Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS20473.roa
File: AS20473.roa (raw, json)
Hash identifier: jpgA1wQ0V2LBNCpNT/WTLcAd6hxSt1REg4YydNdh8b0=
Subject key identifier: C8:5D:BD:D7:A9:F8:5D:F1:34:0F:A8:19:7B:A7:E5:ED:5C:AE:83:75
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 53B87F51D6E8B85FD69221AE7B156CA67ECC9C15
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS20473.roa
Signing time: Mon 02 Mar 2026 15:23:29 +0000
ROA not before: Mon 02 Mar 2026 15:18:29 +0000
ROA not after: Mon 01 Mar 2027 15:23:29 +0000
asID: 20473
IP address blocks: 82.38.41.0/24 maxlen: 24
178.83.88.0/24 maxlen: 24
178.83.90.0/24 maxlen: 24
178.83.92.0/24 maxlen: 24
178.83.94.0/24 maxlen: 24
178.83.95.0/24 maxlen: 24
178.83.97.0/24 maxlen: 24
178.83.98.0/24 maxlen: 24
178.83.104.0/24 maxlen: 24
178.83.105.0/24 maxlen: 24
178.83.106.0/24 maxlen: 24
178.83.107.0/24 maxlen: 24
178.83.142.0/24 maxlen: 24
178.83.148.0/24 maxlen: 24
2a13:9500:61::/48 maxlen: 48
2a13:9500:ae::/48 maxlen: 48
2a13:9500:cf::/48 maxlen: 48
2a13:9500:dd::/48 maxlen: 48
2a13:9500:10c::/48 maxlen: 48
2a13:9500:120::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 05 Mar 2026 09:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
53:b8:7f:51:d6:e8:b8:5f:d6:92:21:ae:7b:15:6c:a6:7e:cc:9c:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Mar 2 15:18:29 2026 GMT
Not After : Mar 1 15:23:29 2027 GMT
Subject: CN=C85DBDD7A9F85DF1340FA8197BA7E5ED5CAE8375
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:c7:74:36:50:3a:83:c7:b2:b1:86:37:06:f5:
3a:ce:05:51:4b:aa:d4:cc:3e:6a:45:77:d6:b9:12:
e6:b9:d6:6f:85:ab:a7:e0:94:34:cd:b8:40:7b:7d:
8a:89:a6:d9:11:cf:36:56:ca:97:ac:eb:ae:14:54:
08:e2:7d:7d:74:14:be:66:bd:a3:e3:30:81:0b:44:
96:53:8b:92:6f:30:5d:27:c9:0d:d1:c8:a4:ea:76:
b9:27:56:31:4d:c7:30:1f:9f:49:e6:c0:cb:31:fe:
f3:51:f5:2a:d0:63:b2:1e:93:2b:58:01:f4:79:e0:
09:ce:dd:41:ea:50:b7:67:96:70:ca:78:f1:f7:87:
c8:97:95:29:90:16:04:0d:2b:06:b6:1a:b5:00:02:
fa:dd:ec:b3:ae:cc:17:82:9e:a0:5c:34:3e:81:ad:
a8:c6:2f:35:a3:98:d3:bd:06:54:f6:07:e0:50:6d:
5c:44:86:5b:b1:5c:1d:95:73:d0:f0:2a:e0:74:65:
b8:94:08:23:3c:52:d9:03:8c:0b:ac:1d:ef:a7:60:
da:af:1d:48:3f:6f:8a:fc:4c:90:b3:03:4e:9d:e7:
b0:9b:04:4e:0a:b9:cb:1e:40:6d:d4:c3:38:d8:aa:
a8:72:22:60:3d:c8:eb:7e:05:fc:47:21:50:67:36:
e4:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:5D:BD:D7:A9:F8:5D:F1:34:0F:A8:19:7B:A7:E5:ED:5C:AE:83:75
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS20473.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.38.41.0/24
178.83.88.0/24
