Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS20473.roa
File: AS20473.roa (raw, json)
Hash identifier: tkg65nqzHBwT0SGuL1JIRthEp5YgETX2wRdutrheqAI=
Subject key identifier: 7A:23:CF:A5:7F:C8:3C:29:34:6D:EE:A6:35:83:B3:B9:B9:82:3E:B6
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 70AD44B0ECF00CE6EED6774BA5506D45252F931A
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS20473.roa
Signing time: Mon 01 Sep 2025 00:13:03 +0000
ROA not before: Mon 01 Sep 2025 00:08:03 +0000
ROA not after: Mon 31 Aug 2026 00:13:03 +0000
asID: 20473
IP address blocks: 91.124.80.0/24 maxlen: 24
91.124.126.0/24 maxlen: 24
92.112.147.0/24 maxlen: 24
95.135.110.0/24 maxlen: 24
95.135.117.0/24 maxlen: 24
95.135.124.0/24 maxlen: 24
95.135.192.0/24 maxlen: 24
95.135.249.0/24 maxlen: 24
178.92.48.0/24 maxlen: 24
178.92.52.0/24 maxlen: 24
178.92.83.0/24 maxlen: 24
178.92.88.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Sep 2025 11:00:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
70:ad:44:b0:ec:f0:0c:e6:ee:d6:77:4b:a5:50:6d:45:25:2f:93:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Sep 1 00:08:03 2025 GMT
Not After : Aug 31 00:13:03 2026 GMT
Subject: CN=7A23CFA57FC83C29346DEEA63583B3B9B9823EB6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:7f:6d:79:d3:f2:42:ee:df:55:25:a2:0e:b7:
f6:aa:50:da:d9:60:f1:1d:b8:8c:4f:ce:7b:10:03:
fe:a1:e7:8e:1b:57:65:bc:f5:c2:3f:72:76:b7:50:
a7:3c:5c:fb:9c:67:0a:a4:4a:1e:16:77:9d:f9:5a:
7e:5a:e0:59:8c:17:a6:51:72:15:98:97:61:f3:c0:
d0:be:37:14:f3:33:72:b4:fb:53:dc:74:0e:59:fa:
fe:3c:64:62:7d:2f:55:d7:7d:e4:3b:cc:46:cc:ff:
f9:e5:c6:60:72:6e:44:b9:a4:48:68:7f:19:a7:fe:
03:ba:4c:c8:80:56:78:1f:3a:da:0c:db:d4:0d:94:
4b:a7:31:70:30:ae:b1:fa:e8:1b:42:5a:67:20:47:
1c:b9:3e:63:00:c0:0d:de:8f:32:d3:99:6f:e7:61:
c4:4b:f2:f0:02:68:cc:c2:a8:d0:2f:25:f5:db:39:
8a:60:81:ce:8f:30:a6:9d:c5:5a:65:08:f7:f5:b8:
3c:cf:35:a7:b1:b7:ad:ca:ef:6d:62:e0:de:09:f0:
ab:4a:37:a7:39:cd:c4:8d:1e:c1:7e:e3:66:b4:77:
24:68:2e:28:9b:6a:a5:8d:de:c8:20:fb:7c:7d:f8:
d1:51:92:ed:29:72:55:eb:15:bc:07:69:ea:fa:83:
cf:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:23:CF:A5:7F:C8:3C:29:34:6D:EE:A6:35:83:B3:B9:B9:82:3E:B6
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS20473.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.124.80.0/24
91.124.126.0/24
92.112.147.0/24
95.135.110.0/24
95.135.117.0/24
