Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS20473.roa
File: AS20473.roa (raw, json)
Hash identifier: M4gLr6YYnw9Ex9xe2BY9GD01F9d9JwXw0vdCX9JPUc4=
Subject key identifier: 29:90:80:D1:49:FB:B0:44:2B:5C:C8:26:E9:06:2D:F1:64:62:B0:F1
Certificate issuer: /CN=c2302af143c15daad50042d8455e689d0828eca9
Certificate serial: 4192170C940BC76D6407CC2142C4CA6B453A0824
Authority key identifier: C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS20473.roa
Signing time: Wed 16 Apr 2025 02:47:00 +0000
ROA not before: Wed 16 Apr 2025 02:42:00 +0000
ROA not after: Wed 15 Apr 2026 02:47:00 +0000
asID: 20473
IP address blocks: 141.11.70.0/24 maxlen: 24
141.11.100.0/24 maxlen: 24
141.11.116.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.crl
rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.mft
rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 10 May 2025 02:36:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
41:92:17:0c:94:0b:c7:6d:64:07:cc:21:42:c4:ca:6b:45:3a:08:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2302af143c15daad50042d8455e689d0828eca9
Validity
Not Before: Apr 16 02:42:00 2025 GMT
Not After : Apr 15 02:47:00 2026 GMT
Subject: CN=299080D149FBB0442B5CC826E9062DF16462B0F1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:e6:1d:b9:0a:9e:77:b9:fc:fc:75:f8:15:a1:
e2:4c:90:b5:ef:63:09:a7:9e:5d:fd:66:41:25:b4:
19:0d:dc:83:61:b8:98:1c:cd:b7:c0:d9:14:22:58:
4a:cb:ac:95:9f:46:09:7f:6f:d9:a3:cb:41:84:fc:
34:6e:44:fa:e2:69:7c:e7:e1:3e:31:f5:a2:a2:8e:
12:c5:28:3e:5e:08:f4:5e:de:37:5b:97:b7:7a:3e:
49:ab:2f:74:44:8d:9e:19:9d:ab:be:6c:a0:40:23:
f6:4d:39:1f:10:d4:ab:88:4c:90:c3:f9:0d:d0:5c:
b5:cf:e9:d4:42:97:20:10:99:01:71:5f:db:4d:32:
ce:a8:47:e8:e1:5e:a3:09:6f:24:97:ee:68:7e:28:
c4:e4:8e:d7:42:79:72:71:b9:16:18:d0:cf:2d:c1:
83:77:06:fb:a1:9e:51:f7:27:76:45:e1:f7:4a:26:
05:6a:88:95:79:f8:85:5a:cc:21:86:f6:53:0c:57:
de:bc:71:d9:d8:54:65:7f:d5:0d:9c:03:04:f8:51:
81:67:71:a6:ad:1a:2f:a2:72:74:af:43:f5:6c:8e:
d3:6b:ba:a9:68:b7:99:83:a3:11:71:a1:d2:13:0e:
aa:1d:0e:d1:8a:87:0f:ed:29:9e:36:ac:84:b4:7f:
71:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:90:80:D1:49:FB:B0:44:2B:5C:C8:26:E9:06:2D:F1:64:62:B0:F1
X509v3 Authority Key Identifier:
keyid:C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS20473.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.11.70.0/24
141.11.100.0/24
141.11.116.0/24
Signature Algorithm: sha256WithRSAEncryption
69:e1:55:93:38:22:63:c6:96:34:28:da:f7:10:4c:7a:2b:84:
