Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS20473.roa
File: AS20473.roa (raw, json)
Hash identifier: RrlwMVPYeLTg0rvW/jUQPn+U3SbtGWlFtOtwSGETMjU=
Subject key identifier: 14:BF:9F:E7:EC:3B:7E:90:D5:21:DA:8F:47:98:71:AC:AB:8E:02:61
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 1B1433C869CB57BA303F267CCEC1CCF815ABE9
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS20473.roa
Signing time: Mon 09 Jun 2025 00:00:43 +0000
ROA not before: Sun 08 Jun 2025 23:55:43 +0000
ROA not after: Mon 08 Jun 2026 00:00:43 +0000
asID: 20473
IP address blocks: 147.79.24.0/23 maxlen: 23
148.135.172.0/24 maxlen: 24
150.241.208.0/24 maxlen: 24
150.241.216.0/21 maxlen: 24
150.241.234.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 16 Jun 2025 04:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1b:14:33:c8:69:cb:57:ba:30:3f:26:7c:ce:c1:cc:f8:15:ab:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Jun 8 23:55:43 2025 GMT
Not After : Jun 8 00:00:43 2026 GMT
Subject: CN=14BF9FE7EC3B7E90D521DA8F479871ACAB8E0261
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:fe:08:25:44:b5:85:bb:f0:75:be:9e:4e:bd:
8a:7b:6a:c3:5e:2d:92:b5:31:bc:fb:80:2a:cf:29:
5b:53:c7:68:be:13:ce:1d:52:61:26:8d:48:ea:e2:
1c:62:9a:89:fd:45:74:9b:96:c5:2f:94:b6:e4:cb:
75:f9:6c:48:07:08:5a:31:2d:ab:61:ac:f8:d9:9b:
42:30:66:f0:ff:2c:8f:34:81:e8:68:03:78:dd:3f:
0d:e2:ab:87:5d:8d:e6:85:d0:e6:4b:a6:35:ca:7d:
cb:69:30:f3:71:47:4d:b7:1a:95:24:da:26:52:5d:
07:b5:a3:28:25:ec:e7:6b:2e:c6:76:9f:60:ac:b9:
9d:11:46:52:11:78:36:b3:05:cb:08:af:c8:32:af:
4a:96:93:b9:80:72:76:ed:ae:bb:24:23:46:70:10:
d2:10:b8:8b:6a:90:dd:6f:cd:57:55:5f:02:31:26:
84:4f:6d:d1:63:49:35:65:dd:32:a6:f5:ff:0e:54:
37:d1:4b:6f:da:47:6f:1a:09:58:d6:46:01:6e:39:
d8:1a:bb:47:83:d7:1e:72:90:95:39:de:0e:c8:fb:
fd:e2:06:6d:11:3a:a1:19:42:c5:7e:b3:e7:4a:45:
4d:13:28:31:b7:1e:a6:f4:1c:ae:be:6a:d7:f1:69:
dc:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:BF:9F:E7:EC:3B:7E:90:D5:21:DA:8F:47:98:71:AC:AB:8E:02:61
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS20473.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.79.24.0/23
148.135.172.0/24
150.241.208.0/24
150.241.216.0/21
150.241.234.0/24
Signature Algorithm: sha256WithRSAEncryption
18:2d:f5:58:45:94:b5:40:51:53:26:f9:3c:19:8b:59:b3:f2:
85:60:42:d6:d3:fc:c9:e6:04:65:5e:13:cf:4c:7d:8d:ae:78:
a6:05:18:4f:04:af:b5:fb:10:88:51:77:39:fe:a9:ee:65:49:
41:d5:f8:ba:37:ee:d0:e1:df:85:a9:ed:6f:58:ab:3a:29:96:
