Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS20473.roa
File: AS20473.roa (raw, json)
Hash identifier: uYxpV0a5UqjisYJWrJ+ZQiR4Hf+9AK9XecjW1c7ie3k=
Subject key identifier: 3A:BB:EC:F9:39:1F:0D:0D:BF:56:42:C0:B6:00:FC:01:B4:77:72:3D
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 2368374ED89912EF920328783A95C64AC6852E56
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS20473.roa
Signing time: Mon 18 May 2026 08:35:30 +0000
ROA not before: Mon 18 May 2026 08:30:30 +0000
ROA not after: Mon 17 May 2027 08:35:30 +0000
asID: 20473
IP address blocks: 82.29.44.0/24 maxlen: 24
82.38.41.0/24 maxlen: 24
82.41.117.0/24 maxlen: 24
82.47.152.0/22 maxlen: 24
178.83.88.0/24 maxlen: 24
178.83.90.0/24 maxlen: 24
178.83.92.0/24 maxlen: 24
178.83.94.0/24 maxlen: 24
178.83.95.0/24 maxlen: 24
178.83.97.0/24 maxlen: 24
178.83.98.0/24 maxlen: 24
178.83.104.0/24 maxlen: 24
178.83.105.0/24 maxlen: 24
178.83.106.0/24 maxlen: 24
178.83.107.0/24 maxlen: 24
178.83.142.0/24 maxlen: 24
178.83.148.0/24 maxlen: 24
178.83.156.0/24 maxlen: 24
2a13:9500:61::/48 maxlen: 48
2a13:9500:ae::/48 maxlen: 48
2a13:9500:cf::/48 maxlen: 48
2a13:9500:dd::/48 maxlen: 48
2a13:9500:10c::/48 maxlen: 48
2a13:9500:120::/48 maxlen: 48
2a13:9500:149::/48 maxlen: 48
2a13:9500:14d::/48 maxlen: 48
2a13:9500:15e::/48 maxlen: 48
2a13:9500:170::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 03 Jun 2026 15:55:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
23:68:37:4e:d8:99:12:ef:92:03:28:78:3a:95:c6:4a:c6:85:2e:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: May 18 08:30:30 2026 GMT
Not After : May 17 08:35:30 2027 GMT
Subject: CN=3ABBECF9391F0D0DBF5642C0B600FC01B477723D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:33:7c:21:31:ac:a9:35:42:03:aa:c7:0e:e1:
70:64:5c:84:bc:0c:85:98:63:63:2d:2f:8a:16:b8:
53:b7:22:e8:7f:cb:ba:53:66:7b:83:ab:80:e1:ba:
a5:ac:49:cf:5f:d9:15:6c:ca:c8:b2:17:d6:89:36:
52:a6:83:30:25:f2:f5:11:3e:81:f3:00:16:ca:25:
5b:75:28:36:34:17:50:8a:e6:46:5b:ee:1d:06:ab:
49:bd:94:f3:d5:c0:11:78:f4:49:42:49:c7:2a:f3:
35:2d:f8:81:95:82:02:37:bf:2a:bf:d7:eb:36:35:
1e:d6:22:82:a3:87:04:36:51:7e:ac:12:39:17:49:
c2:73:f6:65:ec:b2:d5:f5:0d:1e:e4:99:9a:84:17:
31:c5:6f:d8:87:bb:41:ef:0a:e8:b3:fb:f1:69:c1:
9f:9d:a2:dc:cf:21:18:32:67:52:d5:32:c6:19:24:
8a:cd:c6:6b:b0:82:bb:87:c9:10:91:fb:e0:67:6a:
be:d4:c7:16:41:bf:f4:63:25:20:ae:2a:da:e0:e4:
8c:66:4e:cd:d3:bb:7f:7b:df:e6:6c:af:ce:1e:f2:
17:dc:49:e5:ae:13:6e:b3:01:d5:40:6f:52:d5:1e:
44:ea:92:a1:cf:62:ad:8c:19:2a:44:fc:b2:15:eb:
54:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:BB:EC:F9:39:1F:0D:0D:BF:56:42:C0:B6:00:FC:01:B4:77:72:3D
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS20473.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.29.44.0/24
82.38.41.0/24
