Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS20473.roa
File: AS20473.roa (raw, json)
Hash identifier: zBFHsT0j0Nbfb93YMP+9gb2DjWE6YJfv43K43xqjNyk=
Subject key identifier: 7E:5E:28:E7:95:78:AA:2F:22:5D:BC:D3:8C:F8:F9:10:DD:AA:F0:5F
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 06B72FBC252A79A0FCE8435832D28A28E6A5687B
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS20473.roa
Signing time: Wed 04 Mar 2026 12:37:22 +0000
ROA not before: Wed 04 Mar 2026 12:32:22 +0000
ROA not after: Wed 03 Mar 2027 12:37:22 +0000
asID: 20473
IP address blocks: 179.61.226.0/24 maxlen: 24
181.215.70.0/24 maxlen: 24
191.101.66.0/23 maxlen: 23
2a0b:500::/32 maxlen: 48
2a0b:501::/32 maxlen: 48
2a0b:502::/32 maxlen: 48
2a0b:503::/32 maxlen: 48
2a0b:504::/32 maxlen: 48
2a0b:505::/32 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 06 Mar 2026 16:05:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
06:b7:2f:bc:25:2a:79:a0:fc:e8:43:58:32:d2:8a:28:e6:a5:68:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Mar 4 12:32:22 2026 GMT
Not After : Mar 3 12:37:22 2027 GMT
Subject: CN=7E5E28E79578AA2F225DBCD38CF8F910DDAAF05F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:6b:a5:68:5a:44:45:ff:42:f2:c6:ca:a9:72:
16:dd:79:ba:a3:27:81:25:67:02:6e:08:d2:26:99:
69:23:e1:08:09:09:8e:cb:67:64:89:80:0e:50:4a:
61:95:1b:95:69:6a:ff:65:76:6d:cb:44:85:bb:15:
81:f4:44:29:98:75:0a:c2:4d:d8:02:f8:d6:77:c2:
72:20:c4:79:37:1b:bc:e7:ed:4d:88:6e:35:0c:98:
22:a1:cf:1c:05:98:ec:ce:ea:3b:7b:01:24:ce:54:
dc:bf:8b:1f:01:1a:7a:5e:c8:78:b7:00:c1:50:e2:
dc:f2:16:98:26:dc:cf:a0:56:f5:a4:52:2d:f4:60:
27:e6:ed:3a:71:96:27:7d:f9:dc:c4:39:94:3b:4c:
7f:47:70:c8:5b:ed:52:f4:fe:06:fe:d6:06:b4:94:
71:be:b0:0b:72:e0:db:f2:93:66:4b:29:cd:fb:d6:
30:fb:f9:ce:0b:54:a7:5d:59:9b:7e:0a:18:c6:81:
40:34:5e:f9:b4:f2:18:3b:13:60:19:83:14:fc:7e:
bb:5a:0f:fc:8d:55:1d:7e:17:3d:8e:cf:ba:aa:3a:
58:4e:dc:3c:1e:62:25:2c:9b:24:d6:e8:80:8a:4a:
a7:38:bf:9c:5f:14:d8:b6:6e:42:d0:68:90:82:09:
44:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:5E:28:E7:95:78:AA:2F:22:5D:BC:D3:8C:F8:F9:10:DD:AA:F0:5F
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS20473.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
179.61.226.0/24
181.215.70.0/24
