Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS20326.roa
File: AS20326.roa (raw, json)
Hash identifier: Yni8bwlPakpyKEq5HKj7cPsaSmexLvA20VGAJxQEzq0=
Subject key identifier: 31:F0:4F:95:D3:90:CC:D8:BD:99:34:C5:38:54:E6:D3:BF:08:69:E9
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 27BAAA1138DDEC6D6429232A91E84042B87A9CFE
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS20326.roa
Signing time: Sun 05 Apr 2026 11:38:01 +0000
ROA not before: Sun 05 Apr 2026 11:33:01 +0000
ROA not after: Sun 04 Apr 2027 11:38:01 +0000
asID: 20326
IP address blocks: 96.62.200.0/21 maxlen: 24
167.148.80.0/21 maxlen: 24
167.148.198.0/24 maxlen: 24
167.148.204.0/24 maxlen: 24
167.148.207.0/24 maxlen: 24
167.148.210.0/24 maxlen: 24
168.222.116.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 22:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
27:ba:aa:11:38:dd:ec:6d:64:29:23:2a:91:e8:40:42:b8:7a:9c:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Apr 5 11:33:01 2026 GMT
Not After : Apr 4 11:38:01 2027 GMT
Subject: CN=31F04F95D390CCD8BD9934C53854E6D3BF0869E9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:5f:fb:ae:d3:b2:9e:69:32:e8:49:46:82:9b:
6e:d4:10:e8:c4:b5:7a:f1:a3:7a:0e:20:83:72:fe:
21:22:60:78:5f:f3:c1:83:7e:22:3b:9d:e6:cf:df:
18:b9:f7:f9:8f:da:60:48:1c:ad:51:29:f2:fb:95:
ef:4a:0d:ba:41:2f:7d:e1:31:6f:08:19:e6:e3:72:
f3:5e:4a:15:1a:88:5f:a5:d6:8a:fd:40:e5:d5:3c:
59:ff:e2:1c:2e:33:43:24:20:f8:37:c6:76:eb:82:
1c:41:05:29:76:08:03:8c:47:19:dd:2d:1f:6b:34:
22:55:56:98:4a:99:de:c2:ac:8c:bc:44:7e:bd:9a:
b2:5c:18:ce:db:53:d3:98:72:9e:55:1b:22:6e:c3:
f6:e1:b5:d3:9c:79:23:45:31:a7:f1:d2:da:cb:d6:
97:83:da:d3:10:74:43:f4:b5:97:61:45:13:73:5e:
18:a5:3b:82:60:40:9e:de:9a:a1:83:b5:58:e8:b9:
52:67:1e:1e:e0:e4:21:af:d0:69:13:e9:2a:c4:8a:
7a:2f:ee:ad:55:f9:ba:8c:da:41:51:45:3b:dd:ed:
d3:01:d6:c2:65:3a:52:81:18:ae:35:02:28:85:df:
6a:e6:52:59:f5:29:39:a7:86:74:83:03:d5:44:9d:
52:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:F0:4F:95:D3:90:CC:D8:BD:99:34:C5:38:54:E6:D3:BF:08:69:E9
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS20326.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
96.62.200.0/21
167.148.80.0/21
167.148.198.0/24
167.148.204.0/24
167.148.207.0/24
167.148.210.0/24
168.222.116.0/22
Signature Algorithm: sha256WithRSAEncryption
59:86:8e:f4:10:35:4e:eb:3f:fe:3e:eb:e6:e4:f0:6f:3b:58:
8a:22:3e:14:3b:05:9c:ee:d5:a8:b7:ab:b7:7b:76:65:78:75:
9a:88:db:fe:12:59:e1:d8:09:2b:a6:ce:e1:be:80:92:73:ed:
ed:27:80:05:0a:dd:45:22:03:6c:5e:e8:67:49:50:7d:54:06:
42:f2:68:70:8f:91:45:3a:89:89:7b:4e:a8:ff:53:65:f4:14:
12:a3:80:cf:5e:8f:6d:ad:91:d8:5d:da:5e:17:09:70:e4:3f:
d6:98:9c:cf:05:cc:08:24:23:65:76:15:67:c6:9b:55:7d:9b:
03:85:d8:ea:cc:c4:55:bc:38:fb:26:58:b6:8c:3d:db:3e:40:
ed:b8:1e:d9:da:7d:9f:33:73:35:cc:d6:61:2e:e7:c4:b5:b9:
54:e2:04:43:7b:96:c1:49:dd:66:35:17:c2:29:85:92:2f:1b:
80:0a:5e:3c:82:f1:34:da:a4:74:af:7b:11:3c:a3:4c:a3:96:
ad:45:44:36:dd:bb:fe:49:64:31:64:c0:f3:2a:d3:9b:39:cf:
f8:b0:72:3d:41:e0:8e:83:99:61:b7:8c:aa:06:ca:44:9d:99:
bf:fe:d7:b1:dc:c1:95:a3:79:0f:41:51:13:a4:4f:6f:7b:d0:
18:59:c0:8d
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgIUJ7qqETjd7G1kKSMqkehAQrh6nP4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNjA0MDUxMTMzMDFaFw0yNzA0MDQxMTM4MDFaMDMxMTAvBgNV
BAMTKDMxRjA0Rjk1RDM5MENDRDhCRDk5MzRDNTM4NTRFNkQzQkYwODY5RTkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCjX/uu07KeaTLoSUaCm27UEOjE
tXrxo3oOIINy/iEiYHhf88GDfiI7nebP3xi59/mP2mBIHK1RKfL7le9KDbpBL33h
MW8IGebjcvNeShUaiF+l1or9QOXVPFn/4hwuM0MkIPg3xnbrghxBBSl2CAOMRxnd
LR9rNCJVVphKmd7CrIy8RH69mrJcGM7bU9OYcp5VGyJuw/bhtdOceSNFMafx0trL
1peD2tMQdEP0tZdhRRNzXhilO4JgQJ7emqGDtVjouVJnHh7g5CGv0GkT6SrEinov
7q1V+bqM2kFRRTvd7dMB1sJlOlKBGK41AiiF32rmUln1KTmnhnSDA9VEnVJ/AgMB
AAGjggItMIICKTAdBgNVHQ4EFgQUMfBPldOQzNi9mTTFOFTm078IaekwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMjAzMjYucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwQwYIKwYBBQUHAQcBAf8ENDAyMDAEAgABMCoDBANgPsgD
BAOnlFADBACnlMYDBACnlMwDBACnlM8DBACnlNIDBAKo3nQwDQYJKoZIhvcNAQEL
BQADggEBAFmGjvQQNU7rP/4+6+bk8G87WIoiPhQ7BZzu1ai3q7d7dmV4dZqI2/4S
WeHYCSumzuG+gJJz7e0ngAUK3UUiA2xe6GdJUH1UBkLyaHCPkUU6iYl7Tqj/U2X0
FBKjgM9ej22tkdhd2l4XCXDkP9aYnM8FzAgkI2V2FWfGm1V9mwOF2OrMxFW8OPsm
WLaMPds+QO24HtnafZ8zczXM1mEu58S1uVTiBEN7lsFJ3WY1F8IphZIvG4AKXjyC
8TTapHSvexE8o0yjlq1FRDbdu/5JZDFkwPMq05s5z/iwcj1B4I6DmWG3jKoGykSd
mb/+17HcwZWjeQ9BUROkT2970BhZwI0=
-----END CERTIFICATE-----
Generated at Fri Apr 17 03:31:24 2026 by rpki-client