Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS20473.roa
File: AS20473.roa (raw, json)
Hash identifier: KnrCt4EaPxMR8VlhGo+H7a41bzCgSJdvjKQ05PG8MHY=
Subject key identifier: B1:62:27:6E:55:72:21:EB:6A:C7:48:8A:B8:A2:DC:F2:95:55:BF:30
Certificate issuer: /CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Certificate serial: 4E8C9FB2A4F36D0F8E98EA39C6772EB72BA1905A
Authority key identifier: A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS20473.roa
Signing time: Thu 21 May 2026 10:26:23 +0000
ROA not before: Thu 21 May 2026 10:21:23 +0000
ROA not after: Thu 20 May 2027 10:26:23 +0000
asID: 20473
IP address blocks: 2a14:7580:100::/40 maxlen: 48
2a14:7581:f30::/44 maxlen: 48
2a14:7581:fa0::/44 maxlen: 48
2a14:7581:3600::/40 maxlen: 48
2a14:7581:3b00::/40 maxlen: 48
2a14:7581:3e00::/40 maxlen: 48
2a14:7581:3f00::/40 maxlen: 48
2a14:7581:9f90::/48 maxlen: 48
2a14:7581:9f91::/48 maxlen: 48
2a14:7581:9f92::/48 maxlen: 48
2a14:7583:5d10::/48 maxlen: 48
2a14:7583:e500::/40 maxlen: 48
2a14:7583:f000::/40 maxlen: 48
2a14:7583:f100::/40 maxlen: 48
2a14:7584:8000::/36 maxlen: 48
2a14:7584:9000::/36 maxlen: 48
2a14:7584:e000::/36 maxlen: 48
2a14:7584:e370::/44 maxlen: 48
2a14:7584:eb00::/40 maxlen: 40
2a14:7584:ec00::/40 maxlen: 40
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft
rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 12 Jun 2026 08:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4e:8c:9f:b2:a4:f3:6d:0f:8e:98:ea:39:c6:77:2e:b7:2b:a1:90:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Validity
Not Before: May 21 10:21:23 2026 GMT
Not After : May 20 10:26:23 2027 GMT
Subject: CN=B162276E557221EB6AC7488AB8A2DCF29555BF30
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:a8:1d:66:b8:cc:75:f2:ec:2c:8a:29:50:7f:
0e:80:17:6e:cb:02:4a:88:d2:15:2c:5f:10:0c:d8:
31:3c:61:12:75:32:70:c7:9c:9e:09:6a:e0:50:53:
7f:3e:27:0c:05:ca:3d:7b:aa:ea:67:a7:66:b0:f6:
be:44:26:f6:32:17:66:cc:78:1d:1d:21:6b:fe:f8:
8f:b1:8a:f1:81:c4:25:b5:d6:b6:7b:59:56:e0:9b:
bb:8d:01:59:58:2e:58:43:8c:00:bc:4b:49:4e:73:
72:0b:4c:98:aa:54:53:f7:1f:06:cc:23:3a:95:39:
51:bc:73:23:52:2e:74:80:d4:8d:de:1f:62:ab:19:
a2:12:4c:c8:bf:e8:a5:ee:b6:d2:d9:2f:01:88:cf:
c0:5b:74:5e:27:4f:71:3e:6b:6f:0a:d2:28:9e:04:
f3:4b:07:4f:7b:5f:b3:73:86:3c:6e:e9:ea:5f:cc:
6d:d7:f8:23:ea:c2:a1:5c:3e:aa:66:3f:15:ad:dc:
6a:59:3b:5b:3e:c9:37:e6:7f:a0:8a:d9:b7:e5:0a:
b5:ef:3c:e3:3f:71:f0:b9:46:a5:1f:0a:d6:8e:58:
29:9c:38:d0:c1:2e:12:85:ec:d7:ee:17:a2:4e:45:
d5:c5:96:96:8f:f2:05:29:4e:fb:77:ff:23:29:77:
75:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:62:27:6E:55:72:21:EB:6A:C7:48:8A:B8:A2:DC:F2:95:55:BF:30
X509v3 Authority Key Identifier:
keyid:A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS20473.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:7580:100::/40
2a14:7581:f30::/44
2a14:7581:fa0::/44
2a14:7581:3600::/40
2a14:7581:3b00::/40
