Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS20473.roa
File: AS20473.roa (raw, json)
Hash identifier: TVFxr0zl3KxFoeVMe81wfnS7AaJVNCBQWiQErh4hrzU=
Subject key identifier: DB:6C:14:82:D6:D8:03:0F:E3:0A:60:33:AF:99:5E:E5:42:91:D1:71
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 5E90B49796DFA809365467BA68E992DCEB3B00DD
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS20473.roa
Signing time: Thu 19 Mar 2026 20:48:18 +0000
ROA not before: Thu 19 Mar 2026 20:43:18 +0000
ROA not after: Thu 18 Mar 2027 20:48:18 +0000
asID: 20473
IP address blocks: 82.38.41.0/24 maxlen: 24
82.41.117.0/24 maxlen: 24
178.83.88.0/24 maxlen: 24
178.83.90.0/24 maxlen: 24
178.83.92.0/24 maxlen: 24
178.83.94.0/24 maxlen: 24
178.83.95.0/24 maxlen: 24
178.83.97.0/24 maxlen: 24
178.83.98.0/24 maxlen: 24
178.83.104.0/24 maxlen: 24
178.83.105.0/24 maxlen: 24
178.83.106.0/24 maxlen: 24
178.83.107.0/24 maxlen: 24
178.83.142.0/24 maxlen: 24
178.83.148.0/24 maxlen: 24
178.83.156.0/24 maxlen: 24
2a13:9500:61::/48 maxlen: 48
2a13:9500:ae::/48 maxlen: 48
2a13:9500:cf::/48 maxlen: 48
2a13:9500:dd::/48 maxlen: 48
2a13:9500:10c::/48 maxlen: 48
2a13:9500:120::/48 maxlen: 48
2a13:9500:149::/48 maxlen: 48
2a13:9500:14d::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 15:17:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5e:90:b4:97:96:df:a8:09:36:54:67:ba:68:e9:92:dc:eb:3b:00:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Mar 19 20:43:18 2026 GMT
Not After : Mar 18 20:48:18 2027 GMT
Subject: CN=DB6C1482D6D8030FE30A6033AF995EE54291D171
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:d0:bb:4b:8d:16:c2:9b:6e:40:f4:a2:92:41:
8e:8f:6b:35:3a:42:99:18:6b:9f:18:70:ab:fd:20:
b5:41:68:7a:7c:d9:28:b0:63:3d:a9:77:35:e4:a1:
db:bc:c2:1f:96:ed:74:27:73:b4:6f:e1:02:7c:23:
e2:3b:0c:7a:64:75:eb:14:8c:7c:2e:04:47:5e:1b:
74:c7:bc:25:63:31:74:4e:6d:69:ed:f0:95:ce:92:
46:94:82:d0:ee:38:a5:c1:7c:22:2f:87:0b:db:ad:
8f:2d:95:75:23:2b:bd:3c:96:e7:05:be:54:64:47:
90:64:d9:41:f7:31:b6:d9:18:41:11:a1:ae:d4:84:
14:bd:56:57:ba:f4:a7:05:68:e6:46:e3:c3:c5:46:
85:2a:6f:82:44:fc:19:67:dc:76:8d:9f:9b:7d:76:
f6:88:70:71:d4:cc:09:e9:19:a4:b5:bf:0b:60:8e:
03:f6:53:62:ab:ba:fc:cf:7e:ea:e5:74:98:ff:02:
f1:5a:6a:6c:8c:53:1a:00:85:2c:38:ed:86:e6:ca:
d4:65:cf:24:c1:ec:fd:5e:95:1e:df:58:e2:af:90:
40:61:40:df:99:47:01:c0:87:fe:1c:6e:33:d7:de:
26:73:29:0d:97:52:8b:7f:b5:e3:f2:0a:ad:41:01:
6b:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:6C:14:82:D6:D8:03:0F:E3:0A:60:33:AF:99:5E:E5:42:91:D1:71
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS20473.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.38.41.0/24
82.41.117.0/24