191.101.66.0/23
IPv6:
2a0b:500::-2a0b:505:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
0f:5c:78:1b:07:fb:d7:8f:ed:f2:7f:50:df:55:d3:ba:de:34:
49:b1:5d:6c:d9:a1:91:c7:95:10:59:3b:70:a0:9e:d2:0a:bf:
b6:5c:80:02:8b:3f:ae:3e:10:0e:f0:b5:41:ef:72:b1:98:8d:
fd:fb:3c:90:ac:f4:fa:1d:30:88:70:b4:6b:25:d9:a3:e9:e1:
48:8a:44:26:e6:b1:c8:35:b5:3f:50:ce:e8:83:d9:83:01:b2:
04:90:94:62:c8:5c:13:f2:2d:ae:df:55:99:f4:29:36:8e:a8:
21:69:46:c9:a0:20:4f:f7:c3:54:87:fe:4f:c7:72:f2:4f:51:
17:52:9e:f0:de:fd:0b:fe:b7:bd:f9:5c:15:ee:20:fc:d8:be:
0a:b2:98:89:e1:10:75:39:64:f7:fa:e9:d8:a8:82:61:37:5d:
4e:28:ac:2f:ec:0f:81:09:43:d2:d7:66:41:e7:4c:b4:6c:37:
f9:ce:be:19:b8:9f:c3:5b:c3:e2:b6:a5:db:0f:ba:e7:f1:c9:
bc:da:d8:48:05:ed:b6:98:aa:3e:b3:3d:9f:08:01:45:13:03:
ee:da:9a:32:7e:f4:3d:79:cc:69:a2:0c:cb:62:2d:f5:4f:b6:
30:9b:c0:9c:29:7e:01:2e:cd:ea:44:cf:77:b5:c2:4b:1c:89:
e6:c7:84:36
-----BEGIN CERTIFICATE-----
MIIFIjCCBAqgAwIBAgIUBrcvvCUqeaD86ENYMtKKKOalaHswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNjAzMDQxMjMyMjJaFw0yNzAzMDMxMjM3MjJaMDMxMTAvBgNV
BAMTKDdFNUUyOEU3OTU3OEFBMkYyMjVEQkNEMzhDRjhGOTEwRERBQUYwNUYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCfa6VoWkRF/0Lyxsqpchbdebqj
J4ElZwJuCNImmWkj4QgJCY7LZ2SJgA5QSmGVG5Vpav9ldm3LRIW7FYH0RCmYdQrC
TdgC+NZ3wnIgxHk3G7zn7U2IbjUMmCKhzxwFmOzO6jt7ASTOVNy/ix8BGnpeyHi3
AMFQ4tzyFpgm3M+gVvWkUi30YCfm7Tpxlid9+dzEOZQ7TH9HcMhb7VL0/gb+1ga0
lHG+sAty4Nvyk2ZLKc371jD7+c4LVKddWZt+ChjGgUA0Xvm08hg7E2AZgxT8frta
D/yNVR1+Fz2Oz7qqOlhO3DweYiUsmyTW6ICKSqc4v5xfFNi2bkLQaJCCCURlAgMB
AAGjggIsMIICKDAdBgNVHQ4EFgQUfl4o55V4qi8iXbzTjPj5EN2q8F8wHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMjA0NzMucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwQgYIKwYBBQUHAQcBAf8EMzAxMBgEAgABMBIDBACzPeID
BAC110YDBAG/ZUIwFQQCAAIwDzANAwQAKgsFAwUBKgsFBDANBgkqhkiG9w0BAQsF
AAOCAQEAD1x4Gwf714/t8n9Q31XTut40SbFdbNmhkceVEFk7cKCe0gq/tlyAAos/
rj4QDvC1Qe9ysZiN/fs8kKz0+h0wiHC0ayXZo+nhSIpEJuaxyDW1P1DO6IPZgwGy
BJCUYshcE/Itrt9VmfQpNo6oIWlGyaAgT/fDVIf+T8dy8k9RF1Ke8N79C/63vflc
Fe4g/Ni+CrKYieEQdTlk9/rp2KiCYTddTiisL+wPgQlD0tdmQedMtGw3+c6+Gbif
w1vD4ral2w+65/HJvNrYSAXttpiqPrM9nwgBRRMD7tqaMn70PXnMaaIMy2It9U+2
MJvAnCl+AS7N6kTPd7XCSxyJ5seENg==
-----END CERTIFICATE-----
Generated at Thu Mar 5 19:13:49 2026 by rpki-client