Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS20473.roa
File: AS20473.roa (raw, json)
Hash identifier: x9xnJ5p0UUvkMzTyj07dRH+yGFw3Yf51O7UaF53+UWo=
Subject key identifier: 9C:85:83:2A:63:EB:82:22:1D:1A:17:0E:FD:87:96:77:39:1A:18:6D
Certificate issuer: /CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Certificate serial: 43C7EC13C05E770F4CB714C86E4824A373892EB4
Authority key identifier: A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS20473.roa
Signing time: Mon 04 May 2026 08:21:29 +0000
ROA not before: Mon 04 May 2026 08:16:29 +0000
ROA not after: Mon 03 May 2027 08:21:29 +0000
asID: 20473
IP address blocks: 2a14:7580:100::/40 maxlen: 48
2a14:7581:f30::/44 maxlen: 48
2a14:7581:fa0::/44 maxlen: 48
2a14:7581:3600::/40 maxlen: 48
2a14:7581:3b00::/40 maxlen: 48
2a14:7581:3e00::/40 maxlen: 48
2a14:7581:3f00::/40 maxlen: 48
2a14:7581:9f90::/48 maxlen: 48
2a14:7581:9f91::/48 maxlen: 48
2a14:7583:5d10::/48 maxlen: 48
2a14:7583:e500::/40 maxlen: 48
2a14:7583:f000::/40 maxlen: 48
2a14:7583:f100::/40 maxlen: 48
2a14:7584:8000::/36 maxlen: 48
2a14:7584:9000::/36 maxlen: 48
2a14:7584:e370::/44 maxlen: 48
2a14:7584:eb00::/40 maxlen: 40
2a14:7584:ec00::/40 maxlen: 40
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft
rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 08:48:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
43:c7:ec:13:c0:5e:77:0f:4c:b7:14:c8:6e:48:24:a3:73:89:2e:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Validity
Not Before: May 4 08:16:29 2026 GMT
Not After : May 3 08:21:29 2027 GMT
Subject: CN=9C85832A63EB82221D1A170EFD879677391A186D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f5:14:cc:12:d5:51:ce:9b:f3:38:73:31:1e:37:
f7:9b:db:bb:9b:7b:5b:67:35:09:51:d7:65:df:32:
bd:49:da:84:c5:b3:67:e0:21:85:08:29:4e:f4:0d:
3a:00:ec:69:1e:3d:6c:62:a9:c8:de:71:82:36:70:
af:b4:7a:97:16:15:7d:62:4a:37:9f:fb:8f:00:64:
54:b8:1c:fb:3b:80:4b:d4:76:33:81:b2:cd:ad:c1:
d1:64:09:f7:42:6d:cc:d8:ca:f9:4c:32:92:6e:ae:
c6:87:88:68:7a:b9:b6:c6:41:9b:68:f5:83:f3:e2:
24:7b:82:3e:e8:ca:80:57:ef:e3:88:2d:1a:06:01:
fd:9e:ec:b5:69:1d:0d:c2:fa:80:09:fa:a7:a5:33:
13:ad:7f:58:b2:bf:60:a6:6d:99:a6:6b:eb:f7:45:
d3:df:b7:a0:fe:e7:ce:a4:52:14:39:df:ed:22:5b:
26:44:24:12:a0:82:2a:7e:4e:9b:8d:f0:31:2e:bf:
ea:62:3e:87:0d:90:56:0e:f2:ad:97:b4:0d:31:68:
7e:5d:94:0f:a6:5d:0b:ba:58:94:fd:41:45:c7:dc:
a7:8a:24:98:1b:5e:78:19:cd:6d:c0:57:e9:84:d5:
87:22:93:a0:07:40:6e:58:74:70:3e:06:d7:20:a8:
17:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:85:83:2A:63:EB:82:22:1D:1A:17:0E:FD:87:96:77:39:1A:18:6D
X509v3 Authority Key Identifier:
keyid:A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS20473.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:7580:100::/40
2a14:7581:f30::/44
2a14:7581:fa0::/44
2a14:7581:3600::/40
2a14:7581:3b00::/40
2a14:7581:3e00::/39
2a14:7581:9f90::/47
