Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/96e4ac86-1803-494d-8a7b-c051a6310752/0/AS20473.roa
File: AS20473.roa (raw, json)
Hash identifier: ttD9TZnW4Z+eChm2+vyzkYucoQNV1qisBzQO3JDc7Fc=
Subject key identifier: 5F:38:F6:A6:6A:DE:D6:72:8D:D7:25:CA:B4:29:D3:67:9E:16:95:90
Certificate issuer: /CN=0e20ccf5083a63b9f5887e3ea39d04e2d62b3da5
Certificate serial: 3C60E73CF0CF09C4B048B19549C21877B9639D3C
Authority key identifier: 0E:20:CC:F5:08:3A:63:B9:F5:88:7E:3E:A3:9D:04:E2:D6:2B:3D:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DiDM9Qg6Y7n1iH4-o50E4tYrPaU.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/96e4ac86-1803-494d-8a7b-c051a6310752/0/AS20473.roa
Signing time: Sat 25 Apr 2026 15:45:03 +0000
ROA not before: Sat 25 Apr 2026 15:40:03 +0000
ROA not after: Sat 24 Apr 2027 15:45:03 +0000
asID: 20473
IP address blocks: 51.194.65.0/24 maxlen: 24
51.194.141.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/96e4ac86-1803-494d-8a7b-c051a6310752/0/0E20CCF5083A63B9F5887E3EA39D04E2D62B3DA5.crl
rsync://rsync.paas.rpki.ripe.net/repository/96e4ac86-1803-494d-8a7b-c051a6310752/0/0E20CCF5083A63B9F5887E3EA39D04E2D62B3DA5.mft
rsync://rpki.ripe.net/repository/DEFAULT/DiDM9Qg6Y7n1iH4-o50E4tYrPaU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 27 Apr 2026 23:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3c:60:e7:3c:f0:cf:09:c4:b0:48:b1:95:49:c2:18:77:b9:63:9d:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0e20ccf5083a63b9f5887e3ea39d04e2d62b3da5
Validity
Not Before: Apr 25 15:40:03 2026 GMT
Not After : Apr 24 15:45:03 2027 GMT
Subject: CN=5F38F6A66ADED6728DD725CAB429D3679E169590
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:86:cd:07:e3:de:a9:dd:6d:34:d6:91:fb:4e:
b1:25:9f:0c:8a:85:61:2f:bc:2d:95:5e:3e:a5:8e:
a1:06:ce:0f:56:51:ec:99:23:66:7b:6d:9e:5f:19:
bd:d8:0d:66:23:24:d9:89:58:da:5b:88:e6:15:51:
84:e6:af:32:da:2f:c6:bf:1c:d4:21:ea:06:cd:1d:
8c:0f:18:9c:d6:a5:4d:aa:b6:eb:32:b5:25:af:a5:
9d:0f:a5:87:4c:6a:a8:d2:c6:97:b9:d4:a5:4c:f7:
9f:e2:ae:98:cd:01:30:60:53:d5:34:4d:ee:72:1d:
b6:1e:91:6d:28:f1:15:83:01:5f:ba:50:83:ae:be:
51:c0:82:f8:a4:ad:ab:5f:19:03:53:18:93:c5:6b:
f8:fd:ce:e0:93:d0:91:4f:11:73:9c:c7:f0:43:aa:
6d:32:69:c9:5d:94:21:f4:b7:f6:6a:87:16:77:1d:
6c:15:6f:a6:4b:6f:d2:3a:0d:5a:ec:8b:d4:90:8c:
92:3f:7b:60:37:41:50:5c:6f:46:79:cd:67:dd:f9:
69:ec:33:b3:f7:15:71:a0:a1:74:a6:94:d7:52:2e:
7e:29:11:6f:1c:da:6d:da:41:67:46:90:31:92:17:
4a:f0:dc:06:52:2a:8a:27:2b:2a:9f:4a:ab:09:2d:
d2:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:38:F6:A6:6A:DE:D6:72:8D:D7:25:CA:B4:29:D3:67:9E:16:95:90
X509v3 Authority Key Identifier:
keyid:0E:20:CC:F5:08:3A:63:B9:F5:88:7E:3E:A3:9D:04:E2:D6:2B:3D:A5
