Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/AS20473.roa
File: AS20473.roa (raw, json)
Hash identifier: naMzZspdcN0sxEM/WGYDz59tpP2VGWXTSdWaPFUUw6I=
Subject key identifier: F5:82:89:01:06:8A:3A:F1:21:7F:FB:A1:04:5C:AA:86:C4:1B:50:6F
Certificate issuer: /CN=03b1ba3fdb91d8d9ea76c5776320eb7eb2d6ed9d
Certificate serial: 125C75B7FB371E31DFF8297D2284BA9AE39DD2D0
Authority key identifier: 03:B1:BA:3F:DB:91:D8:D9:EA:76:C5:77:63:20:EB:7E:B2:D6:ED:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/A7G6P9uR2NnqdsV3YyDrfrLW7Z0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/AS20473.roa
Signing time: Fri 06 Jun 2025 07:45:25 +0000
ROA not before: Fri 06 Jun 2025 07:40:25 +0000
ROA not after: Fri 05 Jun 2026 07:45:25 +0000
asID: 20473
IP address blocks: 193.25.207.0/24 maxlen: 24
193.111.116.0/24 maxlen: 24
193.164.1.0/24 maxlen: 24
194.104.158.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/03B1BA3FDB91D8D9EA76C5776320EB7EB2D6ED9D.crl
rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/03B1BA3FDB91D8D9EA76C5776320EB7EB2D6ED9D.mft
rsync://rpki.ripe.net/repository/DEFAULT/A7G6P9uR2NnqdsV3YyDrfrLW7Z0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
12:5c:75:b7:fb:37:1e:31:df:f8:29:7d:22:84:ba:9a:e3:9d:d2:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=03b1ba3fdb91d8d9ea76c5776320eb7eb2d6ed9d
Validity
Not Before: Jun 6 07:40:25 2025 GMT
Not After : Jun 5 07:45:25 2026 GMT
Subject: CN=F5828901068A3AF1217FFBA1045CAA86C41B506F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:ef:dd:1f:c8:db:6c:fc:59:0b:7b:d7:1f:54:
73:38:dd:1e:b8:3f:75:8f:f0:21:21:69:67:b4:ab:
7c:a3:39:b1:d6:b3:6e:92:29:79:e2:af:8a:a9:3a:
33:01:1f:51:cc:70:59:2f:40:d5:45:95:df:a8:af:
ae:90:9c:79:9a:99:b0:ef:5f:d1:37:c0:63:1e:f3:
2b:b5:73:63:b8:4a:e8:c5:b7:aa:ff:4b:fc:f1:0e:
80:1c:6b:53:b1:32:db:28:16:58:74:96:cd:33:e0:
ef:02:a4:af:b3:07:c9:ee:0f:61:7f:bd:47:2f:78:
25:cb:41:4a:0b:39:24:27:89:df:24:a7:d1:14:cc:
58:ce:40:29:18:b3:9c:80:56:f1:69:78:64:48:2b:
b3:58:23:8d:67:d2:83:01:52:d9:04:c4:bf:54:a1:
32:6d:6d:ec:36:58:9a:33:b5:81:16:84:2d:57:97:
13:bb:d7:3a:e6:1a:2f:57:30:e4:9b:03:a1:39:0e:
bd:55:11:bb:ad:59:35:bb:bb:45:cd:c0:f4:64:64:
74:72:fb:75:ae:5e:c8:ec:c8:c2:f9:f7:6b:fd:e4:
de:4e:6f:c1:55:97:6c:b5:4f:e2:60:c8:f8:48:26:
6c:a5:62:eb:ef:c6:ff:98:98:11:92:6a:00:06:bd:
22:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:82:89:01:06:8A:3A:F1:21:7F:FB:A1:04:5C:AA:86:C4:1B:50:6F
X509v3 Authority Key Identifier:
keyid:03:B1:BA:3F:DB:91:D8:D9:EA:76:C5:77:63:20:EB:7E:B2:D6:ED:9D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/03B1BA3FDB91D8D9EA76C5776320EB7EB2D6ED9D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A7G6P9uR2NnqdsV3YyDrfrLW7Z0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/AS20473.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.25.207.0/24
