Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS20473.roa
File: AS20473.roa (raw, json)
Hash identifier: 62+mRgs+YIIa+VJE5eXiuQ31d/W92HYzVBkji+LU8FQ=
Subject key identifier: 91:44:9E:86:C3:84:C5:F0:FB:81:2B:BB:BB:0B:E7:BD:FC:E0:14:C5
Certificate issuer: /CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Certificate serial: 050333005ECB90553F3707BFE853A04EE69BBE4B
Authority key identifier: A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS20473.roa
Signing time: Thu 12 Mar 2026 03:10:19 +0000
ROA not before: Thu 12 Mar 2026 03:05:19 +0000
ROA not after: Thu 11 Mar 2027 03:10:19 +0000
asID: 20473
IP address blocks: 2a14:7580:100::/40 maxlen: 48
2a14:7581:f30::/44 maxlen: 48
2a14:7581:fa0::/44 maxlen: 48
2a14:7581:3600::/40 maxlen: 48
2a14:7581:3e00::/40 maxlen: 48
2a14:7581:3f00::/40 maxlen: 48
2a14:7583:e500::/40 maxlen: 48
2a14:7583:f000::/40 maxlen: 48
2a14:7583:f100::/40 maxlen: 48
2a14:7584:8000::/36 maxlen: 48
2a14:7584:9000::/36 maxlen: 48
2a14:7584:eb00::/40 maxlen: 40
2a14:7584:ec00::/40 maxlen: 40
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft
rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
05:03:33:00:5e:cb:90:55:3f:37:07:bf:e8:53:a0:4e:e6:9b:be:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Validity
Not Before: Mar 12 03:05:19 2026 GMT
Not After : Mar 11 03:10:19 2027 GMT
Subject: CN=91449E86C384C5F0FB812BBBBB0BE7BDFCE014C5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:f2:e9:c2:5b:99:22:24:1b:ad:15:61:fb:2b:
91:9c:70:a5:d3:3b:f0:83:8f:2d:e8:ed:d9:7c:c8:
b2:21:74:a5:e6:fe:15:f9:c8:dd:60:cc:5e:df:2b:
8c:00:29:89:6f:2c:9e:5c:bf:fe:3b:70:60:55:bb:
a9:de:a4:d8:f1:24:7e:92:b2:0d:9c:76:dd:f9:0a:
22:c1:83:b8:09:c5:f7:c7:97:61:84:91:26:02:3d:
cd:a2:fd:7f:3d:6d:9f:0d:ae:ec:35:83:9e:e5:4d:
b1:1b:5c:95:1a:62:e3:2d:b2:3b:7a:a4:4d:d1:f2:
bc:30:a6:86:e3:81:03:81:82:78:9f:d6:fb:7e:d4:
f1:7f:b1:17:51:a9:5d:5b:7e:88:fa:6b:5c:8b:14:
d6:2a:cf:97:f1:84:03:9d:cc:57:9b:1e:a8:c5:e2:
cd:06:24:0f:a1:39:46:22:a7:90:bf:66:5c:04:98:
bc:02:75:df:45:f6:db:86:fb:7c:20:97:3e:c2:05:
f6:8d:2c:53:f7:9a:55:c1:aa:32:85:83:51:85:8d:
95:6f:2f:97:34:43:83:53:5a:f7:02:6c:d2:15:79:
19:6e:ee:5b:04:18:e0:fb:50:e0:88:5f:9d:7c:7a:
49:70:93:77:c9:0e:8b:65:c7:ec:df:5c:6c:bd:a6:
0a:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:44:9E:86:C3:84:C5:F0:FB:81:2B:BB:BB:0B:E7:BD:FC:E0:14:C5
X509v3 Authority Key Identifier:
keyid:A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS20473.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:7580:100::/40
2a14:7581:f30::/44
2a14:7581:fa0::/44
2a14:7581:3600::/40
2a14:7581:3e00::/39
2a14:7583:e500::/40
2a14:7583:f000::/39
2a14:7584:8000::/35
