Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS20115.roa
File: AS20115.roa (raw, json)
Hash identifier: lr4PW6lhqHYO4C8xKTX8gVPXn43bDp87h82RUFTSVwc=
Subject key identifier: 82:1A:87:16:DA:BB:1D:31:9D:E3:92:20:A5:9B:5F:A9:7F:2E:1A:16
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 354D4FE31CFC9C2E1D547878C3096C976E38A3CC
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS20115.roa
Signing time: Wed 30 Apr 2025 18:44:03 +0000
ROA not before: Wed 30 Apr 2025 18:39:03 +0000
ROA not after: Wed 29 Apr 2026 18:44:03 +0000
asID: 20115
IP address blocks: 82.22.136.0/22 maxlen: 24
82.23.140.0/23 maxlen: 24
82.23.152.0/21 maxlen: 24
82.23.162.0/23 maxlen: 24
82.24.0.0/22 maxlen: 24
82.24.36.0/22 maxlen: 24
82.27.144.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 07 Jun 2025 15:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
35:4d:4f:e3:1c:fc:9c:2e:1d:54:78:78:c3:09:6c:97:6e:38:a3:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Apr 30 18:39:03 2025 GMT
Not After : Apr 29 18:44:03 2026 GMT
Subject: CN=821A8716DABB1D319DE39220A59B5FA97F2E1A16
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:43:6d:c2:69:90:d9:28:d1:19:45:b4:44:9e:
97:92:13:da:f9:18:a6:bb:ab:4e:88:96:28:d8:16:
72:67:a5:1d:a5:3d:4a:dc:6f:b3:eb:5b:24:d8:81:
f0:c1:59:33:40:5b:6b:05:29:6f:e5:bc:54:26:a9:
f6:c8:1a:9f:58:1b:89:d1:e7:38:e3:a1:30:e8:33:
c3:e7:06:04:ea:25:53:f4:4e:cf:ce:9c:a9:0a:02:
c4:e4:83:1b:66:f8:df:c1:fe:cf:68:42:40:74:56:
0a:92:fd:80:cf:fe:d0:18:4f:02:0b:d9:55:83:77:
ad:cd:61:18:ad:b2:c8:8a:18:e1:8a:a8:f5:ca:19:
16:87:3a:6f:49:dc:c0:83:ad:66:b2:5d:a3:67:63:
b4:35:8a:df:98:37:4a:49:28:8f:cc:77:55:60:5c:
6d:7c:39:e9:83:05:46:57:58:49:4c:b2:56:d7:7c:
2a:e7:7c:65:9f:65:e5:31:ab:d3:ba:76:34:a1:c1:
57:de:ca:ed:b6:81:66:de:8e:dc:c3:69:56:d4:ff:
fd:1e:d7:31:bb:3f:4a:06:dc:94:6e:74:c2:fa:95:
a0:3f:08:60:20:19:fe:c8:ee:2b:50:e7:ac:93:a2:
99:c0:70:b5:3c:03:e9:ad:91:c6:e6:ad:e3:7f:35:
3d:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:1A:87:16:DA:BB:1D:31:9D:E3:92:20:A5:9B:5F:A9:7F:2E:1A:16
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS20115.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.22.136.0/22
82.23.140.0/23
82.23.152.0/21
82.23.162.0/23
82.24.0.0/22
82.24.36.0/22
82.27.144.0/20
Signature Algorithm: sha256WithRSAEncryption
07:b6:b0:b2:68:2c:f4:54:dc:b8:15:63:c7:7d:24:32:43:0c:
0f:cb:32:f0:5f:f4:25:11:83:58:cc:c2:f5:34:7c:66:87:e3:
a4:84:0f:69:17:f1:02:a5:f7:4f:b8:98:ed:eb:40:48:46:5b:
b3:c9:a4:a1:fc:61:de:86:ed:19:7b:9a:e5:9f:86:a2:e0:d9:
2d:da:80:b7:bc:31:55:cd:f8:01:03:ac:21:3a:f1:17:6a:30:
b3:24:bd:10:93:04:80:8a:a3:cd:82:8c:ca:2d:da:95:da:8f:
a4:44:44:40:ff:cc:7a:ca:24:aa:82:19:c1:0f:7b:6d:3c:8d:
ae:fa:75:65:ab:a7:11:bd:2f:ee:3f:5d:29:e1:7d:ad:8f:52:
fb:c0:2d:d7:af:3f:28:b4:f8:68:95:b1:65:bf:d1:bc:fe:da:
49:2e:f8:8f:1b:45:a0:e4:44:3c:62:b6:82:f0:e1:b6:d1:00:
71:2f:3d:f3:a7:fe:74:b6:b9:34:0d:ea:fc:20:60:8f:2a:07:
1a:6e:f2:9d:f0:83:c3:48:95:5a:1a:4c:07:51:12:4f:b7:63:
bf:f2:e1:95:5d:6c:41:54:13:ab:89:e0:17:fc:2e:aa:85:70:
98:c3:e4:fe:ce:54:4d:cd:89:40:5a:4e:2f:66:04:aa:a6:dd:
eb:dd:0f:c1
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgIUNU1P4xz8nC4dVHh4wwlsl244o8wwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTA0MzAxODM5MDNaFw0yNjA0MjkxODQ0MDNaMDMxMTAvBgNV
BAMTKDgyMUE4NzE2REFCQjFEMzE5REUzOTIyMEE1OUI1RkE5N0YyRTFBMTYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDmQ23CaZDZKNEZRbREnpeSE9r5
GKa7q06IlijYFnJnpR2lPUrcb7PrWyTYgfDBWTNAW2sFKW/lvFQmqfbIGp9YG4nR
5zjjoTDoM8PnBgTqJVP0Ts/OnKkKAsTkgxtm+N/B/s9oQkB0VgqS/YDP/tAYTwIL
2VWDd63NYRitssiKGOGKqPXKGRaHOm9J3MCDrWayXaNnY7Q1it+YN0pJKI/Md1Vg
XG18OemDBUZXWElMslbXfCrnfGWfZeUxq9O6djShwVfeyu22gWbejtzDaVbU//0e
1zG7P0oG3JRudML6laA/CGAgGf7I7itQ56yTopnAcLU8A+mtkcbmreN/NT0JAgMB
AAGjggItMIICKTAdBgNVHQ4EFgQUghqHFtq7HTGd45IgpZtfqX8uGhYwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMjAxMTUucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwQwYIKwYBBQUHAQcBAf8ENDAyMDAEAgABMCoDBAJSFogD
BAFSF4wDBANSF5gDBAFSF6IDBAJSGAADBAJSGCQDBARSG5AwDQYJKoZIhvcNAQEL
BQADggEBAAe2sLJoLPRU3LgVY8d9JDJDDA/LMvBf9CURg1jMwvU0fGaH46SED2kX
8QKl90+4mO3rQEhGW7PJpKH8Yd6G7Rl7muWfhqLg2S3agLe8MVXN+AEDrCE68Rdq
MLMkvRCTBICKo82CjMot2pXaj6RERED/zHrKJKqCGcEPe208ja76dWWrpxG9L+4/
XSnhfa2PUvvALdevPyi0+GiVsWW/0bz+2kku+I8bRaDkRDxitoLw4bbRAHEvPfOn
/nS2uTQN6vwgYI8qBxpu8p3wg8NIlVoaTAdREk+3Y7/y4ZVdbEFUE6uJ4Bf8LqqF
cJjD5P7OVE3NiUBaTi9mBKqm3evdD8E=
-----END CERTIFICATE-----
Generated at Fri Jun 6 21:54:15 2025 by rpki-client