Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS20473.roa
File: AS20473.roa (raw, json)
Hash identifier: ogo5Lhf4rT1uaGiMVTpWtw6Z6f+/X7cZqtKR4eqcBlA=
Subject key identifier: 75:61:94:BC:B6:1F:74:03:CC:79:C2:7A:E3:E6:3C:0F:A2:85:29:48
Certificate issuer: /CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Certificate serial: 027099209FFE194898F16F40EB5B379FDB4B90DD
Authority key identifier: A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS20473.roa
Signing time: Wed 25 Feb 2026 16:23:07 +0000
ROA not before: Wed 25 Feb 2026 16:18:07 +0000
ROA not after: Wed 24 Feb 2027 16:23:07 +0000
asID: 20473
IP address blocks: 2a14:7580:100::/40 maxlen: 48
2a14:7581:f30::/44 maxlen: 48
2a14:7581:fa0::/44 maxlen: 48
2a14:7581:3600::/40 maxlen: 48
2a14:7581:3e00::/40 maxlen: 48
2a14:7581:3f00::/40 maxlen: 48
2a14:7583:e500::/40 maxlen: 48
2a14:7583:f000::/40 maxlen: 48
2a14:7583:f100::/40 maxlen: 48
2a14:7584:9000::/36 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft
rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
02:70:99:20:9f:fe:19:48:98:f1:6f:40:eb:5b:37:9f:db:4b:90:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Validity
Not Before: Feb 25 16:18:07 2026 GMT
Not After : Feb 24 16:23:07 2027 GMT
Subject: CN=756194BCB61F7403CC79C27AE3E63C0FA2852948
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:b4:0d:89:0a:98:52:cb:0d:21:cc:a9:b5:6a:
94:b7:75:f0:a9:84:73:ab:88:01:a7:5f:d7:3f:6b:
ef:4b:46:3b:98:d6:1a:75:09:a8:ee:95:ef:6c:05:
02:2e:6c:37:1a:52:0c:ec:7a:f4:6f:f4:d9:f5:0b:
6a:45:47:e2:94:1f:f0:b2:74:67:55:8e:4b:d1:05:
ab:76:33:c5:5e:b3:3c:aa:7a:3f:fe:a9:8b:0a:83:
eb:4c:08:d4:bb:4e:bf:8f:b9:34:02:20:38:af:ee:
7d:65:77:dd:a6:87:c4:46:4c:ed:5b:5d:9c:6f:c9:
e2:96:ad:7f:04:21:ef:f5:1c:32:a4:b6:af:50:ff:
2b:65:25:94:05:05:5b:88:77:e5:ea:db:20:97:d1:
5c:f4:49:ae:f9:02:27:c5:c3:9a:a2:9f:b6:19:44:
2c:ea:62:a2:55:f0:26:0f:23:58:e6:8f:0a:c2:a8:
43:da:9d:b8:1e:9c:c5:ac:b1:5f:54:7b:e0:ca:86:
45:fc:7c:01:a7:52:1e:cc:9a:7b:30:fc:7f:85:30:
1f:41:49:5e:7e:89:ec:19:a9:91:55:61:29:41:53:
ce:19:66:5c:e5:f0:b6:de:23:02:3e:e0:52:20:d3:
a9:0c:14:0c:4d:42:f5:b5:c8:b9:1d:75:ef:37:8e:
05:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:61:94:BC:B6:1F:74:03:CC:79:C2:7A:E3:E6:3C:0F:A2:85:29:48
X509v3 Authority Key Identifier:
keyid:A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS20473.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:7580:100::/40
2a14:7581:f30::/44
2a14:7581:fa0::/44
2a14:7581:3600::/40
2a14:7581:3e00::/39
2a14:7583:e500::/40
2a14:7583:f000::/39
2a14:7584:9000::/36
Signature Algorithm: sha256WithRSAEncryption