2a14:7581:3e00::/39
2a14:7581:9f90::-2a14:7581:9f92:ffff:ffff:ffff:ffff:ffff
2a14:7583:5d10::/48
2a14:7583:e500::/40
2a14:7583:f000::/39
2a14:7584:8000::/35
2a14:7584:e000::/36
Signature Algorithm: sha256WithRSAEncryption
3d:0f:06:ae:81:9f:38:25:49:c8:01:46:45:3d:8e:fb:88:14:
d8:f3:bd:29:0c:c4:cc:7b:b7:c5:4f:17:57:6b:6b:51:2b:d2:
9f:d2:24:4c:62:f1:64:e3:48:30:07:0b:02:02:4b:ac:55:ad:
90:d4:8b:bc:6e:39:4d:91:0e:c2:ce:1c:ed:f1:63:84:c6:79:
fd:0d:7f:e9:4b:3d:f5:03:f7:ed:25:c2:d6:b9:f9:d2:25:3e:
62:70:b0:cb:13:12:a7:93:29:4c:3a:59:83:e4:a4:40:df:b8:
73:66:c1:2f:07:e9:bb:93:2b:cd:24:7d:ca:6c:bc:7d:de:ed:
c9:fc:45:48:c4:a8:64:a0:62:2c:b5:e7:60:cb:e6:db:a0:aa:
db:c2:b0:df:58:c4:a6:4f:6b:d0:6c:34:09:02:8d:a1:70:a8:
a9:0b:63:47:28:3d:50:2c:f8:79:ea:e4:86:0f:7b:39:81:0d:
f6:ef:88:1b:3f:37:78:13:4e:fc:04:a9:34:9a:01:76:01:1f:
69:9b:6c:be:33:d5:1e:51:ee:bc:d9:2a:29:20:b2:1c:68:e5:
ae:e2:04:78:45:0e:2d:58:6f:62:21:6c:52:e8:0b:46:2b:e7:
fb:2c:3e:fd:6d:14:b6:9b:af:75:00:06:76:c1:c5:0c:6d:3a:
48:96:66:1a
-----BEGIN CERTIFICATE-----
MIIFaTCCBFGgAwIBAgIUToyfsqTzbQ+OmOo5xncutyuhkFowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTgzZDQ4NjUyZjNiMmRmNzRmNmJmOWJhYThhOWMxNzRj
Y2ZkMzc3MjAeFw0yNjA1MjExMDIxMjNaFw0yNzA1MjAxMDI2MjNaMDMxMTAvBgNV
BAMTKEIxNjIyNzZFNTU3MjIxRUI2QUM3NDg4QUI4QTJEQ0YyOTU1NUJGMzAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCuqB1muMx18uwsiilQfw6AF27L
AkqI0hUsXxAM2DE8YRJ1MnDHnJ4JauBQU38+JwwFyj17qupnp2aw9r5EJvYyF2bM
eB0dIWv++I+xivGBxCW11rZ7WVbgm7uNAVlYLlhDjAC8S0lOc3ILTJiqVFP3HwbM
IzqVOVG8cyNSLnSA1I3eH2KrGaISTMi/6KXuttLZLwGIz8BbdF4nT3E+a28K0iie
BPNLB097X7Nzhjxu6epfzG3X+CPqwqFcPqpmPxWt3GpZO1s+yTfmf6CK2bflCrXv
POM/cfC5RqUfCtaOWCmcONDBLhKF7NfuF6JORdXFlpaP8gUpTvt3/yMpd3W1AgMB
AAGjggJzMIICbzAdBgNVHQ4EFgQUsWInblVyIetqx0iKuKLc8pVVvzAwHwYDVR0j
BBgwFoAUqD1IZS87LfdPa/m6qKnBdMz9N3IwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODkyNzBmNmMtYTNmZS00Mjk5LWIwNzktMzA5ZWQ5N2Yz
ODI0LzAvQTgzRDQ4NjUyRjNCMkRGNzRGNkJGOUJBQThBOUMxNzRDQ0ZEMzc3Mi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FEMUlaUzg3TGZkUGFfbTZxS25CZE16
OU4zSS5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5Lzg5MjcwZjZjLWEzZmUt
NDI5OS1iMDc5LTMwOWVkOTdmMzgyNC8wL0FTMjA0NzMucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwgYgGCCsGAQUFBwEHAQH/BHkwdzB1BAIAAjBvAwYAKhR1
gAEDBwQqFHWBDzADBwQqFHWBD6ADBgAqFHWBNgMGACoUdYE7AwYBKhR1gT4wEgMH
BCoUdYGfkAMHACoUdYGfkgMHACoUdYNdEAMGACoUdYPlAwYBKhR1g/ADBgUqFHWE
gAMGBCoUdYTgMA0GCSqGSIb3DQEBCwUAA4IBAQA9DwaugZ84JUnIAUZFPY77iBTY
870pDMTMe7fFTxdXa2tRK9Kf0iRMYvFk40gwBwsCAkusVa2Q1Iu8bjlNkQ7Czhzt
8WOExnn9DX/pSz31A/ftJcLWufnSJT5icLDLExKnkylMOlmD5KRA37hzZsEvB+m7
kyvNJH3KbLx93u3J/EVIxKhkoGIstedgy+bboKrbwrDfWMSmT2vQbDQJAo2hcKip
C2NHKD1QLPh56uSGD3s5gQ3274gbPzd4E078BKk0mgF2AR9pm2y+M9UeUe682Sop
ILIcaOWu4gR4RQ4tWG9iIWxS6AtGK+f7LD79bRS2m691AAZ2wcUMbTpIlmYa
-----END CERTIFICATE-----
Generated at Thu Jun 11 14:39:57 2026 by rpki-client