Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS20473.roa
File: AS20473.roa (raw, json)
Hash identifier: p2KjWQeCl8kXn6Fy7fQz/SONAmDaVUZ2VK52f65XkT8=
Subject key identifier: DB:8E:69:AB:32:75:58:D1:A4:63:7F:F6:4E:9C:31:E5:8A:56:39:DD
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 3B70EE56EAE2A7F104236A9C6DC318323F66DB54
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS20473.roa
Signing time: Mon 22 Sep 2025 14:15:44 +0000
ROA not before: Mon 22 Sep 2025 14:10:44 +0000
ROA not after: Mon 21 Sep 2026 14:15:44 +0000
asID: 20473
IP address blocks: 91.124.80.0/24 maxlen: 24
91.124.126.0/24 maxlen: 24
92.112.147.0/24 maxlen: 24
95.135.110.0/24 maxlen: 24
95.135.117.0/24 maxlen: 24
95.135.124.0/24 maxlen: 24
95.135.249.0/24 maxlen: 24
178.92.48.0/24 maxlen: 24
178.92.73.0/24 maxlen: 24
178.92.81.0/24 maxlen: 24
178.92.83.0/24 maxlen: 24
178.92.84.0/24 maxlen: 24
178.92.87.0/24 maxlen: 24
178.92.90.0/24 maxlen: 24
178.92.94.0/24 maxlen: 24
178.92.95.0/24 maxlen: 24
178.92.119.0/24 maxlen: 24
178.92.125.0/24 maxlen: 24
178.95.197.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3b:70:ee:56:ea:e2:a7:f1:04:23:6a:9c:6d:c3:18:32:3f:66:db:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Sep 22 14:10:44 2025 GMT
Not After : Sep 21 14:15:44 2026 GMT
Subject: CN=DB8E69AB327558D1A4637FF64E9C31E58A5639DD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:f1:44:85:5f:93:8b:56:94:1b:a9:bc:2c:2d:
48:cc:cb:0a:85:e4:5e:7b:14:35:e2:2e:28:40:ba:
3a:ef:ed:b5:06:d9:a9:63:b0:76:d3:fa:78:85:c1:
90:cc:5b:22:81:b4:c0:b0:27:a6:69:87:66:37:1d:
05:84:6f:ab:3f:88:68:c0:75:c8:df:23:35:0c:be:
b4:5e:1d:4e:f5:1d:36:75:5a:5a:8c:48:30:d4:cc:
a1:d8:56:b9:dc:6e:04:5e:55:3e:db:15:4f:26:99:
92:73:ac:94:c6:40:fb:5b:f9:9a:4e:8b:67:df:3e:
d3:cc:bb:b1:d2:5f:6f:46:31:57:7d:61:e2:af:f6:
aa:4c:6d:74:ad:f1:84:73:52:f6:7e:7d:dd:a6:78:
2d:26:23:e0:0e:04:ef:46:5c:53:48:05:fb:b9:0a:
06:1d:2e:c3:ce:55:81:2f:21:3f:0e:e0:f2:1d:cf:
de:3c:73:c2:89:bb:fa:78:40:18:73:0f:0a:ee:8e:
01:66:b9:cc:c3:02:5e:70:51:f7:f8:25:87:80:24:
d1:80:9e:96:7a:86:80:22:3c:12:92:df:d9:74:bd:
66:23:3d:b2:1d:c8:95:1a:1f:d4:c2:ac:51:32:e8:
15:9e:cb:8d:ac:cb:ce:51:94:42:bd:e7:6f:44:00:
2f:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:8E:69:AB:32:75:58:D1:A4:63:7F:F6:4E:9C:31:E5:8A:56:39:DD
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS20473.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.124.80.0/24
91.124.126.0/24
92.112.147.0/24
95.135.110.0/24
95.135.117.0/24
