Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS20473.roa
File: AS20473.roa (raw, json)
Hash identifier: XZObxJxCNdeXwKlFqbSttgcNZealt3gmtmfAgtBQgTQ=
Subject key identifier: 15:33:78:51:30:BE:23:DA:5C:8D:53:EF:32:9F:45:EF:1B:50:54:C7
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 7E2123B228A5E860CDC34BA7ED484C1CF109C619
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS20473.roa
Signing time: Sun 15 Jun 2025 00:00:22 +0000
ROA not before: Sat 14 Jun 2025 23:55:22 +0000
ROA not after: Sun 14 Jun 2026 00:00:22 +0000
asID: 20473
IP address blocks: 103.141.69.0/24 maxlen: 24
181.215.41.0/24 maxlen: 24
181.215.70.0/24 maxlen: 24
2a0b:500::/32 maxlen: 48
2a0b:501::/32 maxlen: 48
2a0b:502::/32 maxlen: 48
2a0b:503::/32 maxlen: 48
2a0b:504::/32 maxlen: 48
2a0b:505::/32 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 16 Jun 2025 12:46:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7e:21:23:b2:28:a5:e8:60:cd:c3:4b:a7:ed:48:4c:1c:f1:09:c6:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Jun 14 23:55:22 2025 GMT
Not After : Jun 14 00:00:22 2026 GMT
Subject: CN=1533785130BE23DA5C8D53EF329F45EF1B5054C7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:26:91:84:92:8c:0d:8f:f1:ee:b5:ab:20:87:
5c:f2:0c:4f:cc:e8:ec:62:64:42:75:2a:a5:2f:39:
5c:9e:56:a0:e5:80:35:52:58:54:c6:23:7a:b1:27:
19:1b:ab:de:0b:16:e1:b3:e7:d6:fd:ae:d5:18:b1:
7c:7d:84:88:3c:1e:9e:e5:31:0d:3d:9f:96:0e:79:
8b:ec:53:03:92:f4:41:c8:2a:9e:24:dd:d7:0e:6d:
68:60:87:da:75:92:f2:5f:43:72:ad:7a:aa:c3:84:
a1:e7:a8:58:e9:f1:11:98:9d:3b:d1:74:4d:3e:a3:
11:d5:f8:9d:07:e4:d2:1e:6a:f1:2f:36:66:bf:05:
f3:43:1e:13:ea:9a:2d:64:bf:07:94:4a:9a:e8:21:
b1:6e:af:91:b7:fd:25:9c:1f:22:13:22:db:82:f3:
47:41:17:ff:0b:53:78:b3:fd:c9:20:17:75:d3:05:
e4:d4:e2:3c:9e:98:e3:8e:9c:39:10:8f:d1:11:d9:
3c:5f:ee:75:73:1b:1c:16:76:12:61:81:e5:b8:6d:
da:9c:27:68:8c:66:dd:86:79:4e:87:02:18:bb:8c:
d8:d5:80:9d:23:50:de:c6:63:5f:2c:85:51:d9:a1:
8a:fd:4d:71:7f:7f:84:8c:61:3d:d5:f3:43:6d:67:
e0:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:33:78:51:30:BE:23:DA:5C:8D:53:EF:32:9F:45:EF:1B:50:54:C7
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS20473.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.141.69.0/24
181.215.41.0/24
