Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS20473.roa
File: AS20473.roa (raw, json)
Hash identifier: TDGycSh4D/PbNrOz3rr2FRMfgBjN0KpABuBy93q90Xk=
Subject key identifier: 8D:82:94:C7:8E:E4:A6:37:24:CF:04:71:67:80:AA:5D:16:3F:4C:4B
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 21A85A04FB771EE03357C9853420D33C16FF9022
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS20473.roa
Signing time: Thu 02 Jan 2025 00:02:00 +0000
ROA not before: Wed 01 Jan 2025 23:57:00 +0000
ROA not after: Thu 01 Jan 2026 00:02:00 +0000
asID: 20473
IP address blocks: 181.215.41.0/24 maxlen: 24
181.215.70.0/24 maxlen: 24
191.96.58.0/24 maxlen: 24
191.96.64.0/24 maxlen: 24
191.101.20.0/24 maxlen: 24
191.101.58.0/24 maxlen: 24
191.101.82.0/24 maxlen: 24
191.101.223.0/24 maxlen: 24
213.109.169.0/24 maxlen: 24
2a0b:500::/32 maxlen: 48
2a0b:501::/32 maxlen: 48
2a0b:502::/32 maxlen: 48
2a0b:503::/32 maxlen: 48
2a0b:504::/32 maxlen: 48
2a0b:505::/32 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Feb 2025 05:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
21:a8:5a:04:fb:77:1e:e0:33:57:c9:85:34:20:d3:3c:16:ff:90:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Jan 1 23:57:00 2025 GMT
Not After : Jan 1 00:02:00 2026 GMT
Subject: CN=8D8294C78EE4A63724CF04716780AA5D163F4C4B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:4e:b1:77:35:d4:48:04:04:5f:45:0d:15:e4:
71:1e:f3:8e:e1:af:7a:83:a5:4d:cb:49:ac:f2:18:
5e:5f:96:d7:b7:7f:0d:5a:95:f5:db:72:55:c5:85:
70:d9:e1:a0:41:8a:b9:9c:6a:df:81:56:e6:54:d3:
a4:cf:6f:10:42:bb:92:1f:a0:a1:49:96:8a:4d:78:
44:0a:eb:9d:a0:09:f2:35:31:d2:46:a9:35:e3:b8:
ed:50:63:e8:b1:a8:0d:9f:65:95:99:7a:73:a7:83:
c6:62:92:4d:68:b0:0c:29:c7:21:4c:44:b9:3f:9c:
76:5a:ce:66:f4:32:f9:4d:9d:fa:77:39:2e:2e:cb:
6a:54:01:8d:62:3f:03:e7:d9:d5:14:4c:4d:a3:83:
c0:ff:59:ee:86:ef:7c:cb:ea:26:63:00:89:da:1f:
e4:b3:17:2a:08:1c:44:16:d9:62:bc:fe:06:f8:f3:
27:3a:9c:c5:92:3f:58:7f:d7:3a:e9:c6:5d:d4:4d:
d6:97:50:d4:bd:2d:77:2d:b2:1c:4d:42:f0:5c:0f:
27:2a:42:c7:94:ff:b6:eb:2a:d3:e1:5e:47:90:d7:
03:31:b4:f3:72:ca:ec:01:93:9d:8e:bf:ea:51:cc:
04:36:dd:08:59:c0:57:d3:c1:f9:a6:59:7b:32:9c:
b3:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:82:94:C7:8E:E4:A6:37:24:CF:04:71:67:80:AA:5D:16:3F:4C:4B
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS20473.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
181.215.41.0/24
181.215.70.0/24
