Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS20473.roa
File: AS20473.roa (raw, json)
Hash identifier: tSWi0YKXBmsqFYEHWa2UOSbDopwaJ96iBLqwkKVPfnw=
Subject key identifier: D7:06:61:ED:F1:9B:29:6D:15:1C:11:FA:CC:18:9E:6D:97:3A:78:64
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 7AF21ABB26F30011B0081F93F1623C443EB6B496
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS20473.roa
Signing time: Wed 14 May 2025 09:14:09 +0000
ROA not before: Wed 14 May 2025 09:09:09 +0000
ROA not after: Wed 13 May 2026 09:14:09 +0000
asID: 20473
IP address blocks: 147.79.24.0/23 maxlen: 23
148.135.172.0/24 maxlen: 24
150.241.208.0/24 maxlen: 24
150.241.216.0/21 maxlen: 24
150.241.234.0/24 maxlen: 24
155.117.88.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 06 Jun 2025 20:42:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7a:f2:1a:bb:26:f3:00:11:b0:08:1f:93:f1:62:3c:44:3e:b6:b4:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: May 14 09:09:09 2025 GMT
Not After : May 13 09:14:09 2026 GMT
Subject: CN=D70661EDF19B296D151C11FACC189E6D973A7864
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:ce:95:bb:eb:c8:f0:d2:c6:3f:3e:ec:e9:b1:
5f:08:11:40:7d:bc:0f:e2:17:56:aa:dd:a3:b8:37:
ce:2a:d3:15:60:e1:5b:76:bd:8a:ce:e1:67:5d:39:
d9:31:ca:8a:f3:da:b9:7d:16:ef:bd:ab:8b:3b:14:
bd:cd:e3:f3:f1:66:66:7b:2c:d9:e3:03:94:de:49:
90:19:47:a4:49:34:da:89:54:37:64:fb:15:d4:c1:
76:2b:eb:13:36:4f:2b:92:54:4e:6f:f5:67:5b:74:
a1:2d:9c:15:82:47:55:00:cd:b6:6d:17:12:d4:99:
07:9d:df:38:14:ce:d2:83:e3:2a:53:85:19:dc:1f:
36:68:01:0c:00:e0:49:7d:4c:f8:b5:09:46:bd:22:
52:50:47:ae:fa:5a:1c:5a:16:51:1b:56:40:fc:f7:
a1:d2:08:5b:e5:ab:c7:f3:e8:54:bf:7d:08:0c:64:
7d:d1:4a:64:22:cf:32:ea:76:d1:94:7e:0d:1e:fc:
5b:37:9c:1f:15:b7:66:28:39:0e:04:d4:ca:79:fc:
bb:86:32:32:7d:67:a9:40:d2:ee:3d:9c:e4:c5:70:
9e:c9:b0:87:7e:74:43:89:db:dd:2b:f1:29:2c:d2:
8e:81:91:f2:16:9d:09:21:8f:89:64:71:e2:c6:5f:
da:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:06:61:ED:F1:9B:29:6D:15:1C:11:FA:CC:18:9E:6D:97:3A:78:64
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS20473.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.79.24.0/23
148.135.172.0/24
150.241.208.0/24
150.241.216.0/21
150.241.234.0/24
155.117.88.0/23
Signature Algorithm: sha256WithRSAEncryption
01:4f:ab:72:45:b3:ab:51:8c:1e:34:eb:23:79:42:28:35:b1:
9c:b3:6f:27:26:75:d0:72:f9:47:17:59:eb:cc:0d:1c:53:6d:
73:52:1e:9f:b2:11:8a:2c:dd:62:78:fe:7c:78:84:68:87:61:
24:07:92:08:c5:3b:bb:6b:cf:5c:d1:39:0f:f1:02:fc:e8:57:
e4:c1:99:d8:7a:23:4c:da:d7:72:52:80:0e:fe:86:ed:f1:fd:
66:4a:6d:2a:21:24:21:ad:6c:16:43:44:f4:c2:2d:31:16:f4:
00:0c:3b:bd:5e:bf:e4:26:59:26:bc:91:d0:0d:a9:1b:80:3f:
dc:09:25:13:ba:71:8c:90:1a:99:6b:72:27:7a:58:30:fc:85:
70:c2:6e:27:ae:a7:4f:44:d7:9c:03:2c:8b:54:e2:a1:5d:b3:
f9:fc:d0:28:a3:6d:d8:fc:10:f3:f8:c8:b5:ca:b6:75:76:ee:
06:e4:66:8e:5a:74:b4:9e:94:18:d8:61:16:8b:81:09:b7:1e:
0b:3c:ae:65:5a:a9:56:a3:a8:2a:55:6b:20:86:87:33:45:eb:
a0:b7:78:0d:e2:d7:47:9e:a3:b6:d0:89:be:e9:e7:57:79:d0:
38:3c:14:e8:2f:a5:15:f7:f0:0d:6f:01:ed:2f:f1:15:57:20:
9e:8f:5d:6d
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgIUevIauybzABGwCB+T8WI8RD62tJYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTA1MTQwOTA5MDlaFw0yNjA1MTMwOTE0MDlaMDMxMTAvBgNV
BAMTKEQ3MDY2MUVERjE5QjI5NkQxNTFDMTFGQUNDMTg5RTZEOTczQTc4NjQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQChzpW768jw0sY/PuzpsV8IEUB9
vA/iF1aq3aO4N84q0xVg4Vt2vYrO4WddOdkxyorz2rl9Fu+9q4s7FL3N4/PxZmZ7
LNnjA5TeSZAZR6RJNNqJVDdk+xXUwXYr6xM2TyuSVE5v9WdbdKEtnBWCR1UAzbZt
FxLUmQed3zgUztKD4ypThRncHzZoAQwA4El9TPi1CUa9IlJQR676WhxaFlEbVkD8
96HSCFvlq8fz6FS/fQgMZH3RSmQizzLqdtGUfg0e/Fs3nB8Vt2YoOQ4E1Mp5/LuG
MjJ9Z6lA0u49nOTFcJ7JsId+dEOJ290r8Sks0o6BkfIWnQkhj4lkceLGX9pjAgMB
AAGjggInMIICIzAdBgNVHQ4EFgQU1wZh7fGbKW0VHBH6zBiebZc6eGQwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMjA0NzMucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwPQYIKwYBBQUHAQcBAf8ELjAsMCoEAgABMCQDBAGTTxgD
BACUh6wDBACW8dADBAOW8dgDBACW8eoDBAGbdVgwDQYJKoZIhvcNAQELBQADggEB
AAFPq3JFs6tRjB406yN5Qig1sZyzbycmddBy+UcXWevMDRxTbXNSHp+yEYos3WJ4
/nx4hGiHYSQHkgjFO7trz1zROQ/xAvzoV+TBmdh6I0za13JSgA7+hu3x/WZKbSoh
JCGtbBZDRPTCLTEW9AAMO71ev+QmWSa8kdANqRuAP9wJJRO6cYyQGplrcid6WDD8
hXDCbieup09E15wDLItU4qFds/n80Cijbdj8EPP4yLXKtnV27gbkZo5adLSelBjY
YRaLgQm3Hgs8rmVaqVajqCpVayCGhzNF66C3eA3i10eeo7bQib7p51d50Dg8FOgv
pRX38A1vAe0v8RVXIJ6PXW0=
-----END CERTIFICATE-----
Generated at Fri Jun 6 03:57:43 2025 by rpki-client