95.135.124.0/24
95.135.192.0/24
95.135.249.0/24
178.92.48.0/24
178.92.52.0/24
178.92.83.0/24
178.92.88.0/24
Signature Algorithm: sha256WithRSAEncryption
93:c8:66:eb:4c:d1:30:0f:67:d8:c9:c0:04:d9:78:a2:bd:9f:
f3:34:fd:b7:53:a9:07:64:83:3c:8d:c9:99:cb:b4:6c:e1:4b:
cc:78:66:b2:49:05:e4:91:d7:2c:e9:1c:4e:ba:9b:3c:93:d8:
43:a7:ba:48:55:f4:07:1a:47:24:ba:7e:98:c6:2a:3d:b2:44:
f4:f4:ed:12:9c:02:ae:fb:e1:b0:ba:ee:c8:1e:cb:b3:24:dc:
01:9c:61:8c:48:9a:85:19:86:fa:05:9a:38:41:4d:1c:3a:cf:
0e:de:e2:69:fd:99:ca:80:e7:13:8c:a8:d2:6d:94:b7:37:a6:
17:f0:e6:56:f4:97:94:15:19:59:ba:09:5a:ec:c1:dc:e2:0a:
6b:ef:ce:fa:5f:24:c5:fc:74:09:1f:46:09:4e:4b:4a:79:8a:
39:7a:2d:17:f3:86:45:2f:de:d3:2e:6c:eb:ef:7c:51:a5:d8:
23:f3:b9:59:2f:c8:9a:a4:ce:a3:ce:40:9a:02:1d:2f:8d:ed:
67:bd:67:40:fe:b0:d4:7d:8a:08:ca:cc:62:40:6f:de:d0:e4:
c7:8a:bf:8d:aa:6a:dc:1a:3b:82:c8:a8:01:28:44:e1:44:a4:
6d:1e:49:e3:49:91:d9:54:66:84:38:d1:f6:ca:fc:7e:e5:2d:
bf:f4:20:81
-----BEGIN CERTIFICATE-----
MIIFQTCCBCmgAwIBAgIUcK1EsOzwDObu1ndLpVBtRSUvkxowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNTA5MDEwMDA4MDNaFw0yNjA4MzEwMDEzMDNaMDMxMTAvBgNV
BAMTKDdBMjNDRkE1N0ZDODNDMjkzNDZERUVBNjM1ODNCM0I5Qjk4MjNFQjYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC7f2150/JC7t9VJaIOt/aqUNrZ
YPEduIxPznsQA/6h544bV2W89cI/cna3UKc8XPucZwqkSh4Wd535Wn5a4FmMF6ZR
chWYl2HzwNC+NxTzM3K0+1PcdA5Z+v48ZGJ9L1XXfeQ7zEbM//nlxmBybkS5pEho
fxmn/gO6TMiAVngfOtoM29QNlEunMXAwrrH66BtCWmcgRxy5PmMAwA3ejzLTmW/n
YcRL8vACaMzCqNAvJfXbOYpggc6PMKadxVplCPf1uDzPNaext63K721i4N4J8KtK
N6c5zcSNHsF+42a0dyRoLiibaqWN3sgg+3x9+NFRku0pclXrFbwHaer6g8+3AgMB
AAGjggJLMIICRzAdBgNVHQ4EFgQUeiPPpX/IPCk0be6mNYOzubmCPrYwHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTMjA0NzMucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwYQYIKwYBBQUHAQcBAf8EUjBQME4EAgABMEgDBABbfFAD
BABbfH4DBABccJMDBABfh24DBABfh3UDBABfh3wDBABfh8ADBABfh/kDBACyXDAD
BACyXDQDBACyXFMDBACyXFgwDQYJKoZIhvcNAQELBQADggEBAJPIZutM0TAPZ9jJ
wATZeKK9n/M0/bdTqQdkgzyNyZnLtGzhS8x4ZrJJBeSR1yzpHE66mzyT2EOnukhV
9AcaRyS6fpjGKj2yRPT07RKcAq774bC67sgey7Mk3AGcYYxImoUZhvoFmjhBTRw6
zw7e4mn9mcqA5xOMqNJtlLc3phfw5lb0l5QVGVm6CVrswdziCmvvzvpfJMX8dAkf
RglOS0p5ijl6LRfzhkUv3tMubOvvfFGl2CPzuVkvyJqkzqPOQJoCHS+N7We9Z0D+
sNR9igjKzGJAb97Q5MeKv42qatwaO4LIqAEoROFEpG0eSeNJkdlUZoQ40fbK/H7l
Lb/0IIE=
-----END CERTIFICATE-----
Generated at Sat Sep 13 19:43:22 2025 by rpki-client