Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS20860.roa
File: AS20860.roa (raw, json)
Hash identifier: S9Cv9elzWYhQpO20xpAbRGHZe5B9SVwpL8Ls2ipCRBk=
Subject key identifier: F3:AB:7B:B3:71:78:C5:BD:AD:3C:3F:30:F6:82:A9:F3:C1:0C:73:9B
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 78E08C276589D3C0795232F32158D08785165AA7
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS20860.roa
Signing time: Mon 08 Jun 2026 07:22:41 +0000
ROA not before: Mon 08 Jun 2026 07:17:41 +0000
ROA not after: Mon 07 Jun 2027 07:22:41 +0000
asID: 20860
IP address blocks: 179.61.169.0/24 maxlen: 24
181.214.140.0/24 maxlen: 24
191.96.208.0/24 maxlen: 24
194.53.143.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
78:e0:8c:27:65:89:d3:c0:79:52:32:f3:21:58:d0:87:85:16:5a:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Jun 8 07:17:41 2026 GMT
Not After : Jun 7 07:22:41 2027 GMT
Subject: CN=F3AB7BB37178C5BDAD3C3F30F682A9F3C10C739B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:65:4f:00:42:18:9d:45:54:11:5a:6e:14:b8:
3f:53:ee:4d:77:3a:50:75:63:3a:ba:5b:5d:b2:91:
fb:c5:0f:71:82:4f:2f:e7:1f:4b:ba:52:22:fb:e1:
9e:39:14:eb:b2:7b:a2:2f:0f:fd:b7:f2:1a:b9:19:
c5:d6:4e:a3:48:57:2f:cb:c9:4c:23:b1:fc:38:5a:
37:d2:c8:4e:ff:b1:da:a7:ad:33:ed:c7:97:2f:f3:
81:e0:43:00:c1:63:10:28:38:dd:dc:b0:b6:1d:95:
bf:01:39:60:99:c4:40:6e:3d:55:ab:aa:4f:e1:60:
5d:83:4b:01:92:b4:b2:26:c2:34:3c:d1:00:8a:22:
94:d0:ea:b2:2f:7d:d7:6f:02:7d:db:95:fe:15:9c:
1f:9f:fa:7a:4f:97:26:c5:ed:b7:bb:3e:ab:78:d7:
eb:f8:68:8f:b3:61:bf:a9:c9:ca:09:1c:53:f7:67:
4d:51:be:d6:69:b0:b6:c6:6d:1a:85:69:7f:9e:69:
b5:e0:96:e5:f0:0c:3d:7f:54:be:28:b1:e6:4c:d3:
f0:b2:70:cb:c7:81:38:3d:bb:3f:e3:32:a8:b0:9e:
38:cc:d3:76:ba:e0:9a:72:45:05:41:b8:c6:91:c8:
5f:af:95:6c:98:9a:41:fc:89:be:9d:f0:05:5b:40:
8c:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:AB:7B:B3:71:78:C5:BD:AD:3C:3F:30:F6:82:A9:F3:C1:0C:73:9B
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS20860.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
179.61.169.0/24
181.214.140.0/24
191.96.208.0/24
194.53.143.0/24
Signature Algorithm: sha256WithRSAEncryption
50:ce:30:e4:21:55:cd:a1:62:c6:0c:9a:0d:8a:6b:58:64:ed:
b1:6b:16:9a:7c:b3:a3:8c:dd:54:62:64:5a:b4:de:f3:21:50:
f0:a9:51:ca:d6:b4:bc:2c:2f:5e:f6:9b:22:68:04:fd:3c:74:
98:68:ce:d2:9d:cb:dc:a6:4f:f5:0d:ee:e8:1c:82:7c:1f:70:
54:33:12:6c:5c:c2:09:c8:ae:61:fc:6c:c9:e6:2f:5d:86:61:
c8:49:ea:e1:c4:37:10:13:00:36:72:f3:90:6e:d5:9e:a1:83:
ea:f1:1b:a4:9d:ec:2d:dd:0c:88:e1:dd:82:1f:62:4e:cd:4b:
b2:e2:38:61:2d:57:3b:db:ee:dd:78:2f:5b:81:98:d0:82:20:
a0:80:65:3f:4e:40:10:6f:28:a6:3b:97:0b:73:ce:55:50:81:
94:07:0e:9b:bc:ac:65:57:56:3d:c2:3e:78:9a:03:99:d3:b4:
20:df:0d:9a:4f:8b:09:3a:fb:52:c1:b0:bd:c5:77:9a:2f:3c:
18:82:40:1e:c6:4b:7c:aa:80:b8:54:48:9c:32:6f:de:a1:06:
95:d1:0a:a9:a4:7f:f5:82:61:8b:e1:39:f1:ae:5c:8c:88:85:
33:2b:9d:99:70:03:85:86:89:b0:be:eb:e8:96:18:33:a4:47:
80:58:fd:a5
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgIUeOCMJ2WJ08B5UjLzIVjQh4UWWqcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNjA2MDgwNzE3NDFaFw0yNzA2MDcwNzIyNDFaMDMxMTAvBgNV
BAMTKEYzQUI3QkIzNzE3OEM1QkRBRDNDM0YzMEY2ODJBOUYzQzEwQzczOUIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDaZU8AQhidRVQRWm4UuD9T7k13
OlB1Yzq6W12ykfvFD3GCTy/nH0u6UiL74Z45FOuye6IvD/238hq5GcXWTqNIVy/L
yUwjsfw4WjfSyE7/sdqnrTPtx5cv84HgQwDBYxAoON3csLYdlb8BOWCZxEBuPVWr
qk/hYF2DSwGStLImwjQ80QCKIpTQ6rIvfddvAn3blf4VnB+f+npPlybF7be7Pqt4
1+v4aI+zYb+pycoJHFP3Z01RvtZpsLbGbRqFaX+eabXgluXwDD1/VL4oseZM0/Cy
cMvHgTg9uz/jMqiwnjjM03a64JpyRQVBuMaRyF+vlWyYmkH8ib6d8AVbQIzNAgMB
AAGjggIbMIICFzAdBgNVHQ4EFgQU86t7s3F4xb2tPD8w9oKp88EMc5swHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMjA4NjAucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwMQYIKwYBBQUHAQcBAf8EIjAgMB4EAgABMBgDBACzPakD
BAC11owDBAC/YNADBADCNY8wDQYJKoZIhvcNAQELBQADggEBAFDOMOQhVc2hYsYM
mg2Ka1hk7bFrFpp8s6OM3VRiZFq03vMhUPCpUcrWtLwsL172myJoBP08dJhoztKd
y9ymT/UN7ugcgnwfcFQzEmxcwgnIrmH8bMnmL12GYchJ6uHENxATADZy85Bu1Z6h
g+rxG6Sd7C3dDIjh3YIfYk7NS7LiOGEtVzvb7t14L1uBmNCCIKCAZT9OQBBvKKY7
lwtzzlVQgZQHDpu8rGVXVj3CPniaA5nTtCDfDZpPiwk6+1LBsL3Fd5ovPBiCQB7G
S3yqgLhUSJwyb96hBpXRCqmkf/WCYYvhOfGuXIyIhTMrnZlwA4WGibC+6+iWGDOk
R4BY/aU=
-----END CERTIFICATE-----
Generated at Sat Jun 13 08:13:59 2026 by rpki-client