Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS20473.roa
File: AS20473.roa (raw, json)
Hash identifier: HXGUWJ1+mo0PAjDBQz4aZIsqvj4G5gAMLc69UqLX2SQ=
Subject key identifier: 16:2A:18:0F:AA:0E:5E:4F:41:DE:C6:0C:A6:47:FC:1E:B9:41:87:C6
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 615171E0E4D953632BB041661095B273B79407AE
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS20473.roa
Signing time: Mon 18 Aug 2025 13:00:21 +0000
ROA not before: Mon 18 Aug 2025 12:55:21 +0000
ROA not after: Mon 17 Aug 2026 13:00:21 +0000
asID: 20473
IP address blocks: 2a13:9500:61::/48 maxlen: 48
2a13:9500:ae::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 14:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
61:51:71:e0:e4:d9:53:63:2b:b0:41:66:10:95:b2:73:b7:94:07:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Aug 18 12:55:21 2025 GMT
Not After : Aug 17 13:00:21 2026 GMT
Subject: CN=162A180FAA0E5E4F41DEC60CA647FC1EB94187C6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:7f:e5:27:63:4d:57:5e:1d:77:23:33:b0:ce:
9e:79:a9:c5:58:f5:15:35:19:74:2f:e6:0c:51:cb:
ce:66:ea:2c:49:23:27:03:2f:ab:25:c6:19:b6:29:
bd:ac:60:d3:05:0c:b6:63:ef:e8:8a:10:a0:2d:27:
78:a2:68:fd:5c:4e:6c:b8:56:51:60:f5:35:b1:61:
42:a1:93:91:ac:4f:c3:b8:5f:5f:85:db:57:9b:4f:
2b:eb:0e:ae:ab:f7:46:9c:54:26:5e:29:e2:ed:36:
5c:ac:6b:c4:fd:07:07:37:20:0c:60:19:55:03:3f:
48:b8:69:a5:7f:09:98:25:d2:75:27:d4:f5:15:e2:
35:aa:33:a5:1e:b6:93:34:ed:76:8f:48:ca:eb:fe:
2d:03:70:76:2a:65:14:67:8d:68:d1:05:06:df:70:
77:95:f1:01:2a:39:16:44:3a:9b:ab:47:74:0b:fd:
b4:ac:c8:9e:86:d4:aa:73:33:62:9d:af:07:51:37:
f8:51:7e:08:15:4f:3d:73:18:77:9f:1d:27:42:f6:
ee:78:7c:4b:88:68:ef:f2:59:05:f1:41:6f:7f:78:
46:ad:83:b2:cb:82:48:97:3b:5b:16:28:b1:12:6c:
48:fa:c4:b1:6b:6d:cc:22:26:0e:f7:b7:a9:12:a3:
a9:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:2A:18:0F:AA:0E:5E:4F:41:DE:C6:0C:A6:47:FC:1E:B9:41:87:C6
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS20473.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:9500:61::/48
2a13:9500:ae::/48
Signature Algorithm: sha256WithRSAEncryption
8f:f4:63:e4:a8:d5:26:4e:37:75:d0:b6:88:ca:1a:ae:81:9b:
ab:f8:d8:7a:60:9b:e4:0b:e8:72:29:f8:5c:64:70:ab:e0:68:
f5:b9:9b:e7:5c:64:35:dd:28:69:7a:82:69:b2:ca:20:80:33:
13:e3:70:2a:1e:d1:9b:bc:1e:ce:81:3d:02:d9:96:7b:56:39:
ff:57:8c:4c:0e:70:5e:97:50:cf:7f:ab:bf:fe:eb:68:57:ab:
5f:22:94:11:02:72:9b:f1:16:b6:c5:0f:ce:07:86:3d:b5:81:
4a:02:90:9e:93:f4:34:ea:a6:81:02:bc:9c:0b:d9:01:84:a4:
35:4a:20:a5:35:34:0b:5a:f9:0a:60:14:63:d8:fe:39:0d:89:
64:a9:64:2f:ed:79:0b:37:67:9b:fe:dd:f0:6b:c1:ad:73:6e:
21:d9:41:2d:14:51:db:3c:03:8c:f3:73:b4:d7:04:6a:c8:71:
1d:a5:4a:4a:f2:b8:de:81:15:53:d8:44:b2:87:c8:fc:c1:13:
01:6a:ce:76:83:84:9f:98:a4:9b:1b:39:90:e8:82:e6:fe:33:
f4:d2:e7:0b:b1:b3:94:73:3d:85:8f:1c:de:5e:d9:73:54:4e:
51:94:1f:4e:4f:4f:e2:ea:af:19:4c:98:4e:fa:53:ac:ac:b9:
17:43:bc:6f
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgIUYVFx4OTZU2MrsEFmEJWyc7eUB64wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTA4MTgxMjU1MjFaFw0yNjA4MTcxMzAwMjFaMDMxMTAvBgNV
BAMTKDE2MkExODBGQUEwRTVFNEY0MURFQzYwQ0E2NDdGQzFFQjk0MTg3QzYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDTf+UnY01XXh13IzOwzp55qcVY
9RU1GXQv5gxRy85m6ixJIycDL6slxhm2Kb2sYNMFDLZj7+iKEKAtJ3iiaP1cTmy4
VlFg9TWxYUKhk5GsT8O4X1+F21ebTyvrDq6r90acVCZeKeLtNlysa8T9Bwc3IAxg
GVUDP0i4aaV/CZgl0nUn1PUV4jWqM6UetpM07XaPSMrr/i0DcHYqZRRnjWjRBQbf
cHeV8QEqORZEOpurR3QL/bSsyJ6G1KpzM2KdrwdRN/hRfggVTz1zGHefHSdC9u54
fEuIaO/yWQXxQW9/eEatg7LLgkiXO1sWKLESbEj6xLFrbcwiJg73t6kSo6kdAgMB
AAGjggIVMIICETAdBgNVHQ4EFgQUFioYD6oOXk9B3sYMpkf8HrlBh8YwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMjA0NzMucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgACMBIDBwAqE5UA
AGEDBwAqE5UAAK4wDQYJKoZIhvcNAQELBQADggEBAI/0Y+So1SZON3XQtojKGq6B
m6v42Hpgm+QL6HIp+FxkcKvgaPW5m+dcZDXdKGl6gmmyyiCAMxPjcCoe0Zu8Hs6B
PQLZlntWOf9XjEwOcF6XUM9/q7/+62hXq18ilBECcpvxFrbFD84Hhj21gUoCkJ6T
9DTqpoECvJwL2QGEpDVKIKU1NAta+QpgFGPY/jkNiWSpZC/teQs3Z5v+3fBrwa1z
biHZQS0UUds8A4zzc7TXBGrIcR2lSkryuN6BFVPYRLKHyPzBEwFqznaDhJ+YpJsb
OZDogub+M/TS5wuxs5RzPYWPHN5e2XNUTlGUH05PT+LqrxlMmE76U6ysuRdDvG8=
-----END CERTIFICATE-----
Generated at Sat Aug 23 22:46:23 2025 by rpki-client