Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS20473.roa
File: AS20473.roa (raw, json)
Hash identifier: TYSFyNLeCdxFiDyo+zMPblXkyAmaUw8gbDm6kLTO4Gk=
Subject key identifier: AE:BF:13:30:C0:73:D1:49:C0:C2:5C:47:55:94:09:8D:94:73:2A:9A
Certificate issuer: /CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Certificate serial: 254AB9A79F5B1DE25C17CCAD2C45F616D008C119
Authority key identifier: A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS20473.roa
Signing time: Sat 06 Sep 2025 10:02:09 +0000
ROA not before: Sat 06 Sep 2025 09:57:09 +0000
ROA not after: Sat 05 Sep 2026 10:02:09 +0000
asID: 20473
IP address blocks: 2a14:7580:100::/40 maxlen: 48
2a14:7581:f30::/44 maxlen: 48
2a14:7581:f70::/48 maxlen: 48
2a14:7581:f71::/48 maxlen: 48
2a14:7581:3600::/40 maxlen: 48
2a14:7581:3e00::/40 maxlen: 48
2a14:7581:3f00::/40 maxlen: 48
2a14:7581:e000::/36 maxlen: 48
2a14:7583:f000::/40 maxlen: 48
2a14:7583:f100::/40 maxlen: 48
2a14:7584:8000::/36 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft
rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 07 Sep 2025 13:22:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
25:4a:b9:a7:9f:5b:1d:e2:5c:17:cc:ad:2c:45:f6:16:d0:08:c1:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Validity
Not Before: Sep 6 09:57:09 2025 GMT
Not After : Sep 5 10:02:09 2026 GMT
Subject: CN=AEBF1330C073D149C0C25C475594098D94732A9A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:ee:f5:23:33:13:de:75:9f:93:27:6a:d8:93:
65:b7:82:70:43:16:c9:a1:15:5d:15:ef:db:a3:5a:
8f:9e:31:83:ff:6d:7d:34:0e:62:3d:e2:2a:9c:82:
ad:98:9f:8f:dd:b1:a5:1d:a1:99:3f:7d:fc:26:aa:
05:06:86:80:e9:42:5f:43:fd:2e:d6:2b:95:9e:14:
be:64:01:ab:93:78:d2:16:f0:71:94:a9:38:00:e6:
ea:55:c7:f2:71:2a:be:e5:23:76:73:ea:8c:da:01:
56:f3:8d:a2:bd:db:8b:cd:ee:30:65:3a:a3:2c:6b:
9f:2c:c8:33:a3:c0:24:54:74:6e:3c:bc:01:38:65:
2b:ee:94:10:ec:54:9b:cf:aa:7a:69:50:53:05:c6:
58:23:b2:22:53:5c:da:82:bc:31:1a:23:ae:e1:6b:
dc:3a:6f:3b:9b:de:72:c8:63:31:e8:53:ca:7a:be:
38:1a:17:91:d8:e2:0f:4c:8c:63:f7:05:ca:a7:83:
60:31:8d:0c:54:6c:c2:14:a5:c3:c5:4c:6c:97:a4:
c9:cb:54:1c:54:1f:9e:8a:75:af:38:00:8c:bb:72:
e9:32:c8:c5:87:c7:14:24:e3:c6:30:fa:d1:3f:88:
af:c8:8d:32:3d:46:46:68:01:ca:8d:3d:fd:0b:ad:
e4:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:BF:13:30:C0:73:D1:49:C0:C2:5C:47:55:94:09:8D:94:73:2A:9A
X509v3 Authority Key Identifier:
keyid:A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS20473.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:7580:100::/40
2a14:7581:f30::/44
2a14:7581:f70::/47
2a14:7581:3600::/40
2a14:7581:3e00::/39
2a14:7581:e000::/36
2a14:7583:f000::/39
2a14:7584:8000::/36
