Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS20473.roa
File: AS20473.roa (raw, json)
Hash identifier: F6bCM/gI9IAbKT/HZuEPzXmLbGzUcafHOc2s7fBMfEw=
Subject key identifier: CB:D2:BE:8C:AC:B8:CC:C7:10:F5:65:C1:EC:04:D5:92:CE:34:FE:D7
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 4A0A3A3167FF0087CDA71DD363FC7C7DDED26B60
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS20473.roa
Signing time: Fri 08 May 2026 06:53:19 +0000
ROA not before: Fri 08 May 2026 06:48:19 +0000
ROA not after: Fri 07 May 2027 06:53:19 +0000
asID: 20473
IP address blocks: 82.38.41.0/24 maxlen: 24
82.41.117.0/24 maxlen: 24
82.47.152.0/22 maxlen: 24
178.83.88.0/24 maxlen: 24
178.83.90.0/24 maxlen: 24
178.83.92.0/24 maxlen: 24
178.83.94.0/24 maxlen: 24
178.83.95.0/24 maxlen: 24
178.83.97.0/24 maxlen: 24
178.83.98.0/24 maxlen: 24
178.83.104.0/24 maxlen: 24
178.83.105.0/24 maxlen: 24
178.83.106.0/24 maxlen: 24
178.83.107.0/24 maxlen: 24
178.83.142.0/24 maxlen: 24
178.83.148.0/24 maxlen: 24
178.83.156.0/24 maxlen: 24
2a13:9500:61::/48 maxlen: 48
2a13:9500:ae::/48 maxlen: 48
2a13:9500:cf::/48 maxlen: 48
2a13:9500:dd::/48 maxlen: 48
2a13:9500:10c::/48 maxlen: 48
2a13:9500:120::/48 maxlen: 48
2a13:9500:149::/48 maxlen: 48
2a13:9500:14d::/48 maxlen: 48
2a13:9500:15e::/48 maxlen: 48
2a13:9500:170::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4a:0a:3a:31:67:ff:00:87:cd:a7:1d:d3:63:fc:7c:7d:de:d2:6b:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: May 8 06:48:19 2026 GMT
Not After : May 7 06:53:19 2027 GMT
Subject: CN=CBD2BE8CACB8CCC710F565C1EC04D592CE34FED7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:41:f4:04:13:28:1b:d0:af:a6:db:96:31:9c:
11:09:a4:01:d2:98:e3:ac:ad:97:cd:88:40:89:dd:
07:14:b7:cb:ea:11:cf:e8:b6:19:e0:bc:5c:17:c6:
94:61:24:67:c1:1f:ae:58:16:24:da:33:81:e3:b9:
ef:b3:e5:48:d5:28:bc:12:0c:f5:0a:d7:27:8f:b0:
54:65:3f:de:79:55:38:63:f2:92:2c:05:61:cc:29:
81:43:b8:28:5d:9e:03:a3:7b:1a:66:ff:c1:2b:08:
b3:fe:e0:3a:06:28:19:37:60:46:3a:a7:35:1a:16:
4e:e1:d4:3c:19:bf:6b:78:96:c3:2f:e8:ea:b1:18:
32:da:c4:de:82:16:54:57:2d:b2:05:a9:19:8c:79:
83:40:df:a8:db:22:a7:24:a4:75:66:4b:00:fd:00:
31:65:8f:b1:2f:19:7c:5a:24:db:df:c2:50:02:bd:
de:1a:fe:13:4f:2b:dd:93:da:70:ab:2e:59:d0:23:
c0:dc:b0:df:17:b5:80:5f:53:a3:8b:bb:4c:79:ac:
b3:e7:80:d7:b8:83:d0:22:f6:3b:f2:e8:59:2e:02:
ba:8f:21:8f:1f:48:d0:7e:5e:f4:fe:41:42:77:d8:
92:fb:18:af:3b:bf:1c:37:4a:8b:e3:30:af:11:dd:
ca:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:D2:BE:8C:AC:B8:CC:C7:10:F5:65:C1:EC:04:D5:92:CE:34:FE:D7
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS20473.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.38.41.0/24
82.41.117.0/24
82.47.152.0/22
178.83.88.0/24
