Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS20473.roa
File: AS20473.roa (raw, json)
Hash identifier: M9wfyFxEBu4MJS2wP5VgaNNoKrUZLkWJ/5jJfViU4Kg=
Subject key identifier: 50:4E:A8:1C:53:2C:43:7F:25:C2:20:1B:D4:5D:2C:74:9C:88:09:E6
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 44E0D66D70A6B7B27F295142701D650FA7C5D007
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS20473.roa
Signing time: Mon 18 Aug 2025 00:52:37 +0000
ROA not before: Mon 18 Aug 2025 00:47:37 +0000
ROA not after: Mon 17 Aug 2026 00:52:37 +0000
asID: 20473
IP address blocks: 91.124.80.0/24 maxlen: 24
91.124.126.0/24 maxlen: 24
91.124.177.0/24 maxlen: 24
92.112.58.0/24 maxlen: 24
92.112.147.0/24 maxlen: 24
95.135.110.0/24 maxlen: 24
95.135.117.0/24 maxlen: 24
95.135.124.0/24 maxlen: 24
95.135.192.0/24 maxlen: 24
95.135.249.0/24 maxlen: 24
178.92.48.0/24 maxlen: 24
178.92.52.0/24 maxlen: 24
178.92.83.0/24 maxlen: 24
178.92.88.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 02:34:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
44:e0:d6:6d:70:a6:b7:b2:7f:29:51:42:70:1d:65:0f:a7:c5:d0:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Aug 18 00:47:37 2025 GMT
Not After : Aug 17 00:52:37 2026 GMT
Subject: CN=504EA81C532C437F25C2201BD45D2C749C8809E6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:e0:f8:84:53:e2:b2:93:c2:06:78:ad:c4:8f:
4e:9d:f5:23:ed:8a:00:c4:d8:4c:a8:c0:a3:06:35:
0c:87:54:53:66:6e:33:ae:3c:4c:4e:7c:f0:bc:ab:
94:8d:8c:17:ba:d0:bd:9b:21:d5:5c:e4:1b:0e:23:
e5:39:90:98:5e:c5:0a:f5:25:44:cd:1e:19:eb:ce:
57:f4:66:84:75:c5:50:12:e7:17:2b:e8:0d:2b:42:
27:92:02:32:34:94:88:23:91:5b:63:2c:e7:d6:bc:
9a:27:55:32:d2:bd:be:da:0e:c4:46:8d:18:02:32:
3e:78:2a:2b:27:a4:59:30:53:82:0d:13:4b:e6:70:
d6:35:9c:6b:10:39:6d:c9:7f:65:59:28:9c:50:9a:
f0:be:30:81:d2:2e:21:cc:da:54:de:18:d8:01:9a:
af:10:01:86:b5:e3:a4:4a:81:d0:46:d9:7a:81:1a:
3d:53:9a:1d:b3:de:86:5d:83:ac:46:57:97:ba:e7:
db:38:ad:a5:9a:04:19:ad:c1:3b:22:5e:a2:59:72:
35:43:e0:6e:51:16:74:8e:ed:f0:f4:99:4e:4f:9e:
84:a9:03:36:e7:a6:5e:9b:72:cc:16:1e:99:05:93:
b1:a3:f1:69:b9:5b:13:10:d3:64:a9:ee:76:bd:d6:
db:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:4E:A8:1C:53:2C:43:7F:25:C2:20:1B:D4:5D:2C:74:9C:88:09:E6
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS20473.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.124.80.0/24
91.124.126.0/24
91.124.177.0/24
92.112.58.0/24
92.112.147.0/24
