
Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS20326.roa
File: AS20326.roa (raw, json)
Hash identifier: vODfZjHOuKgTRbUxDDomoY8pVZBemFuGfM0UrFoY1PM=
Subject key identifier: 98:A4:13:7E:30:05:34:98:BE:52:CB:D7:9B:24:E8:A2:B6:CF:08:1E
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 21471155B1B9BB1A30DB35FFB19CD84175196286
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS20326.roa
Signing time: Wed 01 Jul 2026 00:08:11 +0000
ROA not before: Wed 01 Jul 2026 00:03:11 +0000
ROA not after: Wed 30 Jun 2027 00:08:11 +0000
asID: 20326
IP address blocks: 82.21.43.0/24 maxlen: 24
82.22.32.0/24 maxlen: 24
82.26.96.0/22 maxlen: 24
82.39.135.0/24 maxlen: 24
82.39.165.0/24 maxlen: 24
82.40.61.0/24 maxlen: 24
82.47.132.0/24 maxlen: 24
82.47.232.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Jul 2026 16:14:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
21:47:11:55:b1:b9:bb:1a:30:db:35:ff:b1:9c:d8:41:75:19:62:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Jul 1 00:03:11 2026 GMT
Not After : Jun 30 00:08:11 2027 GMT
Subject: CN=98A4137E30053498BE52CBD79B24E8A2B6CF081E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:b5:df:24:7d:d6:5c:5e:bb:2a:c2:a0:93:c7:
4a:4d:81:f5:c3:a0:af:2b:55:90:b9:91:ec:24:69:
40:ef:04:6b:1b:0a:0e:9e:73:ea:8c:a3:a6:2d:88:
b9:fa:74:2c:0a:9b:e6:c8:b8:56:bb:f0:c0:0f:d9:
61:72:5a:80:2f:0c:38:a8:f4:5f:34:2a:cd:b1:4b:
8c:81:18:ac:4b:4a:a8:c5:9e:1e:dd:ab:c7:e9:fd:
6f:0a:7e:6f:f5:ce:cc:41:54:29:d8:28:7c:4b:75:
a2:71:f2:32:c3:2d:e8:9d:f6:87:28:bd:54:7f:15:
81:25:87:03:92:71:fe:ba:32:58:2f:42:24:17:bd:
ae:47:4a:a3:c8:91:2e:65:77:c2:93:49:14:c5:7d:
d5:e6:aa:f7:52:9d:fa:d4:0f:06:50:88:fb:b4:0b:
6f:a7:7c:68:b5:23:30:21:f4:8e:d1:49:bd:9e:49:
0d:6f:a3:7a:57:81:77:d5:0f:ae:ea:36:c1:32:c3:
b1:9a:bf:48:c8:50:0c:e2:d4:06:06:ec:57:75:a7:
b1:7d:a3:6f:1e:b0:ab:d2:5c:12:b6:2d:3f:b9:8e:
0f:4e:c1:c2:21:4a:04:8f:d4:fb:d9:1a:f9:e7:a6:
78:7f:bf:e3:83:5d:fd:b5:00:b1:85:42:6e:07:d7:
db:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:A4:13:7E:30:05:34:98:BE:52:CB:D7:9B:24:E8:A2:B6:CF:08:1E
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS20326.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.43.0/24
82.22.32.0/24
82.26.96.0/22
82.39.135.0/24
82.39.165.0/24
82.40.61.0/24
