
Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/96e4ac86-1803-494d-8a7b-c051a6310752/0/AS20712.roa
File: AS20712.roa (raw, json)
Hash identifier: i9VzaDYP41hER/FozvUl7KqkecVhOtK0LsO809XnYFc=
Subject key identifier: 95:30:11:70:C1:A3:21:DF:04:2B:FA:25:0B:38:39:B7:5C:FA:15:DE
Certificate issuer: /CN=0e20ccf5083a63b9f5887e3ea39d04e2d62b3da5
Certificate serial: 172A3ED326457FCCB145CCFCBAAAFE16AB02E0F6
Authority key identifier: 0E:20:CC:F5:08:3A:63:B9:F5:88:7E:3E:A3:9D:04:E2:D6:2B:3D:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DiDM9Qg6Y7n1iH4-o50E4tYrPaU.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/96e4ac86-1803-494d-8a7b-c051a6310752/0/AS20712.roa
Signing time: Tue 07 Jul 2026 09:10:02 +0000
ROA not before: Tue 07 Jul 2026 09:05:02 +0000
ROA not after: Tue 06 Jul 2027 09:10:02 +0000
asID: 20712
IP address blocks: 51.146.73.0/24 maxlen: 24
51.194.130.0/24 maxlen: 24
188.220.10.0/24 maxlen: 24
188.220.192.0/24 maxlen: 24
188.220.206.0/24 maxlen: 24
188.220.217.0/24 maxlen: 24
188.221.11.0/24 maxlen: 24
188.221.23.0/24 maxlen: 24
188.221.98.0/24 maxlen: 24
188.221.189.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/96e4ac86-1803-494d-8a7b-c051a6310752/0/0E20CCF5083A63B9F5887E3EA39D04E2D62B3DA5.crl
rsync://rsync.paas.rpki.ripe.net/repository/96e4ac86-1803-494d-8a7b-c051a6310752/0/0E20CCF5083A63B9F5887E3EA39D04E2D62B3DA5.mft
rsync://rpki.ripe.net/repository/DEFAULT/DiDM9Qg6Y7n1iH4-o50E4tYrPaU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Jul 2026 09:43:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
17:2a:3e:d3:26:45:7f:cc:b1:45:cc:fc:ba:aa:fe:16:ab:02:e0:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0e20ccf5083a63b9f5887e3ea39d04e2d62b3da5
Validity
Not Before: Jul 7 09:05:02 2026 GMT
Not After : Jul 6 09:10:02 2027 GMT
Subject: CN=95301170C1A321DF042BFA250B3839B75CFA15DE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:84:fa:83:fc:82:80:7e:9e:8c:e0:31:bf:a9:
a4:9c:f8:fa:23:a6:d5:d5:fb:8b:e9:15:68:b2:e5:
fe:73:40:33:33:75:3c:8b:72:9e:59:45:69:e0:3f:
3d:e4:44:da:24:56:15:ff:f0:15:c9:2a:58:6c:58:
24:06:f8:69:1f:e7:2b:be:c4:fb:95:61:29:64:1d:
26:1f:65:c1:b7:b6:84:45:62:07:aa:c2:ee:fa:a7:
79:c6:09:31:2a:69:58:db:e4:77:d4:31:ca:81:f8:
93:a6:e6:ae:5c:63:67:a5:23:36:4e:41:71:c0:5c:
a2:cf:03:e8:f0:ed:f1:08:64:38:84:c6:95:fe:f9:
06:3c:ba:bf:d7:7f:87:dc:05:73:f4:50:b3:51:a9:
5b:27:f8:2f:73:84:93:8e:ea:27:93:e1:e8:70:24:
bb:1a:68:54:e3:98:88:b9:b2:6c:55:73:cb:4a:d0:
d8:34:9c:24:0f:e9:90:b7:99:f7:a7:a5:4c:09:d2:
c3:ca:5d:0c:28:24:68:ae:b9:30:0d:31:7c:45:d4:
71:11:c6:fd:93:52:d6:8f:29:e7:58:88:e5:cd:fe:
67:d4:1a:ce:19:a6:51:83:f0:bf:91:7e:37:e8:8c:
04:97:2a:42:e8:28:95:b7:8c:bd:ce:00:30:db:a5:
08:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:30:11:70:C1:A3:21:DF:04:2B:FA:25:0B:38:39:B7:5C:FA:15:DE
X509v3 Authority Key Identifier:
keyid:0E:20:CC:F5:08:3A:63:B9:F5:88:7E:3E:A3:9D:04:E2:D6:2B:3D:A5
