Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS20473.roa
File: AS20473.roa (raw, json)
Hash identifier: uNpO/cXuK8MjK078xcQcXrBWJVaiI25ScV4/PI5TK8A=
Subject key identifier: B6:65:DF:D4:D3:8C:4F:4A:A2:E1:95:AF:67:25:38:25:76:7F:76:AF
Certificate issuer: /CN=c2302af143c15daad50042d8455e689d0828eca9
Certificate serial: 140BE8B53306ADCD43FA12B7E3DD41FF07B9354B
Authority key identifier: C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS20473.roa
Signing time: Sat 15 Feb 2025 00:00:29 +0000
ROA not before: Fri 14 Feb 2025 23:55:29 +0000
ROA not after: Sat 14 Feb 2026 00:00:29 +0000
asID: 20473
IP address blocks: 141.11.9.0/24 maxlen: 24
141.11.26.0/24 maxlen: 24
141.11.70.0/24 maxlen: 24
141.11.100.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.crl
rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.mft
rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Feb 2025 05:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
14:0b:e8:b5:33:06:ad:cd:43:fa:12:b7:e3:dd:41:ff:07:b9:35:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2302af143c15daad50042d8455e689d0828eca9
Validity
Not Before: Feb 14 23:55:29 2025 GMT
Not After : Feb 14 00:00:29 2026 GMT
Subject: CN=B665DFD4D38C4F4AA2E195AF67253825767F76AF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:e8:3f:d6:75:a4:5a:bc:92:05:91:64:65:a0:
2d:57:d6:b5:72:47:f7:64:c9:18:54:e9:cb:3f:7f:
64:c4:c6:ae:9c:8e:f5:8e:12:a8:28:c3:2a:1e:13:
79:3c:b2:64:ae:2c:51:bd:66:a7:ae:1a:97:b7:d2:
e3:3c:0a:01:2e:7a:a6:02:ff:3f:54:66:9e:a0:f1:
33:d2:f8:97:47:00:f9:e1:f2:d6:33:07:15:09:91:
da:1c:6d:95:77:1b:65:ef:d6:40:95:c1:2f:f2:bc:
f1:ec:2d:8c:d6:c8:a1:5a:b8:a3:cd:25:01:d4:7f:
d0:4f:d8:49:8d:f0:69:5c:06:93:3c:d4:97:c0:1a:
62:00:f3:a3:88:da:42:44:53:5e:8c:81:fd:3e:12:
41:e4:60:c5:42:50:7b:d7:60:b2:01:08:dd:56:ad:
85:2d:36:9a:f6:6b:df:90:f0:fb:7f:ca:b1:51:3d:
92:1b:9a:ea:aa:c0:0e:33:44:09:e4:d9:39:a8:a8:
69:19:66:45:ed:6d:29:74:f9:09:0e:94:95:29:9f:
64:2b:92:db:19:6b:61:e2:a0:59:9c:a9:bb:cf:44:
38:a8:32:42:4d:64:37:a8:16:73:8f:d3:0d:1a:e2:
6b:28:3a:e7:cb:85:11:9e:66:ec:65:4d:1a:34:e0:
c3:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:65:DF:D4:D3:8C:4F:4A:A2:E1:95:AF:67:25:38:25:76:7F:76:AF
X509v3 Authority Key Identifier:
keyid:C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS20473.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.11.9.0/24
141.11.26.0/24
141.11.70.0/24
141.11.100.0/24
Signature Algorithm: sha256WithRSAEncryption
63:df:07:c8:b7:3f:25:ab:67:15:e4:78:43:9f:bd:33:1b:43:
