Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS7843.roa
File: AS7843.roa (raw, json)
Hash identifier: wiAkvogXWu8qEBT8XAY8CUHjeibLbbeYN9H0jRfdDX0=
Subject key identifier: EE:3B:3A:94:7F:F4:9B:10:4A:C0:AF:07:F9:6B:55:57:1A:61:63:A5
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 237DA9EAFFAB6639BB3DF0AD527614D6F8274EED
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS7843.roa
Signing time: Fri 14 Feb 2025 13:30:18 +0000
ROA not before: Fri 14 Feb 2025 13:25:18 +0000
ROA not after: Fri 13 Feb 2026 13:30:18 +0000
asID: 7843
IP address blocks: 82.22.136.0/22 maxlen: 24
82.23.152.0/21 maxlen: 24
82.24.36.0/22 maxlen: 24
82.27.144.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 19:12:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
23:7d:a9:ea:ff:ab:66:39:bb:3d:f0:ad:52:76:14:d6:f8:27:4e:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Feb 14 13:25:18 2025 GMT
Not After : Feb 13 13:30:18 2026 GMT
Subject: CN=EE3B3A947FF49B104AC0AF07F96B55571A6163A5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:f8:82:8f:69:eb:ad:c5:4e:db:08:6c:eb:db:
5d:cd:d1:7d:35:b8:46:b0:ee:49:aa:bf:e9:83:ad:
5d:4f:ac:3a:fe:b6:6e:4b:75:d9:98:6f:81:a7:dd:
b3:f9:cd:14:c4:36:28:87:bc:d8:69:5c:58:03:94:
a2:51:18:f6:3f:b1:cb:25:b7:a9:e2:d8:3d:77:33:
b8:04:10:15:ae:ea:9e:0a:b9:b5:ce:89:67:f1:a4:
e1:34:90:a4:9b:39:8b:56:06:ca:cb:ce:30:80:15:
44:5f:08:3e:6e:88:f2:9c:74:5c:e7:ca:4a:9e:1e:
0e:5f:ac:ab:99:16:84:5c:13:45:72:36:f3:40:b5:
7e:74:33:e4:17:59:58:8c:4a:73:c6:2b:fd:1e:ec:
49:fa:49:d7:c7:e1:d8:96:76:5f:ea:b3:3e:03:01:
e3:28:51:1e:3c:96:1a:44:ff:55:97:b8:2b:8c:d8:
4c:e3:02:9f:ce:43:c5:38:28:56:32:a0:40:bc:45:
99:75:0d:8b:aa:f7:eb:29:00:dc:da:8f:a2:27:d1:
a2:b7:87:c5:b5:4d:3a:06:d3:25:bb:c3:cb:16:da:
f7:35:24:e0:4e:c6:2d:ee:34:ae:93:b8:92:6f:8f:
77:56:25:20:0f:ed:95:b1:1b:b7:bc:ff:c8:c9:46:
d0:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:3B:3A:94:7F:F4:9B:10:4A:C0:AF:07:F9:6B:55:57:1A:61:63:A5
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS7843.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.22.136.0/22
82.23.152.0/21
82.24.36.0/22
82.27.144.0/20
Signature Algorithm: sha256WithRSAEncryption
19:6d:b1:ba:4f:ac:19:48:db:97:f8:25:ac:89:70:49:0f:5e:
f5:21:b7:f4:a6:fd:9e:f1:fa:8e:1e:16:8c:66:11:4e:dc:d8:
46:0e:5f:c1:44:2b:72:d6:41:e8:90:57:de:84:a6:0a:a2:0d:
a4:a2:3d:48:d8:d0:8b:31:fc:52:de:0f:2a:39:df:3d:d1:34:
9b:35:46:c3:39:ee:5d:c3:10:af:7f:5b:dc:8a:99:76:ac:03:
bb:e4:7a:12:54:3d:e6:5e:35:83:7e:62:97:71:43:95:f1:73:
f0:9c:de:f3:ca:de:55:ff:ea:72:8e:4a:b1:0d:f0:0f:e2:ae:
b5:1c:4d:4c:89:5d:fc:bc:6d:87:54:2e:e0:d5:71:7e:d4:06:
a9:ac:20:6d:6e:cc:53:ea:8e:77:58:9f:15:06:94:5b:22:20:
38:73:2d:40:dd:56:9a:d4:05:bc:4f:3e:6d:aa:42:32:9a:4b:
0b:47:82:92:57:a7:fe:38:0a:47:94:d6:0d:e6:63:b9:ab:af:
72:31:fe:6b:61:65:45:aa:8f:0c:50:a4:e3:af:28:5e:67:c1:
3c:cf:3b:3f:79:f3:be:5f:5c:ac:e4:b1:5b:0f:b5:98:8b:ff:
e7:2b:05:1e:19:e8:e8:99:02:09:e0:e6:40:65:13:5f:9a:c0:
ba:db:e1:ac
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgIUI32p6v+rZjm7PfCtUnYU1vgnTu0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTAyMTQxMzI1MThaFw0yNjAyMTMxMzMwMThaMDMxMTAvBgNV
BAMTKEVFM0IzQTk0N0ZGNDlCMTA0QUMwQUYwN0Y5NkI1NTU3MUE2MTYzQTUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCQ+IKPaeutxU7bCGzr213N0X01
uEaw7kmqv+mDrV1PrDr+tm5LddmYb4Gn3bP5zRTENiiHvNhpXFgDlKJRGPY/scsl
t6ni2D13M7gEEBWu6p4KubXOiWfxpOE0kKSbOYtWBsrLzjCAFURfCD5uiPKcdFzn
ykqeHg5frKuZFoRcE0VyNvNAtX50M+QXWViMSnPGK/0e7En6SdfH4diWdl/qsz4D
AeMoUR48lhpE/1WXuCuM2EzjAp/OQ8U4KFYyoEC8RZl1DYuq9+spANzaj6In0aK3
h8W1TToG0yW7w8sW2vc1JOBOxi3uNK6TuJJvj3dWJSAP7ZWxG7e8/8jJRtAlAgMB
AAGjggIaMIICFjAdBgNVHQ4EFgQU7js6lH/0mxBKwK8H+WtVVxphY6UwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTNzg0My5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAxBggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEAlIWiAME
A1IXmAMEAlIYJAMEBFIbkDANBgkqhkiG9w0BAQsFAAOCAQEAGW2xuk+sGUjbl/gl
rIlwSQ9e9SG39Kb9nvH6jh4WjGYRTtzYRg5fwUQrctZB6JBX3oSmCqINpKI9SNjQ
izH8Ut4PKjnfPdE0mzVGwznuXcMQr39b3IqZdqwDu+R6ElQ95l41g35il3FDlfFz
8Jze88reVf/qco5KsQ3wD+KutRxNTIld/Lxth1Qu4NVxftQGqawgbW7MU+qOd1if
FQaUWyIgOHMtQN1WmtQFvE8+bapCMppLC0eCklen/jgKR5TWDeZjuauvcjH+a2Fl
RaqPDFCk468oXmfBPM87P3nzvl9crOSxWw+1mIv/5ysFHhno6JkCCeDmQGUTX5rA
utvhrA==
-----END CERTIFICATE-----
Generated at Sun Apr 6 05:51:11 2025 by rpki-client