Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS20473.roa
File: AS20473.roa (raw, json)
Hash identifier: Su4yu8PDBFbsMHjlF1mD4xEeZbuDyVbdkWwvi+fyiWY=
Subject key identifier: 82:06:70:44:DF:A7:59:01:69:DC:3D:E6:2D:33:A2:8D:17:1E:67:8E
Certificate issuer: /CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Certificate serial: 4081588F1F6E0D5B7F02B898434AEE898D0FFF8E
Authority key identifier: A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS20473.roa
Signing time: Wed 08 Apr 2026 18:23:11 +0000
ROA not before: Wed 08 Apr 2026 18:18:11 +0000
ROA not after: Wed 07 Apr 2027 18:23:11 +0000
asID: 20473
IP address blocks: 2a14:7580:100::/40 maxlen: 48
2a14:7581:f30::/44 maxlen: 48
2a14:7581:fa0::/44 maxlen: 48
2a14:7581:3600::/40 maxlen: 48
2a14:7581:3b00::/40 maxlen: 48
2a14:7581:3e00::/40 maxlen: 48
2a14:7581:3f00::/40 maxlen: 48
2a14:7583:e500::/40 maxlen: 48
2a14:7583:f000::/40 maxlen: 48
2a14:7583:f100::/40 maxlen: 48
2a14:7584:8000::/36 maxlen: 48
2a14:7584:9000::/36 maxlen: 48
2a14:7584:e370::/44 maxlen: 48
2a14:7584:eb00::/40 maxlen: 40
2a14:7584:ec00::/40 maxlen: 40
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft
rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 18:07:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
40:81:58:8f:1f:6e:0d:5b:7f:02:b8:98:43:4a:ee:89:8d:0f:ff:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Validity
Not Before: Apr 8 18:18:11 2026 GMT
Not After : Apr 7 18:23:11 2027 GMT
Subject: CN=82067044DFA7590169DC3DE62D33A28D171E678E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:78:a6:b0:f1:f5:e2:45:1e:f7:61:0d:e9:65:
77:7c:14:eb:11:f8:0c:f9:15:de:bd:07:09:38:f0:
7f:fb:b1:21:d5:c5:08:be:ca:59:a5:e1:3f:06:80:
5b:8d:86:4c:f7:d8:b3:1a:74:12:d5:52:8b:d9:26:
a7:f3:9c:ea:8a:b7:58:2d:3a:24:51:28:de:51:d1:
a6:f4:3b:29:ac:23:74:24:95:56:3a:b8:3c:56:2b:
aa:54:30:98:ed:a2:f4:e6:a1:14:ff:89:82:0e:69:
e1:46:9b:20:c7:c3:56:e2:5c:88:50:82:9d:52:01:
33:dc:37:44:d2:c5:ed:71:bd:e9:14:bc:49:70:bc:
e0:6a:48:42:93:04:72:24:b5:a4:26:14:9d:27:4a:
5b:49:97:9a:ae:65:88:53:d5:d9:50:79:4c:8d:a3:
24:c3:d8:9a:0a:3f:14:d8:60:fb:ba:ff:73:d7:41:
bb:8f:d4:5e:39:f2:da:87:1a:ad:65:1b:02:86:b6:
e1:68:b7:7d:98:80:e3:b2:08:30:50:4c:e6:7c:37:
be:54:c9:4b:d6:4b:4f:b2:6a:f8:1f:db:0e:19:c6:
85:6d:cd:fe:f3:58:57:05:ca:34:56:e1:e4:87:fa:
f9:a8:da:4f:5e:76:8a:b4:a6:0c:54:40:da:90:c9:
c3:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:06:70:44:DF:A7:59:01:69:DC:3D:E6:2D:33:A2:8D:17:1E:67:8E
X509v3 Authority Key Identifier:
keyid:A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS20473.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:7580:100::/40
2a14:7581:f30::/44
2a14:7581:fa0::/44
2a14:7581:3600::/40
2a14:7581:3b00::/40
2a14:7581:3e00::/39
2a14:7583:e500::/40
2a14:7583:f000::/39