06:b6:9c:fd:89:2f:23:8e:09:0f:4f:02:ea:2e:51:eb:c2:2f:
b9:85:33:51:18:a0:fe:5e:17:7f:2f:1d:5d:79:35:d4:67:31:
51:fe:2a:0b:23:35:02:ed:3e:40:a6:8a:f1:c7:bd:44:db:72:
ad:95:e2:22:2b:02:85:a3:9a:5a:6b:8c:fc:15:47:0a:cd:5d:
05:1c:21:1b:ec:5c:e9:75:bf:6f:a0:4e:c3:0b:21:b7:60:ec:
7e:10:7b:05:c8:87:e1:de:b2:dc:f4:dc:a8:9e:26:05:dc:0d:
a3:4f:3f:87:97:9a:f6:03:62:12:7c:35:32:0a:e0:3d:54:3f:
e0:33:a6:a8:a9:6f:25:b9:52:ec:d5:ef:70:c7:41:12:ae:39:
74:7f:db:06:57:f6:04:75:d1:73:a4:7d:e3:a4:32:2b:a5:77:
af:5a:d6:24:72:73:ce:73:15:15:4f:7c:bb:0f:92:3f:40:5c:
bb:32:1e:d7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgITGxQzyGnLV7owPyZ8zsHM+BWr6TANBgkqhkiG9w0BAQsF
ADAzMTEwLwYDVQQDEyg0ZmMzMzZiZjlmM2RlNWNlNDE0MTRiZDE5NzE5NDVmNGIy
NDZiZmNjMB4XDTI1MDYwODIzNTU0M1oXDTI2MDYwODAwMDA0M1owMzExMC8GA1UE
AxMoMTRCRjlGRTdFQzNCN0U5MEQ1MjFEQThGNDc5ODcxQUNBQjhFMDI2MTCCASIw
DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALD+CCVEtYW78HW+nk69intqw14t
krUxvPuAKs8pW1PHaL4Tzh1SYSaNSOriHGKaif1FdJuWxS+UtuTLdflsSAcIWjEt
q2Gs+NmbQjBm8P8sjzSB6GgDeN0/DeKrh12N5oXQ5kumNcp9y2kw83FHTbcalSTa
JlJdB7WjKCXs52suxnafYKy5nRFGUhF4NrMFywivyDKvSpaTuYBydu2uuyQjRnAQ
0hC4i2qQ3W/NV1VfAjEmhE9t0WNJNWXdMqb1/w5UN9FLb9pHbxoJWNZGAW452Bq7
R4PXHnKQlTneDsj7/eIGbRE6oRlCxX6z50pFTRMoMbcepvQcrr5q1/Fp3CkCAwEA
AaOCAiEwggIdMB0GA1UdDgQWBBQUv5/n7Dt+kNUh2o9HmHGsq44CYTAfBgNVHSME
GDAWgBRPwza/nz3lzkFBS9GXGUX0ska/zDAOBgNVHQ8BAf8EBAMCB4AwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5u
ZXQvcmVwb3NpdG9yeS8wOWJlM2FhZS1hZWExLTQxZGMtYjFiOS05NWFjNTkxODI0
NGQvMC80RkMzMzZCRjlGM0RFNUNFNDE0MTRCRDE5NzE5NDVGNEIyNDZCRkNDLmNy
bDBkBggrBgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvVDhNMnY1ODk1YzVCUVV2Umx4bEY5TEpH
djh3LmNlcjB6BggrBgEFBQcBCwRuMGwwagYIKwYBBQUHMAuGXnJzeW5jOi8vcnN5
bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00
MWRjLWIxYjktOTVhYzU5MTgyNDRkLzAvQVMyMDQ3My5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjA3BggrBgEFBQcBBwEB/wQoMCYwJAQCAAEwHgMEAZNPGAME
AJSHrAMEAJbx0AMEA5bx2AMEAJbx6jANBgkqhkiG9w0BAQsFAAOCAQEAGC31WEWU
tUBRUyb5PBmLWbPyhWBC1tP8yeYEZV4Tz0x9ja54pgUYTwSvtfsQiFF3Of6p7mVJ
QdX4ujfu0OHfhantb1irOimWBrac/YkvI44JD08C6i5R68IvuYUzURig/l4Xfy8d
XXk11GcxUf4qCyM1Au0+QKaK8ce9RNtyrZXiIisChaOaWmuM/BVHCs1dBRwhG+xc
6XW/b6BOwwsht2DsfhB7BciH4d6y3PTcqJ4mBdwNo08/h5ea9gNiEnw1MgrgPVQ/
4DOmqKlvJblS7NXvcMdBEq45dH/bBlf2BHXRc6R946QyK6V3r1rWJHJzznMVFU98
uw+SP0BcuzIe1w==
-----END CERTIFICATE-----
Generated at Sun Jun 15 14:11:41 2025 by rpki-client