Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS20326.roa
File: AS20326.roa (raw, json)
Hash identifier: PRoyh6SQPg6zu+zyScFmALry5DUKhB/YfYWDop+5f9Y=
Subject key identifier: CE:A6:2E:14:22:06:44:86:85:9C:0E:56:42:FE:2C:75:D9:3B:C6:A6
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 6038C1CCB3158468EEFCB01EFEA10DE49DF9D27D
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS20326.roa
Signing time: Tue 05 May 2026 00:05:18 +0000
ROA not before: Tue 05 May 2026 00:00:18 +0000
ROA not after: Tue 04 May 2027 00:05:18 +0000
asID: 20326
IP address blocks: 96.62.200.0/21 maxlen: 24
167.148.198.0/24 maxlen: 24
167.148.204.0/24 maxlen: 24
167.148.207.0/24 maxlen: 24
167.148.210.0/24 maxlen: 24
168.222.116.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
60:38:c1:cc:b3:15:84:68:ee:fc:b0:1e:fe:a1:0d:e4:9d:f9:d2:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: May 5 00:00:18 2026 GMT
Not After : May 4 00:05:18 2027 GMT
Subject: CN=CEA62E1422064486859C0E5642FE2C75D93BC6A6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:36:78:28:86:44:5d:f6:94:53:d7:23:eb:a9:
b1:c2:08:11:57:d0:8f:bf:f1:86:0b:64:d4:71:08:
15:fb:6b:b6:d8:4a:f8:71:1a:11:d4:e4:a0:60:c8:
9e:e6:79:94:04:7c:63:bc:be:a3:d6:0c:56:b0:ee:
89:6a:6a:9c:cc:46:41:23:f6:e0:6f:46:ba:8e:5b:
d9:9d:03:7f:e1:b9:25:b1:46:31:35:72:12:ec:9b:
19:66:8b:42:9b:58:9a:c6:73:97:97:ae:1e:c6:37:
b1:2b:b8:18:6f:0e:81:9f:93:19:ea:75:7f:8f:3e:
57:cd:7a:fd:0a:96:7f:db:0e:6c:b7:ea:c5:5d:66:
a6:76:8d:df:42:c2:18:9c:95:55:94:4f:b3:5b:ab:
08:c4:cd:1b:17:26:2b:14:78:8c:df:6a:27:65:07:
8b:2d:43:a9:bb:f2:71:e1:f2:22:6c:2b:40:98:ce:
fd:a4:01:6b:4f:51:fb:08:8c:65:16:16:3e:b7:76:
6a:03:e1:a6:8c:76:f4:57:61:e5:99:a3:72:4d:19:
cf:ea:83:a7:30:bd:ff:a1:3c:4d:f7:62:63:70:46:
f9:6f:a4:2d:e3:3d:40:e7:d5:35:cd:a3:9e:4b:a9:
48:01:79:9c:83:19:1b:d5:39:a6:b8:23:f9:39:f8:
f2:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:A6:2E:14:22:06:44:86:85:9C:0E:56:42:FE:2C:75:D9:3B:C6:A6
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS20326.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
96.62.200.0/21
167.148.198.0/24
167.148.204.0/24
167.148.207.0/24
167.148.210.0/24
168.222.116.0/22
Signature Algorithm: sha256WithRSAEncryption
8e:dd:8f:cf:f9:2d:14:c9:14:dd:f5:b3:1b:74:32:3f:f5:22:
79:d5:ae:16:5e:c3:12:7b:28:b9:01:c7:f4:37:29:2d:6d:e2:
d6:25:57:c7:f5:37:1d:00:04:1a:7c:d1:05:9f:4a:31:aa:b5:
18:c4:b0:98:ae:84:e4:30:93:46:d0:eb:12:8a:db:62:5a:1b:
5e:ee:93:c3:ba:2d:17:93:92:62:65:48:a5:5a:80:76:e0:f6:
0f:f7:b2:a2:50:04:30:28:2a:ed:99:55:0e:71:ec:cf:14:88:
f7:f1:49:9e:ce:83:d0:32:80:45:1b:93:6f:bb:e6:4c:c1:71:
ab:63:28:4a:d7:82:39:7f:a3:06:f2:15:e1:f9:e6:56:d4:2c:
f0:b4:e5:49:e2:cf:ae:f9:b9:a6:57:18:80:c2:89:b9:19:11:
ec:9c:0a:03:d1:f5:54:5a:3f:ce:ad:3d:c2:0b:e8:49:a6:d3:
79:90:71:80:47:00:5e:27:d0:30:3c:d8:fa:bf:a5:52:ea:0e:
0c:5d:d7:90:69:9b:61:d1:1c:b6:8f:35:f4:b4:81:17:f6:1a:
0b:d4:e5:2b:f4:d4:a0:42:61:6d:1c:68:5e:37:99:e5:91:ba:
b1:61:b3:cc:c1:44:dd:b9:d0:a1:62:eb:a8:28:cc:cf:58:5f:
51:85:45:21
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgIUYDjBzLMVhGju/LAe/qEN5J350n0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNjA1MDUwMDAwMThaFw0yNzA1MDQwMDA1MThaMDMxMTAvBgNV
BAMTKENFQTYyRTE0MjIwNjQ0ODY4NTlDMEU1NjQyRkUyQzc1RDkzQkM2QTYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvNngohkRd9pRT1yPrqbHCCBFX
0I+/8YYLZNRxCBX7a7bYSvhxGhHU5KBgyJ7meZQEfGO8vqPWDFaw7olqapzMRkEj
9uBvRrqOW9mdA3/huSWxRjE1chLsmxlmi0KbWJrGc5eXrh7GN7EruBhvDoGfkxnq
dX+PPlfNev0Kln/bDmy36sVdZqZ2jd9CwhiclVWUT7NbqwjEzRsXJisUeIzfaidl
B4stQ6m78nHh8iJsK0CYzv2kAWtPUfsIjGUWFj63dmoD4aaMdvRXYeWZo3JNGc/q
g6cwvf+hPE33YmNwRvlvpC3jPUDn1TXNo55LqUgBeZyDGRvVOaa4I/k5+PJBAgMB
AAGjggInMIICIzAdBgNVHQ4EFgQUzqYuFCIGRIaFnA5WQv4sddk7xqYwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMjAzMjYucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwPQYIKwYBBQUHAQcBAf8ELjAsMCoEAgABMCQDBANgPsgD
BACnlMYDBACnlMwDBACnlM8DBACnlNIDBAKo3nQwDQYJKoZIhvcNAQELBQADggEB
AI7dj8/5LRTJFN31sxt0Mj/1InnVrhZewxJ7KLkBx/Q3KS1t4tYlV8f1Nx0ABBp8
0QWfSjGqtRjEsJiuhOQwk0bQ6xKK22JaG17uk8O6LReTkmJlSKVagHbg9g/3sqJQ
BDAoKu2ZVQ5x7M8UiPfxSZ7Og9AygEUbk2+75kzBcatjKErXgjl/owbyFeH55lbU
LPC05Uniz675uaZXGIDCibkZEeycCgPR9VRaP86tPcIL6Emm03mQcYBHAF4n0DA8
2Pq/pVLqDgxd15Bpm2HRHLaPNfS0gRf2GgvU5Sv01KBCYW0caF43meWRurFhs8zB
RN250KFi66gozM9YX1GFRSE=
-----END CERTIFICATE-----
Generated at Wed May 13 00:18:34 2026 by rpki-client