ef:16:77:20:6e:ea:03:b3:c6:1d:cf:77:0e:f2:73:6f:3e:9b:
dd:53:8e:da:01:42:1f:c5:5e:8f:bd:6b:9f:a2:1f:9c:d6:9b:
aa:94:fa:d7:dd:39:0f:5e:b6:b8:d9:54:12:17:97:75:2c:06:
b6:dc:ed:2c:8a:f7:bc:ef:e4:19:d0:7e:18:b4:10:89:e3:71:
19:6b:4e:30:40:db:52:e6:72:16:cc:aa:23:c4:0f:6f:92:12:
c7:d0:51:79:34:d4:e0:05:6d:7f:dc:52:74:ff:23:01:53:40:
f3:e5:87:c5:2b:6a:7e:7e:01:b3:7a:fa:24:f2:4f:57:f2:bd:
80:ed:30:bf:0a:ac:f2:fe:dd:73:94:3e:4f:75:63:bc:4f:b4:
6a:47:bd:c0:c6:5c:46:a0:49:4a:c5:4d:37:21:32:89:ae:9d:
e1:48:18:6b:a4:8f:3d:e3:ca:ca:7c:71:cd:0b:14:12:ac:a8:
74:a8:80:88:31:b8:54:23:68:70:c4:06:4e:e2:82:eb:09:a9:
62:31:e0:2a:91:f8:1e:64:d0:53:0d:b1:39:10:59:e4:17:88:
3f:47:06:05:50:59:19:57:16:ee:b9:d7:66:5c:3a:8b:a2:1d:
fd:61:d9:34
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgIUQZIXDJQLx21kB8whQsTKa0U6CCQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYzIzMDJhZjE0M2MxNWRhYWQ1MDA0MmQ4NDU1ZTY4OWQw
ODI4ZWNhOTAeFw0yNTA0MTYwMjQyMDBaFw0yNjA0MTUwMjQ3MDBaMDMxMTAvBgNV
BAMTKDI5OTA4MEQxNDlGQkIwNDQyQjVDQzgyNkU5MDYyREYxNjQ2MkIwRjEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDs5h25Cp53ufz8dfgVoeJMkLXv
Ywmnnl39ZkEltBkN3INhuJgczbfA2RQiWErLrJWfRgl/b9mjy0GE/DRuRPriaXzn
4T4x9aKijhLFKD5eCPRe3jdbl7d6PkmrL3REjZ4Znau+bKBAI/ZNOR8Q1KuITJDD
+Q3QXLXP6dRClyAQmQFxX9tNMs6oR+jhXqMJbySX7mh+KMTkjtdCeXJxuRYY0M8t
wYN3BvuhnlH3J3ZF4fdKJgVqiJV5+IVazCGG9lMMV968cdnYVGV/1Q2cAwT4UYFn
caatGi+icnSvQ/VsjtNruqlot5mDoxFxodITDqodDtGKhw/tKZ42rIS0f3HNAgMB
AAGjggIVMIICETAdBgNVHQ4EFgQUKZCA0Un7sEQrXMgm6QYt8WRisPEwHwYDVR0j
BBgwFoAUwjAq8UPBXarVAELYRV5onQgo7KkwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYTkzY2I1NWMtOTU3MS00NGM4LTkwZTEtOTY1YjkyNzY5
ZTRlLzAvQzIzMDJBRjE0M0MxNURBQUQ1MDA0MkQ4NDU1RTY4OUQwODI4RUNBOS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3dqQXE4VVBCWGFyVkFFTFlSVjVvblFn
bzdLay5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2E5M2NiNTVjLTk1NzEt
NDRjOC05MGUxLTk2NWI5Mjc2OWU0ZS8wL0FTMjA0NzMucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBIDBACNC0YD
BACNC2QDBACNC3QwDQYJKoZIhvcNAQELBQADggEBAGnhVZM4ImPGljQo2vcQTHor
hO8WdyBu6gOzxh3Pdw7yc28+m91TjtoBQh/FXo+9a5+iH5zWm6qU+tfdOQ9etrjZ
VBIXl3UsBrbc7SyK97zv5BnQfhi0EInjcRlrTjBA21LmchbMqiPED2+SEsfQUXk0
1OAFbX/cUnT/IwFTQPPlh8Uran5+AbN6+iTyT1fyvYDtML8KrPL+3XOUPk91Y7xP
tGpHvcDGXEagSUrFTTchMomuneFIGGukjz3jysp8cc0LFBKsqHSogIgxuFQjaHDE
Bk7igusJqWIx4CqR+B5k0FMNsTkQWeQXiD9HBgVQWRlXFu6512ZcOouiHf1h2TQ=
-----END CERTIFICATE-----
Generated at Fri May 9 16:30:04 2025 by rpki-client