Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS20860.roa
File: AS20860.roa (raw, json)
Hash identifier: p83JUIgiiXFCsG4UeWS5cHQfYjBdb2D1JXvlrzvGBfI=
Subject key identifier: 4F:CE:EF:99:DD:67:69:0B:DE:2A:18:06:6A:FA:63:C4:0E:28:38:E0
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 65869F6D83006A8D3D529162DF80F9A950B884DE
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS20860.roa
Signing time: Tue 02 Sep 2025 14:54:58 +0000
ROA not before: Tue 02 Sep 2025 14:49:58 +0000
ROA not after: Tue 01 Sep 2026 14:54:58 +0000
asID: 20860
IP address blocks: 5.252.81.0/24 maxlen: 24
179.61.169.0/24 maxlen: 24
181.214.140.0/24 maxlen: 24
191.96.208.0/24 maxlen: 24
194.53.143.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 06 Sep 2025 10:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
65:86:9f:6d:83:00:6a:8d:3d:52:91:62:df:80:f9:a9:50:b8:84:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Sep 2 14:49:58 2025 GMT
Not After : Sep 1 14:54:58 2026 GMT
Subject: CN=4FCEEF99DD67690BDE2A18066AFA63C40E2838E0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:3d:8e:7b:79:4d:02:35:25:c5:81:89:65:b4:
23:76:ea:00:ab:b8:a3:21:7e:61:9c:90:5a:0c:43:
90:e7:68:4d:73:c8:1c:cc:c5:da:d1:21:ca:91:3f:
89:38:f2:8d:ef:d4:19:b1:c9:3d:6c:fc:a0:60:25:
08:b1:4c:39:6f:ac:ee:81:6e:14:37:34:a6:ef:b0:
d3:6b:0d:f5:aa:4e:ca:f5:71:4c:e1:b3:ad:80:41:
46:c4:6b:75:fd:fb:3a:0a:ed:09:1f:a8:0a:84:84:
06:f5:76:2a:6a:3b:cc:e6:fa:6a:cd:2e:e0:bc:d7:
30:a9:c2:51:a9:cb:17:7f:be:d6:0d:58:c1:d8:6b:
73:71:1c:94:43:e2:74:c6:8d:ed:7a:85:e2:17:cf:
45:2e:80:6d:f9:c0:68:34:4d:da:e1:b0:2c:f8:6a:
50:84:4d:76:5b:05:41:f6:73:59:b6:c2:69:a9:3d:
5c:43:23:07:7c:0f:be:3d:c7:6b:c1:89:44:b3:1c:
42:da:c7:db:20:7f:32:cb:4f:21:98:68:d9:68:22:
99:e3:47:76:54:3e:e9:7d:0d:5a:79:07:50:fd:e3:
a7:34:71:41:58:b5:80:95:88:d9:73:76:7a:53:1f:
d0:1b:f5:e2:a4:02:5f:69:e4:42:38:2e:cc:e3:69:
be:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:CE:EF:99:DD:67:69:0B:DE:2A:18:06:6A:FA:63:C4:0E:28:38:E0
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS20860.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.252.81.0/24
179.61.169.0/24
181.214.140.0/24
191.96.208.0/24
194.53.143.0/24
Signature Algorithm: sha256WithRSAEncryption
49:9e:9e:31:23:19:08:fa:a2:a3:63:b6:54:93:b1:18:4e:fa:
5e:45:76:8b:18:e6:cc:64:ef:5a:c3:38:b1:b3:b4:75:44:ed:
08:ad:d7:e5:b7:a8:9b:19:99:cb:4f:e9:f2:6e:79:81:97:1c:
e9:79:e4:4b:e7:c5:92:1f:43:a8:cd:c7:72:23:d5:5b:c3:5b:
ed:59:9f:e2:92:3f:e6:ff:61:cc:ac:03:99:97:5a:20:e0:6f:
b4:4e:63:83:54:d6:86:fa:dc:bc:8c:2f:d5:60:f7:2b:c9:27:
34:18:63:82:03:0e:9f:80:6a:11:0e:6c:6c:70:f8:7c:bc:4f:
fa:c3:b3:05:6a:59:76:9a:c5:5e:57:dd:2d:e7:4f:bf:4f:dc:
50:08:dc:11:51:44:0b:46:a9:a0:00:b5:57:bd:de:c1:da:13:
e8:ca:b5:24:85:d8:c1:e7:23:3f:ca:89:f2:36:0c:ac:c8:f9:
a6:0d:e7:4b:21:92:15:8b:02:ce:f3:b4:c7:43:fb:70:0a:aa:
14:33:85:da:2f:ad:2f:88:14:de:b6:53:9f:05:17:c0:ac:c8:
cf:77:0b:60:72:78:b9:cf:1e:bb:b8:4a:ca:9d:61:c3:74:a3:
31:b8:84:13:92:4f:29:cd:fc:86:34:fe:62:83:14:a3:54:36:
29:31:d6:95
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgIUZYafbYMAao09UpFi34D5qVC4hN4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNTA5MDIxNDQ5NThaFw0yNjA5MDExNDU0NThaMDMxMTAvBgNV
BAMTKDRGQ0VFRjk5REQ2NzY5MEJERTJBMTgwNjZBRkE2M0M0MEUyODM4RTAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDGPY57eU0CNSXFgYlltCN26gCr
uKMhfmGckFoMQ5DnaE1zyBzMxdrRIcqRP4k48o3v1BmxyT1s/KBgJQixTDlvrO6B
bhQ3NKbvsNNrDfWqTsr1cUzhs62AQUbEa3X9+zoK7QkfqAqEhAb1dipqO8zm+mrN
LuC81zCpwlGpyxd/vtYNWMHYa3NxHJRD4nTGje16heIXz0UugG35wGg0TdrhsCz4
alCETXZbBUH2c1m2wmmpPVxDIwd8D749x2vBiUSzHELax9sgfzLLTyGYaNloIpnj
R3ZUPul9DVp5B1D946c0cUFYtYCViNlzdnpTH9Ab9eKkAl9p5EI4Lszjab7tAgMB
AAGjggIhMIICHTAdBgNVHQ4EFgQUT87vmd1naQveKhgGavpjxA4oOOAwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMjA4NjAucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwNwYIKwYBBQUHAQcBAf8EKDAmMCQEAgABMB4DBAAF/FED
BACzPakDBAC11owDBAC/YNADBADCNY8wDQYJKoZIhvcNAQELBQADggEBAEmenjEj
GQj6oqNjtlSTsRhO+l5FdosY5sxk71rDOLGztHVE7Qit1+W3qJsZmctP6fJueYGX
HOl55EvnxZIfQ6jNx3Ij1VvDW+1Zn+KSP+b/YcysA5mXWiDgb7ROY4NU1ob63LyM
L9Vg9yvJJzQYY4IDDp+AahEObGxw+Hy8T/rDswVqWXaaxV5X3S3nT79P3FAI3BFR
RAtGqaAAtVe93sHaE+jKtSSF2MHnIz/KifI2DKzI+aYN50shkhWLAs7ztMdD+3AK
qhQzhdovrS+IFN62U58FF8CsyM93C2ByeLnPHru4SsqdYcN0ozG4hBOSTynN/IY0
/mKDFKNUNikx1pU=
-----END CERTIFICATE-----
Generated at Fri Sep 5 12:08:51 2025 by rpki-client