Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/AS20326.roa
File: AS20326.roa (raw, json)
Hash identifier: enGjyxq3fxJeYNUHKHFoRPuVI2u0k0nti1lPKYL+Ink=
Subject key identifier: 6E:9B:96:B7:FB:2F:D7:8F:0D:6C:11:9C:4B:F0:2C:F6:E4:3A:77:8C
Certificate issuer: /CN=88c14ec02adbf083138eddd47871176ddeb93d9d
Certificate serial: 1B3A62142304720DD8CA2A636D7ACCBF875307BE
Authority key identifier: 88:C1:4E:C0:2A:DB:F0:83:13:8E:DD:D4:78:71:17:6D:DE:B9:3D:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/AS20326.roa
Signing time: Fri 11 Jul 2025 23:08:43 +0000
ROA not before: Fri 11 Jul 2025 23:03:43 +0000
ROA not after: Fri 10 Jul 2026 23:08:43 +0000
asID: 20326
IP address blocks: 143.20.238.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.crl
rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.mft
rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Jul 2025 04:23:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1b:3a:62:14:23:04:72:0d:d8:ca:2a:63:6d:7a:cc:bf:87:53:07:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88c14ec02adbf083138eddd47871176ddeb93d9d
Validity
Not Before: Jul 11 23:03:43 2025 GMT
Not After : Jul 10 23:08:43 2026 GMT
Subject: CN=6E9B96B7FB2FD78F0D6C119C4BF02CF6E43A778C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:ea:ef:30:4b:dc:21:3e:7a:73:b5:14:c5:67:
9a:ca:b2:b3:db:73:ef:32:f5:c6:ba:31:f1:1b:90:
57:4b:54:73:18:8f:79:45:25:88:63:55:2c:64:bf:
48:c3:be:7a:0a:96:cf:e2:b9:02:f7:51:0e:1a:60:
85:55:a2:68:43:fe:ed:1d:89:d4:e4:b8:8a:c0:f3:
35:dd:5d:a6:4b:24:55:44:62:a0:2b:8f:e9:c7:db:
7a:64:76:a4:56:98:4c:13:b9:be:49:ad:e1:7a:4c:
29:ca:d3:2d:b5:9f:20:3c:16:85:95:8b:c9:20:f3:
16:89:3e:c1:7a:f5:21:37:f0:55:dd:2d:83:47:51:
2c:b1:34:96:67:0e:86:db:bb:38:f3:94:93:54:53:
8b:66:1d:d5:30:ba:4c:81:b9:e1:fb:9f:0c:81:6f:
64:1f:da:b2:3c:e7:6d:f4:5d:de:3a:29:c8:45:4f:
f1:a3:62:e2:51:3c:c3:b1:5d:c2:39:67:31:04:29:
e2:4a:29:21:94:cc:32:43:96:fe:d6:bb:28:8c:45:
09:6e:75:24:7b:c0:1e:2e:96:13:78:2b:5f:b0:ee:
75:3e:11:8c:16:be:9a:99:de:c9:49:6a:97:51:9f:
34:79:92:74:1e:fe:37:1f:66:58:29:4b:c2:99:4c:
03:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:9B:96:B7:FB:2F:D7:8F:0D:6C:11:9C:4B:F0:2C:F6:E4:3A:77:8C
X509v3 Authority Key Identifier:
keyid:88:C1:4E:C0:2A:DB:F0:83:13:8E:DD:D4:78:71:17:6D:DE:B9:3D:9D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/AS20326.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.20.238.0/24
Signature Algorithm: sha256WithRSAEncryption