82.41.117.0/24
82.47.152.0/22
178.83.88.0/24
178.83.90.0/24
178.83.92.0/24
178.83.94.0/23
178.83.97.0-178.83.98.255
178.83.104.0/22
178.83.142.0/24
178.83.148.0/24
178.83.156.0/24
IPv6:
2a13:9500:61::/48
2a13:9500:ae::/48
2a13:9500:cf::/48
2a13:9500:dd::/48
2a13:9500:10c::/48
2a13:9500:120::/48
2a13:9500:149::/48
2a13:9500:14d::/48
2a13:9500:15e::/48
2a13:9500:170::/48
Signature Algorithm: sha256WithRSAEncryption
3a:a1:79:93:c0:4d:9f:56:3d:69:43:6e:e6:a2:0d:c9:0c:d1:
c2:e4:09:b5:96:43:e2:55:78:8d:b3:23:79:80:67:e8:48:97:
4d:77:de:5e:08:8f:5a:2f:0c:db:e9:2e:0e:41:df:ae:57:10:
4e:1f:b7:fc:33:0a:9d:f6:9f:dd:ee:bf:cc:74:67:93:3e:4c:
5d:ce:32:93:91:2a:70:26:e7:3e:c4:84:10:ea:71:55:f9:35:
1a:53:9f:5d:1f:18:86:5b:32:5c:d0:1c:9e:92:fe:c2:c4:4e:
cd:b8:4c:c9:98:97:86:4d:f9:c0:b4:c8:24:2e:38:58:20:0f:
07:92:ff:ac:1c:bf:7b:61:e7:a1:fc:5d:74:47:17:51:02:bb:
5a:16:a4:04:ba:c7:97:ee:3e:70:a2:1d:97:d0:e5:4e:df:4c:
fe:15:b4:a4:c3:2d:44:2a:98:c6:43:45:b2:7c:8f:39:f2:a6:
eb:c5:98:a8:d4:2e:c7:f7:b1:e8:cf:08:29:7a:67:bc:b8:20:
f0:02:84:5b:04:f3:ee:3b:6d:e0:90:58:75:4d:df:8e:e3:52:
d9:78:de:a9:25:43:7e:81:3e:18:76:7b:91:06:4e:50:da:04:
46:1d:f2:8e:bf:4e:71:65:7b:1f:6b:7d:5d:2e:cb:5f:60:6c:
b0:f3:7b:14
-----BEGIN CERTIFICATE-----
MIIFtDCCBJygAwIBAgIUI2g3TtiZEu+SAyh4OpXGSsaFLlYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjA1MTgwODMwMzBaFw0yNzA1MTcwODM1MzBaMDMxMTAvBgNV
BAMTKDNBQkJFQ0Y5MzkxRjBEMERCRjU2NDJDMEI2MDBGQzAxQjQ3NzcyM0QwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDDM3whMaypNUIDqscO4XBkXIS8
DIWYY2MtL4oWuFO3Iuh/y7pTZnuDq4DhuqWsSc9f2RVsysiyF9aJNlKmgzAl8vUR
PoHzABbKJVt1KDY0F1CK5kZb7h0Gq0m9lPPVwBF49ElCSccq8zUt+IGVggI3vyq/
1+s2NR7WIoKjhwQ2UX6sEjkXScJz9mXsstX1DR7kmZqEFzHFb9iHu0HvCuiz+/Fp
wZ+dotzPIRgyZ1LVMsYZJIrNxmuwgruHyRCR++Bnar7UxxZBv/RjJSCuKtrg5Ixm
Ts3Tu3973+Zsr84e8hfcSeWuE26zAdVAb1LVHkTqkqHPYq2MGSpE/LIV61RzAgMB
AAGjggK+MIICujAdBgNVHQ4EFgQUOrvs+TkfDQ2/VkLAtgD8AbR3cj0wHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMjA0NzMucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwgdMGCCsGAQUFBwEHAQH/BIHDMIHAMFwEAgABMFYDBABS
HSwDBABSJikDBABSKXUDBAJSL5gDBACyU1gDBACyU1oDBACyU1wDBAGyU14wDAME
ALJTYQMEALJTYgMEArJTaAMEALJTjgMEALJTlAMEALJTnDBgBAIAAjBaAwcAKhOV
AABhAwcAKhOVAACuAwcAKhOVAADPAwcAKhOVAADdAwcAKhOVAAEMAwcAKhOVAAEg
AwcAKhOVAAFJAwcAKhOVAAFNAwcAKhOVAAFeAwcAKhOVAAFwMA0GCSqGSIb3DQEB
CwUAA4IBAQA6oXmTwE2fVj1pQ27mog3JDNHC5Am1lkPiVXiNsyN5gGfoSJdNd95e
CI9aLwzb6S4OQd+uVxBOH7f8Mwqd9p/d7r/MdGeTPkxdzjKTkSpwJuc+xIQQ6nFV
+TUaU59dHxiGWzJc0Byekv7CxE7NuEzJmJeGTfnAtMgkLjhYIA8Hkv+sHL97Yeeh
/F10RxdRArtaFqQEuseX7j5woh2X0OVO30z+FbSkwy1EKpjGQ0WyfI858qbrxZio
1C7H97Hozwgpeme8uCDwAoRbBPPuO23gkFh1Td+O41LZeN6pJUN+gT4YdnuRBk5Q
2gRGHfKOv05xZXsfa31dLstfYGyw83sU
-----END CERTIFICATE-----
Generated at Tue Jun 2 21:11:21 2026 by rpki-client