178.83.90.0/24
178.83.92.0/24
178.83.94.0/23
178.83.97.0-178.83.98.255
178.83.104.0/22
178.83.142.0/24
178.83.148.0/24
178.83.156.0/24
IPv6:
2a13:9500:61::/48
2a13:9500:ae::/48
2a13:9500:cf::/48
2a13:9500:dd::/48
2a13:9500:10c::/48
2a13:9500:120::/48
2a13:9500:149::/48
2a13:9500:14d::/48
2a13:9500:15e::/48
2a13:9500:170::/48
Signature Algorithm: sha256WithRSAEncryption
a7:cb:65:0f:2d:b7:b1:ce:89:aa:ec:71:26:f7:c1:f6:1f:4f:
63:5a:d3:85:81:2d:a8:82:c6:44:32:9b:33:84:a8:cf:60:cd:
1d:fe:22:1c:63:13:b9:c7:c5:2c:f3:05:cc:48:b8:df:c4:84:
46:80:eb:90:e8:91:53:ef:7c:99:2b:a1:e0:07:72:23:f1:f1:
f4:54:e6:89:17:11:fa:1b:7a:22:39:f4:33:63:a0:a6:ba:e5:
1b:55:f9:50:96:58:9b:45:91:b9:7d:b1:4c:0b:30:1a:86:a6:
c2:52:34:6e:1d:21:04:f2:4e:71:01:7c:bc:4d:0f:2d:20:a1:
79:5b:ec:48:ce:4e:64:0e:d3:3d:c4:cc:f3:4b:93:94:ed:c7:
f6:11:df:69:12:0a:13:d1:f5:42:52:e5:72:88:00:27:b6:a3:
1d:1e:52:1b:57:bc:08:76:9d:38:db:2b:c9:f7:8e:40:ab:dc:
51:51:e7:27:87:7b:c6:de:55:96:ed:00:75:2b:02:b9:ca:04:
33:3c:19:1a:9b:59:bd:94:97:e9:c8:57:4f:ae:76:b2:f6:5a:
fe:25:d5:f5:cc:e1:4f:6c:d9:5b:d5:be:d4:bc:b2:b1:f8:f2:
2b:af:87:69:b2:1a:5b:c5:e8:20:b9:9a:66:d7:0a:a0:7c:75:
32:7f:4e:c2
-----BEGIN CERTIFICATE-----
MIIFrjCCBJagAwIBAgIUSgo6MWf/AIfNpx3TY/x8fd7Sa2AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjA1MDgwNjQ4MTlaFw0yNzA1MDcwNjUzMTlaMDMxMTAvBgNV
BAMTKENCRDJCRThDQUNCOENDQzcxMEY1NjVDMUVDMDRENTkyQ0UzNEZFRDcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC7QfQEEygb0K+m25YxnBEJpAHS
mOOsrZfNiECJ3QcUt8vqEc/othngvFwXxpRhJGfBH65YFiTaM4Hjue+z5UjVKLwS
DPUK1yePsFRlP955VThj8pIsBWHMKYFDuChdngOjexpm/8ErCLP+4DoGKBk3YEY6
pzUaFk7h1DwZv2t4lsMv6OqxGDLaxN6CFlRXLbIFqRmMeYNA36jbIqckpHVmSwD9
ADFlj7EvGXxaJNvfwlACvd4a/hNPK92T2nCrLlnQI8DcsN8XtYBfU6OLu0x5rLPn
gNe4g9Ai9jvy6FkuArqPIY8fSNB+XvT+QUJ32JL7GK87vxw3SovjMK8R3crTAgMB
AAGjggK4MIICtDAdBgNVHQ4EFgQUy9K+jKy4zMcQ9WXB7ATVks40/tcwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMjA0NzMucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwgc0GCCsGAQUFBwEHAQH/BIG9MIG6MFYEAgABMFADBABS
JikDBABSKXUDBAJSL5gDBACyU1gDBACyU1oDBACyU1wDBAGyU14wDAMEALJTYQME
ALJTYgMEArJTaAMEALJTjgMEALJTlAMEALJTnDBgBAIAAjBaAwcAKhOVAABhAwcA
KhOVAACuAwcAKhOVAADPAwcAKhOVAADdAwcAKhOVAAEMAwcAKhOVAAEgAwcAKhOV
AAFJAwcAKhOVAAFNAwcAKhOVAAFeAwcAKhOVAAFwMA0GCSqGSIb3DQEBCwUAA4IB
AQCny2UPLbexzomq7HEm98H2H09jWtOFgS2ogsZEMpszhKjPYM0d/iIcYxO5x8Us
8wXMSLjfxIRGgOuQ6JFT73yZK6HgB3Ij8fH0VOaJFxH6G3oiOfQzY6CmuuUbVflQ
llibRZG5fbFMCzAahqbCUjRuHSEE8k5xAXy8TQ8tIKF5W+xIzk5kDtM9xMzzS5OU
7cf2Ed9pEgoT0fVCUuVyiAAntqMdHlIbV7wIdp042yvJ945Aq9xRUecnh3vG3lWW
7QB1KwK5ygQzPBkam1m9lJfpyFdPrnay9lr+JdX1zOFPbNlb1b7UvLKx+PIrr4dp
shpbxegguZpm1wqgfHUyf07C
-----END CERTIFICATE-----
Generated at Tue May 12 21:47:03 2026 by rpki-client