Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS20115.roa
File: AS20115.roa (raw, json)
Hash identifier: x8iQLmpGNs0FXlpWCCLsxg71xvj5YnQzXE3wOv9EWwg=
Subject key identifier: BB:75:45:D1:ED:38:8C:13:AB:7B:DB:80:27:51:02:90:DA:68:94:89
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 37B873EF5699FE6F753D070BA6AA60EAED7E48BF
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS20115.roa
Signing time: Mon 18 Aug 2025 19:04:16 +0000
ROA not before: Mon 18 Aug 2025 18:59:16 +0000
ROA not after: Mon 17 Aug 2026 19:04:16 +0000
asID: 20115
IP address blocks: 82.21.138.0/24 maxlen: 24
82.22.136.0/22 maxlen: 24
82.22.190.0/24 maxlen: 24
82.23.140.0/23 maxlen: 24
82.23.152.0/21 maxlen: 24
82.23.162.0/23 maxlen: 24
82.24.0.0/22 maxlen: 24
82.24.31.0/24 maxlen: 24
82.24.36.0/22 maxlen: 24
82.24.112.0/23 maxlen: 24
82.26.174.0/24 maxlen: 24
82.27.144.0/20 maxlen: 24
82.29.30.0/23 maxlen: 24
82.29.144.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 14:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
37:b8:73:ef:56:99:fe:6f:75:3d:07:0b:a6:aa:60:ea:ed:7e:48:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Aug 18 18:59:16 2025 GMT
Not After : Aug 17 19:04:16 2026 GMT
Subject: CN=BB7545D1ED388C13AB7BDB8027510290DA689489
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:f4:37:01:e7:4f:49:09:2f:ec:f6:9e:4f:ba:
38:db:50:d0:b2:82:b5:f0:9a:6c:61:4d:df:0e:ac:
af:29:41:24:ce:7f:1b:35:fc:6f:6e:f1:e0:20:e0:
30:53:0f:3e:e5:87:54:dc:06:94:d6:d8:71:e8:91:
d0:f3:ff:52:cd:b0:40:b9:6f:b7:5f:57:aa:bf:e8:
6c:be:5b:86:17:fc:0f:ba:aa:51:4e:2f:98:dc:09:
63:79:8a:33:50:b1:56:7f:12:7e:b9:a7:a9:b7:33:
2a:7b:1f:c1:ac:03:35:2f:5b:aa:a1:8d:a2:a7:af:
56:0e:0f:34:8a:67:73:1c:6b:2d:f3:bd:95:2f:8f:
f6:40:66:8a:fe:1c:4c:93:08:d7:3c:1e:18:21:77:
70:92:a9:3d:a1:e2:a4:84:79:3a:90:33:ef:78:ee:
63:cc:d2:85:c3:cf:3b:2a:11:5b:11:60:20:f5:c0:
0d:4c:69:c3:5e:14:fa:ca:5c:3a:4e:05:d9:e7:87:
24:92:d0:78:ea:fc:86:72:14:4d:03:95:a9:d0:42:
c5:43:de:3f:71:21:8b:df:2c:30:6b:c9:74:b1:3b:
c0:b2:f2:eb:c3:e6:34:c5:6c:a5:47:4d:ea:33:e5:
b9:e3:46:80:1a:a2:91:e1:3b:7f:55:bd:7f:20:d2:
a9:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:75:45:D1:ED:38:8C:13:AB:7B:DB:80:27:51:02:90:DA:68:94:89
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS20115.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.138.0/24
82.22.136.0/22
82.22.190.0/24
82.23.140.0/23
82.23.152.0/21
