Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS20473.roa
File: AS20473.roa (raw, json)
Hash identifier: YUKcU8zLX43g+lfaVFFpUqjRXLoxqo7Z4A9qlyiysyQ=
Subject key identifier: A6:07:AB:6D:C4:F8:60:D4:A1:6E:BF:83:5D:82:8D:16:DA:FD:70:43
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 08834B093242854E4725E034D5BD3EF107D8C99B
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS20473.roa
Signing time: Fri 09 May 2025 01:44:51 +0000
ROA not before: Fri 09 May 2025 01:39:51 +0000
ROA not after: Fri 08 May 2026 01:44:51 +0000
asID: 20473
IP address blocks: 148.135.172.0/24 maxlen: 24
150.241.208.0/24 maxlen: 24
150.241.216.0/21 maxlen: 24
150.241.234.0/24 maxlen: 24
155.117.88.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 10 May 2025 16:09:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
08:83:4b:09:32:42:85:4e:47:25:e0:34:d5:bd:3e:f1:07:d8:c9:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: May 9 01:39:51 2025 GMT
Not After : May 8 01:44:51 2026 GMT
Subject: CN=A607AB6DC4F860D4A16EBF835D828D16DAFD7043
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:1c:b5:e8:20:dd:5a:9e:b1:57:40:36:bf:fa:
84:5a:df:99:44:11:5f:b0:a1:33:32:df:af:21:1a:
84:8f:7c:6b:ef:fc:3b:87:c8:d5:6b:a0:2d:35:77:
40:76:93:63:e2:1f:cb:99:03:a2:63:65:88:ff:a2:
0d:b6:f1:48:cf:3d:ac:7d:c8:02:d7:5c:be:28:03:
20:bc:5e:c5:1a:b4:98:25:6b:38:52:a0:5f:2f:28:
97:63:7d:4f:b5:12:6f:8a:a6:d4:12:87:fb:c5:0a:
d2:57:a2:03:25:b7:93:ba:10:60:e8:1e:fa:d2:d5:
b1:56:d8:c5:7c:1c:78:23:c6:a0:35:38:fa:4e:31:
a2:d6:82:06:27:7a:5c:d4:ab:f3:d9:09:ff:56:28:
d2:8a:3c:f8:aa:d9:39:93:af:c4:e7:fe:f1:e9:03:
73:e3:53:e4:4b:49:08:8a:4e:27:72:19:79:9d:f8:
cf:19:98:79:9b:a9:2a:06:11:c9:53:e0:f4:49:82:
c5:bb:e6:c4:57:b6:7f:c0:f9:e1:54:6a:12:04:97:
02:e7:0a:cb:e7:8d:69:69:c3:ad:f9:37:1c:b3:ac:
bb:6d:39:0b:5a:26:72:da:f1:d4:75:e4:61:71:16:
ed:4f:d8:6b:9c:17:b9:e7:d6:c9:bf:39:dd:ea:31:
0f:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:07:AB:6D:C4:F8:60:D4:A1:6E:BF:83:5D:82:8D:16:DA:FD:70:43
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS20473.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
148.135.172.0/24
150.241.208.0/24
150.241.216.0/21
150.241.234.0/24
155.117.88.0/23
Signature Algorithm: sha256WithRSAEncryption
0c:d5:78:70:f7:36:78:c7:aa:13:79:06:32:c4:ce:64:d0:b4:
7a:d8:d1:81:92:f6:67:59:4a:a5:77:8e:00:86:ed:6d:49:ac:
97:71:c7:72:c3:d5:80:c1:c8:d7:e5:4c:6c:92:96:61:99:89:
7a:6e:1f:1d:d7:78:d0:fa:ba:8b:a4:69:21:41:99:b3:f7:cf:
2e:44:5d:16:86:72:dc:9f:0c:65:03:98:8c:75:94:5f:37:b4:
11:dd:de:68:26:c7:45:06:67:c3:a8:e4:56:fe:07:e1:32:06:
86:ab:ca:8b:a2:6d:7b:1e:82:32:d2:60:16:3a:60:14:a2:3d:
81:4d:9a:15:d9:7b:96:93:e0:3d:b0:a2:33:21:9a:54:62:1f:
06:8a:bf:01:b9:e1:f0:38:5c:ae:84:f7:a0:c4:49:4c:6e:7d:
28:2c:f7:6a:45:b0:ae:79:45:8d:0b:9a:6d:cf:fb:5e:c7:3b:
96:1c:5d:7f:96:c2:e2:d1:83:1f:57:d7:d0:c0:ec:61:d4:f8:
d8:19:c3:72:89:f7:5f:fe:55:ec:91:2c:56:16:04:4e:48:5c:
89:28:da:f6:82:4c:b8:c7:57:e0:71:b4:1d:2f:93:99:49:99:
d1:07:56:cc:37:5e:0d:39:99:0c:80:8a:f7:cd:35:e4:9c:ca:
35:65:ee:1a
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgIUCINLCTJChU5HJeA01b0+8QfYyZswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTA1MDkwMTM5NTFaFw0yNjA1MDgwMTQ0NTFaMDMxMTAvBgNV
BAMTKEE2MDdBQjZEQzRGODYwRDRBMTZFQkY4MzVEODI4RDE2REFGRDcwNDMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0HLXoIN1anrFXQDa/+oRa35lE
EV+woTMy368hGoSPfGvv/DuHyNVroC01d0B2k2PiH8uZA6JjZYj/og228UjPPax9
yALXXL4oAyC8XsUatJglazhSoF8vKJdjfU+1Em+KptQSh/vFCtJXogMlt5O6EGDo
HvrS1bFW2MV8HHgjxqA1OPpOMaLWggYnelzUq/PZCf9WKNKKPPiq2TmTr8Tn/vHp
A3PjU+RLSQiKTidyGXmd+M8ZmHmbqSoGEclT4PRJgsW75sRXtn/A+eFUahIElwLn
CsvnjWlpw635NxyzrLttOQtaJnLa8dR15GFxFu1P2GucF7nn1sm/Od3qMQ8xAgMB
AAGjggIhMIICHTAdBgNVHQ4EFgQUpgerbcT4YNShbr+DXYKNFtr9cEMwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMjA0NzMucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwNwYIKwYBBQUHAQcBAf8EKDAmMCQEAgABMB4DBACUh6wD
BACW8dADBAOW8dgDBACW8eoDBAGbdVgwDQYJKoZIhvcNAQELBQADggEBAAzVeHD3
NnjHqhN5BjLEzmTQtHrY0YGS9mdZSqV3jgCG7W1JrJdxx3LD1YDByNflTGySlmGZ
iXpuHx3XeND6uoukaSFBmbP3zy5EXRaGctyfDGUDmIx1lF83tBHd3mgmx0UGZ8Oo
5Fb+B+EyBoaryouibXsegjLSYBY6YBSiPYFNmhXZe5aT4D2wojMhmlRiHwaKvwG5
4fA4XK6E96DESUxufSgs92pFsK55RY0Lmm3P+17HO5YcXX+WwuLRgx9X19DA7GHU
+NgZw3KJ91/+VeyRLFYWBE5IXIko2vaCTLjHV+BxtB0vk5lJmdEHVsw3Xg05mQyA
ivfNNeScyjVl7ho=
-----END CERTIFICATE-----
Generated at Sat May 10 08:19:15 2025 by rpki-client