Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS20473.roa
File: AS20473.roa (raw, json)
Hash identifier: B6TXk2nOgt1XWWIN2JYhTNeViG4fsvwW0yXyHAo69ZU=
Subject key identifier: 78:D0:F6:AB:B6:6B:52:AF:ED:E5:CB:D1:20:1F:6D:77:DD:60:45:F4
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 250B5EB103EE571F66D03753A92B7A860283BFEA
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS20473.roa
Signing time: Thu 12 Mar 2026 12:24:10 +0000
ROA not before: Thu 12 Mar 2026 12:19:10 +0000
ROA not after: Thu 11 Mar 2027 12:24:10 +0000
asID: 20473
IP address blocks: 91.124.14.0/23 maxlen: 23
91.124.18.0/23 maxlen: 23
91.124.40.0/23 maxlen: 23
91.124.42.0/23 maxlen: 23
91.124.236.0/23 maxlen: 23
92.112.147.0/24 maxlen: 24
95.135.12.0/23 maxlen: 23
95.135.18.0/23 maxlen: 23
95.135.24.0/23 maxlen: 23
95.135.30.0/23 maxlen: 23
95.135.36.0/23 maxlen: 23
95.135.48.0/23 maxlen: 23
95.135.54.0/23 maxlen: 23
95.135.68.0/23 maxlen: 23
95.135.124.0/23 maxlen: 23
95.135.160.0/23 maxlen: 23
95.135.202.0/23 maxlen: 23
95.135.240.0/23 maxlen: 23
95.135.244.0/23 maxlen: 23
95.135.254.0/23 maxlen: 23
178.92.40.0/22 maxlen: 22
178.92.48.0/24 maxlen: 24
178.92.72.0/23 maxlen: 23
178.92.96.0/23 maxlen: 23
178.92.110.0/23 maxlen: 23
178.92.120.0/22 maxlen: 22
178.92.125.0/24 maxlen: 24
178.92.126.0/23 maxlen: 23
178.92.128.0/23 maxlen: 23
178.92.136.0/23 maxlen: 23
178.92.142.0/23 maxlen: 23
178.92.146.0/23 maxlen: 23
178.92.158.0/23 maxlen: 23
178.92.162.0/23 maxlen: 23
178.92.188.0/23 maxlen: 23
178.92.192.0/23 maxlen: 23
178.92.194.0/23 maxlen: 23
178.92.204.0/23 maxlen: 23
178.92.208.0/23 maxlen: 23
178.92.216.0/23 maxlen: 23
178.92.218.0/23 maxlen: 23
178.93.78.0/23 maxlen: 23
178.93.80.0/22 maxlen: 22
178.93.118.0/23 maxlen: 23
178.93.160.0/23 maxlen: 23
178.93.164.0/23 maxlen: 23
178.93.170.0/23 maxlen: 23
178.93.176.0/23 maxlen: 23
178.93.178.0/23 maxlen: 23
178.93.182.0/23 maxlen: 23
178.93.184.0/23 maxlen: 23
178.93.200.0/23 maxlen: 23
178.93.212.0/23 maxlen: 23
178.93.216.0/23 maxlen: 23
178.93.238.0/23 maxlen: 23
178.93.246.0/23 maxlen: 23
178.93.248.0/23 maxlen: 23
178.93.250.0/23 maxlen: 23
178.93.252.0/23 maxlen: 23
178.94.10.0/23 maxlen: 23
178.94.14.0/23 maxlen: 23
178.94.22.0/23 maxlen: 23
178.94.24.0/23 maxlen: 23
178.94.28.0/23 maxlen: 23
178.94.30.0/23 maxlen: 23
178.94.36.0/23 maxlen: 23
178.94.42.0/23 maxlen: 23
178.94.128.0/21 maxlen: 21
178.94.136.0/22 maxlen: 22
178.94.160.0/23 maxlen: 23
178.94.176.0/23 maxlen: 23
178.94.182.0/23 maxlen: 23
178.94.250.0/23 maxlen: 23
178.94.252.0/23 maxlen: 23
