:11:F4:43:F3
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS32043.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.14.63.0/24
143.14.73.0-143.14.74.255
155.117.48.0-155.117.50.255
155.117.53.0/24
155.117.62.0/24
155.117.191.0-155.117.192.255
155.117.236.0/24
Signature Algorithm: sha256WithRSAEncryption
0d:54:06:2d:2b:dc:ce:54:43:dc:72:24:21:92:7d:8f:8b:19:
8c:2c:d6:b9:85:34:97:1b:a6:fe:8e:4f:e6:ae:a1:f1:0e:0d:
dd:1c:d6:ab:5a:d3:a0:bc:bd:2b:b8:25:e3:c0:f2:d3:5e:99:
22:22:33:9e:36:c3:07:63:c0:d1:6b:5b:4c:bf:c6:0d:5e:79:
8f:ee:b0:3d:fc:44:35:0e:82:1b:cd:61:db:f0:25:a7:77:47:
4a:05:2b:4a:27:79:4c:ee:db:b2:21:85:20:f9:f0:6e:3c:f0:
2f:28:ee:10:3a:b0:ff:d5:38:c0:29:7b:b5:d6:34:c3:34:e7:
1a:a1:e8:a7:99:c8:67:e8:60:07:75:fc:99:03:0c:f3:95:13:
f3:23:0e:00:09:a8:74:2c:21:1b:bb:ee:75:bd:d3:e5:05:53:
7b:61:20:b2:25:6f:a0:3c:dc:49:9d:5d:6e:cf:68:b3:0a:91:
4a:e6:5d:10:99:2c:6e:81:72:84:1e:68:aa:a4:ec:cc:7d:cb:
ed:ff:c5:21:a7:6c:22:8a:3e:9c:7b:c7:79:cf:cc:44:4e:07:
65:4d:b0:28:79:ed:bc:e2:72:fc:7c:2c:6b:8c:33:34:53:ac:
c7:ba:03:d2:cc:bb:36:8a:b7:16:a4:0a:9c:9f:b6:6b:48:27:
65:eb:23:ae
-----BEGIN CERTIFICATE-----
MIIFOzCCBCOgAwIBAgIUVsCR9CPkCXCEw680lEhzoLq87aEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTA1MTMwNTU3MDlaFw0yNjA1MTIwNjAyMDlaMDMxMTAvBgNV
BAMTKDU0Rjc3MDVBMkQyNjc4Q0FBMzI4QUMzNDRGRkYxQzM4MTFGNDQzRjMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDG+XvF07ur1Tss/VTsQwWyyJw/
EIfW9gRFFswPA7sNcySEbG96xLfq7uGx8o6hit9NaGsWu6UYA+OeZRHMb4vF++XN
bqaPdVf4ihDDKA8qlmFcEguG8pQ9mZE7L7/eHZcUhGl1qqo+0OiLkXZAwC5a87Tl
C7fq33wKiGJzoh+HNOSzXf4cVKYuH0+UMaZP9lKkXyvONdzizrS0/FdMmZ9FKESj
p5MI0UChpq/zAF86RIX6v3HErI0ikBSjQrF45Pw7t5OBVvymLjpGzf2raItNJG3i
73ReLhEttW09pMjb5JS4A4Ne2YEmcZPkaz0kt1WMwt5MbrkNHHvpT/s5aA97AgMB
AAGjggJFMIICQTAdBgNVHQ4EFgQUVPdwWi0meMqjKKw0T/8cOBH0Q/MwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMzIwNDMucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwWwYIKwYBBQUHAQcBAf8ETDBKMEgEAgABMEIDBACPDj8w
DAMEAI8OSQMEAI8OSjAMAwQEm3UwAwQAm3UyAwQAm3U1AwQAm3U+MAwDBACbdb8D
BACbdcADBACbdewwDQYJKoZIhvcNAQELBQADggEBAA1UBi0r3M5UQ9xyJCGSfY+L
GYws1rmFNJcbpv6OT+auofEODd0c1qta06C8vSu4JePA8tNemSIiM542wwdjwNFr
W0y/xg1eeY/usD38RDUOghvNYdvwJad3R0oFK0oneUzu27IhhSD58G488C8o7hA6
sP/VOMApe7XWNMM05xqh6KeZyGfoYAd1/JkDDPOVE/MjDgAJqHQsIRu77nW90+UF
U3thILIlb6A83EmdXW7PaLMKkUrmXRCZLG6BcoQeaKqk7Mx9y+3/xSGnbCKKPpx7
x3nPzEROB2VNsCh57bzicvx8LGuMMzRTrMe6A9LMuzaKtxakCpyftmtIJ2XrI64=
-----END CERTIFICATE-----
Generated at Fri Jun 6 13:16:13 2025 by rpki-client