Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS7843.roa
File: AS7843.roa (raw, json)
Hash identifier: dLrH1jtVdYzwUcytms80vh+YasMJr9ysoKOXieohtKM=
Subject key identifier: AF:57:32:BD:73:D1:DD:24:9F:03:24:D4:61:6D:4E:4E:51:40:BA:42
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 2744455C0A2DBE2D9ED9C5C1A535AEABFEC7F818
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS7843.roa
Signing time: Wed 30 Apr 2025 18:44:03 +0000
ROA not before: Wed 30 Apr 2025 18:39:03 +0000
ROA not after: Wed 29 Apr 2026 18:44:03 +0000
asID: 7843
IP address blocks: 82.22.136.0/22 maxlen: 24
82.23.140.0/23 maxlen: 24
82.23.152.0/21 maxlen: 24
82.23.162.0/23 maxlen: 24
82.24.0.0/22 maxlen: 24
82.24.36.0/22 maxlen: 24
82.27.144.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 07 Jun 2025 15:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
27:44:45:5c:0a:2d:be:2d:9e:d9:c5:c1:a5:35:ae:ab:fe:c7:f8:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Apr 30 18:39:03 2025 GMT
Not After : Apr 29 18:44:03 2026 GMT
Subject: CN=AF5732BD73D1DD249F0324D4616D4E4E5140BA42
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:de:8f:64:91:bf:7b:1b:3d:c2:77:fe:e8:cb:
ac:cf:a2:49:ae:b4:dc:25:07:a8:d5:82:d6:c8:a7:
7a:55:3f:2b:82:3b:33:8f:9d:e7:76:67:58:62:6c:
77:aa:86:3f:19:f1:3e:b1:34:df:a8:dc:9f:17:4c:
9d:ab:43:11:1a:e5:32:50:7d:7b:2a:d9:5e:a2:a2:
be:3c:c0:30:9d:18:1d:71:7e:8e:7d:b9:bf:51:e4:
84:e5:e9:4e:62:36:a2:b1:94:6e:9c:20:52:c8:3c:
c7:a9:3a:08:b2:3d:de:67:b2:f4:2e:90:16:8a:25:
65:96:ef:5d:e6:67:2c:58:f9:92:58:7a:bb:1b:d4:
7e:7c:ac:47:07:33:82:10:92:6b:fa:c3:e8:75:bc:
74:74:7c:83:8e:fe:5b:87:eb:8e:5b:8a:9c:0a:f4:
ea:85:d7:e9:7d:96:33:82:85:32:d1:02:15:d0:ad:
c7:31:a8:3c:d6:b8:5a:6a:89:7f:95:8e:17:45:1d:
01:3c:a5:6e:95:aa:fb:01:16:c5:55:e5:4e:c8:ac:
3f:3a:13:58:08:82:7d:01:bf:18:75:24:89:98:64:
bc:ac:1f:75:ad:14:65:20:78:e8:fe:36:18:5a:21:
8a:36:63:23:a4:7c:03:fb:f2:a0:22:f8:67:3d:10:
13:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:57:32:BD:73:D1:DD:24:9F:03:24:D4:61:6D:4E:4E:51:40:BA:42
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS7843.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.22.136.0/22
82.23.140.0/23
82.23.152.0/21
82.23.162.0/23
82.24.0.0/22