181.215.70.0/24
IPv6:
2a0b:500::-2a0b:505:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
38:d9:9f:1e:16:fa:2b:ba:c5:df:fc:27:b6:f4:54:0a:cd:ed:
32:b5:86:99:6e:55:9c:0b:ef:7a:54:33:08:a6:b0:e6:bc:6a:
76:c5:db:ef:8e:e7:5d:db:ce:0f:f0:4a:85:e2:fa:d8:00:0e:
db:27:82:87:b1:72:16:89:20:a0:b0:33:78:bd:04:cd:73:79:
b9:ac:7e:a1:a6:e3:95:3d:2a:58:1a:a4:a5:4c:86:5e:bd:a7:
5d:74:3f:8c:53:e6:c5:b9:4b:6c:8d:e5:68:1c:fb:e6:0c:d7:
6c:da:2f:08:68:1c:01:15:b9:f1:79:c2:d3:47:b3:6a:0e:19:
50:4b:a8:92:2a:0e:d3:e8:a4:69:9f:b2:2e:5a:f2:c2:09:9f:
df:ee:cd:e0:59:f2:40:a5:ce:f4:88:4f:4c:0c:b8:87:e7:9f:
9e:45:00:2e:b3:31:fe:c6:54:41:cb:e3:18:dd:4f:89:93:e3:
00:c3:c5:59:21:ce:eb:08:36:2e:92:b8:a5:90:22:6e:f6:69:
98:a0:ee:0c:60:fd:79:99:16:58:ab:48:0e:7e:74:15:6c:b6:
0f:4d:fa:47:48:dc:2f:ab:97:2a:67:0b:4b:72:f3:68:48:56:
77:3d:5d:1c:27:e2:f8:48:91:5b:ec:89:f4:4e:ed:dc:1c:60:
b3:24:64:03
-----BEGIN CERTIFICATE-----
MIIFIjCCBAqgAwIBAgIUfiEjsiil6GDNw0un7UhMHPEJxhkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNTA2MTQyMzU1MjJaFw0yNjA2MTQwMDAwMjJaMDMxMTAvBgNV
BAMTKDE1MzM3ODUxMzBCRTIzREE1QzhENTNFRjMyOUY0NUVGMUI1MDU0QzcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCdJpGEkowNj/Hutasgh1zyDE/M
6OxiZEJ1KqUvOVyeVqDlgDVSWFTGI3qxJxkbq94LFuGz59b9rtUYsXx9hIg8Hp7l
MQ09n5YOeYvsUwOS9EHIKp4k3dcObWhgh9p1kvJfQ3KteqrDhKHnqFjp8RGYnTvR
dE0+oxHV+J0H5NIeavEvNma/BfNDHhPqmi1kvweUSproIbFur5G3/SWcHyITItuC
80dBF/8LU3iz/ckgF3XTBeTU4jyemOOOnDkQj9ER2Txf7nVzGxwWdhJhgeW4bdqc
J2iMZt2GeU6HAhi7jNjVgJ0jUN7GY18shVHZoYr9TXF/f4SMYT3V80NtZ+BPAgMB
AAGjggIsMIICKDAdBgNVHQ4EFgQUFTN4UTC+I9pcjVPvMp9F7xtQVMcwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMjA0NzMucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwQgYIKwYBBQUHAQcBAf8EMzAxMBgEAgABMBIDBABnjUUD
BAC11ykDBAC110YwFQQCAAIwDzANAwQAKgsFAwUBKgsFBDANBgkqhkiG9w0BAQsF
AAOCAQEAONmfHhb6K7rF3/wntvRUCs3tMrWGmW5VnAvvelQzCKaw5rxqdsXb747n
XdvOD/BKheL62AAO2yeCh7FyFokgoLAzeL0EzXN5uax+oabjlT0qWBqkpUyGXr2n
XXQ/jFPmxblLbI3laBz75gzXbNovCGgcARW58XnC00ezag4ZUEuokioO0+ikaZ+y
Llrywgmf3+7N4FnyQKXO9IhPTAy4h+efnkUALrMx/sZUQcvjGN1PiZPjAMPFWSHO
6wg2LpK4pZAibvZpmKDuDGD9eZkWWKtIDn50FWy2D036R0jcL6uXKmcLS3LzaEhW
dz1dHCfi+EiRW+yJ9E7t3BxgsyRkAw==
-----END CERTIFICATE-----
Generated at Sun Jun 15 18:37:32 2025 by rpki-client