Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS20473.roa
File: AS20473.roa (raw, json)
Hash identifier: xuzBuTI0TulbAafG4py8JNu6N6g/l8sL5VPeTuIqCQY=
Subject key identifier: 88:2C:D7:4E:FA:03:2D:33:C6:17:7F:EA:54:9A:AA:1E:4F:CA:BF:DE
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 182EB00008C131FF6FA3A9E70A4645514C37B41B
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS20473.roa
Signing time: Mon 26 May 2025 07:38:13 +0000
ROA not before: Mon 26 May 2025 07:33:13 +0000
ROA not after: Mon 25 May 2026 07:38:13 +0000
asID: 20473
IP address blocks: 91.124.80.0/24 maxlen: 24
91.124.126.0/24 maxlen: 24
91.124.177.0/24 maxlen: 24
92.112.58.0/24 maxlen: 24
92.112.147.0/24 maxlen: 24
95.135.110.0/24 maxlen: 24
95.135.117.0/24 maxlen: 24
95.135.124.0/24 maxlen: 24
95.135.249.0/24 maxlen: 24
95.135.252.0/24 maxlen: 24
178.93.118.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Jun 2025 05:45:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
18:2e:b0:00:08:c1:31:ff:6f:a3:a9:e7:0a:46:45:51:4c:37:b4:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: May 26 07:33:13 2025 GMT
Not After : May 25 07:38:13 2026 GMT
Subject: CN=882CD74EFA032D33C6177FEA549AAA1E4FCABFDE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:56:a2:bb:f6:58:3c:3c:fe:38:1d:0d:53:dd:
4c:2b:d9:11:d1:9c:1b:ca:c4:63:72:36:92:e7:02:
57:54:dd:ba:e9:02:70:3a:84:d6:f9:03:e5:cd:5b:
28:a2:ff:f4:fd:b7:cd:3b:29:be:03:2c:df:50:cb:
b3:7b:2d:d5:d9:2d:50:c1:22:26:76:12:56:bf:bc:
ba:2a:4b:a6:d8:0c:fd:40:11:e1:54:f6:c6:d1:46:
3b:aa:8c:3e:9e:c1:6c:42:5f:bd:03:ac:17:c0:b3:
2f:21:08:a5:9c:9e:38:2f:07:00:9e:e9:cb:e0:3f:
56:42:1b:c5:fe:d1:94:9b:87:ce:85:ee:d8:b4:e6:
ab:70:02:c1:89:0c:50:fd:78:f7:ec:26:c2:b8:5f:
93:fb:59:31:8f:c2:fa:c2:85:49:1c:27:a6:fb:68:
7f:1a:02:6c:06:fd:9e:73:bb:8e:ca:c3:8d:e3:a3:
43:42:26:56:5e:1d:d1:c7:90:5c:f2:ed:c0:cd:2d:
04:33:22:e9:37:4b:3c:e9:a0:80:a0:25:b2:54:0b:
88:4f:2d:32:68:f6:9a:87:25:c7:9c:9c:0e:78:8f:
fe:77:e4:4f:10:c4:19:e1:bc:9d:ac:61:72:b9:76:
75:76:5e:e7:f4:66:fb:be:2e:6f:a0:cc:20:3f:11:
74:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:2C:D7:4E:FA:03:2D:33:C6:17:7F:EA:54:9A:AA:1E:4F:CA:BF:DE
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS20473.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.124.80.0/24
91.124.126.0/24
91.124.177.0/24
92.112.58.0/24
92.112.147.0/24