178.83.88.0/24
178.83.90.0/24
178.83.92.0/24
178.83.94.0/23
178.83.97.0-178.83.98.255
178.83.104.0/22
178.83.142.0/24
178.83.148.0/24
178.83.156.0/24
IPv6:
2a13:9500:61::/48
2a13:9500:ae::/48
2a13:9500:cf::/48
2a13:9500:dd::/48
2a13:9500:10c::/48
2a13:9500:120::/48
2a13:9500:149::/48
2a13:9500:14d::/48
Signature Algorithm: sha256WithRSAEncryption
64:2e:7b:14:ba:6d:17:8e:c7:55:0d:de:84:67:a9:88:13:d1:
67:61:72:d8:47:8b:ce:76:e8:c7:b7:a8:02:e0:e6:a5:17:ae:
5c:30:4d:06:81:ec:8b:1e:be:91:3a:15:17:4e:72:e4:21:32:
59:ec:31:29:fd:1b:d5:c0:13:bf:54:cb:7b:3e:ec:3e:71:05:
bc:15:72:6e:66:61:ff:62:57:d1:92:b8:6b:1b:97:39:1a:41:
a1:bf:dd:51:f9:d9:6e:5d:d5:7c:4f:cf:da:a7:79:00:94:e0:
07:3d:f8:cf:46:5c:77:ac:60:67:59:9b:f4:dd:a8:00:f9:5d:
3b:16:a2:31:79:95:f9:9d:88:67:1c:bd:d3:8f:9b:73:c2:6c:
38:6a:92:8b:ec:d6:d0:85:ac:9a:f3:d9:80:51:1b:b1:41:60:
25:3c:24:c2:3b:d0:ef:8d:f5:5d:39:71:75:b3:3a:c1:a3:cc:
73:93:c9:06:42:7c:f4:b4:a8:13:13:b1:43:74:3c:0f:6b:fa:
19:c1:8c:a9:17:a5:41:31:33:49:35:21:7a:57:d6:22:2f:ca:
e2:ea:57:5a:82:a0:e3:f0:0f:9d:14:dc:4e:b0:37:e6:39:52:
1e:52:a5:05:2e:51:08:b6:cc:1a:92:b0:30:9a:d2:3b:13:2a:
d9:a7:fe:2d
-----BEGIN CERTIFICATE-----
MIIFljCCBH6gAwIBAgIUXpC0l5bfqAk2VGe6aOmS3Os7AN0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjAzMTkyMDQzMThaFw0yNzAzMTgyMDQ4MThaMDMxMTAvBgNV
BAMTKERCNkMxNDgyRDZEODAzMEZFMzBBNjAzM0FGOTk1RUU1NDI5MUQxNzEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCw0LtLjRbCm25A9KKSQY6PazU6
QpkYa58YcKv9ILVBaHp82SiwYz2pdzXkodu8wh+W7XQnc7Rv4QJ8I+I7DHpkdesU
jHwuBEdeG3THvCVjMXRObWnt8JXOkkaUgtDuOKXBfCIvhwvbrY8tlXUjK708lucF
vlRkR5Bk2UH3MbbZGEERoa7UhBS9Vle69KcFaOZG48PFRoUqb4JE/Bln3HaNn5t9
dvaIcHHUzAnpGaS1vwtgjgP2U2KruvzPfurldJj/AvFaamyMUxoAhSw47YbmytRl
zyTB7P1elR7fWOKvkEBhQN+ZRwHAh/4cbjPX3iZzKQ2XUot/tePyCq1BAWupAgMB
AAGjggKgMIICnDAdBgNVHQ4EFgQU22wUgtbYAw/jCmAzr5le5UKR0XEwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMjA0NzMucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwgbUGCCsGAQUFBwEHAQH/BIGlMIGiMFAEAgABMEoDBABS
JikDBABSKXUDBACyU1gDBACyU1oDBACyU1wDBAGyU14wDAMEALJTYQMEALJTYgME
ArJTaAMEALJTjgMEALJTlAMEALJTnDBOBAIAAjBIAwcAKhOVAABhAwcAKhOVAACu
AwcAKhOVAADPAwcAKhOVAADdAwcAKhOVAAEMAwcAKhOVAAEgAwcAKhOVAAFJAwcA
KhOVAAFNMA0GCSqGSIb3DQEBCwUAA4IBAQBkLnsUum0XjsdVDd6EZ6mIE9FnYXLY
R4vOdujHt6gC4OalF65cME0GgeyLHr6ROhUXTnLkITJZ7DEp/RvVwBO/VMt7Puw+
cQW8FXJuZmH/YlfRkrhrG5c5GkGhv91R+dluXdV8T8/ap3kAlOAHPfjPRlx3rGBn
WZv03agA+V07FqIxeZX5nYhnHL3Tj5tzwmw4apKL7NbQhaya89mAURuxQWAlPCTC
O9DvjfVdOXF1szrBo8xzk8kGQnz0tKgTE7FDdDwPa/oZwYypF6VBMTNJNSF6V9Yi
L8ri6ldagqDj8A+dFNxOsDfmOVIeUqUFLlEItswakrAwmtI7EyrZp/4t
-----END CERTIFICATE-----
Generated at Thu Mar 26 01:34:14 2026 by rpki-client