82.47.132.0/24
82.47.232.0/21
Signature Algorithm: sha256WithRSAEncryption
77:60:63:1b:e6:58:1f:f4:ec:c0:84:2a:fe:fe:5c:bc:87:a1:
28:cc:cc:a0:8d:4f:d5:57:04:b5:ff:d7:b7:fb:64:9a:c7:3d:
c8:89:f6:8e:d1:be:31:3a:0f:6f:a2:ba:19:08:4e:7d:84:eb:
0b:42:ce:bb:eb:cc:f2:69:78:32:31:48:63:45:9a:36:97:46:
af:35:cf:28:b2:ee:bc:77:53:4e:30:0a:bb:e9:7f:d6:06:9c:
d7:9d:ce:06:a6:82:f1:4b:17:67:0d:8f:d0:bb:71:48:03:4b:
94:7d:25:36:90:51:4e:f2:1d:45:db:ff:14:64:42:9e:28:33:
f7:a6:51:ab:d6:83:3e:a3:4e:95:99:fb:c0:4b:32:69:08:19:
42:b2:ec:a9:dd:61:10:05:6f:87:3d:b3:15:29:5a:6e:73:86:
2c:f2:bb:b7:27:bb:fb:d8:02:38:b7:43:98:df:b0:b6:c8:ce:
23:75:69:14:1c:a5:a9:da:8a:a0:f4:45:e8:30:9e:7c:43:02:
29:59:93:db:38:07:7e:a3:7a:f9:b8:11:14:03:43:5c:a6:8c:
89:f4:b5:90:ee:30:3c:2f:5e:f1:89:63:0a:3e:7b:ef:78:91:
58:1c:b0:75:0c:cc:f4:28:14:d4:12:a9:b0:a8:b2:34:ce:ae:
3e:df:53:e6
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgIUIUcRVbG5uxow2zX/sZzYQXUZYoYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjA3MDEwMDAzMTFaFw0yNzA2MzAwMDA4MTFaMDMxMTAvBgNV
BAMTKDk4QTQxMzdFMzAwNTM0OThCRTUyQ0JENzlCMjRFOEEyQjZDRjA4MUUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDitd8kfdZcXrsqwqCTx0pNgfXD
oK8rVZC5kewkaUDvBGsbCg6ec+qMo6YtiLn6dCwKm+bIuFa78MAP2WFyWoAvDDio
9F80Ks2xS4yBGKxLSqjFnh7dq8fp/W8Kfm/1zsxBVCnYKHxLdaJx8jLDLeid9oco
vVR/FYElhwOScf66MlgvQiQXva5HSqPIkS5ld8KTSRTFfdXmqvdSnfrUDwZQiPu0
C2+nfGi1IzAh9I7RSb2eSQ1vo3pXgXfVD67qNsEyw7Gav0jIUAzi1AYG7Fd1p7F9
o28esKvSXBK2LT+5jg9OwcIhSgSP1PvZGvnnpnh/v+ODXf21ALGFQm4H19s1AgMB
AAGjggIzMIICLzAdBgNVHQ4EFgQUmKQTfjAFNJi+UsvXmyToorbPCB4wHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMjAzMjYucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwSQYIKwYBBQUHAQcBAf8EOjA4MDYEAgABMDADBABSFSsD
BABSFiADBAJSGmADBABSJ4cDBABSJ6UDBABSKD0DBABSL4QDBANSL+gwDQYJKoZI
hvcNAQELBQADggEBAHdgYxvmWB/07MCEKv7+XLyHoSjMzKCNT9VXBLX/17f7ZJrH
PciJ9o7RvjE6D2+iuhkITn2E6wtCzrvrzPJpeDIxSGNFmjaXRq81zyiy7rx3U04w
Crvpf9YGnNedzgamgvFLF2cNj9C7cUgDS5R9JTaQUU7yHUXb/xRkQp4oM/emUavW
gz6jTpWZ+8BLMmkIGUKy7KndYRAFb4c9sxUpWm5zhizyu7cnu/vYAji3Q5jfsLbI
ziN1aRQcpanaiqD0RegwnnxDAilZk9s4B36jevm4ERQDQ1ymjIn0tZDuMDwvXvGJ
Ywo+e+94kVgcsHUMzPQoFNQSqbCosjTOrj7fU+Y=
-----END CERTIFICATE-----
Generated at Fri Jul 17 23:08:03 2026 by rpki-client