Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS20326.roa
File: AS20326.roa (raw, json)
Hash identifier: aQiAC8b+2wQPo/rkt1+zDdjVrdm4UvO/Jr7NB5BJR+Q=
Subject key identifier: 5A:07:0E:B1:40:1C:32:8E:47:56:4E:12:08:AF:6C:E5:35:18:3E:15
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 7895C8E464AC2477EAC7745426E2BF0785FD5FC0
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS20326.roa
Signing time: Fri 05 Sep 2025 01:24:44 +0000
ROA not before: Fri 05 Sep 2025 01:19:44 +0000
ROA not after: Fri 04 Sep 2026 01:24:44 +0000
asID: 20326
IP address blocks: 96.62.200.0/21 maxlen: 24
155.117.158.0/23 maxlen: 24
155.117.178.0/23 maxlen: 24
167.148.80.0/21 maxlen: 24
167.148.198.0/24 maxlen: 24
167.148.204.0/24 maxlen: 24
167.148.207.0/24 maxlen: 24
167.148.210.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 06:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
78:95:c8:e4:64:ac:24:77:ea:c7:74:54:26:e2:bf:07:85:fd:5f:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Sep 5 01:19:44 2025 GMT
Not After : Sep 4 01:24:44 2026 GMT
Subject: CN=5A070EB1401C328E47564E1208AF6CE535183E15
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:d8:3f:c0:32:63:94:d5:7e:a3:cf:de:ad:41:
ec:60:bc:72:36:48:b5:a9:a6:a4:dd:dc:1e:a9:0d:
78:68:26:6a:1c:47:6f:ad:ef:1e:33:e1:82:6e:b6:
51:fb:b2:93:58:e5:e5:bb:be:87:77:5e:c7:3b:25:
60:18:9a:02:4f:88:af:c1:55:09:70:52:8d:40:56:
f5:49:51:d4:57:d8:90:a8:2a:e9:e1:88:c0:25:23:
29:51:ad:78:05:db:bf:f8:e5:bb:a6:73:40:24:cd:
cf:53:d6:e5:ad:58:24:5b:bb:19:44:9a:7e:a6:aa:
eb:a7:28:c8:f2:bc:66:65:42:a3:29:c3:13:bb:bd:
2c:21:c9:43:6a:dc:e8:34:93:09:39:d1:ac:45:e6:
de:b2:c8:f5:64:6b:c7:d6:07:2f:9c:8c:ba:ac:77:
10:fd:05:1b:e0:00:11:80:96:3e:29:4d:95:eb:af:
dd:aa:1e:b5:2c:2b:fb:f2:4f:00:5a:9f:5c:ee:89:
96:d5:9c:aa:cc:9c:a0:64:c4:f9:41:09:43:d4:1f:
2b:04:7d:68:27:c0:f5:b5:a1:d4:d4:4a:87:c7:48:
02:4c:3f:08:53:a5:4f:d2:77:4e:c5:de:08:8e:d4:
6d:f8:73:10:eb:66:ee:a5:c3:69:ce:7b:4c:25:0e:
28:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:07:0E:B1:40:1C:32:8E:47:56:4E:12:08:AF:6C:E5:35:18:3E:15
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS20326.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
96.62.200.0/21
155.117.158.0/23
155.117.178.0/23
167.148.80.0/21
167.148.198.0/24