9b:d6:d5:da:32:85:41:01:d8:ae:4a:b7:8b:87:1b:a3:5c:65:
2f:3d:d8:7c:b4:cd:4f:c2:33:50:28:dd:e3:56:ae:0c:2c:fe:
87:70:a6:23:6b:59:8c:70:3a:10:41:10:33:03:7f:f9:01:a1:
55:a0:dc:9f:98:a4:f0:f2:05:5b:6f:bf:a1:f7:9d:d0:08:91:
d6:4a:54:c8:4f:8d:de:08:28:1d:3f:90:7b:77:98:90:e3:b0:
3c:05:19:12:a3:0f:49:8c:95:d0:44:7f:76:4a:fa:0d:02:72:
3e:ff:05:3d:bf:af:86:a9:08:44:36:d9:69:f1:70:2a:ac:aa:
20:9b:3d:db:85:c8:1d:3a:3f:c7:b6:87:24:11:4e:48:50:1b:
65:70:b7:1a:da:be:5a:d5:4b:91:37:db:f4:eb:65:b3:1a:96:
8e:df:37:59:69:f3:04:97:49:cf:77:10:1a:bf:dc:f0:91:32:
e4:ec:20:2f:be:72:e4:5d:4e:17:45:c6:60:f6:04:97:64:b1:
ea:59:8f:57:7e:58:8d:42:a3:ed:1e:45:63:2b:f9:5b:c7:65:
9e:f9:43:c9:c7:db:36:0e:5f:57:47:a3:29:1d:fd:de:c3:bc:
12:07:96:2a:aa:9e:d2:e8:1d:cd:9f:dc:62:d9:da:37:62:6b:
4e:9d:92:e3
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgIUGzpiFCMEcg3YyipjbXrMv4dTB74wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODhjMTRlYzAyYWRiZjA4MzEzOGVkZGQ0Nzg3MTE3NmRk
ZWI5M2Q5ZDAeFw0yNTA3MTEyMzAzNDNaFw0yNjA3MTAyMzA4NDNaMDMxMTAvBgNV
BAMTKDZFOUI5NkI3RkIyRkQ3OEYwRDZDMTE5QzRCRjAyQ0Y2RTQzQTc3OEMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDd6u8wS9whPnpztRTFZ5rKsrPb
c+8y9ca6MfEbkFdLVHMYj3lFJYhjVSxkv0jDvnoKls/iuQL3UQ4aYIVVomhD/u0d
idTkuIrA8zXdXaZLJFVEYqArj+nH23pkdqRWmEwTub5JreF6TCnK0y21nyA8FoWV
i8kg8xaJPsF69SE38FXdLYNHUSyxNJZnDobbuzjzlJNUU4tmHdUwukyBueH7nwyB
b2Qf2rI85230Xd46KchFT/GjYuJRPMOxXcI5ZzEEKeJKKSGUzDJDlv7WuyiMRQlu
dSR7wB4ulhN4K1+w7nU+EYwWvpqZ3slJapdRnzR5knQe/jcfZlgpS8KZTAMtAgMB
AAGjggIJMIICBTAdBgNVHQ4EFgQUbpuWt/sv148NbBGcS/As9uQ6d4wwHwYDVR0j
BBgwFoAUiMFOwCrb8IMTjt3UeHEXbd65PZ0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQwOWQ3YjItZWU2NC00OWYxLWFkODEtOGU0YTEwN2Q2
MmUwLzAvODhDMTRFQzAyQURCRjA4MzEzOEVEREQ0Nzg3MTE3NkRERUI5M0Q5RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2lNRk93Q3JiOElNVGp0M1VlSEVYYmQ2
NVBaMC5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0MDlkN2IyLWVlNjQt
NDlmMS1hZDgxLThlNGExMDdkNjJlMC8wL0FTMjAzMjYucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACPFO4w
DQYJKoZIhvcNAQELBQADggEBAJvW1doyhUEB2K5Kt4uHG6NcZS892Hy0zU/CM1Ao
3eNWrgws/odwpiNrWYxwOhBBEDMDf/kBoVWg3J+YpPDyBVtvv6H3ndAIkdZKVMhP
jd4IKB0/kHt3mJDjsDwFGRKjD0mMldBEf3ZK+g0Ccj7/BT2/r4apCEQ22WnxcCqs
qiCbPduFyB06P8e2hyQRTkhQG2VwtxravlrVS5E32/TrZbMalo7fN1lp8wSXSc93
EBq/3PCRMuTsIC++cuRdThdFxmD2BJdksepZj1d+WI1Co+0eRWMr+VvHZZ75Q8nH
2zYOX1dHoykd/d7DvBIHliqqntLoHc2f3GLZ2jdia06dkuM=
-----END CERTIFICATE-----
Generated at Sun Jul 20 14:07:50 2025 by rpki-client