Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS20473.roa
File: AS20473.roa (raw, json)
Hash identifier: SloSfaiChc4CiH0qO0Txp40vVgHIRoM/sYLUwDgGmAg=
Subject key identifier: 81:2B:D7:64:EE:FE:E0:7C:2B:A9:12:2B:65:9B:10:9D:94:73:20:73
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 294B2081D043A5D6D734FA8F7C116EF404C28C5D
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS20473.roa
Signing time: Mon 01 Sep 2025 00:18:16 +0000
ROA not before: Mon 01 Sep 2025 00:13:16 +0000
ROA not after: Mon 31 Aug 2026 00:18:16 +0000
asID: 20473
IP address blocks: 150.241.208.0/24 maxlen: 24
150.241.216.0/21 maxlen: 24
150.241.234.0/24 maxlen: 24
162.141.12.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Sep 2025 11:00:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
29:4b:20:81:d0:43:a5:d6:d7:34:fa:8f:7c:11:6e:f4:04:c2:8c:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Sep 1 00:13:16 2025 GMT
Not After : Aug 31 00:18:16 2026 GMT
Subject: CN=812BD764EEFEE07C2BA9122B659B109D94732073
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:ea:1e:ea:bc:ef:6e:00:2d:55:29:18:29:ab:
05:47:c9:c4:d8:e4:71:a0:54:4a:8c:b3:8b:a9:20:
08:5c:87:0d:ce:ac:9d:01:9a:67:ca:ae:5b:36:c5:
6d:f8:27:72:99:54:04:17:23:7a:5d:58:9a:5d:e4:
4d:4e:f1:12:b4:3c:c9:1d:97:c2:48:dd:03:58:1f:
90:45:95:eb:01:81:06:07:4b:36:07:f6:97:f0:de:
04:be:d4:ee:a6:18:0c:b1:2b:a4:62:29:bf:1f:e3:
dc:a9:cc:61:98:57:75:6c:86:5e:e5:dd:74:5a:05:
c5:c7:00:b6:ed:15:11:57:34:6b:1c:4b:ee:9c:ce:
f3:c0:52:d4:1c:fb:47:10:1a:fd:1c:77:b7:c1:88:
dc:d9:f7:be:3d:e4:b5:94:f1:e3:f0:1d:db:cf:94:
2f:da:25:bb:c6:47:5a:2d:e1:65:de:a6:14:76:70:
e9:41:69:e2:1f:80:0b:a7:48:9c:14:f9:0b:e5:03:
53:90:35:42:6a:fb:25:84:5b:da:7c:dc:08:d8:65:
67:b6:fd:27:aa:17:25:19:d4:ec:67:5f:a7:c5:bd:
2f:54:65:54:cb:97:11:86:68:84:f7:e3:31:3c:30:
fd:54:7d:b1:53:3b:80:7c:0a:78:d8:5b:66:e7:e4:
10:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:2B:D7:64:EE:FE:E0:7C:2B:A9:12:2B:65:9B:10:9D:94:73:20:73
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS20473.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
150.241.208.0/24
150.241.216.0/21
150.241.234.0/24
162.141.12.0/24
Signature Algorithm: sha256WithRSAEncryption
30:4c:8d:f1:a9:bc:29:47:83:c8:8d:c0:0e:09:73:bd:e8:35:
cb:1f:b4:4b:eb:0d:00:19:13:b7:e5:df:28:36:72:d6:7d:bb:
ba:cd:eb:34:fb:2c:af:9a:0e:b0:81:02:17:d9:c6:10:a1:a7:
6c:1a:68:07:60:d9:28:98:4b:b9:b9:b9:80:9d:d2:1b:80:2c:
41:d5:ae:7f:5b:37:3d:cd:0e:80:3c:d6:fa:99:24:53:62:8b:
71:c4:63:67:0b:74:96:7e:df:aa:8b:5b:32:27:0a:f3:3a:8e:
60:02:2b:ff:91:80:03:66:d5:ad:40:c5:03:e0:b8:05:4f:8c:
18:e8:f7:29:a5:48:b9:9f:18:30:0f:a9:d4:ce:df:20:8e:25:
42:68:3c:b1:4d:a6:72:9a:f3:b2:d6:58:4d:6a:02:85:ca:9c:
43:bb:f3:b7:bc:7d:3d:d6:c2:bc:d7:ad:1c:fe:90:f4:3c:56:
5f:72:6e:ba:8e:f0:5c:fe:7f:a1:9e:eb:01:46:f9:4d:64:4f:
4f:9a:83:03:2d:7c:58:c6:53:f6:2b:20:b4:02:f4:8b:1a:b8:
c1:d7:80:92:c5:7c:a0:45:f3:39:76:fe:b2:4a:41:c1:89:81:
a7:0a:99:d1:c5:89:7e:96:2f:61:dc:06:0d:c4:8c:39:6a:35:
0d:09:5a:dc
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgIUKUsggdBDpdbXNPqPfBFu9ATCjF0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTA5MDEwMDEzMTZaFw0yNjA4MzEwMDE4MTZaMDMxMTAvBgNV
BAMTKDgxMkJENzY0RUVGRUUwN0MyQkE5MTIyQjY1OUIxMDlEOTQ3MzIwNzMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCe6h7qvO9uAC1VKRgpqwVHycTY
5HGgVEqMs4upIAhchw3OrJ0BmmfKrls2xW34J3KZVAQXI3pdWJpd5E1O8RK0PMkd
l8JI3QNYH5BFlesBgQYHSzYH9pfw3gS+1O6mGAyxK6RiKb8f49ypzGGYV3Vshl7l
3XRaBcXHALbtFRFXNGscS+6czvPAUtQc+0cQGv0cd7fBiNzZ97495LWU8ePwHdvP
lC/aJbvGR1ot4WXephR2cOlBaeIfgAunSJwU+QvlA1OQNUJq+yWEW9p83AjYZWe2
/SeqFyUZ1OxnX6fFvS9UZVTLlxGGaIT34zE8MP1UfbFTO4B8CnjYW2bn5BALAgMB
AAGjggIbMIICFzAdBgNVHQ4EFgQUgSvXZO7+4HwrqRIrZZsQnZRzIHMwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMjA0NzMucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwMQYIKwYBBQUHAQcBAf8EIjAgMB4EAgABMBgDBACW8dAD
BAOW8dgDBACW8eoDBACijQwwDQYJKoZIhvcNAQELBQADggEBADBMjfGpvClHg8iN
wA4Jc73oNcsftEvrDQAZE7fl3yg2ctZ9u7rN6zT7LK+aDrCBAhfZxhChp2waaAdg
2SiYS7m5uYCd0huALEHVrn9bNz3NDoA81vqZJFNii3HEY2cLdJZ+36qLWzInCvM6
jmACK/+RgANm1a1AxQPguAVPjBjo9ymlSLmfGDAPqdTO3yCOJUJoPLFNpnKa87LW
WE1qAoXKnEO787e8fT3WwrzXrRz+kPQ8Vl9ybrqO8Fz+f6Ge6wFG+U1kT0+agwMt
fFjGU/YrILQC9IsauMHXgJLFfKBF8zl2/rJKQcGJgacKmdHFiX6WL2HcBg3EjDlq
NQ0JWtw=
-----END CERTIFICATE-----
Generated at Sat Sep 13 19:52:49 2025 by rpki-client