82.24.36.0/22
82.27.144.0/20
Signature Algorithm: sha256WithRSAEncryption
1d:22:dc:cf:69:96:5f:af:62:5d:5a:ff:83:35:7f:01:ee:b2:
ca:b3:e8:e7:3f:3d:25:0f:c6:85:5b:e1:9c:5b:16:5f:35:b5:
34:6e:dd:f1:e4:48:56:89:58:ad:aa:c2:13:de:86:a3:b9:af:
67:f5:22:0c:9a:2a:6b:91:f8:b2:09:3e:0f:a4:ab:18:78:68:
e9:bb:35:b7:df:c6:c8:2f:4c:3b:60:c3:97:bb:35:0e:9c:b1:
42:c2:3d:8e:b0:7d:5f:49:5f:a8:db:c9:60:7d:68:a3:79:67:
8d:3b:b3:aa:d6:9c:75:24:f5:8b:3d:b4:2b:b7:ea:e2:6b:d7:
3d:56:0a:c4:68:5b:69:7f:59:65:77:a8:15:d9:e5:ce:fa:50:
7f:93:da:76:ff:2b:76:0f:3e:62:f2:eb:09:8d:ee:05:b2:69:
6c:38:f2:42:56:94:cb:9d:f4:77:bb:b4:7c:b6:b3:df:f5:b0:
00:36:a1:33:58:ca:59:58:2b:06:16:30:85:04:a9:c9:2d:a7:
31:39:c1:91:a3:18:75:b0:25:12:7a:51:1a:43:d8:c7:84:eb:
37:c4:86:68:5d:20:ee:b8:79:aa:07:6e:5d:f3:bd:24:c9:ba:
28:ff:dc:12:ea:71:2d:f6:65:0a:0f:0f:ef:08:73:40:15:29:
87:86:fc:5c
-----BEGIN CERTIFICATE-----
MIIFIjCCBAqgAwIBAgIUJ0RFXAotvi2e2cXBpTWuq/7H+BgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTA0MzAxODM5MDNaFw0yNjA0MjkxODQ0MDNaMDMxMTAvBgNV
BAMTKEFGNTczMkJENzNEMUREMjQ5RjAzMjRENDYxNkQ0RTRFNTE0MEJBNDIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDD3o9kkb97Gz3Cd/7oy6zPokmu
tNwlB6jVgtbIp3pVPyuCOzOPned2Z1hibHeqhj8Z8T6xNN+o3J8XTJ2rQxEa5TJQ
fXsq2V6ior48wDCdGB1xfo59ub9R5ITl6U5iNqKxlG6cIFLIPMepOgiyPd5nsvQu
kBaKJWWW713mZyxY+ZJYersb1H58rEcHM4IQkmv6w+h1vHR0fIOO/luH645bipwK
9OqF1+l9ljOChTLRAhXQrccxqDzWuFpqiX+VjhdFHQE8pW6VqvsBFsVV5U7IrD86
E1gIgn0Bvxh1JImYZLysH3WtFGUgeOj+NhhaIYo2YyOkfAP78qAi+Gc9EBNrAgMB
AAGjggIsMIICKDAdBgNVHQ4EFgQUr1cyvXPR3SSfAyTUYW1OTlFAukIwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTNzg0My5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBDBggrBgEFBQcBBwEB/wQ0MDIwMAQCAAEwKgMEAlIWiAME
AVIXjAMEA1IXmAMEAVIXogMEAlIYAAMEAlIYJAMEBFIbkDANBgkqhkiG9w0BAQsF
AAOCAQEAHSLcz2mWX69iXVr/gzV/Ae6yyrPo5z89JQ/GhVvhnFsWXzW1NG7d8eRI
VolYrarCE96Go7mvZ/UiDJoqa5H4sgk+D6SrGHho6bs1t9/GyC9MO2DDl7s1Dpyx
QsI9jrB9X0lfqNvJYH1oo3lnjTuzqtacdST1iz20K7fq4mvXPVYKxGhbaX9ZZXeo
FdnlzvpQf5Padv8rdg8+YvLrCY3uBbJpbDjyQlaUy530d7u0fLaz3/WwADahM1jK
WVgrBhYwhQSpyS2nMTnBkaMYdbAlEnpRGkPYx4TrN8SGaF0g7rh5qgduXfO9JMm6
KP/cEupxLfZlCg8P7whzQBUph4b8XA==
-----END CERTIFICATE-----
Generated at Fri Jun 6 21:54:14 2025 by rpki-client