191.96.58.0/24
191.96.64.0/24
191.101.20.0/24
191.101.58.0/24
191.101.82.0/24
191.101.223.0/24
213.109.169.0/24
IPv6:
2a0b:500::-2a0b:505:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
7f:f3:b7:f4:92:d6:9a:74:95:c8:9d:ee:e5:53:c9:29:af:36:
3a:8a:98:cb:41:07:69:a6:ee:1b:40:48:d1:db:42:93:0d:ec:
2c:79:52:50:dc:16:60:28:9a:71:0f:27:9a:c3:f9:e1:24:7c:
21:de:05:ac:ad:86:a4:97:f1:d7:63:11:4d:6f:e5:08:a1:33:
a2:0f:27:75:05:15:e0:fd:3d:f7:b8:f3:d5:da:4d:55:d1:98:
1e:68:b9:55:93:16:c1:76:08:1a:27:08:76:42:dc:78:c4:ef:
c7:e8:b3:48:6d:23:1c:93:1c:c4:41:7d:73:db:60:6e:52:91:
b0:07:b9:3a:3f:dd:7e:cb:2d:dc:7a:57:94:e2:4e:d2:b8:25:
30:26:c6:ee:db:d0:ed:5a:76:c6:9a:8b:0e:ab:55:4c:85:c5:
7e:2c:ec:b3:d3:cd:8b:f2:60:64:ca:00:f2:75:10:ee:c4:04:
cb:de:ee:d5:12:02:b4:c1:c5:01:32:60:7c:4b:db:ee:75:d6:
a6:83:f3:36:c1:d2:01:0c:5b:fb:a5:cb:0f:ca:b7:64:79:c5:
4f:86:3d:91:82:c0:b6:d7:7a:08:b9:c9:b8:61:a9:9c:34:77:
e2:d9:15:1e:ca:48:81:26:d7:fd:f6:fc:b3:ae:bd:6a:bf:b6:
dc:dc:c6:be
-----BEGIN CERTIFICATE-----
MIIFRjCCBC6gAwIBAgIUIahaBPt3HuAzV8mFNCDTPBb/kCIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNTAxMDEyMzU3MDBaFw0yNjAxMDEwMDAyMDBaMDMxMTAvBgNV
BAMTKDhEODI5NEM3OEVFNEE2MzcyNENGMDQ3MTY3ODBBQTVEMTYzRjRDNEIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCQTrF3NdRIBARfRQ0V5HEe847h
r3qDpU3LSazyGF5flte3fw1alfXbclXFhXDZ4aBBirmcat+BVuZU06TPbxBCu5If
oKFJlopNeEQK652gCfI1MdJGqTXjuO1QY+ixqA2fZZWZenOng8Zikk1osAwpxyFM
RLk/nHZazmb0MvlNnfp3OS4uy2pUAY1iPwPn2dUUTE2jg8D/We6G73zL6iZjAIna
H+SzFyoIHEQW2WK8/gb48yc6nMWSP1h/1zrpxl3UTdaXUNS9LXctshxNQvBcDycq
QseU/7brKtPhXkeQ1wMxtPNyyuwBk52Ov+pRzAQ23QhZwFfTwfmmWXsynLN1AgMB
AAGjggJQMIICTDAdBgNVHQ4EFgQUjYKUx47kpjckzwRxZ4CqXRY/TEswHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMjA0NzMucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwZgYIKwYBBQUHAQcBAf8EVzBVMDwEAgABMDYDBAC11ykD
BAC110YDBAC/YDoDBAC/YEADBAC/ZRQDBAC/ZToDBAC/ZVIDBAC/Zd8DBADVbakw
FQQCAAIwDzANAwQAKgsFAwUBKgsFBDANBgkqhkiG9w0BAQsFAAOCAQEAf/O39JLW
mnSVyJ3u5VPJKa82OoqYy0EHaabuG0BI0dtCkw3sLHlSUNwWYCiacQ8nmsP54SR8
Id4FrK2GpJfx12MRTW/lCKEzog8ndQUV4P0997jz1dpNVdGYHmi5VZMWwXYIGicI
dkLceMTvx+izSG0jHJMcxEF9c9tgblKRsAe5Oj/dfsst3HpXlOJO0rglMCbG7tvQ
7Vp2xpqLDqtVTIXFfizss9PNi/JgZMoA8nUQ7sQEy97u1RICtMHFATJgfEvb7nXW
poPzNsHSAQxb+6XLD8q3ZHnFT4Y9kYLAttd6CLnJuGGpnDR34tkVHspIgSbX/fb8
s669ar+23NzGvg==
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:51:39 2025 by rpki-client