56:e4:c9:2c:70:33:cf:fc:7d:6f:93:20:3e:19:6c:2e:33:c4:
ce:67:92:a4:37:a0:57:74:99:69:43:25:d6:6e:9c:89:70:a2:
bb:74:89:ad:e3:58:17:fc:6d:24:9b:09:55:f4:03:1b:73:0a:
33:d7:d2:85:ee:24:f0:a9:43:ae:4c:10:82:56:75:69:81:cb:
21:2b:fd:10:46:d9:70:64:0b:89:de:85:a1:94:5c:5f:e6:a0:
df:da:0d:28:16:e2:02:c7:14:04:bb:19:5f:95:7e:b1:bd:42:
36:25:60:2a:94:14:7e:7e:d7:77:f0:a6:e3:0b:4b:39:44:29:
3d:f0:39:0a:43:18:0b:47:79:17:6d:e8:af:bc:9a:38:e4:5d:
de:02:6c:ea:cd:52:1c:5a:cc:98:d3:38:20:1b:ac:50:58:d9:
43:16:7c:dc:10:1f:0d:67:cc:a7:dc:de:1b:55:7d:14:7a:b0:
03:d5:bc:57:ab:16:f6:20:94:ce:1b:b0:e5:d5:09:5f:0b:af:
b4:0b:84:9d:dc:1f:f8:3c:30:72:fd:39:1e:f4:cb:02:19:8c:
b3:31:cd:d8:20:d7:56:c2:f1:a2:26:bf:e4:17:b8:55:4c:23:
29:81:73:e8:4e:5a:4f:7a:9d:7f:fc:5d:50:86:16:f5:a5:80:
6f:2a:c6:fb
-----BEGIN CERTIFICATE-----
MIIFOzCCBCOgAwIBAgIUAnCZIJ/+GUiY8W9A61s3n9tLkN0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTgzZDQ4NjUyZjNiMmRmNzRmNmJmOWJhYThhOWMxNzRj
Y2ZkMzc3MjAeFw0yNjAyMjUxNjE4MDdaFw0yNzAyMjQxNjIzMDdaMDMxMTAvBgNV
BAMTKDc1NjE5NEJDQjYxRjc0MDNDQzc5QzI3QUUzRTYzQzBGQTI4NTI5NDgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvtA2JCphSyw0hzKm1apS3dfCp
hHOriAGnX9c/a+9LRjuY1hp1Cajule9sBQIubDcaUgzsevRv9Nn1C2pFR+KUH/Cy
dGdVjkvRBat2M8Veszyqej/+qYsKg+tMCNS7Tr+PuTQCIDiv7n1ld92mh8RGTO1b
XZxvyeKWrX8EIe/1HDKktq9Q/ytlJZQFBVuId+Xq2yCX0Vz0Sa75AifFw5qin7YZ
RCzqYqJV8CYPI1jmjwrCqEPanbgenMWssV9Ue+DKhkX8fAGnUh7Mmnsw/H+FMB9B
SV5+iewZqZFVYSlBU84ZZlzl8LbeIwI+4FIg06kMFAxNQvW1yLkdde83jgWFAgMB
AAGjggJFMIICQTAdBgNVHQ4EFgQUdWGUvLYfdAPMecJ64+Y8D6KFKUgwHwYDVR0j
BBgwFoAUqD1IZS87LfdPa/m6qKnBdMz9N3IwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODkyNzBmNmMtYTNmZS00Mjk5LWIwNzktMzA5ZWQ5N2Yz
ODI0LzAvQTgzRDQ4NjUyRjNCMkRGNzRGNkJGOUJBQThBOUMxNzRDQ0ZEMzc3Mi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FEMUlaUzg3TGZkUGFfbTZxS25CZE16
OU4zSS5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5Lzg5MjcwZjZjLWEzZmUt
NDI5OS1iMDc5LTMwOWVkOTdmMzgyNC8wL0FTMjA0NzMucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwWwYIKwYBBQUHAQcBAf8ETDBKMEgEAgACMEIDBgAqFHWA
AQMHBCoUdYEPMAMHBCoUdYEPoAMGACoUdYE2AwYBKhR1gT4DBgAqFHWD5QMGASoU
dYPwAwYEKhR1hJAwDQYJKoZIhvcNAQELBQADggEBAFbkySxwM8/8fW+TID4ZbC4z
xM5nkqQ3oFd0mWlDJdZunIlwort0ia3jWBf8bSSbCVX0AxtzCjPX0oXuJPCpQ65M
EIJWdWmByyEr/RBG2XBkC4nehaGUXF/moN/aDSgW4gLHFAS7GV+VfrG9QjYlYCqU
FH5+13fwpuMLSzlEKT3wOQpDGAtHeRdt6K+8mjjkXd4CbOrNUhxazJjTOCAbrFBY
2UMWfNwQHw1nzKfc3htVfRR6sAPVvFerFvYglM4bsOXVCV8Lr7QLhJ3cH/g8MHL9
OR70ywIZjLMxzdgg11bC8aImv+QXuFVMIymBc+hOWk96nX/8XVCGFvWlgG8qxvs=
-----END CERTIFICATE-----
Generated at Mon Mar 2 08:48:25 2026 by rpki-client