167.148.204.0/24
167.148.207.0/24
167.148.210.0/24
Signature Algorithm: sha256WithRSAEncryption
6c:b5:09:70:b4:0a:b4:62:ee:7c:e8:f4:43:97:a6:82:3a:94:
78:76:36:f5:ed:83:ba:7b:0c:c1:fa:4a:fe:66:ff:3c:06:80:
2d:56:07:df:1b:64:bd:8f:74:2d:31:46:37:14:81:cc:6c:32:
4f:39:d3:5a:bd:c7:f0:d5:6c:5a:6a:c1:3e:bc:c6:6f:db:f3:
db:13:6a:d9:e7:6e:96:73:11:fc:73:7c:31:78:6d:0e:b0:b6:
27:2e:44:ce:b7:6b:38:e6:da:ea:86:fe:4e:11:9a:ec:14:0a:
ad:2a:8e:1b:cb:51:9d:1d:f4:66:7b:5e:cd:50:08:33:3d:a0:
90:84:b8:db:37:22:d1:df:0b:04:55:ab:a6:eb:d8:7a:c5:96:
64:b8:b6:45:3c:8b:a9:6e:f6:a6:e4:3c:9d:31:ab:0b:3f:c5:
e7:1c:be:1f:79:d1:67:f2:5d:de:0b:b5:da:1e:fd:6c:98:1f:
bc:4c:d0:ae:f2:74:3e:82:49:bb:0a:1d:f3:8d:e6:50:df:74:
df:d3:65:f5:c0:41:ba:b9:ad:d5:d5:20:69:8b:5d:ab:12:eb:
63:2f:53:ac:f1:1b:cf:b3:b0:20:6a:15:e4:a7:cb:db:19:6f:
52:0f:52:3b:44:f7:81:6e:82:b0:45:6c:f7:fa:93:92:81:07:
c3:5c:57:a4
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgIUeJXI5GSsJHfqx3RUJuK/B4X9X8AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTA5MDUwMTE5NDRaFw0yNjA5MDQwMTI0NDRaMDMxMTAvBgNV
BAMTKDVBMDcwRUIxNDAxQzMyOEU0NzU2NEUxMjA4QUY2Q0U1MzUxODNFMTUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCT2D/AMmOU1X6jz96tQexgvHI2
SLWppqTd3B6pDXhoJmocR2+t7x4z4YJutlH7spNY5eW7vod3Xsc7JWAYmgJPiK/B
VQlwUo1AVvVJUdRX2JCoKunhiMAlIylRrXgF27/45bumc0Akzc9T1uWtWCRbuxlE
mn6mquunKMjyvGZlQqMpwxO7vSwhyUNq3Og0kwk50axF5t6yyPVka8fWBy+cjLqs
dxD9BRvgABGAlj4pTZXrr92qHrUsK/vyTwBan1zuiZbVnKrMnKBkxPlBCUPUHysE
fWgnwPW1odTUSofHSAJMPwhTpU/Sd07F3giO1G34cxDrZu6lw2nOe0wlDiiRAgMB
AAGjggIzMIICLzAdBgNVHQ4EFgQUWgcOsUAcMo5HVk4SCK9s5TUYPhUwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMjAzMjYucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwSQYIKwYBBQUHAQcBAf8EOjA4MDYEAgABMDADBANgPsgD
BAGbdZ4DBAGbdbIDBAOnlFADBACnlMYDBACnlMwDBACnlM8DBACnlNIwDQYJKoZI
hvcNAQELBQADggEBAGy1CXC0CrRi7nzo9EOXpoI6lHh2NvXtg7p7DMH6Sv5m/zwG
gC1WB98bZL2PdC0xRjcUgcxsMk8501q9x/DVbFpqwT68xm/b89sTatnnbpZzEfxz
fDF4bQ6wticuRM63azjm2uqG/k4RmuwUCq0qjhvLUZ0d9GZ7Xs1QCDM9oJCEuNs3
ItHfCwRVq6br2HrFlmS4tkU8i6lu9qbkPJ0xqws/xeccvh950WfyXd4Ltdoe/WyY
H7xM0K7ydD6CSbsKHfON5lDfdN/TZfXAQbq5rdXVIGmLXasS62MvU6zxG8+zsCBq
FeSny9sZb1IPUjtE94FugrBFbPf6k5KBB8NcV6Q=
-----END CERTIFICATE-----
Generated at Sun Oct 19 16:08:31 2025 by rpki-client