Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS20326.roa
File: AS20326.roa (raw, json)
Hash identifier: tuadeonQbo/y0SANfp6eIhnGRIq+gZ7VSJXuiDYQzS8=
Subject key identifier: 5E:51:1D:F6:42:52:01:69:64:5D:75:BE:96:2D:17:A4:5A:1B:A1:BE
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 622969537A04972F5E8162D5DC28A3B0C9FCE2F8
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS20326.roa
Signing time: Wed 04 Feb 2026 00:05:02 +0000
ROA not before: Wed 04 Feb 2026 00:00:02 +0000
ROA not after: Wed 03 Feb 2027 00:05:02 +0000
asID: 20326
IP address blocks: 82.21.43.0/24 maxlen: 24
82.21.125.0/24 maxlen: 24
82.22.124.0/23 maxlen: 23
82.22.160.0/24 maxlen: 24
82.25.13.0/24 maxlen: 24
82.26.96.0/22 maxlen: 24
82.38.144.0/21 maxlen: 21
82.39.135.0/24 maxlen: 24
82.39.136.0/24 maxlen: 24
82.39.232.0/23 maxlen: 24
82.40.61.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 09:38:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
62:29:69:53:7a:04:97:2f:5e:81:62:d5:dc:28:a3:b0:c9:fc:e2:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Feb 4 00:00:02 2026 GMT
Not After : Feb 3 00:05:02 2027 GMT
Subject: CN=5E511DF642520169645D75BE962D17A45A1BA1BE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:df:9b:df:09:b4:aa:99:bc:a3:93:65:62:22:
9a:a2:11:78:75:12:b1:e5:7e:99:63:7f:e4:36:e1:
31:4c:3c:f3:57:5f:d6:8c:5b:0b:3a:79:64:e3:bb:
82:ec:b4:95:a0:2c:97:d3:e8:65:b1:70:f0:dd:fa:
3d:4e:54:06:80:e7:b3:4c:62:e4:90:e0:ce:29:be:
2d:a5:d8:82:e1:8e:8f:47:03:8a:70:61:3a:6a:e6:
18:c3:a9:7c:32:bc:03:e1:4f:33:9f:e5:c5:86:2e:
2e:48:c1:d2:97:ef:cc:a4:5c:28:d4:ac:94:5b:7f:
a8:5d:60:8c:4c:88:e5:06:dd:2e:16:b9:c2:bd:64:
0c:ac:87:30:9d:3f:bd:74:c8:e3:4e:38:66:3f:71:
5d:ed:65:75:95:bb:c4:f9:53:cc:e0:fc:08:8c:81:
69:a4:4e:ca:79:99:61:ae:25:9b:e4:ac:cf:52:dc:
59:28:2a:fe:18:53:6f:a2:13:01:7f:63:6d:65:17:
f7:7c:83:af:92:3c:c5:ae:02:46:96:0c:a1:dd:34:
5f:c4:29:3c:de:97:b3:17:04:f3:e2:2e:4d:46:39:
91:e8:95:82:90:ff:64:96:ef:8e:0a:24:83:de:3b:
a9:67:82:5c:a1:3f:47:a5:fd:95:dc:8b:7d:07:21:
47:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:51:1D:F6:42:52:01:69:64:5D:75:BE:96:2D:17:A4:5A:1B:A1:BE
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS20326.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.43.0/24
82.21.125.0/24
82.22.124.0/23
82.22.160.0/24
82.25.13.0/24
82.26.96.0/22