82.23.162.0/23
82.24.0.0/22
82.24.31.0/24
82.24.36.0/22
82.24.112.0/23
82.26.174.0/24
82.27.144.0/20
82.29.30.0/23
82.29.144.0/22
Signature Algorithm: sha256WithRSAEncryption
5d:8b:ca:90:9f:3b:d3:83:df:d1:fa:32:8e:d9:11:54:aa:f9:
f3:26:53:64:e4:8a:15:c5:8c:43:58:58:a6:b8:94:a8:a4:c3:
88:f1:8c:29:cd:63:d6:dd:2e:93:38:29:2f:67:0b:1c:b5:4a:
62:3e:8c:69:67:10:4f:d3:d5:a0:4d:f6:32:b4:5e:86:58:75:
8d:6f:ec:6f:b9:ce:1e:d8:e0:8c:34:a1:73:f7:84:d1:96:a2:
cd:ba:a9:6b:a1:9a:10:31:a1:5f:56:c7:b5:d2:a1:df:be:e0:
fe:05:4e:f9:01:19:12:e0:48:db:ab:7b:27:a0:e9:51:69:19:
5b:26:c5:38:f1:16:3a:88:82:b2:85:ad:d4:fe:3f:ad:6a:ce:
3c:a6:07:f6:87:9c:0a:0c:e5:bc:72:ca:fc:18:76:cb:a6:82:
9c:64:bc:33:de:92:c6:db:6c:e6:18:81:69:0d:fc:1b:28:b7:
ed:52:1b:ef:69:c8:93:09:98:f4:34:b0:06:26:96:93:c5:db:
1b:03:e5:c9:a8:6e:d4:3a:1c:06:f9:48:09:10:bd:a0:a9:10:
07:87:50:39:17:88:90:75:dd:5f:ba:b1:48:39:c7:91:fd:00:
04:01:18:75:78:5d:a1:42:4d:53:e2:23:01:b8:a0:7d:ec:f4:
2a:69:cd:7f
-----BEGIN CERTIFICATE-----
MIIFTTCCBDWgAwIBAgIUN7hz71aZ/m91PQcLpqpg6u1+SL8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTA4MTgxODU5MTZaFw0yNjA4MTcxOTA0MTZaMDMxMTAvBgNV
BAMTKEJCNzU0NUQxRUQzODhDMTNBQjdCREI4MDI3NTEwMjkwREE2ODk0ODkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC+9DcB509JCS/s9p5PujjbUNCy
grXwmmxhTd8OrK8pQSTOfxs1/G9u8eAg4DBTDz7lh1TcBpTW2HHokdDz/1LNsEC5
b7dfV6q/6Gy+W4YX/A+6qlFOL5jcCWN5ijNQsVZ/En65p6m3Myp7H8GsAzUvW6qh
jaKnr1YODzSKZ3Mcay3zvZUvj/ZAZor+HEyTCNc8Hhghd3CSqT2h4qSEeTqQM+94
7mPM0oXDzzsqEVsRYCD1wA1MacNeFPrKXDpOBdnnhySS0Hjq/IZyFE0DlanQQsVD
3j9xIYvfLDBryXSxO8Cy8uvD5jTFbKVHTeoz5bnjRoAaopHhO39VvX8g0qkDAgMB
AAGjggJXMIICUzAdBgNVHQ4EFgQUu3VF0e04jBOre9uAJ1ECkNpolIkwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMjAxMTUucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwbQYIKwYBBQUHAQcBAf8EXjBcMFoEAgABMFQDBABSFYoD
BAJSFogDBABSFr4DBAFSF4wDBANSF5gDBAFSF6IDBAJSGAADBABSGB8DBAJSGCQD
BAFSGHADBABSGq4DBARSG5ADBAFSHR4DBAJSHZAwDQYJKoZIhvcNAQELBQADggEB
AF2LypCfO9OD39H6Mo7ZEVSq+fMmU2TkihXFjENYWKa4lKikw4jxjCnNY9bdLpM4
KS9nCxy1SmI+jGlnEE/T1aBN9jK0XoZYdY1v7G+5zh7Y4Iw0oXP3hNGWos26qWuh
mhAxoV9Wx7XSod++4P4FTvkBGRLgSNureyeg6VFpGVsmxTjxFjqIgrKFrdT+P61q
zjymB/aHnAoM5bxyyvwYdsumgpxkvDPeksbbbOYYgWkN/Bsot+1SG+9pyJMJmPQ0
sAYmlpPF2xsD5cmobtQ6HAb5SAkQvaCpEAeHUDkXiJB13V+6sUg5x5H9AAQBGHV4
XaFCTVPiIwG4oH3s9CppzX8=
-----END CERTIFICATE-----
Generated at Sat Aug 23 22:43:40 2025 by rpki-client