Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS20473.roa
File: AS20473.roa (raw, json)
Hash identifier: ovBQZwT3wzcAi1RXsoQ9dFBGnTxY7fj3KeA2AYzGj2I=
Subject key identifier: B2:6D:B4:4C:06:C0:63:E6:A8:CF:63:97:34:4B:31:B7:7E:9A:D2:92
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 6A8E2568AA2733E81C59AFC990C6977AD7DCEC2D
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS20473.roa
Signing time: Fri 25 Jul 2025 00:00:14 +0000
ROA not before: Thu 24 Jul 2025 23:55:14 +0000
ROA not after: Fri 24 Jul 2026 00:00:14 +0000
asID: 20473
IP address blocks: 143.14.0.0/24 maxlen: 24
143.14.229.0/24 maxlen: 24
150.241.208.0/24 maxlen: 24
150.241.216.0/21 maxlen: 24
150.241.234.0/24 maxlen: 24
162.141.12.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 03:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6a:8e:25:68:aa:27:33:e8:1c:59:af:c9:90:c6:97:7a:d7:dc:ec:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Jul 24 23:55:14 2025 GMT
Not After : Jul 24 00:00:14 2026 GMT
Subject: CN=B26DB44C06C063E6A8CF6397344B31B77E9AD292
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:48:aa:62:b8:83:64:08:5c:fd:0a:3b:2b:42:
2c:9c:99:04:41:94:74:33:8c:4e:49:6b:a8:4f:09:
a1:28:3b:cf:22:cb:44:48:d0:3a:c0:d4:75:96:75:
ef:bf:f7:71:3c:ab:f4:c7:88:d0:77:c0:b9:38:c1:
23:3c:ee:5a:f7:bd:bb:91:30:b6:2b:03:6d:0b:bc:
8f:eb:14:7a:f7:f6:20:12:9d:c5:a3:71:3b:53:05:
d9:12:f0:63:4b:ec:74:f9:a5:e6:b6:37:aa:07:d5:
37:4b:b4:33:dc:35:32:62:07:cd:ca:e2:20:5c:f4:
61:90:7d:c2:37:a3:cf:92:4d:35:2c:f2:3c:80:47:
0c:1b:a0:c8:b4:ff:02:d1:54:19:b6:5b:72:20:43:
8d:c4:e9:0f:cf:82:85:60:18:31:db:36:af:b4:09:
39:8e:e5:20:17:87:55:d7:39:19:96:4e:68:7c:fd:
36:f8:fd:51:90:e4:0b:c7:29:a7:b7:7b:8d:81:58:
28:08:9d:d8:07:a1:80:a1:b1:04:33:8a:50:6f:63:
bc:39:7a:66:be:d2:7c:82:d1:2b:35:df:34:db:68:
b2:44:5d:6b:58:4f:b5:3f:2e:04:99:bb:24:02:06:
61:6e:00:a6:5b:4a:a1:21:38:6c:55:38:fd:69:f9:
8d:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:6D:B4:4C:06:C0:63:E6:A8:CF:63:97:34:4B:31:B7:7E:9A:D2:92
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS20473.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.14.0.0/24
143.14.229.0/24
150.241.208.0/24
150.241.216.0/21
150.241.234.0/24
162.141.12.0/24
Signature Algorithm: sha256WithRSAEncryption
4f:09:2d:e5:01:c2:a4:23:53:8d:e1:2d:8f:c0:25:59:0b:c5:
09:a2:f6:6c:8e:8b:6f:b9:e1:81:65:0f:e8:d2:9a:a3:7a:5e:
7b:9d:94:1b:e5:26:59:cf:55:f4:cc:5d:61:fe:81:00:d2:c2:
ce:bc:3f:64:d1:81:0f:ed:75:1b:ff:80:ce:2d:10:ef:49:1a:
9e:e3:b4:e3:4b:7e:b1:9e:c7:81:c2:7e:8e:07:0f:ed:15:92:
53:1b:8e:ad:47:0e:7e:31:3c:37:1b:6b:ff:1e:f9:b7:d9:90:
fa:52:5b:ae:21:93:76:99:b9:a5:c4:08:df:9c:d9:f5:05:2a:
31:30:8a:fb:fa:92:5a:3c:06:83:bb:63:e8:2d:7b:1d:e4:78:
31:89:22:14:30:db:07:1f:bc:35:d3:8a:fe:f0:4d:54:23:fa:
b5:a0:f9:aa:f6:d9:71:0b:31:ef:68:29:6a:f9:bd:e3:6b:84:
39:ae:d9:b3:73:b4:a6:2b:d0:ee:b9:02:ce:8e:bd:b1:4d:ce:
4f:ad:9e:23:d2:b8:be:47:3d:9a:db:a3:48:c9:2a:28:98:bc:
87:5a:af:84:30:85:77:80:16:3c:9e:5c:d0:f7:aa:7e:e9:ae:
36:b1:5f:b3:9f:7d:cb:39:70:0d:1a:e1:ed:2e:0d:c4:e1:6c:
e6:65:fe:31
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgIUao4laKonM+gcWa/JkMaXetfc7C0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTA3MjQyMzU1MTRaFw0yNjA3MjQwMDAwMTRaMDMxMTAvBgNV
BAMTKEIyNkRCNDRDMDZDMDYzRTZBOENGNjM5NzM0NEIzMUI3N0U5QUQyOTIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDhSKpiuINkCFz9CjsrQiycmQRB
lHQzjE5Ja6hPCaEoO88iy0RI0DrA1HWWde+/93E8q/THiNB3wLk4wSM87lr3vbuR
MLYrA20LvI/rFHr39iASncWjcTtTBdkS8GNL7HT5pea2N6oH1TdLtDPcNTJiB83K
4iBc9GGQfcI3o8+STTUs8jyARwwboMi0/wLRVBm2W3IgQ43E6Q/PgoVgGDHbNq+0
CTmO5SAXh1XXORmWTmh8/Tb4/VGQ5AvHKae3e42BWCgIndgHoYChsQQzilBvY7w5
ema+0nyC0Ss13zTbaLJEXWtYT7U/LgSZuyQCBmFuAKZbSqEhOGxVOP1p+Y0pAgMB
AAGjggInMIICIzAdBgNVHQ4EFgQUsm20TAbAY+aoz2OXNEsxt36a0pIwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMjA0NzMucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwPQYIKwYBBQUHAQcBAf8ELjAsMCoEAgABMCQDBACPDgAD
BACPDuUDBACW8dADBAOW8dgDBACW8eoDBACijQwwDQYJKoZIhvcNAQELBQADggEB
AE8JLeUBwqQjU43hLY/AJVkLxQmi9myOi2+54YFlD+jSmqN6XnudlBvlJlnPVfTM
XWH+gQDSws68P2TRgQ/tdRv/gM4tEO9JGp7jtONLfrGex4HCfo4HD+0VklMbjq1H
Dn4xPDcba/8e+bfZkPpSW64hk3aZuaXECN+c2fUFKjEwivv6klo8BoO7Y+gtex3k
eDGJIhQw2wcfvDXTiv7wTVQj+rWg+ar22XELMe9oKWr5veNrhDmu2bNztKYr0O65
As6OvbFNzk+tniPSuL5HPZrbo0jJKiiYvIdar4QwhXeAFjyeXND3qn7prjaxX7Of
fcs5cA0a4e0uDcThbOZl/jE=
-----END CERTIFICATE-----
Generated at Mon Aug 4 07:41:24 2025 by rpki-client