Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS20326.roa
File: AS20326.roa (raw, json)
Hash identifier: kuiljjg1sIPdQFls11vL0p7gg3lWtb/31Bmx1/ALjPk=
Subject key identifier: 79:F1:26:4D:FC:6A:EA:A5:40:2A:45:9C:DA:87:D9:F1:F6:0B:47:71
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 0C9788892F67C8254FB7D9E7CB759A0672A31DA7
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS20326.roa
Signing time: Tue 02 Jun 2026 12:56:56 +0000
ROA not before: Tue 02 Jun 2026 12:51:56 +0000
ROA not after: Tue 01 Jun 2027 12:56:56 +0000
asID: 20326
IP address blocks: 82.21.43.0/24 maxlen: 24
82.22.32.0/24 maxlen: 24
82.25.13.0/24 maxlen: 24
82.26.96.0/22 maxlen: 24
82.39.135.0/24 maxlen: 24
82.39.165.0/24 maxlen: 24
82.40.61.0/24 maxlen: 24
82.47.232.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 03 Jun 2026 15:55:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0c:97:88:89:2f:67:c8:25:4f:b7:d9:e7:cb:75:9a:06:72:a3:1d:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Jun 2 12:51:56 2026 GMT
Not After : Jun 1 12:56:56 2027 GMT
Subject: CN=79F1264DFC6AEAA5402A459CDA87D9F1F60B4771
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:3b:af:da:71:c7:e1:f0:12:64:83:19:d2:89:
91:de:0b:f6:36:32:91:c2:61:ee:c5:f8:d5:d6:f5:
e2:02:aa:5a:4b:2e:9a:bf:11:40:93:dd:05:19:09:
a2:62:6b:6b:95:ef:42:1f:c7:e5:3e:ee:0b:fc:b4:
f4:44:37:b3:de:6a:43:cd:c9:29:f1:c5:20:38:32:
52:5e:2e:3b:18:7c:a6:52:8a:b6:5a:d9:86:b7:2d:
28:be:e8:66:46:e1:3d:60:d1:27:5f:c7:bf:bc:fe:
ff:0c:f3:d4:b2:c8:37:80:63:2e:d1:46:37:33:71:
8a:ed:3b:93:e0:0e:ad:af:bf:96:8c:47:56:41:b9:
7c:4d:70:92:c5:a5:2a:35:b4:8e:98:86:3b:71:ef:
de:27:1b:b0:e1:fe:10:43:cf:f5:17:54:97:97:b0:
a4:4f:ad:e4:83:72:0f:7a:25:22:75:e8:c2:56:9e:
90:b8:d8:8e:86:a2:09:eb:b7:9d:a4:05:22:28:53:
e8:b9:c9:96:50:98:38:14:6a:55:3e:93:29:2d:79:
96:f2:10:d4:22:cc:24:91:83:36:5c:d9:a6:1e:ae:
e5:d2:78:fe:42:88:ee:25:68:94:69:f7:37:51:31:
b4:84:25:56:e6:1b:14:db:d4:8a:f6:5f:a0:35:a4:
a4:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:F1:26:4D:FC:6A:EA:A5:40:2A:45:9C:DA:87:D9:F1:F6:0B:47:71
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS20326.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.43.0/24
82.22.32.0/24
82.25.13.0/24
82.26.96.0/22
82.39.135.0/24
82.39.165.0/24
