Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS20115.roa
File: AS20115.roa (raw, json)
Hash identifier: /H7c2ucGVGGEWCbDD+brTt6mWm8sH9uUMsBsobIxJF4=
Subject key identifier: F5:C5:C5:3E:C8:73:4F:11:29:B6:10:B8:C5:D9:AA:8B:7B:DB:C8:04
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 48E44E01A46E43F2B9C8A85B0F33E4DC6C61BDC8
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS20115.roa
Signing time: Fri 14 Feb 2025 13:30:18 +0000
ROA not before: Fri 14 Feb 2025 13:25:18 +0000
ROA not after: Fri 13 Feb 2026 13:30:18 +0000
asID: 20115
IP address blocks: 82.22.136.0/22 maxlen: 24
82.23.152.0/21 maxlen: 24
82.24.36.0/22 maxlen: 24
82.27.144.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 16 Apr 2025 15:22:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
48:e4:4e:01:a4:6e:43:f2:b9:c8:a8:5b:0f:33:e4:dc:6c:61:bd:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Feb 14 13:25:18 2025 GMT
Not After : Feb 13 13:30:18 2026 GMT
Subject: CN=F5C5C53EC8734F1129B610B8C5D9AA8B7BDBC804
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:cb:17:cb:a0:96:49:a2:04:49:90:4c:24:f5:
c6:3d:7c:78:01:c9:92:b4:15:76:7e:90:5b:df:1f:
7c:01:a1:b3:4b:1b:97:62:56:a1:84:99:83:08:6a:
45:0c:bd:5f:7d:26:1a:55:1e:e5:62:64:7b:67:6b:
31:3d:44:55:70:77:60:ea:be:19:e0:26:7c:26:d7:
0d:2f:d9:c1:e5:57:4a:bb:bd:b5:06:3d:8b:15:61:
81:0c:85:3c:4b:49:16:91:62:ac:17:a5:d8:3a:30:
b4:01:4a:2d:f0:34:3a:55:58:10:ef:a4:56:cb:d1:
7e:91:55:28:b0:e0:e7:bb:e1:bb:99:02:3f:13:f0:
f2:60:89:fb:73:0c:be:a3:70:51:c9:cb:03:93:28:
d9:db:94:0a:3c:40:90:b3:d0:01:5f:eb:26:91:b5:
b1:d1:16:a7:6c:fb:c5:18:b8:4d:1d:1b:c3:b5:a0:
de:e9:07:b2:3a:46:6c:38:15:b0:e6:26:a8:71:0c:
eb:b5:23:36:9f:bf:da:79:87:a5:73:90:a7:cb:ef:
ec:69:01:51:e3:62:a1:10:17:e9:04:d4:f8:3c:22:
39:09:0d:ed:79:24:fb:16:a2:92:84:1c:8f:71:82:
77:ee:8e:24:c2:8e:2c:22:10:3d:09:74:a4:e7:d2:
4b:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:C5:C5:3E:C8:73:4F:11:29:B6:10:B8:C5:D9:AA:8B:7B:DB:C8:04
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS20115.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.22.136.0/22
82.23.152.0/21
82.24.36.0/22
82.27.144.0/20
Signature Algorithm: sha256WithRSAEncryption
66:ba:64:21:ee:b8:e5:4c:2c:15:e3:bc:5f:b7:86:42:d6:5a:
18:93:e0:34:2b:ee:1e:54:6c:ac:89:d1:da:2a:4d:03:3c:6c:
c8:c6:8c:63:e5:cb:13:9d:a3:53:7b:a8:fe:2d:8f:bc:4f:f1:
5f:33:4e:e0:c4:de:98:0b:e1:f0:26:da:b6:c1:65:57:20:56:
fd:0e:74:d0:9d:22:de:fc:03:4f:a9:28:a1:a6:c3:d3:f9:17:
d9:39:6d:90:69:b4:1e:a3:9e:7f:9e:dd:aa:96:5a:1e:f0:03:
94:9c:ac:73:f5:44:70:21:6c:71:d7:5f:a3:77:0e:ab:26:b9:
65:f8:a8:9f:39:0e:29:47:55:55:5e:8a:b8:2b:14:96:ec:3b:
20:ad:c7:08:8a:17:24:4f:1b:f4:b2:b5:92:b5:b3:a3:44:c6:
d4:30:ec:a9:45:ed:ef:9c:69:9a:73:41:d0:ad:60:40:81:1d:
33:55:5a:ec:76:a5:fc:29:a8:02:b1:26:e2:d5:ab:c8:e4:96:
8a:c4:8f:88:ed:61:61:33:dd:43:c0:36:76:8f:3b:41:5f:e1:
cc:15:cf:4f:3c:2f:e9:a9:a5:d2:90:5f:ac:e1:02:2f:6e:7d:
a3:3b:7e:3e:1a:e2:92:da:36:ca:eb:76:06:b3:db:6f:6e:ae:
d1:67:a2:37
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgIUSOROAaRuQ/K5yKhbDzPk3GxhvcgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTAyMTQxMzI1MThaFw0yNjAyMTMxMzMwMThaMDMxMTAvBgNV
BAMTKEY1QzVDNTNFQzg3MzRGMTEyOUI2MTBCOEM1RDlBQThCN0JEQkM4MDQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCwyxfLoJZJogRJkEwk9cY9fHgB
yZK0FXZ+kFvfH3wBobNLG5diVqGEmYMIakUMvV99JhpVHuViZHtnazE9RFVwd2Dq
vhngJnwm1w0v2cHlV0q7vbUGPYsVYYEMhTxLSRaRYqwXpdg6MLQBSi3wNDpVWBDv
pFbL0X6RVSiw4Oe74buZAj8T8PJgiftzDL6jcFHJywOTKNnblAo8QJCz0AFf6yaR
tbHRFqds+8UYuE0dG8O1oN7pB7I6Rmw4FbDmJqhxDOu1Izafv9p5h6VzkKfL7+xp
AVHjYqEQF+kE1Pg8IjkJDe15JPsWopKEHI9xgnfujiTCjiwiED0JdKTn0kuzAgMB
AAGjggIbMIICFzAdBgNVHQ4EFgQU9cXFPshzTxEpthC4xdmqi3vbyAQwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMjAxMTUucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwMQYIKwYBBQUHAQcBAf8EIjAgMB4EAgABMBgDBAJSFogD
BANSF5gDBAJSGCQDBARSG5AwDQYJKoZIhvcNAQELBQADggEBAGa6ZCHuuOVMLBXj
vF+3hkLWWhiT4DQr7h5UbKyJ0doqTQM8bMjGjGPlyxOdo1N7qP4tj7xP8V8zTuDE
3pgL4fAm2rbBZVcgVv0OdNCdIt78A0+pKKGmw9P5F9k5bZBptB6jnn+e3aqWWh7w
A5ScrHP1RHAhbHHXX6N3DqsmuWX4qJ85DilHVVVeirgrFJbsOyCtxwiKFyRPG/Sy
tZK1s6NExtQw7KlF7e+caZpzQdCtYECBHTNVWux2pfwpqAKxJuLVq8jklorEj4jt
YWEz3UPANnaPO0Ff4cwVz088L+mppdKQX6zhAi9ufaM7fj4a4pLaNsrrdgaz229u
rtFnojc=
-----END CERTIFICATE-----
Generated at Tue Apr 15 23:19:52 2025 by rpki-client