Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS20473.roa
File: AS20473.roa (raw, json)
Hash identifier: oClwdI0iPES2tLFpcZU0AdyzBFn3xx8xlMlmy8jQ7DE=
Subject key identifier: 35:CB:C0:F1:B3:61:31:95:61:E0:F2:93:78:E2:69:46:40:03:14:3C
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 6BC71BF3C070A0D5BE250F898C158A206F364B32
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS20473.roa
Signing time: Fri 20 Jun 2025 10:10:43 +0000
ROA not before: Fri 20 Jun 2025 10:05:43 +0000
ROA not after: Fri 19 Jun 2026 10:10:43 +0000
asID: 20473
IP address blocks: 91.124.80.0/24 maxlen: 24
91.124.126.0/24 maxlen: 24
91.124.177.0/24 maxlen: 24
92.112.147.0/24 maxlen: 24
95.135.110.0/24 maxlen: 24
95.135.117.0/24 maxlen: 24
95.135.124.0/24 maxlen: 24
95.135.249.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 15:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6b:c7:1b:f3:c0:70:a0:d5:be:25:0f:89:8c:15:8a:20:6f:36:4b:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Jun 20 10:05:43 2025 GMT
Not After : Jun 19 10:10:43 2026 GMT
Subject: CN=35CBC0F1B361319561E0F29378E269464003143C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:97:9e:f3:e2:6a:39:40:09:9d:77:a8:6f:ee:
33:69:3e:0b:ae:77:0f:d1:04:7c:a6:13:03:3b:5d:
fc:98:54:38:c1:40:f5:db:71:fd:4e:e7:26:55:bb:
bf:d6:12:98:d7:b5:80:c8:bf:66:8e:66:e8:b2:e7:
8b:a0:19:db:c8:29:31:8e:09:35:ef:14:89:ea:b6:
90:23:6a:67:ea:dc:76:cb:27:30:9c:3d:e7:c7:79:
1f:c2:4c:df:24:e7:69:aa:02:5c:91:6c:4a:cb:3b:
4c:9a:24:54:d8:ce:70:80:d0:7b:9d:bc:34:0c:3b:
d6:97:c1:40:0e:9e:c5:8f:39:ba:e5:b2:64:aa:6b:
17:d3:c7:d4:e4:ab:81:36:ed:0c:e4:bb:85:57:e9:
d9:18:c4:65:1f:a8:25:52:a4:b5:da:66:ac:21:dd:
9e:62:90:f2:98:23:1b:13:80:e1:35:94:30:d5:ce:
9e:d3:22:8c:f3:b1:37:bf:63:f5:b8:6a:fe:42:ec:
46:55:ed:5e:58:43:62:1d:d3:47:e1:7d:54:fb:da:
d5:0e:f6:f5:a6:77:34:9c:cc:93:10:a3:54:aa:ea:
c7:76:a9:5d:81:59:19:f3:c7:7b:bb:13:66:94:9e:
e3:03:b9:27:15:cc:44:04:89:93:a5:c8:1c:fa:33:
8c:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:CB:C0:F1:B3:61:31:95:61:E0:F2:93:78:E2:69:46:40:03:14:3C
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS20473.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.124.80.0/24
91.124.126.0/24
91.124.177.0/24
92.112.147.0/24
95.135.110.0/24
95.135.117.0/24
95.135.124.0/24
95.135.249.0/24
Signature Algorithm: sha256WithRSAEncryption
5b:3c:4b:0c:46:5d:38:19:cd:5c:be:1c:c5:c8:24:45:87:9e:
cf:53:7b:ad:44:e0:7b:4e:59:b7:03:d9:42:40:02:82:83:e8:
e8:04:52:b0:ad:28:be:b3:63:68:f8:15:c3:8d:3d:ec:a7:d8:
8d:e8:5c:75:ca:3f:7e:54:f7:3a:48:34:2f:04:fb:7a:42:01:
6b:23:88:a4:ff:83:3e:f0:57:ca:39:76:82:62:bc:9b:c3:6e:
ee:4b:c2:c8:b4:3b:7b:50:88:bc:29:94:f0:65:57:d9:81:cf:
e2:25:4c:57:c3:af:56:9b:75:15:7a:88:80:53:35:80:22:72:
de:ba:a8:58:29:f7:37:5a:7c:c3:93:74:74:c4:6b:50:b5:a0:
2e:7d:aa:cf:ec:5a:9e:ec:42:01:3e:89:30:8c:0e:f3:20:c6:
b5:90:02:12:b9:84:ff:d5:f3:13:54:91:6a:5c:3a:ea:73:e1:
16:ee:0c:cf:1b:fc:b1:0b:cf:27:4f:7f:6d:99:e2:c7:28:da:
f5:95:f8:de:9d:dc:e1:d1:42:ab:c6:52:ab:87:e1:4a:ce:14:
4f:59:c5:1a:39:f3:02:58:2b:95:4a:3c:d0:bf:2c:4d:b7:86:
64:bb:4a:b1:11:91:09:9e:2b:4a:28:d5:57:9a:8d:fb:f0:5c:
4e:6a:37:cf
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgIUa8cb88BwoNW+JQ+JjBWKIG82SzIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNTA2MjAxMDA1NDNaFw0yNjA2MTkxMDEwNDNaMDMxMTAvBgNV
BAMTKDM1Q0JDMEYxQjM2MTMxOTU2MUUwRjI5Mzc4RTI2OTQ2NDAwMzE0M0MwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC7l57z4mo5QAmdd6hv7jNpPguu
dw/RBHymEwM7XfyYVDjBQPXbcf1O5yZVu7/WEpjXtYDIv2aOZuiy54ugGdvIKTGO
CTXvFInqtpAjamfq3HbLJzCcPefHeR/CTN8k52mqAlyRbErLO0yaJFTYznCA0Hud
vDQMO9aXwUAOnsWPObrlsmSqaxfTx9Tkq4E27Qzku4VX6dkYxGUfqCVSpLXaZqwh
3Z5ikPKYIxsTgOE1lDDVzp7TIozzsTe/Y/W4av5C7EZV7V5YQ2Id00fhfVT72tUO
9vWmdzSczJMQo1Sq6sd2qV2BWRnzx3u7E2aUnuMDuScVzEQEiZOlyBz6M4zBAgMB
AAGjggIzMIICLzAdBgNVHQ4EFgQUNcvA8bNhMZVh4PKTeOJpRkADFDwwHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTMjA0NzMucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwSQYIKwYBBQUHAQcBAf8EOjA4MDYEAgABMDADBABbfFAD
BABbfH4DBABbfLEDBABccJMDBABfh24DBABfh3UDBABfh3wDBABfh/kwDQYJKoZI
hvcNAQELBQADggEBAFs8SwxGXTgZzVy+HMXIJEWHns9Te61E4HtOWbcD2UJAAoKD
6OgEUrCtKL6zY2j4FcONPeyn2I3oXHXKP35U9zpINC8E+3pCAWsjiKT/gz7wV8o5
doJivJvDbu5Lwsi0O3tQiLwplPBlV9mBz+IlTFfDr1abdRV6iIBTNYAict66qFgp
9zdafMOTdHTEa1C1oC59qs/sWp7sQgE+iTCMDvMgxrWQAhK5hP/V8xNUkWpcOupz
4RbuDM8b/LELzydPf22Z4sco2vWV+N6d3OHRQqvGUquH4UrOFE9ZxRo58wJYK5VK
PNC/LE23hmS7SrERkQmeK0oo1VeajfvwXE5qN88=
-----END CERTIFICATE-----
Generated at Sat Jun 28 23:56:24 2025 by rpki-client