193.111.116.0/24
193.164.1.0/24
194.104.158.0/24
Signature Algorithm: sha256WithRSAEncryption
72:4c:72:9e:06:e4:76:48:a4:0c:33:fc:7e:4a:8b:5a:ea:95:
85:dc:e8:29:36:4c:31:97:12:1a:57:7e:8d:d2:b6:8d:49:23:
a0:4b:b5:13:a5:2c:34:1c:9a:b1:61:0a:81:79:8c:ee:9a:18:
22:11:25:61:7f:e8:69:d6:06:74:de:26:bd:57:3d:c3:ac:85:
ce:7c:89:52:8d:c0:21:d8:e5:3c:e8:c7:ae:a8:7b:13:a5:43:
0e:95:0c:32:ef:4e:1d:fc:c2:18:bd:97:21:e6:ab:37:ca:51:
4f:5e:74:15:85:7b:6a:86:2d:3e:c5:ed:0b:6f:1e:b4:c8:13:
fb:5d:5b:3a:52:03:62:fe:e9:89:05:c2:8e:16:10:ad:0f:68:
8f:6e:3d:c2:80:f3:3d:68:c8:5d:66:87:f6:0c:07:00:46:ab:
a9:6f:e4:a9:a7:f3:bf:f4:5a:34:39:77:4f:01:85:f5:b1:3a:
f2:e3:ca:ab:85:aa:c8:5c:63:e6:2b:eb:65:da:f3:91:21:0d:
f4:b0:68:24:fd:50:d1:34:d2:f7:77:cd:d4:3f:42:b4:60:c9:
60:74:9b:68:d9:67:7f:56:1c:03:2b:c7:b5:2b:30:b2:ba:75:
27:7b:c6:85:de:fa:5b:d0:8f:9f:97:50:8b:ed:4d:b6:da:6c:
d6:f4:2c:1d
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgIUElx1t/s3HjHf+Cl9IoS6muOd0tAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDNiMWJhM2ZkYjkxZDhkOWVhNzZjNTc3NjMyMGViN2Vi
MmQ2ZWQ5ZDAeFw0yNTA2MDYwNzQwMjVaFw0yNjA2MDUwNzQ1MjVaMDMxMTAvBgNV
BAMTKEY1ODI4OTAxMDY4QTNBRjEyMTdGRkJBMTA0NUNBQTg2QzQxQjUwNkYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDe790fyNts/FkLe9cfVHM43R64
P3WP8CEhaWe0q3yjObHWs26SKXnir4qpOjMBH1HMcFkvQNVFld+or66QnHmambDv
X9E3wGMe8yu1c2O4SujFt6r/S/zxDoAca1OxMtsoFlh0ls0z4O8CpK+zB8nuD2F/
vUcveCXLQUoLOSQnid8kp9EUzFjOQCkYs5yAVvFpeGRIK7NYI41n0oMBUtkExL9U
oTJtbew2WJoztYEWhC1XlxO71zrmGi9XMOSbA6E5Dr1VEbutWTW7u0XNwPRkZHRy
+3WuXsjsyML592v95N5Ob8FVl2y1T+JgyPhIJmylYuvvxv+YmBGSagAGvSKTAgMB
AAGjggIbMIICFzAdBgNVHQ4EFgQU9YKJAQaKOvEhf/uhBFyqhsQbUG8wHwYDVR0j
BBgwFoAUA7G6P9uR2NnqdsV3YyDrfrLW7Z0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvN2ZmMGY1NTUtZGJhNy00MTkyLWEwMWQtZjY5MTZkNWJi
ODRlLzAvMDNCMUJBM0ZEQjkxRDhEOUVBNzZDNTc3NjMyMEVCN0VCMkQ2RUQ5RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0E3RzZQOXVSMk5ucWRzVjNZeURyZnJM
VzdaMC5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzdmZjBmNTU1LWRiYTct
NDE5Mi1hMDFkLWY2OTE2ZDViYjg0ZS8wL0FTMjA0NzMucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwMQYIKwYBBQUHAQcBAf8EIjAgMB4EAgABMBgDBADBGc8D
BADBb3QDBADBpAEDBADCaJ4wDQYJKoZIhvcNAQELBQADggEBAHJMcp4G5HZIpAwz
/H5Ki1rqlYXc6Ck2TDGXEhpXfo3Sto1JI6BLtROlLDQcmrFhCoF5jO6aGCIRJWF/
6GnWBnTeJr1XPcOshc58iVKNwCHY5Tzox66oexOlQw6VDDLvTh38whi9lyHmqzfK
UU9edBWFe2qGLT7F7QtvHrTIE/tdWzpSA2L+6YkFwo4WEK0PaI9uPcKA8z1oyF1m
h/YMBwBGq6lv5Kmn87/0WjQ5d08BhfWxOvLjyquFqshcY+Yr62Xa85EhDfSwaCT9
UNE00vd3zdQ/QrRgyWB0m2jZZ39WHAMrx7UrMLK6dSd7xoXe+lvQj5+XUIvtTbba
bNb0LB0=
-----END CERTIFICATE-----
Generated at Sat Jun 14 11:00:52 2025 by rpki-client