Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS32043.roa
File: AS32043.roa (raw, json)
Hash identifier: or8mouAJeESk8Yp6nCZZOxJwlGcAVOniuYQUgr8mb4Y=
Subject key identifier: C7:E5:FC:A2:B6:1C:39:55:B3:ED:3A:16:E5:30:4B:3F:B8:93:81:5C
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 3677D1F7369B23EF1F0A78AF326AEAABF341606D
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS32043.roa
Signing time: Wed 23 Jul 2025 06:45:56 +0000
ROA not before: Wed 23 Jul 2025 06:40:56 +0000
ROA not after: Wed 22 Jul 2026 06:45:56 +0000
asID: 32043
IP address blocks: 143.14.63.0/24 maxlen: 24
143.14.73.0/24 maxlen: 24
143.14.74.0/24 maxlen: 24
143.14.214.0/24 maxlen: 24
155.117.48.0/24 maxlen: 24
155.117.49.0/24 maxlen: 24
155.117.50.0/24 maxlen: 24
155.117.53.0/24 maxlen: 24
155.117.62.0/24 maxlen: 24
155.117.191.0/24 maxlen: 24
155.117.192.0/24 maxlen: 24
155.117.236.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 03:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
36:77:d1:f7:36:9b:23:ef:1f:0a:78:af:32:6a:ea:ab:f3:41:60:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Jul 23 06:40:56 2025 GMT
Not After : Jul 22 06:45:56 2026 GMT
Subject: CN=C7E5FCA2B61C3955B3ED3A16E5304B3FB893815C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:5b:f0:61:c6:70:7b:8e:f1:ad:c3:3b:b8:b0:
28:55:d8:a5:e2:24:5e:86:a2:b5:55:bb:30:c6:5f:
5b:4a:38:6c:92:89:2a:6a:5c:6f:7b:79:18:ac:22:
95:d1:b1:77:93:55:1a:d0:48:63:d6:13:8b:54:c2:
3f:11:34:22:fc:5f:9e:45:13:e7:cd:29:1b:90:96:
b4:8e:d8:fa:c4:e6:c2:bd:73:d6:43:45:2c:8e:ff:
a6:63:56:06:0d:66:a8:eb:13:40:80:35:c1:48:28:
b5:4f:a6:7b:ed:9f:db:c9:fc:3f:a2:69:50:27:b3:
61:c1:e5:58:ec:80:8c:87:69:2e:ff:62:ef:aa:69:
cd:c4:65:1a:dd:bd:1c:7e:c4:e4:54:25:31:27:c9:
a3:24:4d:32:6d:98:42:56:01:09:df:fa:38:ac:57:
6d:90:85:1b:77:6b:4b:b4:4c:be:92:82:db:8b:53:
ad:fe:c8:4d:fa:e4:42:83:e3:59:3a:a2:a3:70:b3:
aa:db:28:0c:e5:e1:03:45:e9:75:dd:93:54:a0:f6:
08:e7:7f:19:b8:03:c8:e3:43:31:ac:77:73:6d:b3:
41:20:32:3b:cc:77:d1:c4:bd:b5:5a:ef:3a:d0:c6:
33:84:77:c7:28:00:c5:5f:89:b7:fa:6e:6f:71:3a:
a0:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:E5:FC:A2:B6:1C:39:55:B3:ED:3A:16:E5:30:4B:3F:B8:93:81:5C
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS32043.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.14.63.0/24
143.14.73.0-143.14.74.255
143.14.214.0/24