178.95.197.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 15:17:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
25:0b:5e:b1:03:ee:57:1f:66:d0:37:53:a9:2b:7a:86:02:83:bf:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Mar 12 12:19:10 2026 GMT
Not After : Mar 11 12:24:10 2027 GMT
Subject: CN=78D0F6ABB66B52AFEDE5CBD1201F6D77DD6045F4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:b4:16:5d:ba:93:d9:c3:c9:7a:2d:54:3d:74:
df:cb:b1:b5:1d:29:cb:bf:90:7f:90:e4:02:bd:a6:
10:a7:dd:80:62:98:62:f5:15:b1:12:51:f8:78:86:
74:8c:46:0c:f4:f3:4e:d0:ca:6b:d1:a8:32:24:d8:
56:2b:59:f8:d3:04:5c:cd:70:07:07:51:78:1d:c2:
a4:9c:23:1d:6d:e4:26:91:3c:6b:5d:5b:6f:91:60:
1a:e5:48:be:0d:ad:de:70:dc:27:d6:19:d6:a7:fd:
d9:14:7e:88:f9:37:c1:2a:9f:8a:5c:d6:66:e2:d9:
33:e6:9a:c8:f1:e5:cd:2c:92:6d:3b:b3:37:8b:f3:
df:2c:63:cc:9f:90:8f:a3:89:77:62:ae:f9:d6:61:
de:11:c6:64:56:0d:fb:26:bf:23:6c:82:f7:0c:0b:
b0:27:28:a3:9f:e4:e1:13:bd:bc:09:3e:56:10:ea:
09:4e:cd:39:f8:58:ec:9e:78:2a:dd:c8:6b:3e:e7:
da:18:45:1f:c7:62:56:19:0a:08:2f:cf:da:a9:31:
0b:db:fb:3d:aa:48:77:b4:17:8e:9a:7e:ea:47:66:
86:f2:da:8b:4a:f3:0e:14:40:6c:65:e7:2d:0b:5c:
df:00:2c:a5:bd:00:92:bf:e5:6e:d1:3e:a6:05:33:
0c:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:D0:F6:AB:B6:6B:52:AF:ED:E5:CB:D1:20:1F:6D:77:DD:60:45:F4
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS20473.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.124.14.0/23
91.124.18.0/23
91.124.40.0/22
91.124.236.0/23
92.112.147.0/24
95.135.12.0/23
95.135.18.0/23
95.135.24.0/23
95.135.30.0/23
95.135.36.0/23
95.135.48.0/23
95.135.54.0/23
95.135.68.0/23
95.135.124.0/23
95.135.160.0/23
95.135.202.0/23
95.135.240.0/23
95.135.244.0/23
95.135.254.0/23
178.92.40.0/22
178.92.48.0/24
178.92.72.0/23
178.92.96.0/23
178.92.110.0/23
178.92.120.0/22
178.92.125.0-178.92.129.255
178.92.136.0/23
178.92.142.0/23
178.92.146.0/23
178.92.158.0/23
178.92.162.0/23
178.92.188.0/23
178.92.192.0/22
178.92.204.0/23
178.92.208.0/23
178.92.216.0/22
178.93.78.0-178.93.83.255
178.93.118.0/23
178.93.160.0/23
178.93.164.0/23
178.93.170.0/23
178.93.176.0/22
178.93.182.0-178.93.185.255
178.93.200.0/23
178.93.212.0/23
178.93.216.0/23
178.93.238.0/23
178.93.246.0-178.93.253.255
178.94.10.0/23
178.94.14.0/23
178.94.22.0-178.94.25.255
178.94.28.0/22
178.94.36.0/23
178.94.42.0/23
178.94.128.0-178.94.139.255
178.94.160.0/23
178.94.176.0/23
178.94.182.0/23
178.94.250.0-178.94.253.255
178.95.197.0/24
Signature Algorithm: sha256WithRSAEncryption
55:5f:ed:08:69:a6:fe:9e:33:a5:10:57:11:19:a4:83:ef:1c:
54:92:41:3c:75:b2:4f:d8:07:91:e0:79:ad:1a:e2:7e:9f:73:
e9:16:20:29:70:98:2f:ac:0c:89:10:64:c0:0d:bf:ac:9b:be:
86:66:48:46:37:81:6c:6f:56:83:ed:66:13:18:0a:8e:34:99:
05:6f:a5:4e:c9:6d:6a:ac:2b:d5:8a:89:cf:d5:07:41:40:bc:
53:8f:48:4d:59:39:78:12:80:4e:a4:ff:e6:8b:da:c2:8f:a5:
b9:24:25:38:35:43:19:fd:ca:53:2a:5e:2b:a6:cc:76:6b:8e:
32:eb:e3:0b:4c:09:0f:25:fa:f1:e4:ab:28:3f:3b:7e:46:63:
0f:9a:07:3b:1e:ff:a5:f8:96:49:2a:33:be:03:87:c2:94:cd:
9f:0b:ad:7d:f9:93:e0:a2:de:ca:9b:40:15:20:a2:b6:76:0b:
57:76:5a:76:5c:22:cc:6e:69:05:18:fa:86:3b:eb:3f:9b:a3:
5e:e4:c3:91:9a:ad:97:11:ec:ef:56:78:2d:8f:17:e5:1b:6f:
2c:dd:8a:22:2c:22:ea:bd:9d:36:c4:56:fe:24:38:e0:87:45:
d6:41:8d:2f:a4:41:1c:82:cd:57:71:73:24:72:2f:c5:8c:37:
6c:f0:62:c9
-----BEGIN CERTIFICATE-----
MIIGozCCBYugAwIBAgIUJQtesQPuVx9m0DdTqSt6hgKDv+owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNjAzMTIxMjE5MTBaFw0yNzAzMTExMjI0MTBaMDMxMTAvBgNV
BAMTKDc4RDBGNkFCQjY2QjUyQUZFREU1Q0JEMTIwMUY2RDc3REQ2MDQ1RjQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCutBZdupPZw8l6LVQ9dN/LsbUd
Kcu/kH+Q5AK9phCn3YBimGL1FbESUfh4hnSMRgz0807QymvRqDIk2FYrWfjTBFzN
cAcHUXgdwqScIx1t5CaRPGtdW2+RYBrlSL4Nrd5w3CfWGdan/dkUfoj5N8Eqn4pc
1mbi2TPmmsjx5c0skm07szeL898sY8yfkI+jiXdirvnWYd4RxmRWDfsmvyNsgvcM
C7AnKKOf5OETvbwJPlYQ6glOzTn4WOyeeCrdyGs+59oYRR/HYlYZCggvz9qpMQvb
+z2qSHe0F46afupHZoby2otK8w4UQGxl5y0LXN8ALKW9AJK/5W7RPqYFMwxtAgMB
AAGjggOtMIIDqTAdBgNVHQ4EFgQUeND2q7ZrUq/t5cvRIB9td91gRfQwHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTMjA0NzMucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwggHBBggrBgEFBQcBBwEB/wSCAbAwggGsMIIBqAQCAAEw
ggGgAwQBW3wOAwQBW3wSAwQCW3woAwQBW3zsAwQAXHCTAwQBX4cMAwQBX4cSAwQB
X4cYAwQBX4ceAwQBX4ckAwQBX4cwAwQBX4c2AwQBX4dEAwQBX4d8AwQBX4egAwQB
X4fKAwQBX4fwAwQBX4f0AwQBX4f+AwQCslwoAwQAslwwAwQBslxIAwQBslxgAwQB
slxuAwQCslx4MAwDBACyXH0DBAGyXIADBAGyXIgDBAGyXI4DBAGyXJIDBAGyXJ4D
BAGyXKIDBAGyXLwDBAKyXMADBAGyXMwDBAGyXNADBAKyXNgwDAMEAbJdTgMEArJd
UAMEAbJddgMEAbJdoAMEAbJdpAMEAbJdqgMEArJdsDAMAwQBsl22AwQBsl24AwQB
sl3IAwQBsl3UAwQBsl3YAwQBsl3uMAwDBAGyXfYDBAGyXfwDBAGyXgoDBAGyXg4w
DAMEAbJeFgMEAbJeGAMEArJeHAMEAbJeJAMEAbJeKjAMAwQHsl6AAwQCsl6IAwQB
sl6gAwQBsl6wAwQBsl62MAwDBAGyXvoDBAGyXvwDBACyX8UwDQYJKoZIhvcNAQEL
BQADggEBAFVf7Qhppv6eM6UQVxEZpIPvHFSSQTx1sk/YB5Hgea0a4n6fc+kWIClw
mC+sDIkQZMANv6ybvoZmSEY3gWxvVoPtZhMYCo40mQVvpU7JbWqsK9WKic/VB0FA
vFOPSE1ZOXgSgE6k/+aL2sKPpbkkJTg1Qxn9ylMqXiumzHZrjjLr4wtMCQ8l+vHk
qyg/O35GYw+aBzse/6X4lkkqM74Dh8KUzZ8LrX35k+Ci3sqbQBUgorZ2C1d2WnZc
IsxuaQUY+oY76z+bo17kw5GarZcR7O9WeC2PF+UbbyzdiiIsIuq9nTbEVv4kOOCH
RdZBjS+kQRyCzVdxcyRyL8WMN2zwYsk=
-----END CERTIFICATE-----
Generated at Thu Mar 26 00:48:35 2026 by rpki-client