Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS20473.roa
File: AS20473.roa (raw, json)
Hash identifier: 6PxrCOXVe5GvzFLjFBLXCb+A4OoAGL6MmHWuXFwZrys=
Subject key identifier: D0:D8:46:0F:06:E7:F3:3A:66:78:D0:02:F5:F8:E9:46:23:DE:EA:77
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 7DBDA0CC08613A8E7BCC2C3105C0FF99D66E8229
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS20473.roa
Signing time: Tue 17 Feb 2026 09:07:03 +0000
ROA not before: Tue 17 Feb 2026 09:02:03 +0000
ROA not after: Tue 16 Feb 2027 09:07:03 +0000
asID: 20473
IP address blocks: 179.61.226.0/23 maxlen: 23
179.61.242.0/23 maxlen: 23
181.215.70.0/24 maxlen: 24
191.96.4.0/23 maxlen: 23
191.96.88.0/23 maxlen: 23
191.96.140.0/23 maxlen: 23
191.101.66.0/23 maxlen: 23
191.101.212.0/23 maxlen: 23
191.101.214.0/23 maxlen: 23
191.101.218.0/23 maxlen: 23
2a0b:500::/32 maxlen: 48
2a0b:501::/32 maxlen: 48
2a0b:502::/32 maxlen: 48
2a0b:503::/32 maxlen: 48
2a0b:504::/32 maxlen: 48
2a0b:505::/32 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7d:bd:a0:cc:08:61:3a:8e:7b:cc:2c:31:05:c0:ff:99:d6:6e:82:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Feb 17 09:02:03 2026 GMT
Not After : Feb 16 09:07:03 2027 GMT
Subject: CN=D0D8460F06E7F33A6678D002F5F8E94623DEEA77
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:7f:6c:27:09:28:d1:da:c0:a0:64:12:8f:d8:
14:63:d7:13:b9:29:6d:bd:75:fc:f9:0d:c3:a4:7a:
0b:67:f5:ad:bd:0f:7f:d1:15:c5:e6:9b:60:12:ae:
a0:51:a6:ff:5a:2a:f5:a9:60:3b:e7:ca:a8:f3:b9:
3d:99:ec:4d:15:77:aa:3b:de:54:e6:34:28:ef:46:
39:0d:a8:91:52:04:d3:86:67:33:c9:29:90:8e:7a:
d7:4e:a5:89:92:90:2e:20:88:17:74:21:6d:96:af:
ae:1a:46:eb:c8:64:cd:68:0d:de:5b:52:54:04:15:
08:b5:7b:a2:7e:15:1f:99:25:c2:c0:ea:da:4d:93:
44:38:99:4d:60:12:c2:9e:ca:83:cf:a0:51:51:6e:
8d:93:1b:c9:86:03:07:5f:5a:8b:c4:59:85:91:f6:
6d:90:e3:7b:5d:fb:da:66:00:30:14:80:9e:59:09:
f0:3d:0b:2d:c5:df:ce:14:a9:30:99:3f:c1:c7:68:
dd:f8:fd:c5:1e:c2:90:45:7d:53:cb:9e:5d:bf:78:
b7:0b:e8:c0:c0:2d:40:6e:7b:c1:8f:75:4f:ad:31:
4d:fa:c2:ae:aa:8d:be:a0:ff:00:1b:84:90:52:94:
07:ab:6c:1e:d4:fa:8b:4d:51:ca:5d:a6:ce:ef:b2:
c3:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:D8:46:0F:06:E7:F3:3A:66:78:D0:02:F5:F8:E9:46:23:DE:EA:77
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS20473.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
179.61.226.0/23
179.61.242.0/23
181.215.70.0/24