82.40.61.0/24
82.47.232.0/21
Signature Algorithm: sha256WithRSAEncryption
34:54:10:c4:7a:dd:5a:ec:c0:46:11:87:c7:46:5e:b4:5e:7e:
c7:d7:f0:60:b6:c3:3b:cd:81:17:a0:3a:98:ed:52:19:f9:21:
e8:d3:d8:b0:9e:0d:ea:d2:bb:ec:69:28:45:77:34:41:36:bb:
10:0f:f0:8d:a7:8c:5f:66:e8:96:b9:9d:26:15:af:d6:4e:b2:
80:66:19:ab:42:b9:52:1e:9d:21:32:cf:74:32:ac:0a:80:c3:
54:fb:39:3d:6c:c7:37:e2:87:c9:b8:02:01:25:b7:cc:05:09:
a0:19:7e:b5:57:8d:ab:d2:f5:28:0d:ba:78:86:54:ce:16:b7:
bd:8b:b7:31:6b:c8:e0:41:c3:b0:b2:4c:6f:43:6d:02:d5:83:
3e:ae:01:dd:95:2b:af:4e:96:bc:36:92:4b:a5:2d:17:85:3c:
8a:92:b9:5b:e1:87:80:f6:f5:00:e9:c8:29:b3:c6:16:1e:bf:
ad:e8:d3:bb:ba:15:01:e5:a9:41:30:07:03:6c:8d:b8:12:71:
67:74:b4:ad:8e:88:30:02:4e:48:f8:76:26:97:71:b1:6d:9a:
29:01:77:59:6e:53:e6:1d:18:7e:c1:93:fc:45:0d:97:31:ae:
13:bf:a0:8b:bc:b1:b4:f2:ea:e3:9c:32:07:14:4c:5b:1e:e1:
9c:f1:79:b0
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgIUDJeIiS9nyCVPt9nny3WaBnKjHacwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjA2MDIxMjUxNTZaFw0yNzA2MDExMjU2NTZaMDMxMTAvBgNV
BAMTKDc5RjEyNjRERkM2QUVBQTU0MDJBNDU5Q0RBODdEOUYxRjYwQjQ3NzEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0O6/accfh8BJkgxnSiZHeC/Y2
MpHCYe7F+NXW9eICqlpLLpq/EUCT3QUZCaJia2uV70Ifx+U+7gv8tPREN7PeakPN
ySnxxSA4MlJeLjsYfKZSirZa2Ya3LSi+6GZG4T1g0Sdfx7+8/v8M89SyyDeAYy7R
RjczcYrtO5PgDq2vv5aMR1ZBuXxNcJLFpSo1tI6Yhjtx794nG7Dh/hBDz/UXVJeX
sKRPreSDcg96JSJ16MJWnpC42I6Gognrt52kBSIoU+i5yZZQmDgUalU+kykteZby
ENQizCSRgzZc2aYeruXSeP5CiO4laJRp9zdRMbSEJVbmGxTb1Ir2X6A1pKSLAgMB
AAGjggIzMIICLzAdBgNVHQ4EFgQUefEmTfxq6qVAKkWc2ofZ8fYLR3EwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMjAzMjYucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwSQYIKwYBBQUHAQcBAf8EOjA4MDYEAgABMDADBABSFSsD
BABSFiADBABSGQ0DBAJSGmADBABSJ4cDBABSJ6UDBABSKD0DBANSL+gwDQYJKoZI
hvcNAQELBQADggEBADRUEMR63VrswEYRh8dGXrRefsfX8GC2wzvNgRegOpjtUhn5
IejT2LCeDerSu+xpKEV3NEE2uxAP8I2njF9m6Ja5nSYVr9ZOsoBmGatCuVIenSEy
z3QyrAqAw1T7OT1sxzfih8m4AgElt8wFCaAZfrVXjavS9SgNuniGVM4Wt72LtzFr
yOBBw7CyTG9DbQLVgz6uAd2VK69Olrw2kkulLReFPIqSuVvhh4D29QDpyCmzxhYe
v63o07u6FQHlqUEwBwNsjbgScWd0tK2OiDACTkj4diaXcbFtmikBd1luU+YdGH7B
k/xFDZcxrhO/oIu8sbTy6uOcMgcUTFse4ZzxebA=
-----END CERTIFICATE-----
Generated at Tue Jun 2 21:11:23 2026 by rpki-client