Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS20473.roa
File: AS20473.roa (raw, json)
Hash identifier: SpS+7vxgrk1aDRKaSWIp5z/1VwTCGELpK5ow3wcDEDQ=
Subject key identifier: 48:68:FD:64:82:63:F9:7C:6D:79:EE:F0:4B:EB:B1:8F:55:DB:51:33
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 792B8A8E1EBBD02C956A1EAB61635CD1D89DFBEE
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS20473.roa
Signing time: Thu 27 Feb 2025 04:09:23 +0000
ROA not before: Thu 27 Feb 2025 04:04:23 +0000
ROA not after: Thu 26 Feb 2026 04:09:23 +0000
asID: 20473
IP address blocks: 46.203.120.0/24 maxlen: 24
46.203.145.0/24 maxlen: 24
46.203.149.0/24 maxlen: 24
46.203.152.0/24 maxlen: 24
46.203.155.0/24 maxlen: 24
91.124.177.0/24 maxlen: 24
92.112.58.0/24 maxlen: 24
95.135.252.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
79:2b:8a:8e:1e:bb:d0:2c:95:6a:1e:ab:61:63:5c:d1:d8:9d:fb:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Feb 27 04:04:23 2025 GMT
Not After : Feb 26 04:09:23 2026 GMT
Subject: CN=4868FD648263F97C6D79EEF04BEBB18F55DB5133
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:be:f4:93:86:a6:d0:93:8e:f4:84:23:32:0d:
1c:e2:12:6b:7e:85:2d:8a:0c:93:07:52:97:d2:e5:
1f:d5:16:c6:31:35:6d:7a:60:75:59:f9:61:93:31:
aa:82:c4:71:5e:a8:bc:f0:82:d3:94:86:1e:34:bf:
35:0b:11:50:f4:d0:ac:6c:ff:e3:8a:4c:1f:e6:95:
50:78:5d:99:20:73:d6:ef:cf:e3:01:17:a4:02:1e:
d4:2f:0c:89:78:79:bc:e6:b8:aa:ce:bb:05:09:98:
63:ef:30:18:87:ff:5f:84:ac:b8:d3:9b:5b:47:3c:
63:7b:ce:f7:85:c0:7d:95:62:7c:70:d8:0f:bc:a8:
10:e5:2f:5e:23:93:31:c9:b1:c5:7f:44:3e:f8:9c:
0c:ad:16:c6:d9:bb:56:84:2d:b3:83:1c:fc:b4:a3:
8e:9f:ab:40:da:72:8e:e5:99:1d:75:5a:ca:79:04:
59:7d:4f:42:12:2c:f8:fd:2b:ab:b6:36:f8:34:81:
74:41:94:46:6a:ab:62:0e:e5:00:39:ab:a4:10:9b:
62:0f:35:d8:58:b9:f1:af:09:70:d3:63:25:0c:58:
d0:68:4f:c9:4a:36:02:e5:55:34:fb:23:c4:6c:64:
5a:64:5f:f5:a1:a3:16:08:c0:2c:db:84:b0:58:e6:
a9:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:68:FD:64:82:63:F9:7C:6D:79:EE:F0:4B:EB:B1:8F:55:DB:51:33
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS20473.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.203.120.0/24
46.203.145.0/24
46.203.149.0/24
46.203.152.0/24
46.203.155.0/24
91.124.177.0/24
92.112.58.0/24