95.135.110.0/24
95.135.117.0/24
95.135.124.0/24
95.135.249.0/24
95.135.252.0/24
178.93.118.0/24
Signature Algorithm: sha256WithRSAEncryption
6b:d9:bb:2a:e2:57:f7:21:3f:6f:77:b7:6b:37:77:7d:c9:de:
48:4e:13:63:44:a4:54:08:8d:04:d2:44:67:f1:1b:ca:d5:8e:
6a:92:5c:ae:d7:72:b6:80:19:68:f0:db:e0:69:b2:1b:d9:c7:
f1:34:c5:dd:9b:45:94:87:b8:1b:c3:74:33:02:6b:4f:18:b4:
6b:22:be:f5:9b:8c:50:fc:e0:6f:3c:fa:fe:d4:d2:65:7f:31:
63:57:c4:0e:23:0f:b3:1e:ba:7e:61:45:c5:ea:fc:ad:b1:d2:
aa:a9:bc:9a:b4:29:5e:20:b6:58:8c:7a:63:fe:dc:0c:e6:a4:
09:9e:e4:df:f8:29:2a:ed:88:ed:5a:50:b7:10:99:90:0f:e6:
af:95:35:5a:14:bf:d1:1b:db:cf:68:b1:01:17:e3:e2:2d:89:
0a:00:45:da:e7:23:4f:f1:43:d8:04:87:49:56:4f:16:d6:83:
4f:3b:87:b7:c8:2a:e8:30:70:14:13:53:83:d7:d6:b5:26:e1:
75:e4:4b:b0:36:18:b1:b8:87:52:a6:52:c1:1b:b8:cf:aa:dd:
05:fc:76:d2:7f:56:e8:e2:72:3b:cc:df:0b:7b:d8:36:47:b1:
6b:55:8a:54:89:07:43:97:a9:b5:4c:4e:34:7f:eb:6f:4b:5e:
59:53:ff:fc
-----BEGIN CERTIFICATE-----
MIIFOzCCBCOgAwIBAgIUGC6wAAjBMf9vo6nnCkZFUUw3tBswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNTA1MjYwNzMzMTNaFw0yNjA1MjUwNzM4MTNaMDMxMTAvBgNV
BAMTKDg4MkNENzRFRkEwMzJEMzNDNjE3N0ZFQTU0OUFBQTFFNEZDQUJGREUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDqVqK79lg8PP44HQ1T3Uwr2RHR
nBvKxGNyNpLnAldU3brpAnA6hNb5A+XNWyii//T9t807Kb4DLN9Qy7N7LdXZLVDB
IiZ2Ela/vLoqS6bYDP1AEeFU9sbRRjuqjD6ewWxCX70DrBfAsy8hCKWcnjgvBwCe
6cvgP1ZCG8X+0ZSbh86F7ti05qtwAsGJDFD9ePfsJsK4X5P7WTGPwvrChUkcJ6b7
aH8aAmwG/Z5zu47Kw43jo0NCJlZeHdHHkFzy7cDNLQQzIuk3SzzpoICgJbJUC4hP
LTJo9pqHJcecnA54j/535E8QxBnhvJ2sYXK5dnV2Xuf0Zvu+Lm+gzCA/EXTxAgMB
AAGjggJFMIICQTAdBgNVHQ4EFgQUiCzXTvoDLTPGF3/qVJqqHk/Kv94wHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTMjA0NzMucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwWwYIKwYBBQUHAQcBAf8ETDBKMEgEAgABMEIDBABbfFAD
BABbfH4DBABbfLEDBABccDoDBABccJMDBABfh24DBABfh3UDBABfh3wDBABfh/kD
BABfh/wDBACyXXYwDQYJKoZIhvcNAQELBQADggEBAGvZuyriV/chP293t2s3d33J
3khOE2NEpFQIjQTSRGfxG8rVjmqSXK7XcraAGWjw2+BpshvZx/E0xd2bRZSHuBvD
dDMCa08YtGsivvWbjFD84G88+v7U0mV/MWNXxA4jD7Meun5hRcXq/K2x0qqpvJq0
KV4gtliMemP+3AzmpAme5N/4KSrtiO1aULcQmZAP5q+VNVoUv9Eb289osQEX4+It
iQoARdrnI0/xQ9gEh0lWTxbWg087h7fIKugwcBQTU4PX1rUm4XXkS7A2GLG4h1Km
UsEbuM+q3QX8dtJ/VujicjvM3wt72DZHsWtVilSJB0OXqbVMTjR/629LXllT//w=
-----END CERTIFICATE-----
Generated at Mon Jun 2 16:27:35 2025 by rpki-client