82.38.144.0/21
82.39.135.0-82.39.136.255
82.39.232.0/23
82.40.61.0/24
Signature Algorithm: sha256WithRSAEncryption
7a:57:ed:c1:7a:fe:11:9e:0c:93:fe:bc:01:37:4b:14:ea:a9:
ac:b8:c1:05:ee:38:ef:e4:81:b0:a1:e2:e7:7d:e9:a7:4f:eb:
a0:95:76:e8:9d:95:dd:94:5c:b2:d0:74:97:bb:a7:c0:63:c8:
0d:a9:f7:30:29:3c:b6:90:be:4a:ba:cc:bc:f3:39:76:04:1d:
f4:5f:6e:e9:02:b3:9d:9d:92:a6:63:76:f8:55:3e:6a:55:45:
ec:80:ec:b7:bd:29:7c:a3:04:2e:7e:a6:ba:03:1d:cf:48:ef:
08:3e:73:42:ac:49:98:dc:5e:31:8e:c3:3b:69:3e:14:0c:64:
fd:1e:19:f5:37:9e:99:86:c5:ca:34:c7:74:76:8b:ce:10:c2:
94:ed:fb:b3:30:1c:cf:c5:08:e1:7e:2c:91:bf:51:8b:a3:04:
53:ed:60:18:48:43:32:b5:31:09:64:fc:3e:24:6f:c9:3b:0f:
1e:78:45:09:92:1e:aa:e2:9a:57:73:36:0d:44:2f:bc:c7:be:
d7:0a:7c:89:e3:c4:1b:34:05:c2:cf:ca:30:74:0c:c1:53:f6:
b5:37:5d:39:b1:c2:0e:65:d2:f7:da:bb:6b:69:66:e2:e0:28:
35:38:75:dc:2c:09:d0:a1:5d:22:ed:04:b8:00:19:02:84:86:
42:fc:f2:f0
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgIUYilpU3oEly9egWLV3CijsMn84vgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjAyMDQwMDAwMDJaFw0yNzAyMDMwMDA1MDJaMDMxMTAvBgNV
BAMTKDVFNTExREY2NDI1MjAxNjk2NDVENzVCRTk2MkQxN0E0NUExQkExQkUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCq35vfCbSqmbyjk2ViIpqiEXh1
ErHlfpljf+Q24TFMPPNXX9aMWws6eWTju4LstJWgLJfT6GWxcPDd+j1OVAaA57NM
YuSQ4M4pvi2l2ILhjo9HA4pwYTpq5hjDqXwyvAPhTzOf5cWGLi5IwdKX78ykXCjU
rJRbf6hdYIxMiOUG3S4WucK9ZAyshzCdP710yONOOGY/cV3tZXWVu8T5U8zg/AiM
gWmkTsp5mWGuJZvkrM9S3FkoKv4YU2+iEwF/Y21lF/d8g6+SPMWuAkaWDKHdNF/E
KTzel7MXBPPiLk1GOZHolYKQ/2SW744KJIPeO6lnglyhP0el/ZXci30HIUfFAgMB
AAGjggJHMIICQzAdBgNVHQ4EFgQUXlEd9kJSAWlkXXW+li0XpFobob4wHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMjAzMjYucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwXQYIKwYBBQUHAQcBAf8ETjBMMEoEAgABMEQDBABSFSsD
BABSFX0DBAFSFnwDBABSFqADBABSGQ0DBAJSGmADBANSJpAwDAMEAFInhwMEAFIn
iAMEAVIn6AMEAFIoPTANBgkqhkiG9w0BAQsFAAOCAQEAelftwXr+EZ4Mk/68ATdL
FOqprLjBBe447+SBsKHi533pp0/roJV26J2V3ZRcstB0l7unwGPIDan3MCk8tpC+
SrrMvPM5dgQd9F9u6QKznZ2SpmN2+FU+alVF7IDst70pfKMELn6mugMdz0jvCD5z
QqxJmNxeMY7DO2k+FAxk/R4Z9TeemYbFyjTHdHaLzhDClO37szAcz8UI4X4skb9R
i6MEU+1gGEhDMrUxCWT8PiRvyTsPHnhFCZIequKaV3M2DUQvvMe+1wp8iePEGzQF
ws/KMHQMwVP2tTddObHCDmXS99q7a2lm4uAoNTh13CwJ0KFdIu0EuAAZAoSGQvzy
8A==
-----END CERTIFICATE-----
Generated at Sun Mar 1 20:13:19 2026 by rpki-client