2a14:7583:5d10::/48
2a14:7583:e500::/40
2a14:7583:f000::/39
2a14:7584:8000::/35
2a14:7584:e370::/44
2a14:7584:eb00::-2a14:7584:ecff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
63:e6:0c:32:84:0e:21:a0:bd:69:99:ca:52:a2:db:d8:9e:83:
5e:ec:4c:15:fa:28:02:49:b5:e8:52:7e:97:e4:36:af:8f:cf:
5f:65:c8:01:5a:7c:cd:c8:8f:18:01:31:8e:3f:1f:ce:af:03:
00:91:e4:ea:b8:11:57:af:da:70:0c:38:c6:2d:97:27:2c:84:
ff:45:65:c5:0a:00:c0:a3:c8:a4:c6:0a:0b:b5:8a:74:00:4f:
d9:9b:29:c1:f2:93:4a:b2:95:cb:48:df:26:b2:93:05:43:4e:
f7:78:a0:5f:a0:3d:01:70:19:fa:16:e2:ca:c6:a7:31:a0:14:
fd:84:53:c9:cf:28:5f:01:ca:75:98:50:53:c0:91:c6:87:e5:
a9:20:59:a5:4a:16:1a:e0:ce:8a:f4:a7:91:46:63:b1:52:17:
fc:51:db:c5:03:f7:2d:fc:c0:70:a3:04:b5:aa:15:f8:ce:d7:
79:9b:50:75:2f:42:c3:42:5b:ff:f5:9f:4a:38:92:e4:74:91:
84:cf:76:1f:ce:0c:01:6f:c1:1f:a3:46:47:33:a9:79:4e:56:
1c:9b:55:55:35:a1:45:ee:3b:50:b7:e2:a4:82:bd:f7:e8:cc:
21:86:90:11:7a:9c:2b:9f:12:22:2b:47:59:09:e1:00:27:63:
9e:9e:30:47
-----BEGIN CERTIFICATE-----
MIIFcjCCBFqgAwIBAgIUQ8fsE8Bedw9MtxTIbkgko3OJLrQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTgzZDQ4NjUyZjNiMmRmNzRmNmJmOWJhYThhOWMxNzRj
Y2ZkMzc3MjAeFw0yNjA1MDQwODE2MjlaFw0yNzA1MDMwODIxMjlaMDMxMTAvBgNV
BAMTKDlDODU4MzJBNjNFQjgyMjIxRDFBMTcwRUZEODc5Njc3MzkxQTE4NkQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQD1FMwS1VHOm/M4czEeN/eb27ub
e1tnNQlR12XfMr1J2oTFs2fgIYUIKU70DToA7GkePWxiqcjecYI2cK+0epcWFX1i
Sjef+48AZFS4HPs7gEvUdjOBss2twdFkCfdCbczYyvlMMpJursaHiGh6ubbGQZto
9YPz4iR7gj7oyoBX7+OILRoGAf2e7LVpHQ3C+oAJ+qelMxOtf1iyv2CmbZmma+v3
RdPft6D+586kUhQ53+0iWyZEJBKggip+TpuN8DEuv+piPocNkFYO8q2XtA0xaH5d
lA+mXQu6WJT9QUXH3KeKJJgbXngZzW3AV+mE1Ycik6AHQG5YdHA+BtcgqBcjAgMB
AAGjggJ8MIICeDAdBgNVHQ4EFgQUnIWDKmPrgiIdGhcO/YeWdzkaGG0wHwYDVR0j
BBgwFoAUqD1IZS87LfdPa/m6qKnBdMz9N3IwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODkyNzBmNmMtYTNmZS00Mjk5LWIwNzktMzA5ZWQ5N2Yz
ODI0LzAvQTgzRDQ4NjUyRjNCMkRGNzRGNkJGOUJBQThBOUMxNzRDQ0ZEMzc3Mi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FEMUlaUzg3TGZkUGFfbTZxS25CZE16
OU4zSS5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5Lzg5MjcwZjZjLWEzZmUt
NDI5OS1iMDc5LTMwOWVkOTdmMzgyNC8wL0FTMjA0NzMucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwgZEGCCsGAQUFBwEHAQH/BIGBMH8wfQQCAAIwdwMGACoU
dYABAwcEKhR1gQ8wAwcEKhR1gQ+gAwYAKhR1gTYDBgAqFHWBOwMGASoUdYE+AwcB
KhR1gZ+QAwcAKhR1g10QAwYAKhR1g+UDBgEqFHWD8AMGBSoUdYSAAwcEKhR1hONw
MBADBgAqFHWE6wMGACoUdYTsMA0GCSqGSIb3DQEBCwUAA4IBAQBj5gwyhA4hoL1p
mcpSotvYnoNe7EwV+igCSbXoUn6X5Davj89fZcgBWnzNyI8YATGOPx/OrwMAkeTq
uBFXr9pwDDjGLZcnLIT/RWXFCgDAo8ikxgoLtYp0AE/ZmynB8pNKspXLSN8mspMF
Q073eKBfoD0BcBn6FuLKxqcxoBT9hFPJzyhfAcp1mFBTwJHGh+WpIFmlShYa4M6K
9KeRRmOxUhf8UdvFA/ct/MBwowS1qhX4ztd5m1B1L0LDQlv/9Z9KOJLkdJGEz3Yf
zgwBb8Efo0ZHM6l5TlYcm1VVNaFF7jtQt+Kkgr336MwhhpARepwrnxIiK0dZCeEA
J2OenjBH
-----END CERTIFICATE-----
Generated at Tue May 12 22:02:12 2026 by rpki-client