Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/AS20473.roa
File: AS20473.roa (raw, json)
Hash identifier: MG3VOg3wiEV7iQq6XDTVJeDnuIPYAf19YgJwrBQdAZw=
Subject key identifier: AC:92:25:97:0B:B3:3B:35:B0:D0:3C:29:09:46:1C:D0:91:FB:A7:58
Certificate issuer: /CN=03b1ba3fdb91d8d9ea76c5776320eb7eb2d6ed9d
Certificate serial: 4552583095EFE841C00118DD432A4FF18520F514
Authority key identifier: 03:B1:BA:3F:DB:91:D8:D9:EA:76:C5:77:63:20:EB:7E:B2:D6:ED:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/A7G6P9uR2NnqdsV3YyDrfrLW7Z0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/AS20473.roa
Signing time: Tue 19 Mar 2024 22:20:10 +0000
ROA not before: Tue 19 Mar 2024 22:15:10 +0000
ROA not after: Tue 18 Mar 2025 22:20:10 +0000
asID: 20473
IP address blocks: 45.146.80.0/24 maxlen: 24
45.152.242.0/24 maxlen: 24
45.154.106.0/24 maxlen: 24
45.155.17.0/24 maxlen: 24
91.199.172.0/24 maxlen: 24
193.25.207.0/24 maxlen: 24
194.104.158.0/24 maxlen: 24
194.147.4.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/03B1BA3FDB91D8D9EA76C5776320EB7EB2D6ED9D.crl
rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/03B1BA3FDB91D8D9EA76C5776320EB7EB2D6ED9D.mft
rsync://rpki.ripe.net/repository/DEFAULT/A7G6P9uR2NnqdsV3YyDrfrLW7Z0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 26 Apr 2024 14:10:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
45:52:58:30:95:ef:e8:41:c0:01:18:dd:43:2a:4f:f1:85:20:f5:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=03b1ba3fdb91d8d9ea76c5776320eb7eb2d6ed9d
Validity
Not Before: Mar 19 22:15:10 2024 GMT
Not After : Mar 18 22:20:10 2025 GMT
Subject: CN=AC9225970BB33B35B0D03C2909461CD091FBA758
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:91:5b:d2:24:8a:5c:9f:16:1c:06:a2:91:62:
c0:fd:10:9d:b4:3c:be:e7:29:67:4e:b9:11:b7:2c:
86:9d:a2:f7:74:4b:2d:2c:77:9e:16:74:51:ab:44:
45:92:c6:6b:71:96:dd:46:d0:d4:b8:3f:ca:5f:71:
96:db:46:a3:ec:3a:d5:92:93:d4:dc:7e:b6:4d:13:
12:e2:f6:f9:3b:f4:b5:6d:8d:8c:3d:82:38:94:c2:
39:8a:1b:22:b4:e1:22:9b:ea:74:05:bc:0f:c7:6a:
f3:41:f3:4e:35:59:ec:9f:00:4f:e7:4b:d9:a0:7a:
15:c0:7e:56:ef:51:46:8e:fa:e5:dc:ff:e3:e8:23:
5f:9a:80:e1:9f:8e:86:73:b5:15:70:df:f4:26:c4:
3e:41:55:6b:de:3e:44:d7:dd:e1:77:71:54:70:9b:
c1:96:9e:4e:9a:53:14:f8:92:63:9f:0a:eb:3d:1d:
f9:e6:c4:89:cf:b3:e2:a7:c5:7e:29:34:3d:e8:6a:
2e:af:74:ef:72:4b:f9:b2:44:2e:d5:a4:d7:a4:67:
bd:29:f3:f0:24:8b:e8:30:7c:4c:59:cb:7c:86:b0:
01:cd:1e:99:5d:82:18:1f:f4:5c:f9:96:da:ae:a7:
b0:d5:a1:ce:3d:74:16:cf:69:9d:f0:49:fc:87:4c:
49:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:92:25:97:0B:B3:3B:35:B0:D0:3C:29:09:46:1C:D0:91:FB:A7:58
X509v3 Authority Key Identifier:
keyid:03:B1:BA:3F:DB:91:D8:D9:EA:76:C5:77:63:20:EB:7E:B2:D6:ED:9D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/03B1BA3FDB91D8D9EA76C5776320EB7EB2D6ED9D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A7G6P9uR2NnqdsV3YyDrfrLW7Z0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/AS20473.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.146.80.0/24