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/96e4ac86-1803-494d-8a7b-c051a6310752/0/0E20CCF5083A63B9F5887E3EA39D04E2D62B3DA5.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DiDM9Qg6Y7n1iH4-o50E4tYrPaU.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/96e4ac86-1803-494d-8a7b-c051a6310752/0/AS20712.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.146.73.0/24
51.194.130.0/24
188.220.10.0/24
188.220.192.0/24
188.220.206.0/24
188.220.217.0/24
188.221.11.0/24
188.221.23.0/24
188.221.98.0/24
188.221.189.0/24
Signature Algorithm: sha256WithRSAEncryption
36:67:f8:d2:93:e3:6b:e2:2f:9d:6b:b4:68:f8:96:09:39:9e:
86:15:89:21:99:34:4d:b7:52:4e:c6:67:85:49:92:39:91:cf:
ce:f4:b4:b8:07:83:b7:f3:95:0a:e9:ec:ce:a0:f2:1d:34:d0:
e3:0e:8f:d4:2b:d6:8e:80:e4:0e:f5:73:dc:c8:be:00:ff:34:
df:af:52:4f:c4:77:04:ab:30:9b:ab:d8:66:4e:80:0b:97:72:
55:10:56:01:97:6e:9c:63:22:46:2c:1a:ce:17:1a:43:2d:f0:
cd:4c:cb:a0:87:11:46:a8:ac:5f:ef:b7:18:c3:27:2c:21:7a:
7f:af:90:31:63:68:d8:7c:02:d8:ac:da:8a:f5:3d:be:d0:20:
dd:ce:07:9f:14:f7:ee:df:57:ac:f8:6f:18:ca:f0:f0:d2:5b:
b8:4f:47:bb:13:3b:de:31:55:89:45:d3:7a:55:d8:02:da:56:
98:bb:b6:ce:a3:8f:95:4a:f2:f3:8d:97:7c:6a:9e:67:a3:ae:
39:3c:a4:56:da:22:77:c7:f5:d1:dd:8b:ab:7b:82:f4:52:c8:
b0:e5:92:a0:9c:8c:97:1e:df:ea:7d:e4:82:ce:5e:9f:b4:24:
24:ec:d7:43:a4:df:07:fc:5e:12:96:45:97:d0:6d:56:c0:67:
02:bc:3d:86
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUFyo+0yZFf8yxRcz8uqr+FqsC4PYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMGUyMGNjZjUwODNhNjNiOWY1ODg3ZTNlYTM5ZDA0ZTJk
NjJiM2RhNTAeFw0yNjA3MDcwOTA1MDJaFw0yNzA3MDYwOTEwMDJaMDMxMTAvBgNV
BAMTKDk1MzAxMTcwQzFBMzIxREYwNDJCRkEyNTBCMzgzOUI3NUNGQTE1REUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDdhPqD/IKAfp6M4DG/qaSc+Poj
ptXV+4vpFWiy5f5zQDMzdTyLcp5ZRWngPz3kRNokVhX/8BXJKlhsWCQG+Gkf5yu+
xPuVYSlkHSYfZcG3toRFYgeqwu76p3nGCTEqaVjb5HfUMcqB+JOm5q5cY2elIzZO
QXHAXKLPA+jw7fEIZDiExpX++QY8ur/Xf4fcBXP0ULNRqVsn+C9zhJOO6ieT4ehw
JLsaaFTjmIi5smxVc8tK0Ng0nCQP6ZC3mfenpUwJ0sPKXQwoJGiuuTANMXxF1HER
xv2TUtaPKedYiOXN/mfUGs4ZplGD8L+RfjfojASXKkLoKJW3jL3OADDbpQjJAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUlTARcMGjId8EK/olCzg5t1z6Fd4wHwYDVR0j
BBgwFoAUDiDM9Qg6Y7n1iH4+o50E4tYrPaUwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOTZlNGFjODYtMTgwMy00OTRkLThhN2ItYzA1MWE2MzEw
NzUyLzAvMEUyMENDRjUwODNBNjNCOUY1ODg3RTNFQTM5RDA0RTJENjJCM0RBNS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0RpRE05UWc2WTduMWlINC1vNTBFNHRZ
clBhVS5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5Lzk2ZTRhYzg2LTE4MDMt
NDk0ZC04YTdiLWMwNTFhNjMxMDc1Mi8wL0FTMjA3MTIucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwVQYIKwYBBQUHAQcBAf8ERjBEMEIEAgABMDwDBAAzkkkD
BAAzwoIDBAC83AoDBAC83MADBAC83M4DBAC83NkDBAC83QsDBAC83RcDBAC83WID
BAC83b0wDQYJKoZIhvcNAQELBQADggEBADZn+NKT42viL51rtGj4lgk5noYViSGZ
NE23Uk7GZ4VJkjmRz870tLgHg7fzlQrp7M6g8h000OMOj9Qr1o6A5A71c9zIvgD/
NN+vUk/EdwSrMJur2GZOgAuXclUQVgGXbpxjIkYsGs4XGkMt8M1My6CHEUaorF/v
txjDJywhen+vkDFjaNh8Atis2or1Pb7QIN3OB58U9+7fV6z4bxjK8PDSW7hPR7sT
O94xVYlF03pV2ALaVpi7ts6jj5VK8vONl3xqnmejrjk8pFbaInfH9dHdi6t7gvRS
yLDlkqCcjJce3+p95ILOXp+0JCTs10Ok3wf8XhKWRZfQbVbAZwK8PYY=
-----END CERTIFICATE-----
Generated at Sun Jul 19 18:44:30 2026 by rpki-client