2a14:7584:eb00::-2a14:7584:ecff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
1d:05:af:f7:2f:d3:63:30:a6:39:f7:c6:20:a0:b1:d4:ca:df:
ea:95:07:be:a4:86:f3:3e:5c:6d:0b:13:e9:98:97:6b:97:a1:
74:8f:2d:1e:0a:29:4d:77:f6:6c:e5:81:68:08:4b:73:ca:55:
b6:5b:17:f1:0f:cb:58:1e:03:66:1d:f3:b7:82:ef:de:ac:6b:
93:b2:3b:65:f8:db:31:68:eb:6a:ef:53:e2:30:3f:74:9c:cd:
c3:74:ab:62:53:3d:fa:28:8b:ab:e5:8d:d8:61:e7:98:ce:7e:
49:0a:a1:68:06:d6:1a:26:f5:9a:09:14:d7:d2:ff:04:13:6f:
81:56:32:e2:ad:25:ee:ec:ee:bd:ab:13:fa:b1:c9:f0:26:12:
80:c9:17:59:23:36:9d:36:5e:d6:a9:d9:47:52:c9:06:01:c1:
e3:34:2b:78:14:86:7c:67:67:a4:e8:94:eb:7e:1b:11:a7:9c:
89:38:3d:72:7e:16:71:ac:5d:aa:e8:79:9d:e1:b0:b6:aa:66:
cd:1e:c7:8c:ac:2c:0c:b0:22:21:a0:97:5f:e5:a7:89:06:68:
1c:59:a9:4c:77:56:ab:89:02:d2:8a:6c:a3:5f:27:1b:0f:38:
ad:5a:3a:92:5d:d2:52:1a:5e:50:73:fa:2d:2b:c3:b8:ea:fb:
76:83:42:35
-----BEGIN CERTIFICATE-----
MIIFTTCCBDWgAwIBAgIUBQMzAF7LkFU/Nwe/6FOgTuabvkswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTgzZDQ4NjUyZjNiMmRmNzRmNmJmOWJhYThhOWMxNzRj
Y2ZkMzc3MjAeFw0yNjAzMTIwMzA1MTlaFw0yNzAzMTEwMzEwMTlaMDMxMTAvBgNV
BAMTKDkxNDQ5RTg2QzM4NEM1RjBGQjgxMkJCQkJCMEJFN0JERkNFMDE0QzUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDI8unCW5kiJButFWH7K5GccKXT
O/CDjy3o7dl8yLIhdKXm/hX5yN1gzF7fK4wAKYlvLJ5cv/47cGBVu6nepNjxJH6S
sg2cdt35CiLBg7gJxffHl2GEkSYCPc2i/X89bZ8Nruw1g57lTbEbXJUaYuMtsjt6
pE3R8rwwpobjgQOBgnif1vt+1PF/sRdRqV1bfoj6a1yLFNYqz5fxhAOdzFebHqjF
4s0GJA+hOUYip5C/ZlwEmLwCdd9F9tuG+3wglz7CBfaNLFP3mlXBqjKFg1GFjZVv
L5c0Q4NTWvcCbNIVeRlu7lsEGOD7UOCIX518eklwk3fJDotlx+zfXGy9pgpnAgMB
AAGjggJXMIICUzAdBgNVHQ4EFgQUkUSehsOExfD7gSu7uwvnvfzgFMUwHwYDVR0j
BBgwFoAUqD1IZS87LfdPa/m6qKnBdMz9N3IwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODkyNzBmNmMtYTNmZS00Mjk5LWIwNzktMzA5ZWQ5N2Yz
ODI0LzAvQTgzRDQ4NjUyRjNCMkRGNzRGNkJGOUJBQThBOUMxNzRDQ0ZEMzc3Mi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FEMUlaUzg3TGZkUGFfbTZxS25CZE16
OU4zSS5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5Lzg5MjcwZjZjLWEzZmUt
NDI5OS1iMDc5LTMwOWVkOTdmMzgyNC8wL0FTMjA0NzMucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwbQYIKwYBBQUHAQcBAf8EXjBcMFoEAgACMFQDBgAqFHWA
AQMHBCoUdYEPMAMHBCoUdYEPoAMGACoUdYE2AwYBKhR1gT4DBgAqFHWD5QMGASoU
dYPwAwYFKhR1hIAwEAMGACoUdYTrAwYAKhR1hOwwDQYJKoZIhvcNAQELBQADggEB
AB0Fr/cv02Mwpjn3xiCgsdTK3+qVB76khvM+XG0LE+mYl2uXoXSPLR4KKU139mzl
gWgIS3PKVbZbF/EPy1geA2Yd87eC796sa5OyO2X42zFo62rvU+IwP3SczcN0q2JT
Pfooi6vljdhh55jOfkkKoWgG1hom9ZoJFNfS/wQTb4FWMuKtJe7s7r2rE/qxyfAm
EoDJF1kjNp02Xtap2UdSyQYBweM0K3gUhnxnZ6TolOt+GxGnnIk4PXJ+FnGsXaro
eZ3hsLaqZs0ex4ysLAywIiGgl1/lp4kGaBxZqUx3VquJAtKKbKNfJxsPOK1aOpJd
0lIaXlBz+i0rw7jq+3aDQjU=
-----END CERTIFICATE-----
Generated at Thu Mar 26 05:33:42 2026 by rpki-client