Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS20473.roa
File: AS20473.roa (raw, json)
Hash identifier: sgC2iRFCktmvDQPb/hE0C5fX6AFjJwbA8CspHs0V2sg=
Subject key identifier: 26:74:03:EC:E5:20:06:40:92:4D:7C:51:B5:E1:3C:00:E4:9F:95:38
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 23FD71686E07502A41AAC401C3BE952E1159185E
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS20473.roa
Signing time: Wed 21 Aug 2024 11:00:36 +0000
ROA not before: Wed 21 Aug 2024 10:55:36 +0000
ROA not after: Wed 20 Aug 2025 11:00:36 +0000
asID: 20473
IP address blocks: 92.112.53.0/24 maxlen: 24
92.112.58.0/24 maxlen: 24
92.113.10.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
23:fd:71:68:6e:07:50:2a:41:aa:c4:01:c3:be:95:2e:11:59:18:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Aug 21 10:55:36 2024 GMT
Not After : Aug 20 11:00:36 2025 GMT
Subject: CN=267403ECE5200640924D7C51B5E13C00E49F9538
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:96:46:0e:3b:f9:4d:19:c8:50:04:72:26:e6:
c5:08:22:9b:2e:26:ab:bc:50:6c:be:75:b1:9d:87:
aa:fb:2a:0c:43:88:fa:0a:26:18:d5:2b:e5:cc:17:
90:39:28:31:64:fe:b6:82:42:68:39:30:a8:d4:8b:
e1:8c:be:c5:71:3e:c7:f6:99:71:4d:90:60:92:17:
7a:8e:05:85:44:7d:58:31:78:06:4f:72:5f:6a:16:
f7:10:bb:8b:c0:07:0e:f3:a2:30:95:93:f3:25:ba:
1d:55:0e:73:0d:cc:52:33:16:63:6b:6f:c2:10:81:
ad:6a:24:02:5f:14:c2:61:83:8b:0e:1a:ee:ce:7b:
f6:30:ff:0b:f2:a7:bf:67:4e:4c:b0:bc:22:46:8a:
5d:03:6c:c8:ff:40:19:63:a9:bc:7b:ec:b5:e5:8a:
4d:6e:6f:63:34:45:ea:35:8b:15:fd:c3:19:ef:3c:
42:90:c8:09:84:62:f3:3a:32:9d:06:fd:6a:35:85:
85:5b:70:4d:a7:ae:c1:9d:83:49:30:39:09:ab:3d:
af:bd:1b:43:5d:cc:b7:d2:46:b3:f6:70:5d:21:24:
28:e1:fe:19:32:89:58:dd:5f:27:af:00:ff:62:64:
22:3f:10:1e:db:3c:99:92:19:20:b9:40:83:1e:f2:
93:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:74:03:EC:E5:20:06:40:92:4D:7C:51:B5:E1:3C:00:E4:9F:95:38
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS20473.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.112.53.0/24
92.112.58.0/24
92.113.10.0/24
Signature Algorithm: sha256WithRSAEncryption
91:83:72:41:24:21:05:a1:3d:19:64:b1:38:a6:10:e1:b5:77:
f8:5d:0d:ea:5a:07:16:c4:cd:a5:7c:59:d0:e4:73:ce:a4:b0:
54:1a:94:00:44:f5:8d:3d:c3:90:9e:a1:6d:f6:1e:20:55:1f:
e1:90:5f:7f:6e:8d:00:5e:5e:1d:38:e5:93:ca:61:4d:3a:a5:
39:6d:89:2d:0b:90:cb:ad:16:53:9d:dd:0f:21:13:c1:f8:95:
e8:96:ba:42:91:31:db:46:98:74:b4:fb:bb:b6:e4:14:e4:5a:
8c:a4:83:8e:ef:d9:9e:f3:c7:b2:72:c2:0c:90:2f:f2:2b:83:
05:c0:43:0f:fc:33:29:11:86:3a:a2:5e:5f:e4:46:fd:b7:61:
b6:c2:22:29:8f:9a:05:3b:51:6d:c0:05:b2:f5:0d:50:ae:5d:
45:88:21:bd:50:22:11:ac:79:11:66:2f:cb:ae:0a:d2:67:c8:
8b:78:c4:5e:af:77:c6:ae:a6:31:d9:d5:f7:04:3b:07:09:95:
e2:ed:c5:58:59:aa:fe:9a:a0:e7:5d:c8:77:86:8d:ed:ec:a9:
7f:85:a0:c3:c6:39:03:ef:d2:17:3e:43:e8:8a:0e:fb:b8:6f:
3e:68:16:55:ca:03:7e:0c:66:de:06:9f:d3:78:11:69:c9:8b:
b7:53:d4:73
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgIUI/1xaG4HUCpBqsQBw76VLhFZGF4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNDA4MjExMDU1MzZaFw0yNTA4MjAxMTAwMzZaMDMxMTAvBgNV
BAMTKDI2NzQwM0VDRTUyMDA2NDA5MjREN0M1MUI1RTEzQzAwRTQ5Rjk1MzgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDXlkYOO/lNGchQBHIm5sUIIpsu
Jqu8UGy+dbGdh6r7KgxDiPoKJhjVK+XMF5A5KDFk/raCQmg5MKjUi+GMvsVxPsf2
mXFNkGCSF3qOBYVEfVgxeAZPcl9qFvcQu4vABw7zojCVk/Mluh1VDnMNzFIzFmNr
b8IQga1qJAJfFMJhg4sOGu7Oe/Yw/wvyp79nTkywvCJGil0DbMj/QBljqbx77LXl
ik1ub2M0Reo1ixX9wxnvPEKQyAmEYvM6Mp0G/Wo1hYVbcE2nrsGdg0kwOQmrPa+9
G0NdzLfSRrP2cF0hJCjh/hkyiVjdXyevAP9iZCI/EB7bPJmSGSC5QIMe8pOtAgMB
AAGjggIVMIICETAdBgNVHQ4EFgQUJnQD7OUgBkCSTXxRteE8AOSflTgwHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTMjA0NzMucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBIDBABccDUD
BABccDoDBABccQowDQYJKoZIhvcNAQELBQADggEBAJGDckEkIQWhPRlksTimEOG1
d/hdDepaBxbEzaV8WdDkc86ksFQalABE9Y09w5CeoW32HiBVH+GQX39ujQBeXh04
5ZPKYU06pTltiS0LkMutFlOd3Q8hE8H4leiWukKRMdtGmHS0+7u25BTkWoykg47v
2Z7zx7JywgyQL/IrgwXAQw/8MykRhjqiXl/kRv23YbbCIimPmgU7UW3ABbL1DVCu
XUWIIb1QIhGseRFmL8uuCtJnyIt4xF6vd8aupjHZ1fcEOwcJleLtxVhZqv6aoOdd
yHeGje3sqX+FoMPGOQPv0hc+Q+iKDvu4bz5oFlXKA34MZt4Gn9N4EWnJi7dT1HM=
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:40:00 2024 by rpki-client on console-ams.rpki-client.org