2a14:7584:8000::/35
2a14:7584:e370::/44
2a14:7584:eb00::-2a14:7584:ecff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
43:63:9c:56:cc:ea:17:6f:ce:85:16:81:fc:e0:d5:0f:8b:52:
61:cc:00:47:cc:f9:47:f3:dc:38:e0:fe:83:f6:ff:6a:ab:af:
45:4f:07:a3:11:8e:55:1b:cb:f0:03:09:6c:4f:c6:69:2e:e7:
fc:11:c2:86:0d:64:61:fa:74:2d:b0:51:d8:32:bc:20:85:52:
c2:71:0b:f9:a2:c0:b2:71:bd:ed:32:78:f3:58:9d:2b:55:09:
a8:df:4d:96:ec:5b:1d:69:38:bc:a0:fd:37:8b:c9:b9:70:ed:
b2:d5:eb:df:3d:eb:6e:f3:18:4e:10:12:fa:91:15:ef:01:ff:
d8:a4:2f:3a:ff:47:f6:b2:d1:db:65:e9:d8:73:9e:de:44:46:
fe:5a:5b:99:3e:fb:3f:f8:4f:19:09:4d:a4:65:d3:ce:9f:18:
0e:a5:75:35:fd:14:ba:82:01:28:e2:8c:41:ab:6d:39:07:46:
00:32:17:20:29:3d:57:23:d7:6c:6e:54:38:ec:36:92:f8:34:
41:a8:d5:ef:94:4a:8a:db:a4:5d:d7:d5:07:ce:ad:92:c4:79:
92:da:58:9c:fd:92:a3:12:ba:61:a4:7e:45:b4:db:32:fe:b2:
3a:e3:6b:7e:a5:27:02:18:17:1d:af:0f:52:44:4b:e4:10:c0:
80:d2:5c:fe
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUQIFYjx9uDVt/AriYQ0ruiY0P/44wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTgzZDQ4NjUyZjNiMmRmNzRmNmJmOWJhYThhOWMxNzRj
Y2ZkMzc3MjAeFw0yNjA0MDgxODE4MTFaFw0yNzA0MDcxODIzMTFaMDMxMTAvBgNV
BAMTKDgyMDY3MDQ0REZBNzU5MDE2OURDM0RFNjJEMzNBMjhEMTcxRTY3OEUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDFeKaw8fXiRR73YQ3pZXd8FOsR
+Az5Fd69Bwk48H/7sSHVxQi+ylml4T8GgFuNhkz32LMadBLVUovZJqfznOqKt1gt
OiRRKN5R0ab0OymsI3QklVY6uDxWK6pUMJjtovTmoRT/iYIOaeFGmyDHw1biXIhQ
gp1SATPcN0TSxe1xvekUvElwvOBqSEKTBHIktaQmFJ0nSltJl5quZYhT1dlQeUyN
oyTD2JoKPxTYYPu6/3PXQbuP1F458tqHGq1lGwKGtuFot32YgOOyCDBQTOZ8N75U
yUvWS0+yavgf2w4ZxoVtzf7zWFcFyjRW4eSH+vmo2k9edoq0pgxUQNqQycOFAgMB
AAGjggJoMIICZDAdBgNVHQ4EFgQUggZwRN+nWQFp3D3mLTOijRceZ44wHwYDVR0j
BBgwFoAUqD1IZS87LfdPa/m6qKnBdMz9N3IwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODkyNzBmNmMtYTNmZS00Mjk5LWIwNzktMzA5ZWQ5N2Yz
ODI0LzAvQTgzRDQ4NjUyRjNCMkRGNzRGNkJGOUJBQThBOUMxNzRDQ0ZEMzc3Mi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FEMUlaUzg3TGZkUGFfbTZxS25CZE16
OU4zSS5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5Lzg5MjcwZjZjLWEzZmUt
NDI5OS1iMDc5LTMwOWVkOTdmMzgyNC8wL0FTMjA0NzMucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwfgYIKwYBBQUHAQcBAf8EbzBtMGsEAgACMGUDBgAqFHWA
AQMHBCoUdYEPMAMHBCoUdYEPoAMGACoUdYE2AwYAKhR1gTsDBgEqFHWBPgMGACoU
dYPlAwYBKhR1g/ADBgUqFHWEgAMHBCoUdYTjcDAQAwYAKhR1hOsDBgAqFHWE7DAN
BgkqhkiG9w0BAQsFAAOCAQEAQ2OcVszqF2/OhRaB/ODVD4tSYcwAR8z5R/PcOOD+
g/b/aquvRU8HoxGOVRvL8AMJbE/GaS7n/BHChg1kYfp0LbBR2DK8IIVSwnEL+aLA
snG97TJ481idK1UJqN9NluxbHWk4vKD9N4vJuXDtstXr3z3rbvMYThAS+pEV7wH/
2KQvOv9H9rLR22Xp2HOe3kRG/lpbmT77P/hPGQlNpGXTzp8YDqV1Nf0UuoIBKOKM
QattOQdGADIXICk9VyPXbG5UOOw2kvg0QajV75RKitukXdfVB86tksR5ktpYnP2S
oxK6YaR+RbTbMv6yOuNrfqUnAhgXHa8PUkRL5BDAgNJc/g==
-----END CERTIFICATE-----
Generated at Fri Apr 17 08:17:47 2026 by rpki-client