78:17:28:04:28:63:10:1b:bc:0d:90:c9:ab:14:eb:e7:3f:67:
dd:b0:98:b2:c9:4d:39:bc:4f:74:b3:4b:f9:bd:ad:c3:f1:bc:
fe:6b:d4:36:20:1b:f6:e2:ad:8f:80:1e:e8:79:c7:a4:a6:2f:
1f:7c:77:b0:6f:7c:a0:c4:e3:8b:8c:dd:bb:e8:6c:60:90:b6:
08:a6:19:6d:8e:d1:ef:7f:39:44:14:6f:8c:75:62:e3:86:44:
c2:82:97:9d:bb:b9:35:67:1a:aa:13:2b:22:71:93:ab:60:91:
a3:58:31:09:10:9c:39:9e:a9:11:65:b8:44:e6:e6:66:0c:d5:
04:48:d3:11:9d:ae:28:a7:1d:6b:cc:4e:4f:86:69:4f:32:2a:
b7:3a:4a:69:a5:67:b9:a1:f4:7e:11:37:34:0e:ff:51:63:ce:
93:b9:70:fd:d3:d5:3b:5b:b3:58:85:58:dd:6c:47:5a:17:80:
c2:6d:7f:f5:76:75:08:41:5d:b6:98:78:9a:2f:18:ab:d4:0b:
21:f2:e7:e4:17:ca:91:03:b6:9d:87:ba:dd:f7:39:06:79:bf:
1a:3a:4d:4c:c2:2b:ad:16:18:f9:9b:6c:8a:6b:68:f6:5c:d0:
ef:33:c8:7e
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgIUFAvotTMGrc1D+hK3491B/we5NUswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYzIzMDJhZjE0M2MxNWRhYWQ1MDA0MmQ4NDU1ZTY4OWQw
ODI4ZWNhOTAeFw0yNTAyMTQyMzU1MjlaFw0yNjAyMTQwMDAwMjlaMDMxMTAvBgNV
BAMTKEI2NjVERkQ0RDM4QzRGNEFBMkUxOTVBRjY3MjUzODI1NzY3Rjc2QUYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCN6D/WdaRavJIFkWRloC1X1rVy
R/dkyRhU6cs/f2TExq6cjvWOEqgowyoeE3k8smSuLFG9ZqeuGpe30uM8CgEueqYC
/z9UZp6g8TPS+JdHAPnh8tYzBxUJkdocbZV3G2Xv1kCVwS/yvPHsLYzWyKFauKPN
JQHUf9BP2EmN8GlcBpM81JfAGmIA86OI2kJEU16Mgf0+EkHkYMVCUHvXYLIBCN1W
rYUtNpr2a9+Q8Pt/yrFRPZIbmuqqwA4zRAnk2TmoqGkZZkXtbSl0+QkOlJUpn2Qr
ktsZa2HioFmcqbvPRDioMkJNZDeoFnOP0w0a4msoOufLhRGeZuxlTRo04MMHAgMB
AAGjggIbMIICFzAdBgNVHQ4EFgQUtmXf1NOMT0qi4ZWvZyU4JXZ/dq8wHwYDVR0j
BBgwFoAUwjAq8UPBXarVAELYRV5onQgo7KkwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYTkzY2I1NWMtOTU3MS00NGM4LTkwZTEtOTY1YjkyNzY5
ZTRlLzAvQzIzMDJBRjE0M0MxNURBQUQ1MDA0MkQ4NDU1RTY4OUQwODI4RUNBOS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3dqQXE4VVBCWGFyVkFFTFlSVjVvblFn
bzdLay5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2E5M2NiNTVjLTk1NzEt
NDRjOC05MGUxLTk2NWI5Mjc2OWU0ZS8wL0FTMjA0NzMucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwMQYIKwYBBQUHAQcBAf8EIjAgMB4EAgABMBgDBACNCwkD
BACNCxoDBACNC0YDBACNC2QwDQYJKoZIhvcNAQELBQADggEBAGPfB8i3PyWrZxXk
eEOfvTMbQ3gXKAQoYxAbvA2QyasU6+c/Z92wmLLJTTm8T3SzS/m9rcPxvP5r1DYg
G/birY+AHuh5x6SmLx98d7BvfKDE44uM3bvobGCQtgimGW2O0e9/OUQUb4x1YuOG
RMKCl527uTVnGqoTKyJxk6tgkaNYMQkQnDmeqRFluETm5mYM1QRI0xGdriinHWvM
Tk+GaU8yKrc6SmmlZ7mh9H4RNzQO/1FjzpO5cP3T1Ttbs1iFWN1sR1oXgMJtf/V2
dQhBXbaYeJovGKvUCyHy5+QXypEDtp2Hut33OQZ5vxo6TUzCK60WGPmbbIpraPZc
0O8zyH4=
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:25:14 2025 by rpki-client