95.135.252.0/24
Signature Algorithm: sha256WithRSAEncryption
65:c5:d7:c0:48:69:ea:f2:60:67:01:f3:bd:a5:3e:96:04:8c:
97:61:e9:7b:9a:d3:8c:bd:d9:bc:0e:5c:81:bf:83:72:38:bf:
fd:40:6a:d3:c8:3c:fb:f2:11:5c:f6:2f:1d:68:88:b0:5f:de:
8c:55:fc:a1:09:6e:90:e3:9f:b5:77:75:a7:2d:87:9f:f1:9a:
a1:fb:d9:74:0a:b3:37:1d:49:55:0e:45:bd:38:fd:e7:1d:76:
88:d4:ab:54:73:e6:4f:86:4a:44:1d:21:b3:ef:7e:93:d3:11:
4c:0b:6c:ec:30:57:e0:ac:08:0d:14:88:fe:64:51:17:32:c5:
bc:07:eb:a4:43:bb:39:bb:66:76:ca:88:dd:3a:6b:74:30:93:
1f:9d:54:97:dd:ed:9a:b6:65:c5:7c:10:5a:25:ee:68:1f:24:
c9:bc:df:06:bc:b4:2d:2e:c6:be:21:4d:c7:b5:43:a5:25:a0:
67:47:65:01:5d:de:39:e0:48:1d:41:f7:1e:bb:32:b2:61:05:
45:79:cd:f6:4a:ca:92:18:0d:87:c0:dd:37:e2:98:a7:cf:08:
87:f0:80:c6:71:02:ba:74:67:0f:fa:2e:f4:28:dc:f5:6e:06:
c5:91:1e:74:7a:8c:3c:b6:eb:28:48:9c:30:aa:e9:ba:66:0b:
90:bc:9f:f8
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgIUeSuKjh670CyVah6rYWNc0did++4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNTAyMjcwNDA0MjNaFw0yNjAyMjYwNDA5MjNaMDMxMTAvBgNV
BAMTKDQ4NjhGRDY0ODI2M0Y5N0M2RDc5RUVGMDRCRUJCMThGNTVEQjUxMzMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQChvvSThqbQk470hCMyDRziEmt+
hS2KDJMHUpfS5R/VFsYxNW16YHVZ+WGTMaqCxHFeqLzwgtOUhh40vzULEVD00Kxs
/+OKTB/mlVB4XZkgc9bvz+MBF6QCHtQvDIl4ebzmuKrOuwUJmGPvMBiH/1+ErLjT
m1tHPGN7zveFwH2VYnxw2A+8qBDlL14jkzHJscV/RD74nAytFsbZu1aELbODHPy0
o46fq0Daco7lmR11Wsp5BFl9T0ISLPj9K6u2Nvg0gXRBlEZqq2IO5QA5q6QQm2IP
NdhYufGvCXDTYyUMWNBoT8lKNgLlVTT7I8RsZFpkX/WhoxYIwCzbhLBY5qltAgMB
AAGjggIzMIICLzAdBgNVHQ4EFgQUSGj9ZIJj+Xxtee7wS+uxj1XbUTMwHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTMjA0NzMucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwSQYIKwYBBQUHAQcBAf8EOjA4MDYEAgABMDADBAAuy3gD
BAAuy5EDBAAuy5UDBAAuy5gDBAAuy5sDBABbfLEDBABccDoDBABfh/wwDQYJKoZI
hvcNAQELBQADggEBAGXF18BIaeryYGcB872lPpYEjJdh6Xua04y92bwOXIG/g3I4
v/1AatPIPPvyEVz2Lx1oiLBf3oxV/KEJbpDjn7V3dacth5/xmqH72XQKszcdSVUO
Rb04/ecddojUq1Rz5k+GSkQdIbPvfpPTEUwLbOwwV+CsCA0UiP5kURcyxbwH66RD
uzm7ZnbKiN06a3Qwkx+dVJfd7Zq2ZcV8EFol7mgfJMm83wa8tC0uxr4hTce1Q6Ul
oGdHZQFd3jngSB1B9x67MrJhBUV5zfZKypIYDYfA3TfimKfPCIfwgMZxArp0Zw/6
LvQo3PVuBsWRHnR6jDy26yhInDCq6bpmC5C8n/g=
-----END CERTIFICATE-----
Generated at Tue Apr 8 12:08:49 2025 by rpki-client