155.117.48.0-155.117.50.255
155.117.53.0/24
155.117.62.0/24
155.117.191.0-155.117.192.255
155.117.236.0/24
Signature Algorithm: sha256WithRSAEncryption
39:58:97:af:27:f1:a4:76:52:53:f5:12:5b:5e:bd:74:b8:c0:
5f:e9:ee:ff:36:3b:79:3a:a7:a5:cf:47:e1:1d:12:4d:49:c3:
e2:68:fa:b8:88:5e:0a:3d:60:20:a7:d0:38:d4:9a:08:1a:52:
8f:e6:c8:33:44:13:ff:e0:ce:81:32:25:47:62:ab:1d:2b:0a:
85:5e:94:8c:46:97:7a:ae:b5:38:9b:ad:56:58:ab:3d:7c:e5:
a2:0b:ed:e5:73:4f:17:9e:0b:63:ab:4b:5d:5f:5e:08:d4:d3:
13:57:4b:3f:cc:21:0c:94:ac:ae:7f:2f:a2:52:9a:10:b1:57:
26:b4:5f:c2:25:e3:fd:7e:ff:aa:ee:33:26:a9:f0:98:6a:78:
1e:d2:4a:bc:80:84:ed:9b:dd:fd:93:d2:6e:58:91:a1:b6:60:
62:8e:1e:97:1f:90:70:0e:64:f1:51:76:5c:98:47:3a:f8:b2:
a4:ef:e9:f5:d8:a0:0e:b8:b6:0b:67:5a:d7:b1:48:71:14:11:
2a:67:ef:9e:69:ae:fa:8c:b7:9e:a2:e7:c8:d4:cc:f7:2d:16:
78:85:23:bc:40:31:7e:ef:bd:c4:a9:f2:c0:1c:ea:f9:10:e5:
99:cc:a4:73:a9:68:b6:bd:ad:61:81:bb:72:ef:6e:66:ec:0d:
50:b1:cd:8e
-----BEGIN CERTIFICATE-----
MIIFQTCCBCmgAwIBAgIUNnfR9zabI+8fCnivMmrqq/NBYG0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTA3MjMwNjQwNTZaFw0yNjA3MjIwNjQ1NTZaMDMxMTAvBgNV
BAMTKEM3RTVGQ0EyQjYxQzM5NTVCM0VEM0ExNkU1MzA0QjNGQjg5MzgxNUMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDcW/BhxnB7jvGtwzu4sChV2KXi
JF6GorVVuzDGX1tKOGySiSpqXG97eRisIpXRsXeTVRrQSGPWE4tUwj8RNCL8X55F
E+fNKRuQlrSO2PrE5sK9c9ZDRSyO/6ZjVgYNZqjrE0CANcFIKLVPpnvtn9vJ/D+i
aVAns2HB5VjsgIyHaS7/Yu+qac3EZRrdvRx+xORUJTEnyaMkTTJtmEJWAQnf+jis
V22QhRt3a0u0TL6SgtuLU63+yE365EKD41k6oqNws6rbKAzl4QNF6XXdk1Sg9gjn
fxm4A8jjQzGsd3Nts0EgMjvMd9HEvbVa7zrQxjOEd8coAMVfibf6bm9xOqC1AgMB
AAGjggJLMIICRzAdBgNVHQ4EFgQUx+X8orYcOVWz7ToW5TBLP7iTgVwwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMzIwNDMucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwYQYIKwYBBQUHAQcBAf8EUjBQME4EAgABMEgDBACPDj8w
DAMEAI8OSQMEAI8OSgMEAI8O1jAMAwQEm3UwAwQAm3UyAwQAm3U1AwQAm3U+MAwD
BACbdb8DBACbdcADBACbdewwDQYJKoZIhvcNAQELBQADggEBADlYl68n8aR2UlP1
EltevXS4wF/p7v82O3k6p6XPR+EdEk1Jw+Jo+riIXgo9YCCn0DjUmggaUo/myDNE
E//gzoEyJUdiqx0rCoVelIxGl3qutTibrVZYqz185aIL7eVzTxeeC2OrS11fXgjU
0xNXSz/MIQyUrK5/L6JSmhCxVya0X8Il4/1+/6ruMyap8JhqeB7SSryAhO2b3f2T
0m5YkaG2YGKOHpcfkHAOZPFRdlyYRzr4sqTv6fXYoA64tgtnWtexSHEUESpn755p
rvqMt56i58jUzPctFniFI7xAMX7vvcSp8sAc6vkQ5ZnMpHOpaLa9rWGBu3Lvbmbs
DVCxzY4=
-----END CERTIFICATE-----
Generated at Mon Aug 4 07:40:16 2025 by rpki-client