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/96e4ac86-1803-494d-8a7b-c051a6310752/0/0E20CCF5083A63B9F5887E3EA39D04E2D62B3DA5.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DiDM9Qg6Y7n1iH4-o50E4tYrPaU.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/96e4ac86-1803-494d-8a7b-c051a6310752/0/AS20473.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.194.65.0/24
51.194.141.0/24
Signature Algorithm: sha256WithRSAEncryption
1e:80:c5:b0:34:19:02:ee:38:f1:8e:46:8e:42:69:8c:1d:f9:
0e:0a:ef:a3:90:b9:b1:34:66:7a:26:b3:50:2b:76:a9:4e:e4:
2f:d6:e1:bf:26:f1:7a:76:44:00:45:b6:2b:70:75:02:a3:e8:
d8:69:30:41:35:ae:ab:97:77:7b:6b:69:3f:72:71:7f:3c:df:
80:74:a6:c8:9f:3d:49:7a:61:da:5c:5a:16:38:ec:6b:75:c8:
11:17:68:08:38:9c:b8:1a:f8:af:11:b5:40:1e:88:b3:e6:b0:
5f:d4:7c:9a:b9:a9:e7:02:8c:be:b7:4b:01:7e:b2:91:ba:99:
5e:88:2f:fb:9f:7a:de:d3:cf:2c:68:fb:11:de:d7:a5:cf:5a:
bf:b6:95:c4:03:b5:fe:f0:a1:8a:f6:f8:5d:18:68:e4:60:94:
4d:65:02:9b:ad:be:b9:af:72:bb:c5:b7:93:b2:44:0b:d0:7b:
56:4e:03:de:b2:80:52:09:3c:01:6b:58:3a:de:fc:e8:dc:78:
35:19:40:74:c4:aa:56:81:96:81:68:74:ec:e6:72:97:5a:18:
99:0c:57:44:20:35:04:e5:a1:6b:36:ab:2f:04:3c:87:43:b1:
86:1b:cc:da:2d:03:1b:23:f6:6c:0e:01:6a:7b:60:de:06:b4:
11:19:50:2a
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgIUPGDnPPDPCcSwSLGVScIYd7ljnTwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMGUyMGNjZjUwODNhNjNiOWY1ODg3ZTNlYTM5ZDA0ZTJk
NjJiM2RhNTAeFw0yNjA0MjUxNTQwMDNaFw0yNzA0MjQxNTQ1MDNaMDMxMTAvBgNV
BAMTKDVGMzhGNkE2NkFERUQ2NzI4REQ3MjVDQUI0MjlEMzY3OUUxNjk1OTAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC7hs0H496p3W001pH7TrElnwyK
hWEvvC2VXj6ljqEGzg9WUeyZI2Z7bZ5fGb3YDWYjJNmJWNpbiOYVUYTmrzLaL8a/
HNQh6gbNHYwPGJzWpU2qtusytSWvpZ0PpYdMaqjSxpe51KVM95/irpjNATBgU9U0
Te5yHbYekW0o8RWDAV+6UIOuvlHAgvikratfGQNTGJPFa/j9zuCT0JFPEXOcx/BD
qm0yacldlCH0t/ZqhxZ3HWwVb6ZLb9I6DVrsi9SQjJI/e2A3QVBcb0Z5zWfd+Wns
M7P3FXGgoXSmlNdSLn4pEW8c2m3aQWdGkDGSF0rw3AZSKoonKyqfSqsJLdLtAgMB
AAGjggIPMIICCzAdBgNVHQ4EFgQUXzj2pmre1nKN1yXKtCnTZ54WlZAwHwYDVR0j
BBgwFoAUDiDM9Qg6Y7n1iH4+o50E4tYrPaUwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOTZlNGFjODYtMTgwMy00OTRkLThhN2ItYzA1MWE2MzEw
NzUyLzAvMEUyMENDRjUwODNBNjNCOUY1ODg3RTNFQTM5RDA0RTJENjJCM0RBNS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0RpRE05UWc2WTduMWlINC1vNTBFNHRZ
clBhVS5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5Lzk2ZTRhYzg2LTE4MDMt
NDk0ZC04YTdiLWMwNTFhNjMxMDc1Mi8wL0FTMjA0NzMucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwDBAAzwkED
BAAzwo0wDQYJKoZIhvcNAQELBQADggEBAB6AxbA0GQLuOPGORo5CaYwd+Q4K76OQ
ubE0Znoms1ArdqlO5C/W4b8m8Xp2RABFtitwdQKj6NhpMEE1rquXd3traT9ycX88
34B0psifPUl6YdpcWhY47Gt1yBEXaAg4nLga+K8RtUAeiLPmsF/UfJq5qecCjL63
SwF+spG6mV6IL/ufet7Tzyxo+xHe16XPWr+2lcQDtf7woYr2+F0YaORglE1lAput
vrmvcrvFt5OyRAvQe1ZOA96ygFIJPAFrWDre/OjceDUZQHTEqlaBloFodOzmcpda
GJkMV0QgNQTloWs2qy8EPIdDsYYbzNotAxsj9mwOAWp7YN4GtBEZUCo=
-----END CERTIFICATE-----
Generated at Mon Apr 27 09:08:33 2026 by rpki-client