178.83.90.0/24
178.83.92.0/24
178.83.94.0/23
178.83.97.0-178.83.98.255
178.83.104.0/22
178.83.142.0/24
178.83.148.0/24
IPv6:
2a13:9500:61::/48
2a13:9500:ae::/48
2a13:9500:cf::/48
2a13:9500:dd::/48
2a13:9500:10c::/48
2a13:9500:120::/48
Signature Algorithm: sha256WithRSAEncryption
6e:8e:d5:2f:a6:60:b6:37:ae:de:61:cd:cd:3f:12:ab:fa:d1:
1e:93:be:13:a4:44:31:75:f0:ba:e2:e8:af:e2:4d:38:95:0c:
99:1a:01:cb:c9:ca:ad:b3:58:50:9a:ae:6d:ad:1f:5d:f7:00:
37:0b:53:18:7e:71:36:f9:f6:5b:53:01:0a:62:5a:4f:69:1f:
43:b8:17:e1:82:2b:98:73:66:99:03:23:2f:00:c5:75:fe:9b:
3b:18:51:fd:7e:dd:ec:74:c9:1b:ef:68:00:e8:bf:1a:af:5b:
a5:e6:e9:ed:5f:71:d3:b7:c3:a5:fb:2e:0e:7c:6a:69:dc:f8:
7c:04:9a:0b:30:3e:a3:ae:78:ed:c3:e0:dd:40:59:dd:9b:e7:
70:3e:fb:34:9a:22:fa:7f:eb:74:20:cc:0a:94:53:59:7e:27:
bb:44:ee:9e:af:d5:e0:b6:cf:3f:15:79:e1:02:c5:08:3f:07:
ca:c1:13:3c:81:75:99:18:06:26:58:95:21:15:6a:fb:3a:02:
dc:30:d4:14:d5:e9:58:2a:ce:a9:07:8d:4d:e2:a3:b2:d0:3e:
a6:10:c2:87:98:8c:24:08:c4:bc:e3:b6:79:0e:1b:e9:e3:14:
f1:5f:8f:a7:27:35:f8:24:7c:ec:47:d9:a0:9a:ed:37:be:4a:
94:10:c5:2e
-----BEGIN CERTIFICATE-----
MIIFeDCCBGCgAwIBAgIUU7h/UdbouF/WkiGuexVspn7MnBUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjAzMDIxNTE4MjlaFw0yNzAzMDExNTIzMjlaMDMxMTAvBgNV
BAMTKEM4NURCREQ3QTlGODVERjEzNDBGQTgxOTdCQTdFNUVENUNBRTgzNzUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDKx3Q2UDqDx7KxhjcG9TrOBVFL
qtTMPmpFd9a5Eua51m+Fq6fglDTNuEB7fYqJptkRzzZWypes664UVAjifX10FL5m
vaPjMIELRJZTi5JvMF0nyQ3RyKTqdrknVjFNxzAfn0nmwMsx/vNR9SrQY7IekytY
AfR54AnO3UHqULdnlnDKePH3h8iXlSmQFgQNKwa2GrUAAvrd7LOuzBeCnqBcND6B
rajGLzWjmNO9BlT2B+BQbVxEhluxXB2Vc9DwKuB0ZbiUCCM8UtkDjAusHe+nYNqv
HUg/b4r8TJCzA06d57CbBE4KucseQG3UwzjYqqhyImA9yOt+BfxHIVBnNuQHAgMB
AAGjggKCMIICfjAdBgNVHQ4EFgQUyF2916n4XfE0D6gZe6fl7Vyug3UwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMjA0NzMucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwgZcGCCsGAQUFBwEHAQH/BIGHMIGEMEQEAgABMD4DBABS
JikDBACyU1gDBACyU1oDBACyU1wDBAGyU14wDAMEALJTYQMEALJTYgMEArJTaAME
ALJTjgMEALJTlDA8BAIAAjA2AwcAKhOVAABhAwcAKhOVAACuAwcAKhOVAADPAwcA
KhOVAADdAwcAKhOVAAEMAwcAKhOVAAEgMA0GCSqGSIb3DQEBCwUAA4IBAQBujtUv
pmC2N67eYc3NPxKr+tEek74TpEQxdfC64uiv4k04lQyZGgHLycqts1hQmq5trR9d
9wA3C1MYfnE2+fZbUwEKYlpPaR9DuBfhgiuYc2aZAyMvAMV1/ps7GFH9ft3sdMkb
72gA6L8ar1ul5untX3HTt8Ol+y4OfGpp3Ph8BJoLMD6jrnjtw+DdQFndm+dwPvs0
miL6f+t0IMwKlFNZfie7RO6er9Xgts8/FXnhAsUIPwfKwRM8gXWZGAYmWJUhFWr7
OgLcMNQU1elYKs6pB41N4qOy0D6mEMKHmIwkCMS847Z5Dhvp4xTxX4+nJzX4JHzs
R9mgmu03vkqUEMUu
-----END CERTIFICATE-----
Generated at Wed Mar 4 16:05:07 2026 by rpki-client