45.152.242.0/24
45.154.106.0/24
45.155.17.0/24
91.199.172.0/24
193.25.207.0/24
194.104.158.0/24
194.147.4.0/24
Signature Algorithm: sha256WithRSAEncryption
33:96:7b:5d:bc:d3:81:4e:92:d4:97:7b:31:80:4b:25:08:3a:
2e:3e:2b:f7:e5:e3:5e:0f:ed:74:dc:52:2a:f9:fd:3a:bd:18:
59:c6:2f:cd:93:4e:4f:9b:bb:0d:e6:d2:69:30:4e:7d:6b:c0:
8f:7f:0c:79:d0:1c:91:59:9a:cf:79:6e:46:2f:71:63:c5:c4:
a6:b1:8f:ad:e9:c8:9c:62:5b:46:7b:26:23:88:43:e5:67:7c:
cd:96:27:df:5c:95:a3:b5:72:47:7d:61:ff:39:8a:fe:b6:e7:
a8:20:a1:e4:64:eb:b5:5f:46:d3:2b:17:ab:a3:aa:f7:94:9f:
38:b0:ca:9f:4e:4c:ef:50:ff:88:b0:02:45:b9:e6:a4:32:1d:
9d:44:c1:fd:d7:09:b9:ff:05:d4:32:2b:39:f7:c5:d7:81:a0:
e6:49:7a:1d:c2:0b:bf:56:70:6a:1c:f4:78:ea:a5:3a:df:5e:
c9:b7:eb:28:ef:b8:52:9a:d5:d4:98:b6:87:60:3b:8d:93:2c:
84:82:79:95:fa:a1:de:c7:92:80:cc:f1:bc:7a:b5:54:90:c0:
eb:da:9b:65:0a:51:9a:c4:b2:e4:c3:11:e0:8d:d3:73:b6:a8:
7c:f2:d9:30:f2:c8:1f:8b:6a:9d:d0:e3:db:fb:7b:e0:f4:37:
16:e5:14:37
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgIURVJYMJXv6EHAARjdQypP8YUg9RQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDNiMWJhM2ZkYjkxZDhkOWVhNzZjNTc3NjMyMGViN2Vi
MmQ2ZWQ5ZDAeFw0yNDAzMTkyMjE1MTBaFw0yNTAzMTgyMjIwMTBaMDMxMTAvBgNV
BAMTKEFDOTIyNTk3MEJCMzNCMzVCMEQwM0MyOTA5NDYxQ0QwOTFGQkE3NTgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDAkVvSJIpcnxYcBqKRYsD9EJ20
PL7nKWdOuRG3LIadovd0Sy0sd54WdFGrREWSxmtxlt1G0NS4P8pfcZbbRqPsOtWS
k9TcfrZNExLi9vk79LVtjYw9gjiUwjmKGyK04SKb6nQFvA/HavNB8041WeyfAE/n
S9mgehXAflbvUUaO+uXc/+PoI1+agOGfjoZztRVw3/QmxD5BVWvePkTX3eF3cVRw
m8GWnk6aUxT4kmOfCus9HfnmxInPs+KnxX4pND3oai6vdO9yS/myRC7VpNekZ70p
8/Aki+gwfExZy3yGsAHNHpldghgf9Fz5ltqup7DVoc49dBbPaZ3wSfyHTEmLAgMB
AAGjggIzMIICLzAdBgNVHQ4EFgQUrJIllwuzOzWw0DwpCUYc0JH7p1gwHwYDVR0j
BBgwFoAUA7G6P9uR2NnqdsV3YyDrfrLW7Z0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvN2ZmMGY1NTUtZGJhNy00MTkyLWEwMWQtZjY5MTZkNWJi
ODRlLzAvMDNCMUJBM0ZEQjkxRDhEOUVBNzZDNTc3NjMyMEVCN0VCMkQ2RUQ5RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0E3RzZQOXVSMk5ucWRzVjNZeURyZnJM
VzdaMC5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzdmZjBmNTU1LWRiYTct
NDE5Mi1hMDFkLWY2OTE2ZDViYjg0ZS8wL0FTMjA0NzMucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwSQYIKwYBBQUHAQcBAf8EOjA4MDYEAgABMDADBAAtklAD
BAAtmPIDBAAtmmoDBAAtmxEDBABbx6wDBADBGc8DBADCaJ4DBADCkwQwDQYJKoZI
hvcNAQELBQADggEBADOWe12804FOktSXezGASyUIOi4+K/fl414P7XTcUir5/Tq9
GFnGL82TTk+buw3m0mkwTn1rwI9/DHnQHJFZms95bkYvcWPFxKaxj63pyJxiW0Z7
JiOIQ+VnfM2WJ99claO1ckd9Yf85iv6256ggoeRk67VfRtMrF6ujqveUnziwyp9O
TO9Q/4iwAkW55qQyHZ1Ewf3XCbn/BdQyKzn3xdeBoOZJeh3CC79WcGoc9HjqpTrf
Xsm36yjvuFKa1dSYtodgO42TLISCeZX6od7HkoDM8bx6tVSQwOvam2UKUZrEsuTD
EeCN03O2qHzy2TDyyB+Lap3Q49v7e+D0NxblFDc=
-----END CERTIFICATE-----
Generated at Fri Apr 26 00:05:11 2024 by rpki-client on console-fra.rpki-client.org