Signature Algorithm: sha256WithRSAEncryption
0c:2b:d7:90:58:70:62:b4:70:69:aa:6a:53:41:8c:d4:7e:56:
c8:50:96:03:66:8a:aa:f8:2f:d0:4f:7a:8e:b6:8d:c7:47:02:
52:b2:9a:56:7e:4b:8f:c9:a9:97:c9:5c:11:43:c3:ce:4b:7f:
98:29:83:d3:ac:b5:ff:31:7c:c7:00:e8:d3:17:d9:62:6d:43:
5a:1a:81:bf:ce:60:1e:49:88:ae:0b:13:fa:43:cb:e4:18:6a:
f4:ce:cc:22:71:35:f7:fd:0e:9e:b3:d4:6e:98:65:2c:9c:17:
f6:a2:5a:ca:ee:39:df:3c:58:23:d5:a5:ec:0c:08:f2:b4:60:
2b:61:3b:2d:98:ad:39:44:8b:6b:66:0b:3a:6e:34:7c:89:8b:
7c:0a:85:e5:83:d1:de:38:4b:2b:d6:f3:74:3d:0c:0f:0b:bf:
fa:14:75:dc:4c:a3:64:47:7b:6e:bf:0c:b2:b0:2e:45:70:0f:
6a:c8:af:d5:3d:7a:5a:58:62:82:a0:cb:c3:c7:2e:e6:fe:52:
54:98:5d:59:b3:bd:e0:6c:c3:96:b7:ef:cb:12:13:8a:25:f5:
98:b1:97:d6:f5:f6:38:68:ac:33:be:80:fd:69:bd:d4:7f:4b:
1d:e4:22:40:c4:07:07:5e:88:64:7c:0f:1f:42:a2:22:f6:51:
30:90:7f:37
-----BEGIN CERTIFICATE-----
MIIFOzCCBCOgAwIBAgIUJUq5p59bHeJcF8ytLEX2FtAIwRkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTgzZDQ4NjUyZjNiMmRmNzRmNmJmOWJhYThhOWMxNzRj
Y2ZkMzc3MjAeFw0yNTA5MDYwOTU3MDlaFw0yNjA5MDUxMDAyMDlaMDMxMTAvBgNV
BAMTKEFFQkYxMzMwQzA3M0QxNDlDMEMyNUM0NzU1OTQwOThEOTQ3MzJBOUEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDM7vUjMxPedZ+TJ2rYk2W3gnBD
FsmhFV0V79ujWo+eMYP/bX00DmI94iqcgq2Yn4/dsaUdoZk/ffwmqgUGhoDpQl9D
/S7WK5WeFL5kAauTeNIW8HGUqTgA5upVx/JxKr7lI3Zz6ozaAVbzjaK924vN7jBl
OqMsa58syDOjwCRUdG48vAE4ZSvulBDsVJvPqnppUFMFxlgjsiJTXNqCvDEaI67h
a9w6bzub3nLIYzHoU8p6vjgaF5HY4g9MjGP3Bcqng2AxjQxUbMIUpcPFTGyXpMnL
VBxUH56Kda84AIy7cukyyMWHxxQk48Yw+tE/iK/IjTI9RkZoAcqNPf0LreSrAgMB
AAGjggJFMIICQTAdBgNVHQ4EFgQUrr8TMMBz0UnAwlxHVZQJjZRzKpowHwYDVR0j
BBgwFoAUqD1IZS87LfdPa/m6qKnBdMz9N3IwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODkyNzBmNmMtYTNmZS00Mjk5LWIwNzktMzA5ZWQ5N2Yz
ODI0LzAvQTgzRDQ4NjUyRjNCMkRGNzRGNkJGOUJBQThBOUMxNzRDQ0ZEMzc3Mi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FEMUlaUzg3TGZkUGFfbTZxS25CZE16
OU4zSS5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5Lzg5MjcwZjZjLWEzZmUt
NDI5OS1iMDc5LTMwOWVkOTdmMzgyNC8wL0FTMjA0NzMucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwWwYIKwYBBQUHAQcBAf8ETDBKMEgEAgACMEIDBgAqFHWA
AQMHBCoUdYEPMAMHASoUdYEPcAMGACoUdYE2AwYBKhR1gT4DBgQqFHWB4AMGASoU
dYPwAwYEKhR1hIAwDQYJKoZIhvcNAQELBQADggEBAAwr15BYcGK0cGmqalNBjNR+
VshQlgNmiqr4L9BPeo62jcdHAlKymlZ+S4/JqZfJXBFDw85Lf5gpg9Ostf8xfMcA
6NMX2WJtQ1oagb/OYB5JiK4LE/pDy+QYavTOzCJxNff9Dp6z1G6YZSycF/aiWsru
Od88WCPVpewMCPK0YCthOy2YrTlEi2tmCzpuNHyJi3wKheWD0d44SyvW83Q9DA8L
v/oUddxMo2RHe26/DLKwLkVwD2rIr9U9elpYYoKgy8PHLub+UlSYXVmzveBsw5a3
78sSE4ol9Zixl9b19jhorDO+gP1pvdR/Sx3kIkDEBwdeiGR8Dx9CoiL2UTCQfzc=
-----END CERTIFICATE-----
Generated at Sun Sep 7 02:21:05 2025 by rpki-client