95.135.110.0/24
95.135.117.0/24
95.135.124.0/24
95.135.192.0/24
95.135.249.0/24
178.92.48.0/24
178.92.52.0/24
178.92.83.0/24
178.92.88.0/24
Signature Algorithm: sha256WithRSAEncryption
49:6f:9c:04:04:a1:1b:ba:9c:19:d0:35:ca:42:bf:a9:78:35:
8f:f8:d9:ad:2f:12:66:ab:ed:74:93:f4:52:13:03:eb:6d:27:
62:09:98:48:db:6f:91:c9:33:78:69:08:96:8c:1e:cd:73:d6:
4f:55:c7:b8:be:cb:bc:8a:a9:56:32:87:a9:10:1c:d9:c0:32:
d4:85:d8:12:07:fc:c4:55:76:4e:59:c1:b3:0f:a6:13:5b:e3:
ad:47:f9:2a:0d:b5:18:85:a1:6e:79:1a:19:96:fc:00:07:be:
20:12:f2:55:8a:3c:2c:30:aa:e7:4c:82:6b:18:87:1e:06:c4:
ff:ba:62:99:ca:e5:9b:eb:37:a5:9e:94:52:0e:d7:27:b0:14:
60:7c:39:c6:0c:0a:db:4a:5e:9b:4e:1a:2c:0f:b1:8f:d3:cc:
85:34:cd:f4:6d:7f:2c:d3:74:5c:95:65:a1:8e:c5:12:da:25:
a1:8d:20:32:e2:ba:aa:b2:16:b9:7a:9b:ab:e7:20:11:4a:81:
d1:57:41:a2:99:dd:3e:f8:95:6c:8a:a0:ad:cd:84:0e:bd:8d:
39:65:ba:64:74:91:09:85:6a:5f:49:14:9f:54:06:92:ea:fb:
f8:24:55:eb:6b:e2:a6:d2:fc:e6:8c:63:e3:28:66:9a:81:e4:
1a:ba:77:c6
-----BEGIN CERTIFICATE-----
MIIFTTCCBDWgAwIBAgIURODWbXCmt7J/KVFCcB1lD6fF0AcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNTA4MTgwMDQ3MzdaFw0yNjA4MTcwMDUyMzdaMDMxMTAvBgNV
BAMTKDUwNEVBODFDNTMyQzQzN0YyNUMyMjAxQkQ0NUQyQzc0OUM4ODA5RTYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC54PiEU+Kyk8IGeK3Ej06d9SPt
igDE2EyowKMGNQyHVFNmbjOuPExOfPC8q5SNjBe60L2bIdVc5BsOI+U5kJhexQr1
JUTNHhnrzlf0ZoR1xVAS5xcr6A0rQieSAjI0lIgjkVtjLOfWvJonVTLSvb7aDsRG
jRgCMj54KisnpFkwU4INE0vmcNY1nGsQOW3Jf2VZKJxQmvC+MIHSLiHM2lTeGNgB
mq8QAYa146RKgdBG2XqBGj1Tmh2z3oZdg6xGV5e659s4raWaBBmtwTsiXqJZcjVD
4G5RFnSO7fD0mU5PnoSpAzbnpl6bcswWHpkFk7Gj8Wm5WxMQ02Sp7na91ts5AgMB
AAGjggJXMIICUzAdBgNVHQ4EFgQUUE6oHFMsQ38lwiAb1F0sdJyICeYwHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTMjA0NzMucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwbQYIKwYBBQUHAQcBAf8EXjBcMFoEAgABMFQDBABbfFAD
BABbfH4DBABbfLEDBABccDoDBABccJMDBABfh24DBABfh3UDBABfh3wDBABfh8AD
BABfh/kDBACyXDADBACyXDQDBACyXFMDBACyXFgwDQYJKoZIhvcNAQELBQADggEB
AElvnAQEoRu6nBnQNcpCv6l4NY/42a0vEmar7XST9FITA+ttJ2IJmEjbb5HJM3hp
CJaMHs1z1k9Vx7i+y7yKqVYyh6kQHNnAMtSF2BIH/MRVdk5ZwbMPphNb461H+SoN
tRiFoW55GhmW/AAHviAS8lWKPCwwqudMgmsYhx4GxP+6YpnK5ZvrN6WelFIO1yew
FGB8OcYMCttKXptOGiwPsY/TzIU0zfRtfyzTdFyVZaGOxRLaJaGNIDLiuqqyFrl6
m6vnIBFKgdFXQaKZ3T74lWyKoK3NhA69jTllumR0kQmFal9JFJ9UBpLq+/gkVetr
4qbS/OaMY+MoZpqB5Bq6d8Y=
-----END CERTIFICATE-----
Generated at Sat Aug 23 15:24:17 2025 by rpki-client