Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS20326.roa
File: AS20326.roa (raw, json)
Hash identifier: X9sjUNleteUZ7DB9utlVc76wEjCtugdw22QrNUQHro8=
Subject key identifier: 11:4D:FD:D4:94:AD:5F:4D:08:0B:4E:D1:C6:79:83:B9:C5:54:2F:CA
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 7A75E1914F646A8BD829ED5A625EE834316B1B72
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS20326.roa
Signing time: Wed 02 Apr 2025 06:27:38 +0000
ROA not before: Wed 02 Apr 2025 06:22:38 +0000
ROA not after: Wed 01 Apr 2026 06:27:38 +0000
asID: 20326
IP address blocks: 82.26.96.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 16 Apr 2025 15:22:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7a:75:e1:91:4f:64:6a:8b:d8:29:ed:5a:62:5e:e8:34:31:6b:1b:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Apr 2 06:22:38 2025 GMT
Not After : Apr 1 06:27:38 2026 GMT
Subject: CN=114DFDD494AD5F4D080B4ED1C67983B9C5542FCA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:98:80:d7:a9:e8:65:a7:9e:d9:26:d9:fc:37:
cb:3c:f5:73:4e:0b:da:0b:db:4a:c1:d2:8a:3b:de:
77:cf:bd:02:38:b0:a8:11:32:69:52:10:e5:2b:f9:
7e:2d:59:da:a2:f7:93:ef:ee:f3:bf:1d:f4:fa:5a:
a1:db:a4:f5:dc:fe:d5:69:6c:00:68:67:f4:34:4e:
43:0a:a9:bf:7a:17:15:cd:a6:f6:7e:63:e1:f0:14:
05:f1:c0:3e:0b:46:5f:0b:80:f3:2c:ee:e7:18:18:
98:52:df:4f:cf:e0:58:19:68:fd:7c:04:8a:fc:45:
c6:24:e9:82:bb:c7:20:18:34:27:c7:cb:76:55:90:
eb:55:13:1a:1c:bd:c9:57:8e:0f:3d:2b:61:9d:0b:
3b:e9:dc:2a:01:3f:b1:18:ee:f4:f5:82:a6:96:bc:
c3:2c:1e:bf:60:6e:b9:df:9f:66:c9:02:cb:5c:0a:
a6:91:ff:cb:21:1d:0a:83:a3:6f:fa:d0:f4:c6:84:
38:75:32:ea:d5:c2:b0:99:bc:15:a2:b9:79:fc:a3:
f5:27:47:1b:58:2f:94:ad:c0:73:18:48:f4:21:3c:
f8:70:a5:b3:db:bf:dd:42:4c:b1:02:a8:f9:2a:51:
8d:00:18:56:12:40:98:8c:4d:cd:31:06:02:2a:fb:
8e:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:4D:FD:D4:94:AD:5F:4D:08:0B:4E:D1:C6:79:83:B9:C5:54:2F:CA
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS20326.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.26.96.0/22
Signature Algorithm: sha256WithRSAEncryption
66:23:84:ac:35:b8:3e:ff:f0:dd:c1:6c:b9:86:15:bc:9e:8d:
80:65:f6:4b:16:30:e0:b1:85:24:5f:24:a0:42:43:df:db:d8:
3c:77:65:04:bd:1e:55:97:0c:68:61:18:92:a4:fd:5a:3e:13:
89:a3:6c:41:b4:1e:67:50:22:6b:6d:6e:c8:17:c4:2d:41:8a:
fd:dd:d1:93:fe:df:82:2c:7c:83:f9:a1:4b:8e:c1:2e:6e:da:
97:e9:9d:3f:c5:db:3c:c2:54:4c:a1:5e:61:aa:cf:57:fe:96:
16:57:d1:83:1d:ce:4c:a1:44:f4:fa:a2:23:1d:29:2b:62:e4:
e4:06:ab:f6:cf:90:c8:e0:94:f3:d9:3d:96:c6:f6:bc:b5:85:
b0:1f:97:8e:93:90:6e:f6:22:c5:de:21:56:91:f0:17:00:60:
cf:e1:9d:19:97:4e:85:93:56:61:00:63:93:da:17:1d:7e:4d:
5e:85:a2:e0:59:fe:13:d0:a4:5f:de:30:6a:b1:7f:f9:3e:94:
c9:a5:d5:42:cf:13:23:ab:46:1e:af:b6:6b:2f:b8:a7:b4:08:
9f:4d:9e:90:7c:51:74:90:dd:df:5c:13:9f:0e:44:ac:d3:71:
7a:5a:18:1d:6a:e2:82:da:7f:eb:d8:82:5e:5e:db:15:1e:2e:
74:b8:8c:d1
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgIUenXhkU9kaovYKe1aYl7oNDFrG3IwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTA0MDIwNjIyMzhaFw0yNjA0MDEwNjI3MzhaMDMxMTAvBgNV
BAMTKDExNERGREQ0OTRBRDVGNEQwODBCNEVEMUM2Nzk4M0I5QzU1NDJGQ0EwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCrmIDXqehlp57ZJtn8N8s89XNO
C9oL20rB0oo73nfPvQI4sKgRMmlSEOUr+X4tWdqi95Pv7vO/HfT6WqHbpPXc/tVp
bABoZ/Q0TkMKqb96FxXNpvZ+Y+HwFAXxwD4LRl8LgPMs7ucYGJhS30/P4FgZaP18
BIr8RcYk6YK7xyAYNCfHy3ZVkOtVExocvclXjg89K2GdCzvp3CoBP7EY7vT1gqaW
vMMsHr9gbrnfn2bJAstcCqaR/8shHQqDo2/60PTGhDh1MurVwrCZvBWiuXn8o/Un
RxtYL5StwHMYSPQhPPhwpbPbv91CTLECqPkqUY0AGFYSQJiMTc0xBgIq+44FAgMB
AAGjggIJMIICBTAdBgNVHQ4EFgQUEU391JStX00IC07RxnmDucVUL8owHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMjAzMjYucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAJSGmAw
DQYJKoZIhvcNAQELBQADggEBAGYjhKw1uD7/8N3BbLmGFbyejYBl9ksWMOCxhSRf
JKBCQ9/b2Dx3ZQS9HlWXDGhhGJKk/Vo+E4mjbEG0HmdQImttbsgXxC1Biv3d0ZP+
34IsfIP5oUuOwS5u2pfpnT/F2zzCVEyhXmGqz1f+lhZX0YMdzkyhRPT6oiMdKSti
5OQGq/bPkMjglPPZPZbG9ry1hbAfl46TkG72IsXeIVaR8BcAYM/hnRmXToWTVmEA
Y5PaFx1+TV6FouBZ/hPQpF/eMGqxf/k+lMml1ULPEyOrRh6vtmsvuKe0CJ9NnpB8
UXSQ3d9cE58ORKzTcXpaGB1q4oLaf+vYgl5e2xUeLnS4jNE=
-----END CERTIFICATE-----
Generated at Tue Apr 15 23:26:17 2025 by rpki-client