95.135.124.0/24
95.135.249.0/24
178.92.48.0/24
178.92.73.0/24
178.92.81.0/24
178.92.83.0-178.92.84.255
178.92.87.0/24
178.92.90.0/24
178.92.94.0/23
178.92.119.0/24
178.92.125.0/24
178.95.197.0/24
Signature Algorithm: sha256WithRSAEncryption
83:9a:44:14:bf:1a:2a:b5:ce:3f:3b:f4:c6:71:40:6d:db:60:
73:c4:4c:f6:9e:71:91:6e:61:1e:26:09:02:53:7e:d3:63:be:
17:e8:ff:58:e2:28:3e:58:ce:eb:aa:e7:1c:97:26:ed:06:bf:
74:ec:73:e9:e8:17:62:d2:2e:9e:8a:98:fd:ae:f9:74:47:a0:
1f:7c:f4:89:65:fd:58:6c:36:c3:8a:b3:96:c6:02:1e:58:ad:
35:93:c6:7b:cd:99:af:08:7e:5b:03:23:17:e2:7f:1b:b4:6b:
10:6b:30:a7:1a:f5:f7:4c:3e:dc:c3:ff:80:21:90:70:35:07:
d2:a1:de:27:b1:49:7c:23:cc:94:de:e2:3f:a3:1e:98:b6:a7:
55:04:75:cb:f3:c5:04:6a:9c:17:88:fc:36:a8:98:7c:4d:10:
99:cb:c6:db:f6:0f:e8:0e:85:6c:a2:eb:f3:f0:5f:b7:27:85:
64:79:54:f2:e3:ec:a9:c1:47:b2:c3:88:c2:16:66:15:92:54:
e0:84:aa:1e:4c:b5:68:4f:40:8d:53:ad:9a:46:c5:8c:a6:40:
44:ea:a2:bf:74:72:8e:5e:f3:df:ad:a8:a5:f8:b4:ef:9b:68:
0c:b8:f7:81:93:47:01:62:20:94:08:6a:20:4b:5e:26:23:4c:
58:71:79:4e
-----BEGIN CERTIFICATE-----
MIIFaDCCBFCgAwIBAgIUO3DuVurip/EEI2qcbcMYMj9m21QwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNTA5MjIxNDEwNDRaFw0yNjA5MjExNDE1NDRaMDMxMTAvBgNV
BAMTKERCOEU2OUFCMzI3NTU4RDFBNDYzN0ZGNjRFOUMzMUU1OEE1NjM5REQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC28USFX5OLVpQbqbwsLUjMywqF
5F57FDXiLihAujrv7bUG2aljsHbT+niFwZDMWyKBtMCwJ6Zph2Y3HQWEb6s/iGjA
dcjfIzUMvrReHU71HTZ1WlqMSDDUzKHYVrncbgReVT7bFU8mmZJzrJTGQPtb+ZpO
i2ffPtPMu7HSX29GMVd9YeKv9qpMbXSt8YRzUvZ+fd2meC0mI+AOBO9GXFNIBfu5
CgYdLsPOVYEvIT8O4PIdz948c8KJu/p4QBhzDwrujgFmuczDAl5wUff4JYeAJNGA
npZ6hoAiPBKS39l0vWYjPbIdyJUaH9TCrFEy6BWey42sy85RlEK9529EAC93AgMB
AAGjggJyMIICbjAdBgNVHQ4EFgQU245pqzJ1WNGkY3/2Tpwx5YpWOd0wHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTMjA0NzMucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwgYcGCCsGAQUFBwEHAQH/BHgwdjB0BAIAATBuAwQAW3xQ
AwQAW3x+AwQAXHCTAwQAX4duAwQAX4d1AwQAX4d8AwQAX4f5AwQAslwwAwQAslxJ
AwQAslxRMAwDBACyXFMDBACyXFQDBACyXFcDBACyXFoDBAGyXF4DBACyXHcDBACy
XH0DBACyX8UwDQYJKoZIhvcNAQELBQADggEBAIOaRBS/Giq1zj879MZxQG3bYHPE
TPaecZFuYR4mCQJTftNjvhfo/1jiKD5Yzuuq5xyXJu0Gv3Tsc+noF2LSLp6KmP2u
+XRHoB989Ill/VhsNsOKs5bGAh5YrTWTxnvNma8IflsDIxfifxu0axBrMKca9fdM
PtzD/4AhkHA1B9Kh3iexSXwjzJTe4j+jHpi2p1UEdcvzxQRqnBeI/DaomHxNEJnL
xtv2D+gOhWyi6/PwX7cnhWR5VPLj7KnBR7LDiMIWZhWSVOCEqh5MtWhPQI1TrZpG
xYymQETqor90co5e89+tqKX4tO+baAy494GTRwFiIJQIaiBLXiYjTFhxeU4=
-----END CERTIFICATE-----
Generated at Sun Oct 19 19:37:12 2025 by rpki-client