191.96.4.0/23
191.96.88.0/23
191.96.140.0/23
191.101.66.0/23
191.101.212.0/22
191.101.218.0/23
IPv6:
2a0b:500::-2a0b:505:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
2f:b4:2c:81:eb:8d:ce:0a:d5:14:ab:5b:73:14:2d:05:e7:67:
6b:fe:30:ff:c7:7b:ad:cf:fd:7b:24:f5:7c:87:3e:93:c6:04:
b6:e9:f1:e9:59:b6:83:19:b6:c1:09:70:5a:96:77:8b:cd:88:
fe:a7:40:62:bd:a4:2c:8a:2b:cd:30:f6:db:6f:d8:92:f8:27:
b3:4f:39:24:b7:c3:13:89:f4:fb:e4:3d:7f:45:ba:0c:e1:50:
06:ba:1f:0c:15:3b:13:3e:a7:1e:3f:f5:8a:7b:87:8a:ce:a9:
bc:40:5a:6b:39:91:ab:2b:8c:22:4a:b1:c7:90:ba:d6:27:e9:
17:06:ed:82:11:eb:45:13:ca:1b:54:39:09:c5:f3:c0:ef:08:
8d:76:8e:66:65:84:de:59:95:8a:c4:fe:f7:ef:9c:16:92:e5:
29:00:4d:fa:05:b2:14:c3:ee:32:ee:d7:09:2d:6b:3b:19:ed:
42:cb:d7:76:fb:32:aa:ba:2a:52:1a:03:65:51:03:2a:a7:22:
aa:cd:a7:b2:e4:63:24:5f:e2:0b:ca:f9:dc:e8:70:22:55:12:
c2:5d:69:d0:29:94:29:4f:4f:16:55:85:a0:5b:30:23:6e:c7:
1b:4b:e5:66:a0:47:78:af:3d:a4:2a:d1:41:25:d8:ae:bf:7f:
ed:db:0d:8a
-----BEGIN CERTIFICATE-----
MIIFRjCCBC6gAwIBAgIUfb2gzAhhOo57zCwxBcD/mdZugikwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNjAyMTcwOTAyMDNaFw0yNzAyMTYwOTA3MDNaMDMxMTAvBgNV
BAMTKEQwRDg0NjBGMDZFN0YzM0E2Njc4RDAwMkY1RjhFOTQ2MjNERUVBNzcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCuf2wnCSjR2sCgZBKP2BRj1xO5
KW29dfz5DcOkegtn9a29D3/RFcXmm2ASrqBRpv9aKvWpYDvnyqjzuT2Z7E0Vd6o7
3lTmNCjvRjkNqJFSBNOGZzPJKZCOetdOpYmSkC4giBd0IW2Wr64aRuvIZM1oDd5b
UlQEFQi1e6J+FR+ZJcLA6tpNk0Q4mU1gEsKeyoPPoFFRbo2TG8mGAwdfWovEWYWR
9m2Q43td+9pmADAUgJ5ZCfA9Cy3F384UqTCZP8HHaN34/cUewpBFfVPLnl2/eLcL
6MDALUBue8GPdU+tMU36wq6qjb6g/wAbhJBSlAerbB7U+otNUcpdps7vssM9AgMB
AAGjggJQMIICTDAdBgNVHQ4EFgQU0NhGDwbn8zpmeNAC9fjpRiPe6ncwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMjA0NzMucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwZgYIKwYBBQUHAQcBAf8EVzBVMDwEAgABMDYDBAGzPeID
BAGzPfIDBAC110YDBAG/YAQDBAG/YFgDBAG/YIwDBAG/ZUIDBAK/ZdQDBAG/Zdow
FQQCAAIwDzANAwQAKgsFAwUBKgsFBDANBgkqhkiG9w0BAQsFAAOCAQEAL7QsgeuN
zgrVFKtbcxQtBedna/4w/8d7rc/9eyT1fIc+k8YEtunx6Vm2gxm2wQlwWpZ3i82I
/qdAYr2kLIorzTD222/Ykvgns085JLfDE4n0++Q9f0W6DOFQBrofDBU7Ez6nHj/1
inuHis6pvEBaazmRqyuMIkqxx5C61ifpFwbtghHrRRPKG1Q5CcXzwO8IjXaOZmWE
3lmVisT+9++cFpLlKQBN+gWyFMPuMu7XCS1rOxntQsvXdvsyqroqUhoDZVEDKqci
qs2nsuRjJF/iC8r53OhwIlUSwl1p0CmUKU9PFlWFoFswI27HG0vlZqBHeK89pCrR
QSXYrr9/7dsNig==
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:56:03 2026 by rpki-client