Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS20326.roa
File: AS20326.roa (raw, json)
Hash identifier: JOFMFX9At90l39k4ztHXnxyMbAZz4EwIEY/9YrHl3DY=
Subject key identifier: 50:3A:52:6E:31:71:0B:85:19:BF:0E:04:6D:F0:D9:93:3D:C0:2A:2B
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 5C4B26F9ED1E3D801371434DBEA1684C66A1D6CF
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS20326.roa
Signing time: Mon 11 Aug 2025 18:50:31 +0000
ROA not before: Mon 11 Aug 2025 18:45:31 +0000
ROA not after: Mon 10 Aug 2026 18:50:31 +0000
asID: 20326
IP address blocks: 96.62.200.0/21 maxlen: 24
143.14.138.0/23 maxlen: 23
167.148.80.0/21 maxlen: 24
167.148.198.0/24 maxlen: 24
167.148.204.0/24 maxlen: 24
167.148.207.0/24 maxlen: 24
167.148.210.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 14:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5c:4b:26:f9:ed:1e:3d:80:13:71:43:4d:be:a1:68:4c:66:a1:d6:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Aug 11 18:45:31 2025 GMT
Not After : Aug 10 18:50:31 2026 GMT
Subject: CN=503A526E31710B8519BF0E046DF0D9933DC02A2B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:44:c1:48:45:ba:b5:d8:06:21:ee:21:80:8a:
0f:2c:26:01:7a:b0:3b:81:20:c2:0c:90:1b:c4:66:
c5:04:fb:70:16:89:48:22:3e:1c:20:1b:9d:e0:63:
7c:af:e0:37:9c:ec:d7:04:0e:e6:ba:59:c4:f8:4f:
1e:58:bd:4b:b4:f9:39:fc:ef:94:7c:1d:36:63:1c:
c5:d2:82:e6:06:28:d4:1f:4a:5f:02:d7:56:b3:41:
fd:80:55:7e:45:05:63:ed:59:ad:2e:fb:55:7f:d3:
ff:49:b0:7f:3c:3c:c7:4e:ac:f1:5f:b1:f2:24:aa:
ed:8b:d7:25:b2:8f:ca:56:66:b2:aa:10:e5:ed:dd:
d5:12:d9:f2:d6:ec:f5:e6:7a:44:2b:18:ca:9d:e4:
16:4c:6a:cc:7b:f2:74:92:05:08:3d:ea:cd:c1:f2:
7b:59:5b:ef:7c:14:3b:e6:d2:c9:fc:9c:bf:24:d8:
37:52:f5:c4:d9:12:c6:f5:d7:09:0b:31:d1:bf:57:
7e:7f:4b:ed:0b:1b:63:95:eb:0f:a6:06:39:90:f0:
59:c9:4c:41:bf:e1:c2:85:61:a0:a2:39:26:95:15:
11:6f:a4:2f:d6:d9:d2:c2:07:08:11:83:ed:22:60:
0a:15:bf:96:c0:b7:51:47:be:e4:25:3d:0c:e9:30:
e0:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:3A:52:6E:31:71:0B:85:19:BF:0E:04:6D:F0:D9:93:3D:C0:2A:2B
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS20326.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
96.62.200.0/21
143.14.138.0/23
167.148.80.0/21
167.148.198.0/24
167.148.204.0/24
167.148.207.0/24
167.148.210.0/24
Signature Algorithm: sha256WithRSAEncryption
2b:35:ff:b3:d2:20:9a:b0:48:1b:1b:78:36:58:d6:65:99:df:
7d:7a:0e:29:ec:04:89:e0:72:58:a9:37:7c:f0:91:f3:13:93:
d5:d0:a3:5a:b0:5d:c8:1c:16:34:5b:0e:28:cc:1d:5f:fe:0f:
57:67:bc:cb:d3:de:fc:7b:6b:df:e0:cf:a5:30:93:8b:77:e0:
4f:d5:e7:f4:f6:6f:9e:7d:69:ef:75:c9:44:d4:6a:14:13:02:
99:29:73:0b:41:88:01:4a:f7:f6:3f:38:8f:6c:76:68:b1:22:
96:df:dc:24:cb:0f:b5:01:4c:ef:ef:44:52:bc:49:a0:c3:4d:
56:40:bf:28:ec:40:a7:51:3a:34:99:ba:d0:fd:64:b9:6d:49:
8e:d7:e3:6d:7d:c9:22:64:96:d4:74:47:dd:57:97:0f:fd:62:
96:50:c8:41:ac:df:9e:ff:75:16:b7:d1:d5:9e:17:3e:a2:5e:
7f:4a:29:a5:b4:81:b7:de:9f:38:2c:8a:bc:36:ec:5e:eb:f6:
92:0f:0c:11:e8:e6:ca:3b:f4:01:9a:28:06:c4:74:26:05:79:
38:e9:ae:63:7b:bc:f3:c0:ed:31:ad:75:b8:b8:ca:07:15:f5:
b5:7f:25:2e:c9:8f:fb:75:01:cc:bb:c9:c8:32:0a:e5:3e:13:
0c:21:4e:2c
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgIUXEsm+e0ePYATcUNNvqFoTGah1s8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTA4MTExODQ1MzFaFw0yNjA4MTAxODUwMzFaMDMxMTAvBgNV
BAMTKDUwM0E1MjZFMzE3MTBCODUxOUJGMEUwNDZERjBEOTkzM0RDMDJBMkIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCaRMFIRbq12AYh7iGAig8sJgF6
sDuBIMIMkBvEZsUE+3AWiUgiPhwgG53gY3yv4Dec7NcEDua6WcT4Tx5YvUu0+Tn8
75R8HTZjHMXSguYGKNQfSl8C11azQf2AVX5FBWPtWa0u+1V/0/9JsH88PMdOrPFf
sfIkqu2L1yWyj8pWZrKqEOXt3dUS2fLW7PXmekQrGMqd5BZMasx78nSSBQg96s3B
8ntZW+98FDvm0sn8nL8k2DdS9cTZEsb11wkLMdG/V35/S+0LG2OV6w+mBjmQ8FnJ
TEG/4cKFYaCiOSaVFRFvpC/W2dLCBwgRg+0iYAoVv5bAt1FHvuQlPQzpMOC7AgMB
AAGjggItMIICKTAdBgNVHQ4EFgQUUDpSbjFxC4UZvw4EbfDZkz3AKiswHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMjAzMjYucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwQwYIKwYBBQUHAQcBAf8ENDAyMDAEAgABMCoDBANgPsgD
BAGPDooDBAOnlFADBACnlMYDBACnlMwDBACnlM8DBACnlNIwDQYJKoZIhvcNAQEL
BQADggEBACs1/7PSIJqwSBsbeDZY1mWZ3316DinsBIngclipN3zwkfMTk9XQo1qw
XcgcFjRbDijMHV/+D1dnvMvT3vx7a9/gz6Uwk4t34E/V5/T2b559ae91yUTUahQT
ApkpcwtBiAFK9/Y/OI9sdmixIpbf3CTLD7UBTO/vRFK8SaDDTVZAvyjsQKdROjSZ
utD9ZLltSY7X4219ySJkltR0R91Xlw/9YpZQyEGs357/dRa30dWeFz6iXn9KKaW0
gbfenzgsirw27F7r9pIPDBHo5so79AGaKAbEdCYFeTjprmN7vPPA7TGtdbi4ygcV
9bV/JS7Jj/t1Acy7ycgyCuU+EwwhTiw=
-----END CERTIFICATE-----
Generated at Sun Aug 24 00:40:13 2025 by rpki-client